ISO 9001:2026 is in its final development stage. The final draft international standard (FDIS) has been submitted for ballot, and publication is expected in September 2026. That gives certified organizations approximately three years to make the transition—with a deadline that currently points to September 2029.

Three years sounds comfortable. It isn’t.

The ISO 9001:2015 transition taught the quality community an expensive lesson about delayed preparation. Organizations that waited for publication, waited for their certification body’s guidance, and then waited for their next scheduled audit found themselves compressing months of gap analysis, documentation revision, and internal training into quarters. Some paid for stand-alone transition audits that a better-planned organization avoided entirely.

The good news: ISO 9001:2026 isn’t a structural overhaul. The core framework is intact. The 10-clause harmonized structure remains. Risk-based thinking remains. Process approach remains. For a well-maintained QMS, this is an evolution, not a rebuild.

But an evolution still requires action, and the organizations that come out of this transition ahead are already moving. 

What the FDIS signals for quality managers

The FDIS provides a strong indication of the direction of the final standard, and organizations can begin preparing now. Based on what the draft reveals, four areas appear likely to carry significant implementation relevance for manufacturers and might become early audit focal points. 

1. Climate change enters the context analysis (Clause 4.1)

This may be the change many quality managers underestimate, and one that could create early audit exposure.

The FDIS formally integrates climate change into organizational context. Organizations will need to determine whether climate change is a relevant external issue affecting their QMS—and consider related requirements from interested parties accordingly.

For many manufacturers, the instinct will be to treat this as an environmental management concern and route it to whomever owns the ISO 14001 program. That response may create unintended gaps. The draft places the climate change consideration directly within the quality management context analysis—not adjacent to it. It needs to appear in your Clause 4.1 review, and it needs to be evaluated in terms of how climate-related disruptions could affect your ability to consistently deliver conforming product.

Practically, this means asking: Do extreme weather events affect our supply chain reliability? Do our customers or regulators have climate-related expectations that affect product or process requirements? Is energy availability a quality risk in our operating environment?

If you haven’t added climate change to your context analysis before your next surveillance audit, expect the question. 

2. Leadership must demonstrate quality culture and ethical behavior (Clause 5)

ISO 9001:2015 required top management to demonstrate leadership and commitment. The FDIS raises that expectation: Leaders will be explicitly accountable for promoting quality culture and ethical behavior throughout the organization.

This isn’t a documentation requirement. It’s a behavioral expectation—and auditors are likely to evaluate it differently than a traditional policy review.

The practical gap most organizations have is that quality culture is assumed rather than demonstrated. When an auditor asks how leadership promotes quality culture, “We have a quality policy” isn’t sufficient evidence. What does that look like in practice? How does leadership communicate quality expectations beyond the management review? How are ethical behavior expectations defined and reinforced?

Organizations that treat this as a training module to develop will miss the point. Auditors will evaluate whether quality culture is visibly lived at the leadership level—not whether it’s documented in a procedure.

3. Risk and opportunity are treated as distinct processes (Clause 6)

Under ISO 9001:2015, risk-based thinking integrated risks and opportunities under a single planning requirement. The FDIS separates them. Risks and opportunities are expected to require distinct consideration and documented actions.

‘Adjustments to ISO 9001 are planned with regard to resilience, supply chain management, change management, sustainability, dealing with risks, and organizational knowledge.’
—ISO/TC 176/SC 2/WG 29 Working Group report

For organizations that built their risk management process around a single combined risk/opportunity register, this will require more than a formatting change. The separation signals a conceptual shift: Managing a risk is a different activity than pursuing an opportunity, and the standard will expect your QMS to reflect that distinction.

The organizations most likely to get this wrong are the ones that treated risk-based thinking as a compliance checkbox in 2015, producing a list of risks with mitigation actions and filing it for audit reference. The 2026 edition points toward a more dynamic, proactive process, with opportunity identification treated as a driver of improvement rather than an afterthought attached to the risk register. 

4. Awareness requirements expand to include quality culture and ethical behavior (Clause 7.3)

The FDIS expands Clause 7.3 awareness requirements to include employee understanding of quality culture and ethical behavior—not just quality policy, objectives, and their contribution to QMS effectiveness.

In practice, this means your next internal audit cycle should evaluate whether employees at relevant levels can demonstrate awareness of what quality culture means in their specific role. A machinist who knows the quality policy exists but can’t articulate what quality culture means in their daily work represents a gap.

This doesn’t require a major training overhaul for most organizations. But it does require intentional communication—and evidence that the communication happened and was understood.

ISO 9001:2015 vs. ISO 9001:2026—key clause changes (FDIS)

What’s not changing—and why that matters

Before revision anxiety sets in, here’s the more important message for most quality managers: ISO 9001:2026 appears to confirm, not disrupt, what a well-run QMS already does.

Customer focus. Continual improvement. Evidence-based decision making. Process approach. Leadership engagement. Risk-based thinking. They’re all intact. The core DNA of ISO 9001 remains unchanged.

The transition is less about rebuilding systems and more about closing gaps that a properly functioning QMS should have addressed already. Organizations that maintained ISO 9001:2015 as a living operational system—not a certification to defend—will find this transition manageable.

Organizations that struggle will be the ones that know what their QMS says but not what their QMS does in practice. 

A practical pretransition checklist

You don’t need the published standard to begin preparing. The FDIS is publicly available, and the direction of the key changes is clear.

Here’s where to start now.

Update your context analysis. Add climate change as an explicit consideration in your Clause 4.1 review. Document whether it’s relevant, why or why not, and what the implications are for your quality objectives and interested party requirements. Do this before your next surveillance audit, regardless of where you are in the transition timeline. 

Assess your leadership evidence. If an auditor asked for three examples of how leadership promotes quality culture in your organization, what would you show? If the honest answer is, “The management review minutes and the quality policy,” that’s a gap. Define what quality culture looks like at your organization and identify two or three observable, documentable behaviors that demonstrate it. 

Separate your risk and opportunity processes. If you’re running a combined risk/opportunity register, begin distinguishing how risks are managed from how opportunities are pursued. This doesn’t require a new system—it requires clarity about what each process is intended to accomplish. 

Review your Clause 7.3 training records. Ensure that awareness activities include content on quality culture and ethical behavior—and that you have records showing employees completed them. This is a straightforward documentation gap to close now rather than during a transition audit. 

Read the FDIS directly. Certification body summaries and consultant guidance are useful orientation tools, but the FDIS is the document your auditor will eventually evaluate against. Many organizations go through entire management system transitions without reading the standard they’re being audited to. Don’t be one of them.

The real risk isn’t the standard

The revision itself is not the threat. ISO 9001:2026 is a manageable update for any organization with a functioning QMS.

The risk is the pattern the 2015 transition established: delayed preparation, compressed timelines, and the discovery during a transition audit that what was assumed to be compliant wasn’t.

Publication is expected in September 2026. Certification bodies will establish transition schedules that organizations may have limited ability to influence. The window to prepare without pressure is open now. It won’t stay open indefinitely.

Start with your context analysis. The rest follows from there.