Featured Product
This Week in Quality Digest Live
Standards Features
Marc Lepere
The current system for rating ethical credentials is meaningless
For CO2 climate data, missing standards create underreporting
Wade Schroeder
The FDA is looking to make them mandatory
The short answer: Standard weights, rigorous procedures, and state inspectors ensure measurements are fair and accurate

More Features

Standards News
PRI will provide two additional related certification services: ISO 27017 and ISO 27018
An early warning system lets Arctic people know when bears approach
Appointments are the first for recently established committee to advise the President
ASQ’s five quality certifications are the only ones to earn global recognition by ANSI
ISO 21434 automotive cybersecurity and implementing design and process FMEAs
Standards for plastics enjoy a privileged status
Elsmar Cove is a leading forum for quality and standards compliance
Awards available in Kentucky, Nebraska, Rhode Island and South Dakota
Prior to vote, IAF seeks industry feedback to understand the level of demand from businesses and regulators.

More News

Miriam Boudreaux


Five Key Standards Trends to Watch in 2018

The rules are changing, and time is running out

Published: Monday, January 22, 2018 - 13:03

If you are a manufacturing company or a service provider, there is a good chance that you have heard about standards such as ISO 9001. In fact, you may already be certified. But whether you are certified or not, read on for some of the expected trends in the world of standards and certification for 2018.

ISO 9001 is here to stay

If you have ever been among the naysayers, such as “this is a waste of time” believers, or hard-headed “this does not apply to us” people, your time has come. If you think you are doing just fine without certification to ISO 9001, it is likely that you are losing money through inefficiencies. More to the point, you have probably already lost a contract or two to a competitor that was certified, whether you were aware of it or not. ISO 9001 is the bare-minimum standard that any good company should follow, and for this reason, all companies should adopt it. Although it has gone through various revisions during the past 30 years, ISO 9001 is undoubtedly a mature standard, and its auditors are experienced in certifying to it. So fight it no more; get your team together and invest in getting a good, basic quality management system into your organization.

API Q2 will be required within the energy industry

If your company functions in the oil and gas industry, then you know that across-the-board API Q2 certification was the intent of the American Petroleum Institute (API) when the Q2 standard was created late in 2013. Fast forward five years, and today API and its auditors have learned how to audit and interpret this standard, and requirements for compliance and certification have made their way into many contracts. Yes, it is occasionally a pain in the derriere, but judging by how many energy companies were functioning in the past, boy oh boy did they need that pain. Your company, if it is in the energy industry, should get your team on the same page and stay ahead of the competition by implementing this standard. (Large service companies are already doing it.)

ISO 9001:2008 will be retired

Unless you have been living under a rock, you should be aware that the 2008 version of ISO 9001 is going away, and you must upgrade to the 2015 version by September 2018. Unless you no longer wish to be certified, you will have to migrate to the new version and get certified.

No, you cannot audit your own work

No matter how small of a company you are, you just cannot objectively audit yourself. You do have several options, though: train more of your employees so they can become qualified auditors; outsource your internal audits; or if push comes to shove, rescind your certificate. Yes, if you find this to be too cumbersome or costly, then don’t remain certified. There is a cost and effort to being certified, but that’s why you will be better than your competitor, right?

Auditors have to be properly qualified

You qualify your welders, you qualify your painters, but when it comes to quality management, everyone seems to think it is child’s play. Well, it is not, and registrars are cracking down on companies that appoint internal auditors without proper qualifications. So come up with a combination of the training, skills, experience, and education that your company can agree on and sustain to qualify its auditors. Again, don’t forget you still have two other alternatives to improving your internal auditors: outsource your audits (to a qualified company/auditor), or let go of your certificate.

And speaking of auditors…

Although there is some variation from auditor to auditor, there is no question that registrars and their auditors have matured in terms of their knowledge and how they interpret the standards. This helps preserve the integrity of the certification scheme and elevates trust, while crushing companies that rely on smoke and mirrors. Here are a few general trends expected for 2018:
• Your equipment has to be maintained. Yes, I know the word maintenance is nowhere to be found in ISO 9001, mainly because the standard tries to cater to both manufacturing and service companies. But if you have equipment, please expect maintenance to be an issue during your next audit.
• Risk identification, analysis, and control are part of a good risk assessment program, so do it. Implement a solid program and carry it through. No need for fancy tools, just a good methodology that can be carried out by anybody in your organization, from shop-floor personnel to the top managers.
• Your employees must be trained and have a training plan. Ad-hoc or impromptu training is better than nothing but not as effective as a thought-out plan. Expect requirements for a training plan to be asked about during an audit, along with the proof of completion.


About The Author

Miriam Boudreaux’s picture

Miriam Boudreaux

Miriam Boudreaux is the CEO and founder of Mireaux Management Solutions, a technology and consulting firm headquartered in Houston, Texas. Mireaux’s products and services encompass international standards ISO and API consulting, training, auditing, document control and implementation of Web QMS software platform. Mireaux’s 6,500 square foot headquarters, located in the northwest area of Houston, houses their main offices as well as their state-of-the art training center. Mireaux itself is certified to ISO 9001:2015 and ISO 27001:2013. To get in touch with Miriam Boudreaux, please contact her at info@mireauxms.com.


