ISO 9001:2015. Action (and Inaction!) Points
Rob Govier, Sales and Marketing Consultant, interviewed Colin Brown of ISO Consultants in November 2015 on required action points for ISO9001:2015.
RG: In an earlier blog, you suggested that there wouldn’t be many immediate action points arising from the 2015 revision. Has anything emerged that clients need to be aware of?
CB: There are a number of areas which are changing, but the keyword is “risk”. Nothing really to be alarmed about, but a change of focus of the standard. Put simply, ISO9001:2008 was mainly concerned with “process”; ISO 9001:2015 is much more focused on the area of corporate risk.
RG: This might be hard, but can you give any more clarification?
CB: It’s a question of thinking in a different way in every aspect of the business, and who they might affect. Sorry to use a bit of vague-sounding “corporate-speak”. ISO 9001:2008 had an emphasis on quality, but ISO9001:2015 asks the question “what are the implications of failure of quality, both inside and outside the business?” Likewise, with environmental issues, not just control over potentially harmful processes and events, but a clear focus on the “what if” and “who” of these failing. So, thinking from the angle of process, and the risks to all generated by the process.
RG: Having been in the quality industry for most of your working life, you recall premature responses to other amendments which ate lots of corporate time, but ultimately were not required. Even in the final version, does ISO9001:2015 have any potential pitfalls that the over-eager may fall into?
CB: Not at the moment. You must remember that we’re not dealing with the finished article, although ISO 9001:2015 has been published. Standards, and their applications seem to evolve with time. However, I’m slightly puzzled by how the new emphasis on “leadership” will work out. There’s lots of publicity about it. The idea is that the whole quality management area becomes part of corporate culture. However, I can’t see how senior managers can keep away from some of the details of the , although some may not want that level of involvement, or even have the time to. I’m struggling to think through the whole subject of senior management involvement with the quality management system, and it’s out-working Especially in smaller businesses, this may be increasing workload on an already-stretched small team. However, time will tell, and this topic may find it’s own natural level.
RG: You mentioned a whole new emphasis on risk management . This seemed like a rather broad topic. Has it been more clearly focused in the final draft? What do you perceive the corporate benefit to be?
CB: Again, I come back to the whole “evolution” process. I was a lead auditor in a former life, and I know from that side of the fence, auditors will be learning as well. Certification bodies also informally acknowledge that they are in a gradual process of transition.
RG: Of course, there’s often a difference of interpretation of amendments between certification bodies, the folks who will ultimately issue the approval. This has been the case with other revisions. Can you see any obvious potential points of variation at this stage?
CB: There are bound to be variations! I hope that this does not make it seem like they are “making it up as they go along”, but that’s sort of what they are doing in some areas. At the risk of repetition, I’d stress that everyone is learning, adjusting, interpreting when a new revision is issued. It’s a good reason not to rush into anything at all at this stage.
RG: And are there any potential benefits in early implementation, such as competitive advantage, or, as per my earlier question, do you still suggest caution, allowing a number of aspects to “evolve”?
CB: Yes. As I said, the danger is in false starts. The key word is “transition”, rather than “revolution”. And, in truth, if a company has a decent QMS, and “lives by it”, then they will have a competitive advantage anyway. I can’t see any “I’ve got the newest one” benefit to most businesses of ISO9001:2015. Am I talking myself out of work here?!
RG: I understand that a revision of ISO 14001 is quite close at hand – is there much potential for integration of systems?
CB: ISO 14001:2015 has actually been issued now, and yeah I think there is massive benefits in bringing them together. I think that ISO14001 similarly focusses on the leadership and risk areas. So there will be a fair degree of overlap, more so than currently, especially in the area of risk. It’s worth a company looking at this and anticipating it, at least putting some foundations in place.
RG: As an outsider, I detect that much of the ISO 9001:2015 is an attempt to get standards yet further into the mainstream of business life. Do you think, ultimately, this has been approached in the right way? And will it work?
CB: Maybe I’m going to show my cynical/over-cautious side here. The removal of a mandatory specification for documented procedure gives me some cause for concern. It’s what standards were built on, in my opinion. Is the baby being thrown out with the bathwater, making approval to ISO9001:2015 too easy, and hence devaluing it? Again. it’s early days. Sorry for not being more specific, but again, it’s part of my “let’s not rush into anything” approach.
RG: So, it seems that the recurring theme is “keep calm and carry on?”
CB: Well, more or less. I don’t think there is any harm in a review meeting with clients, with a view to a cautious way forward, but I’d feel less than comfortable committing to anything until the 9001:2015 has had a little bit of time to settle down.
RG: And, of course, how can you help?
CB: Well, having been in the quality industry for most of my working life, and seen a few of these revisions “earthed” in real business settings, as well as currently holding a Lead Assessor qualification, hopefully my experience would be beneficial. So, I’m always happy to talk to any business looking to “migrate” to ISO 9001:2015.