USA / USD
4 October 2018
ISO 9001:2008 certifications are no longer valid. If your company missed the deadline to transition to the 2015 version, you should take action now. We show you what is needed and how you can achieve the transition easily and inexpensively.
With the publication of ISO 9001:2015 on September 23, 2015, a 3-year transition period started allowing companies to upgrade their ISO 9001:2008 certification to ISO 9001:2015. The transition period ended in September 2018, and all ISO 9001:2008 certifications became invalid at that point. Companies that missed the deadline lost their ISO 9001 certification.
In case you missed the September 15, 2018 deadline and lost your ISO 9001 certification, don't worry, you can still get certified to ISO 9001:2015. However, remember that you can no longer advertise your certification until you get re-certified to ISO 9001:2015. Also, the loss of your certification could be problematic from a marketing point of view, and your company may not qualify as supplier if certification is a requirement. The sooner you get re-certified, the better. We show you how to do it quickly and easily.
Even before upgrading your quality management system and transitioning to ISO's 2015 revision, you may want to discuss re-certification with your registrar. Contact your previous registrar to discuss your options and make an appointment for re-certification. On the other hand, your lapsed certification may be a good opportunity to get a better registrar – after all, you lost your certification under the watch of the previous one. It's easy to choose a new one from our network of leading registrars with our free Registrar Finder service.
There are several approaches that you can take to upgrade to ISO 9001:2015. Here a listing of three basic approaches – which you may also mix and match:
Do-It-All-Yourself from Scratch: This approach is ideal for those who have an intimate understanding of ISO 9001:2015 and want to set up the most individualized system possible. Expertise and much time are required, as well as some flexibility to allow for mistakes and subsequent changes. We don't recommend this approach to those companies that already lost their certification as time is of the essence.
DIY template kit: Customizing prewritten templates according to detailed customization instructions is an inexpensive and quick way to transition to ISO 9001:2015. No expertise and only little time is required; the quality of the templates and customization instructions are decisive factors. Use our ISO 9001 Documentation Toolkit to upgrade to an efficient and business-oriented ISO system.
Consultant: An ISO 9001 consultant can analyze your existing QMS, determine the shortcomings, and guide your transition to the 2015 version. This is the best approach if you not only want to simply get re-certified but also gain the insights of an experienced consultant. Your approach – and the necessary budget – depend on how well your current QMS is working for you. If you are using ISO in daily operations, chances are that you only need a few hours of our consulting service. If, on the other hand, your ISO system isn't in active use, you might want to start fresh and have a senior consultant perform a complete gap analysis and prepare an implementation plan for you.
Before doing anything else, you need to consider your current QMS. Is it working well for you or not? Then you can decide if you want to make the least possible modifications to your existing quality management system, or if you want to rewrite your entire ISO 9001 documentation and set up a new system.
ISO 9001:2015 introduces several modifications to the previous revision, as well as some completely new requirements. While the text of the new ISO 9001:2015 reads differently from the previous revision, most of the actual requirements remain the same. Though the new standard uses different wording and a different structure, the International Organization for Standardization (ISO) specifically states that you are neither required nor encouraged to adopt the new wording and structure if your current setup works well for you. This means that you are only required to make some modifications and additions to your current ISO 9001:2008 quality management system, while keeping most of your current documentation and processes in place.
On the other hand, ISO 9001:2015 has adopted a new, uniform structure that will become common to all ISO management standards. If your company intends to integrate ISO 9001 with ISO 14001 or another ISO standard, it may be easier to adopt the new structure and numbering system. In this case, you would rewrite your existing ISO 9001 documentation either from scratch or modify its structure with the help of a correlation matrix.
Lastly, you may want to consider the quality of your current ISO documentation and processes. If you are not satisfied with the performance of your current ISO 9001 system, you may want to take the required transition to ISO 9001:2015 as an opportunity to completely redesign your entire quality management system.
If you consider your existing QMS a good foundation and if you are ready to do the transition yourself, then follow our six steps to upgrade to the 2015 version of the standard. But first, consider the following tips.
Don't change what's working for you!
Don't make changes merely to please the auditor or make auditing easy. It is the auditor's job to establish how your ISO 9001 system meets the requirements of ISO 9001:2015.
Consider the value to your company. ISO 9001 is supposed to be a real business tool for companies, and every part of your ISO 9001 system should add value. That's the core of the 9001Simplified System.
Keep things simple!
Don't read too much into the changes when looking at the ISO 9001:2015 standard. There may be new words but that doesn't mean that the requirements have changed.
