Keeping Up With ISO

What’s Wrong With ISO? was posted to this blog about two years ago.[1] That post discussed the ISO 9001 Standard for Quality Management Systems and why companies choose to (or choose not to) implement and become certified to the ISO 9001 Standard. What’s Wrong With ISO? is one of the most often read of the 165+ posts to this blog. ISO 9001Standard is being revised and will be republished, likely late in 2015. Companies certified to ISO 9001:2008, the current release, will have about two years to revise their management system in accord with the new ISO 9001:2015 release, and to be recertified. In August of last year, What’s Ahead for ISO? was posted to this blog to provide some insights as to what to expect in the new release. A mildly edited version of what’s Ahead for ISO? is republished below to help you anticipate the coming changes.


What’s Ahead for ISO?

From: 1 August 2013

International Standards

With the globalization of industry, it is critical to have a body of consensus standards that define materials, dimensions, manufacturing practices, etc., so that parts and products from around the world fit together and work together as intended. The International Organization for Standardization (ISO), through committees comprised of delegates from ISO’s member countries, creates and maintains such standards.

The ISO 9001 Standard for Quality Management Systems is perhaps the most familiar of ISO’s vast catalogue of Standards. Globally, there are over a million facilities certified as compliant with the ISO 9001 Standard.

ISO’s practice is to revise and reissue Standards every 6 – 8 years. The current version of the ISO 9001 Standard was issued in 2008, hence is designated ISO 9001:2008. The next revision is expected to be released in 2015. The committee charged with creating the next version has recently released a draft for public comment.

Achieving consensus among a committee of delegates from many different nations, industries and points of view is tedious work, as anyone who has worked on a standards committee knows. It needs be recognized that a global consensus is a lagging indicator of the state of any art. Consequently, revisions to a global standard represent concepts that are already widely accepted. That’s why it is useful to preview probable revisions to a standard that will not be final for about two years — if you are behind the state of your art in 2013, best not to wait until 2015 to react.

Here are the most significant changes from the ISO 9001:2008 Standard, as proposed in the current draft of ISO 9001:2015 —

Products and Services

The earliest versions (ISO 9001:1987 and ISO 9001:1994) focused almost exclusively on tangible products. Since the ISO 9001:2000 version, services have received increasing attention. The 2015 draft proposes to the term “products and services” to replace the term “products” throughout the Standard. This change makes it clear that the Standard is applicable to service businesses as well as to producers of tangible products. More importantly, in my view, is the recognition that “products” are defined by customers. The “product” that a customer buys is an array of tangibles and intangibles — in-spec widgets, technical services, warranties, packaging, delivery, relationships, perceptions and much more — except when there are no widgets involved. Consider the importance of the sound a car door makes when it closes!

In the current and previous versions of the Standard, it has been possible to exclude requirements covering product development, in cases where a facility does not actually develop products: job shops, for example. The 2015 version may, practically speaking, limit the product development exclusion to tangibles, since the development of at least some intangible product aspects is usually local.


The 2015 draft proposes two new requirements, both of which illuminate the context in which the organization operates. The proposed additions are:[2]

“The organization shall determine external and internal issues, that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended outcome(s) of its quality management system” 


“The organization shall determine

a) the interested parties that are relevant to the quality management system, and

b) the requirements of those interested parties”

These proposed requirements make it mandatory to explicitly think through and articulate these matters, assuring that they are addressed in the architecture of the management system. While these proposals are far from final, there is an easy (and free) way to begin right now. National Baldrige Award applications complete a five page Organizational Profile as a preface to their application. The Organizational Profile provides context, much as these proposed requirements do. You can download the questions that comprise the Organizational Profile and a completed sample for a smaller manufacturing firm. [3] “Know Yourself” is good advice.

Risk and Preventive Action

The 2015 draft drops the long-standing requirement for a Preventive Action procedure, on grounds that the entire Standard is an instrument for prevention. Instead, the draft makes numerous references to risk assessment and risk management.

Explicit attention to risks and potential downsides is good business, especially when both the probability of occurrence and the potential for loss or disruption are considered. For that reason, this blog often mentions the use of Failure Mode Effects Analysis (FMEA) as a management tool. [4]

Incidentally, ISO is quite familiar with risk management. ISO 31000:2009, Risk management – Principles and guidelines “provides principles, framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector.” ISO 31000 and its associated documents provide a good way to come up to speed on risk management.

For Smaller Manufacturers

The real question for smaller manufacturers is whether to utilize the ISO 9001 Standard, or not. For many, compliance with and certification to the Standard is a marketing necessity. For those interested in Sustainability — thriving in perpetuity [5]  — ISO 9001 (especially along with ISO 9004) offers a sound organizational approach, although there are other approaches. As mentioned earlier, consensus standards lag the state of the art. Simple compliance with the present standard is yesterday’s thinking.

As of 2012, 1,101,272 organizations worldwide have been certified to the ISO 9001 Standard. Also, 285,844 organizations have been certified to the ISO 14001 Standard for Environmental Management Systems.[6] The great majority of the manufacturing firms that are certified to the ISO 14001 Standard are also certified to ISO 9001. Through bad joss, the ISO 14001 Standard is also being revised and will be reissued for 2015. The good news for those certified to both Standards is that form and format of the two Standards will be much more consistent in the 2015 revisions. The bad news is that revising and recertifying to two Standards at the same time is a pretty stout piece of work.  … C.H.

Chuck at Rene 2 - August 2014Thoughtful comments and experience reports are always appreciated.

…  Chuck Harrington (

P.S: Contact me when your organization is serious about pursuing Sustainability … CH

This blog and associated website ( are intended as a resource for smaller manufacturers in the pursuit of Sustainability. While editorial focus is on smaller manufacturers, all interested readers are welcome. New blog posts are published on Wednesday evenings.

ISO 9001 Graphic:

[1] What’s Wrong With ISO? this blog,

[2] From ISO committee TC176/SC2 draft on revision to the ISO 9001 Standard, dated 3 June 2013.

[3] Download the Organizational Profile questions at

And the sample completed Organizational Profile at

[4] See both parts of Downside Up – Risk Management, this blog,—managing-risks-part-1/


[5] Werbach, Adam, Strategy for Sustainability, Harvard Business Press, Boston (2009) page 9.

[6] From the ISO 2012 survey, executive summary, available at