I finished my review of the proposed revisions for ISO 9001. This edition is scheduled for release in 2015. It represents a significant change in managing for quality, similar to the degree of change introduced over a decade ago with the year 2000 edition.
The proposal now undergoing wide review is called a committee draft. It represents the opinion of a relatively small group of national experts. As with all standards writing committees, perhaps 15-20 do the actual writing, while the remaining 40-50 contribute mostly informal oral arguments. It now needs a much larger review and comment from the stakeholders who eventually use the standard. Once this review closes after summer, comments will be sorted, discussed, and eventually used to modify the document. It may then be circulated again as a committee draft, or it may be considered mature enough to go out as a draft international standard. Substantive changes can be made to a CD, while (theoretically) no substantive changes can be made to a DIS. The DIS is circulated for about six months, changed, and then sent out as a final draft international standard. This is the last, up or down, vote by the ISO members. If it passes (and it usually does), it is typeset and released to the national bodies for publication and use.
Perhaps the most significant revision to our old friend, ISO 9001:2008, is the use of the generic template for all management system standards. Last year, the main governing policymakers in ISO decreed that new or revised standards for all management systems (quality, environment, safety, security, energy, sustainability, etc.) had to follow the words and format of this template. No deletions or revisions are allowed. Only additions specific to the MSS committee discipline are permitted. In our case, the heavy-duty methods already defined in ISO 9001:2008 and used worldwide were transferred to the new committee draft.
The reasons for requiring a common template are many.
- Conflicting and redundant processes can be reduced. If you are going to have a document control system for quality procedures and specifications, you might as well use those same control steps for your safety procedures and forms.
- There is increasing desire to integrate all management systems within the organization. They are all based on the principles of PDCA. Perhaps we can share resources and take a common approach that is understood by all.
- Firms are paying big bucks to register separate management systems. We can reduce this external cost by combining the registration into one certificate.
- Not all management systems have matured at the same rate. Because of market and social pressures, quality and environment are quite mature. Safety is not as far along. Security and business continuity are just beginning the journey. The template applies contemporary thought to all these different management systems.
- Risk now has a prominent role. Since the publication of ISO 31,000 in 2009, all professions are beginning to recognize the importance of understanding and managing risk. Embedded in this movement is the recognition of the part that management systems play in the management of risk. If risk is the effect of uncertainty on meeting the objectives of the organization, then management systems such as quality, safety, environment are the controls we put in place to modify that uncertainty.
This revision to ISO 9001 will not be easy to understand and implement. It will require deep understanding and participation by all levels of the organization. No longer can you hire a consultant to manage the quality, or safety, or security approaches by the organization. I suspect it will also be a big challenge to the conformity assessment agencies and their auditors.