Blog - Change Management - Hero Image

ISO 9001:2015 – Ready or Not, Here it is

Posted on October 6, 2015 under Advice by

The ISO 9001:2008 standard spanned a wealth of proven best practices and guidelines for businesses and organizations. The new revision, ISO 9001:2015, promises to further streamline mission-critical tasks and information flows, and give organizations the ability to customize its adoption of the latest concepts.

History has proven, however, that ISO 9001 is not for wimps. Achieving certification can be strenuous and complex, and requires long-term high-level commitment. It makes sense to start getting in shape for ISO 9001:2015 now. Besides the motivation of keeping up with the competition, here is a summary of the potential benefits from the revised standard and what will be required to realize them.

Redefining document control

ISO 9001:2015 redefines the language and requirements surrounding document control. Instead of clauses for “documents” and “records,” the new standard introduces “documented information” that refers to both. Also significant is the omission of explicit reference to documented procedures as requirements.

The evolution of the ISO 9001 language around information helps organizations make better use of digital information assets. “Documented information” promotes linked activities, with the various requirements for conformance defined as integrated processes. Embracing the ISO 9001:2015 model and its new concepts will inherently discourage new information siloes and serve to integrate previously created siloes.

 Blog - ISO 9001-2015 - Inbody Image

Bolstering risk management within quality management processes

The new ISO 9001:2015 standard promotes “risk-based thinking” throughout all quality management processes. Besides identifying risks that might negatively impact performance and results, organizations are encouraged to take action to identify opportunities for exceeding expectations. Numerous clauses of ISO 9001:2015 weave risk-based thinking into the new standard’s process approach, leadership requirements, and planning guidelines.

The viability of risk-based thinking has been proven to deliver benefits in terms of both meeting the organization’s quality goals and driving up customer confidence. The focus on risks and opportunities can also establish a proactive culture, with prevention and improvement becoming the mainstays instead of continual problem solving and resolution.

To maximize the benefits of risk-based thinking, ISO 9001:2015 defines the “documented information” that must be kept and used to drive quality management workflows. The standard does not, however, require a formal risk assessment or the maintenance of a central risk repository. Rather, risk management becomes an integrated culture that should be fully supported and implemented by the quality management system. Organizations must carry out risk-based thinking within context, and adjust action plans to each situation.

Preparing for ISO 9001:2015

The lessons learned from previous updates to the ISO 9001 standard emphasize that quality must be embraced as a component of corporate strategy.

The scope of the standard requires broad oversight, but best practices imply that the optimal management systems remain lean and include only as much documentation as absolutely necessary. Minimizing documentation also makes it easier for individual employees to absorb and understand the requirements, which ultimately ensures their use.

Documentation control remains tightly intertwined with ISO 9001:2015 certification efforts, and the new language and focus on “documented information” will make it more important than ever to align an organization’s information management strategies and systems with the updated standard. Preparing for the update should, therefore, include an evaluation of the existing enterprise information management policies and solutions, with the goal of ensuring that ISO 9001 processes can operate efficiently and be accurately managed, measured and audited.

Interested in knowing more? Learn how a leading autopilot developer manages their ISO compliance using M-Files.

No votes yet.
Please wait...
The following two tabs change content below.
Mika is in charge of managing and developing M-Files product portfolio, roadmaps and pricing globally. As a Director of M-Files Product Management Unit, he leads and supervises M-Files Product Managers and works closely together with M-Files Product Development and Marketing teams to design and develop new products and features leveraging his long experience with ECM and M-Files technology. Mika has executive MBA Diploma in International Business and Marketing.

One Response

  1. Alex Dali says:

    For those who want to learn more about risk management, you might want to join the official discussion group on the content of the ISO 31000 Risk Management Standard.

    We have reached 49,000+ members and are growing by 1000 members every month.

    Here is the link to join:

    Our LinkedIn group proposes quality discussions related to the ISO 31000 standard without waste of time and energy. The group is moderated by a team of 10 volunteers for your convenience.

    Best regards,
    Alex Dali, MBA,ARM
    Moderator of the ISO 31000 Risk Management Standard group
    President of G31000, raising awareness on ISO 31000
    Sharing the LinkedIn group :

    No votes yet.
    Please wait...

Leave a Reply

Your email address will not be published. Required fields are marked *