Many certified organizations around the world are in the last minute process of adapting their management systems to comply with the 2015 revisions to ISO 9001 and ISO 14001 standards. Although the transition deadline of September 2018 seemed far away at the time it was released, the time for focused action is now. Most likely, your next audit is the upgrade to the 2015 edition of the standard (unless you were part of the 5% who did the work early). The magnitude of effort to complete the transition is purely dependent on the size, maturity, and complexity of the organization’s business processes. Here are the top 6 issues organizations are facing with implementing the ISO 9001:2015 and ISO 14001:2015 standards:
- Context of the organization – requires an understanding of the external and internal factors that could impact the organization’s ability to meet its objectives. ISO 9002 includes examples on the implementation of this requirement. The intent of this requirement is to understand the external and internal issues that are relevant to the organization’s purpose and strategic direction and that can affect, either positively or negatively, the organization’s ability to achieve the intended results of its quality management system.
Information about external and internal issues can be found from many sources, such as through internal documented information and meetings, press, websites, professional, technical, governmental publications, conferences and meetings with relevant agencies, meetings with customers and relevant interested parties, and professional associations.
Tools such as Strengths, Weaknesses, Opportunities and Threats analysis (SWOT) or Political, Economic, Social, Technological, Legal, Environmental analysis (PESTLE) can be useful. Brainstorming and asking “what if” questions may also be used in clarifying the Context. Although a documented information is not required, one may be very useful in outlining the company’s approach in determining its Context.
- Identification of Stakeholders and Interested Parties – Although self-evident, the revised standards enlarge the group of stakeholders and interested parties beyond customers and owners / shareholders. The list of relevant interested parties can be unique to the organization. These stakeholders could possibly influence or have an impact on the organization’s performance/decisions, or can affect the organization through their decisions or activities. Some key stakeholders may include customers, end users or beneficiaries, partners, bankers, unions, owners of intellectual properties, external providers, employees, regulatory requirements and others.
Obviously, some interested parties have more impact than others, but until you list them, it’s difficult to assess that impact. Although documented information is not required, a simple document outlining the interest parties and their expectations may be a fruitful exercise in ensuring that those requirements are considered.
- Risk based Thinking – An added dimension to decision making at all levels within the organization and encourages the consideration of risks and opportunities with achieving the desired results. Process level analysis has been present in sector specific standards. However, for many organizations, the requirement to demonstrate risk–based decision making is challenging. There are many tools available for this, such as: FMEA, SWOT, ISO 31000, etc.
No one method is prescribed in the new standards. Different methods may be used for the various processes, as seen suitable by the organization.
- Process Approach – This concept has been in the ISO 9001 standard since the 2000 edition. The 2015 edition adds more structure to the requirement. Organizations continue to address their management systems on the obsolete clause basis and are in the journey of thinking along business processes. Identifying business processes at a relevant level and assigning process indicators for effectiveness, has proven to be of great value to those organizations that have successfully made the transition.
- Out-sourced Processes – The applicability of these requirements has not changed and yet the type of control to be exercised over outsourced processes includes consideration of the environmental aspects and impacts over the life cycle of the product or service for ISO14001.
- Leadership and Commitment – The requirement to demonstrate commitment to the organization’s quality or environmental management systems and ensure the integration of those requirements into the organization’s business processes has drawn in executive responsibilities in the certification processes. By engaging top executive management in such decisions organizations are now able to demonstrate the value of an effective management system in assuring business success. Complex structures and large organizations often have difficulty in assuring / demonstrating such leadership engagement / commitment for processes previously delegated to the “quality” or “environmental” department.
A wealth of information is available for organizations to learn and implement the revised requirements, including numerous recorded webinars on our website, ISO 9000:2015 –Fundamentals and Vocabulary and ISO/TS 9002:2016 – Guidelines for the application of ISO 9001:2015.