Some people will be perfectly fine using our materials, others may prefer a training course to learn more about ISO 9001:2015 and its new concepts. Particularly top management may benefit from some training in those key ISO 9001 requirements for which they will be directly responsible (ISO 9001:2015 significantly expanded the involvement of top management in ISO 9001). In any event, it will be worthwhile to at least consider taking some training.
As mentioned earlier, we recommend you schedule your re-certification audit as soon as possible. Please discuss dates, details and costs with your registrar – either the previous or a new one. You may also discuss your transition plan. Last but not least, ISO 9001:2015, clause 4.3 requires that you have your products and/or services explicitly listed in the ISO 9001 scope statement. Please check with your registrar which updates to the scope statement on your ISO 9001 certificate are necessary.
Updating the ISO 9001 documentation is often considered the biggest step in the transition process as it lays the foundation for efficient processes. ISO 9001:2015 introduces several new and modified requirements. The "New Documentation Requirements" below list the clauses of ISO 9001:2015 that introduce completely new requirements which have not been part of any previous version of ISO 9001. You will need to create new procedures and forms. The "Required Modifications" below list the clauses that include changes to existing ISO 9001:2008 requirements. You will need to modify your procedures, forms and flowcharts to meet these requirements.
New Documentation Requirements
Clause 4.1 "Understanding the Organization and its Context"
Clause 4.2 "Understanding the Needs and Expectations of Interested Parties"
Clause 4.4 "Quality Management System and its Processes"
Clause 5.1 "Leadership and Commitment"
Clause 6.1 "Actions to address Risks and Opportunities"
Clause 6.3 "Planning of Changes"
Clause 7.1.6 "Organizational Knowledge"
Scope of the quality management system (as shown on your ISO 9001 certificate)
Quality management processes (process flowchart)
Control of Documents (section 4.2.3 in ISO 9001:2008)
Management Commitment (section 5.1 in ISO 9001:2008)
Customer Focus (section 5.2 in ISO 9001:2008)
Management Review (section 5.6 in ISO 9001:2008)
Human Resources (section 6.2 in ISO 9001:2008)
Customer Property (section 7.5.4 in ISO 9001:2008)
Corrective Action (section 8.5.2 in ISO 9001:2008)
Preventive Action (section 8.5.3 in ISO 9001:2008)
The most important of the new requirements in ISO 9001:2015 is the focus on risk management in clause 6.1. While previous versions had a section on preventive action, the new 2015 version expands upon preventive action to create a complete clause on risk management. This new requirement will be of great value for many small businesses that had previously not properly managed the internal and external risks to their very existence.
Carefully review the changes that you made to your ISO 9001 documentation and jot down who will be affected by the changes. Risk-based thinking, for example, will somewhat impact all managers.
Meet up with individual department managers to introduce them to the changes. Introduce the new ISO 9001 documentation and any pertinent forms.
As the concept of the process approach has been expanded to include risk- based thinking and change management, it is necessary to review all existing processes and work work instructions. Therefore, ask the managers to look at all their processes and pay particular attention to these issues:
Authorities (who can assign responsibilities in the process?)
Risks (what could cause the process to lead to an undesirable output?)
Opportunities (what could improve the process?)
Change (have a plan for reviewing, adapting and improving the process)
Based on the answers to the four points above, process owners may need to update any related work instructions and process flow charts.
It is necessary to conduct a complete internal audit of the entire ISO 9001 quality management system and correct any audit non-conformities prior to the registrar being able to re-certify your company. The internal audit will show you how well all changes have been implemented.
Don't forget that your ISO 9001 system has changed and, therefore, your internal auditor(s) need to be re-trained accordingly. The changes to your ISO 9001 system are rather small so it will be possible to conduct an ISO 9001:2015 internal audit if you introduce your auditor(s) to all the changes and provide new audit checklists. You may, however, consider an entire ISO 9001:2015 auditor training course (for example, the online course ISO 9001:2015 Internal Auditor Training) as it will teach your auditor(s) not only the changes in ISO 9001:2015 but also refresh their knowledge of the standard.
As your certification has lapsed, the re-certification audit will be a comprehensive audit similar to your first ISO 9001 audit rather than just reviewing the new and modified requirements. As with all audits, you will have the opportunity to address all audit nonconformities through corrective action. Once your registrar is satisfied that your company meets the requirements of ISO 9001:2015, your company will be issue the new ISO 9001:2015 certification.
If you enjoyed this article, subscribe for updates
Stay in touch with our free resources on ISO 9001
We won't send you spam. Unsubscribe at any time.
Thanks. Your message has been sent. We'll get back to you as soon as possible.
We'll reply ASAP