Committee Draft of ISO 9001 Is Out

Editor’s note: Denise Robitaille is a member of the U.S. TAG to ISO/TC 176, the committee responsible for updating the ISO 9000 family of standards. She will be reporting on the revision progress to ISO 9001, which will be completed in 2015. Read other articles in the series here.

The first committee draft of the next revision of ISO 9001 is out. Multiple changes are being proposed and the structure is markedly different. Terms have been added, and concepts and requirements have been shifted around.

This new structure is based on Annex SL, a new high-level structure developed by the Joint Technical Coordination Group (JTCG), which was subsequently approved and incorporated into the ISO directives. While the Technical Management Board (TMB) issued a resolution allowing for deviation from the high-level structure and common text, it has requested that any deviation be explained.

The hope appears to be that there would be few deviations, since the intent is to bring alignment to the growing cadre of ISO management system standards. Both ISO 14001 and ISO 9001 are being revised at about the same time, although 14001 is further along in the revision cycle. Whether attempting to impose a common structure on all standards will be a benefit to the users remains to be seen.

The new standard has 10 sections instead of the current eight. They are:
1. Scope
2. Normative references
3. Terms and definitions
4. Context of the organization
5. Leadership
6. Planning
7. Support
8. Operation
9. Performance evaluation
10. Improvement

The first two sections, while not unimportant, are not much different than previous versions of 9001. However, a note is found in section one that introduces the phrase “goods and services” to be substituted for the term “product.” Throughout the document, the phrase “goods and services” now appears. The intent seems to be to make the document more amenable to service organizations. One of the decisions that should emerge from this first round of reviews and comments is a determination about the value and advisability of diverging from the established use of the term “product” to denote both the output of a process as well as that which is ultimately delivered to the customer. Up until now, “product” has included both tangible goods and services.

Section three of the committee draft currently contains a multitude of definitions. There is a note that the definitions have only been inserted to facilitate the work of the developers, and that they will later be moved to ISO 9000. (In previous iterations this section had a simple comment referring users to ISO 9000 for definition of terms.) Since the technical experts have traditionally left undefined any words that had broadly accepted connotation in common everyday usage, and since ISO 9000 is under the management of a separate subcommittee (SC1), it’s unclear how many of the definitions will become normative (implying a requirement).

The requirements for control of outsourced processes has been significantly diluted to the point where they don’t have nearly the weight they have in the current version. It would be unfortunate if organizations started backsliding to the point where the diminished ISO requirements gave them an opportunity to absolve themselves from any level of accountability for outsourced processes.

Throughout the document “continual improvement” has been replaced by “improvement.” This is consistent with the revised Quality Management Principles, whose release will coincide with the publication of the new version of ISO 9001. The notion of “continual” improvement has long been a source of aggravation among users, who either misunderstood the requirement or found it unnecessary and daunting.

The concept of risk has been added under Planning in Section 6. This is a welcome improvement because it better conveys the intent originally covered under subclause 8.5.3—Preventive Action, which is to address the potential for errors, accidents, and other problems throughout the organization. This inclusion completely eliminates the need for any language about preventive action and is actually easier for users to understand—giving them a better shot at meaningful application of the requirement.

Section 4 introduces the concept of understanding the context of the organization. As guidance, similar language in ISO 9004:2009 was helpful for organizations trying to move beyond basic compliance to the standard. Unfortunately, the way the concept is presented may be confusing to smaller companies. However, a welcome addition that should be helpful to organizations of all sizes and ilks is the need to understand needs and expectations of interested parties. The standard gives examples of the most relevant interested parties so that users better understand the intent.

The standard has replaced the term “top management” with “leadership.” Whether this change will have any effect on users is hard to say. However, it’s important to remember that the two terms are not synonymous. The requirements for the management representative have also been diluted. There is no longer a need for the ISO rep to be a member of management. This also seems to be a step backward because it opens the door for this role to be relegated to a clerk or minor administrative staff member.

In attempting to accommodate service organizations much of the language found in section 7 of the current version—Product Realization—has been pared down in its new section 8, Operation. Language relating to understanding customer requirements is for the most part unchanged. The requirements for design and development have experienced a major re-write, with development gaining prominence over design. This seems antithetical to the addition of risk earlier on, in that properly controlled design processes are indispensable to mitigating product risk.

Suppliers are referred to as “external providers.” Considering the fact that terms like supplier and supply-chain management are globally accepted, it’s hard to understand the change to such an awkward term. Again, the only possible rationale is to accommodate service organizations.

The language relating to control of monitoring and measuring equipment has also been truncated, ans some key requirements are now reduced to a note. Since the Notes throughout the standard are only for guidance and do not carry any requirements, this is a detriment to any organization that needs to control, verify, or calibrate equipment.

Perhaps the most egregious change is the substitution of “documented information” for documents and records. The market has long understood the distinction between document and records, and how the relationship between the two mirrors the process approach—namely inputs (found in documents) and outputs (found in records). This change will only serve to confuse users and does a great disservice to the market.

There are obviously many other changes—mostly minor. Some will have greater significance to some users than others. Some of the changes are genuine improvements, while others will make implementation more difficult, especially for small and medium-size companies.

It's still early in the game, and there will still be time to comment and to make revisions. Users should voice their concerns to TAG members or through any forum where they can be heard.

About The Author