More from the usual suspects

As indicated by the other comments, the author just outright misrepresents the ISO 9001 standard to sell her services. It's shameful, but what's worse is that QD will apparently publish anything now, just to fill the space. Except for critical analysis of actual issues facing certification.

When can we get some honest articles about Takata, Kobe Steel, Amtrak, Deepwater Horizon, VW emissions or the dozens of other problems facing the ISO scheme? Doesn't the quality profession deserve at least a little integrity, rather than publishing commercial ads disguised -- poorly at that -- as an "article"?

No one has to be "qualified"

No one working in an ISO 9001 based quality manangement system has to be qualified. Employees have to be competent. The world "qualified" is purposely left out of the standard. Determine competence, ensure persons are competent, take action to acquire competence if needed, retain appropriate documentation. No required, documented training plan. No required "qualification." 

This article is undoubtedly misleading if this article and 9001:2015 are not read critically. 

Thank you, Dirk van Putten

The difference is one of semantics

ISO 9001:2015 clause 7.2 requires that anyone whose work "affects the performance and effectiveness of the quality management system" (which would include internal auditors), be competent to perform their jobs. The difference between “competent” and “qualified” is one of semantics rather than practical significance. http://www.theauditoronline.com/competence-vs-qualification-personnel-certification-programs/ explains: “In ISO 19011:2011, Guidelines for auditing management systems, competence is defined as 'the ability to apply knowledge and skills to achieve intended results.' Competence-based certification means that the personnel certification body (PCB) is expected to examine a candidate’s knowledge, skills, personal attributes, and qualifications specific to the program and/or scope of certification. On the other hand, qualification-based certification relies on an applicant’s education and qualifications, rather than on the basis of measurable competence.” Note even that competence-based certification requires qualifications.

OSHA elaborates at https://www.osha.gov/pls/oshaweb/owadisp.show_document?p_table=INTERPRETATIONS&p_id=19389

29 CFR 1926.32(f) states: "Competent person" means one who is capable of identifying existing and predictable hazards in the surroundings or working conditions, which are unsanitary, hazardous, or dang- erous to employees, and who has authorization to take prompt corrective measures to eliminate them.

29 CFR 1926.32(l) states: "Qualified" means one who, by possession of a recognized degree, certificate, or professional standing, or who by extensive knowledge, training and experience, has successfully demonstrated his ability to solve or resolve problems relating to the subject matter, the work, or the project.


An RABQSA or ASQ certification in quality auditing is a “qualification” that indicates that the auditor is competent. While it's true that internal auditors do not have to be RABSQA or ASQ certified, there does have to be some kind of training record—again, a “qualification”—that is objective evidence that the person is competent to perform internal audits.


Fortunately, US laws (the

Fortunately, US laws (the CFRs) don't apply because ISO 9001 was made for international consumption, not US consumption. Quoting US laws to support a predetermined view doesn't work. It also smacks of more strongarming: "if you don't qualify your internal auditors, you're breaking the law!"

Which is, of course, nonsense.

The only requirements one is obligated to follow under ISO 9001 are those published in ISO 9001. Competence is determined by the organization itself (per 7.2.) and not by someone selling training classes on this website.

And there's nothing whatsoever about RABQSA or ASQ certifications that prove an auditor is "competent." It proves they paid for a short course. That's it. CB auditors who are generally expected to have RABQSA or IRCA qualifications show their incompetence every day, despite their pieces of paper. Again, this is fearmongering for the purpose of tricking people into buying something, because selling the training on its merits alone apparently doesn't work. If you have to resort to deception and fear, then the product you're selling is probably not worth it.


@Dirk van Putten, Pl. Read 8.5.1 e of ISO9k15

Its adifferent matter when wetalk of auditor qualification.

Question Ms. Miriam is posing, "Is internal audit anyway less important than welding?"

The intent of the article was

The intent of the article was not to interpret the standard, but rather to point out the trends. The expectation from External Auditors is that your employees will be qualified somehow to be conducting internal audits of your company. Whether the standard calls it that way or not, the trend exist.

Where is it stated in 2001:2015?

Where is the following requirement stated in ISO 9001:2015? Please state the clause number. 

"Your employees must be trained and have a training plan."

Thank you, Dirk van Puten

Thank you for your

Thank you for your readership. Again, the intent of the article was not to interpret the standard outright, as much as it was to call out trends. While the standard may not require that, we see this expectation being called out by External Auditors. You can pick up a fight with them or use best practices or benchmarking. Having a training plan is a great practice but i'm sure there are others. Again, just be prepared that these trends of higher compliance expectation will continue. What was good enough 5 years ago is not good anymore. What was good 3 years ago may not be good enough anymore, specially for an organization who is looking for continual improvement.