ISO 9001:2008 Frequently Asked Questions (FAQ)

What Is The ISO 9001:2008 Standard?

The most recent edition of the ISO 9001 standard ISO 9001: 2008, Quality Management Systems - Requirements, was officially released by (ISO) the International Organization for Standardization on November 14, 2008. It is the fourth edition of the ISO 9001 standard since it was first published in 1987.

ISO 9001:2008 is a standard for quality management that provides a generic set of requirements for organizations that wish to develop a quality management system (QMS). The ISO 9001:2008 standard's main focus is on improving an organization's business processes. It is not intended to specify requirements for product or service quality. It is customers that typically set requirements for product and service quality. However, the expectation is that an organization with an effective ISO 9001 QMS will in fact, improve it's ability to meet customer, statutory and regulatory requirements.

This is the only QMS standard to which an organization can obtain independent and official third-party certification recognized by the marketplace. Because the requirements are generic and not specific, organizations have flexibility in adapting their QMS to fit their business, culture and risks. ISO 9001 requirements supplement applicable legal, contractual and regulatory requirements. Those implementing a QMS according to ISO 9001 should ensure that the specific needs of their customers and relevant legal and regulatory agencies are met.

Who Is Responsible For Revising QMS Standards?

The ISO Technical Committee No.176, Sub-committee no.2 (ISO / TC 176/SC 2) is responsible for the review process in collaboration with consensus among industry and quality experts designated by ISO member bodies and representing all stakeholders.

Does ISO 9001:2008 Have Additional Requirements Beyond ISO 9001:2000?

The latest (4th) edition of ISO 9001 does not contain any new requirements compared to the (3rd) edition 2000, which it replaces. What it does is provide clarifications to existing requirements of ISO 9001:2000 based on eight years of experience worldwide in the application of the standard and introduces changes aimed at improving consistency with the environmental management system (EMS) standard ISO 14001:2004.

The clarifications and changes in ISO 9001:2008 represent adjustments, instead of significant revision. It focuses on changes that organizations might make to better comply with the spirit of the standard without having to add, delete or modify the requirements. The changes are minor in nature and address such issues as the need to clarify, providing greater consistency, resolve perceived ambiguities, and improve compatibility with ISO 14001. The numbering system and structure of the standard remains unchanged. As a result, the latest standard is very much like the old standard.

ISO has classified the changes incorporated into this edition of ISO 9001:2008 in the following categories:

- No change or minimal change in user documents, including records

- No change or minimal changes to existing QMS processes

- No additional training or minimal training required

- No impact on existing certifications Instead, the 3rd edition, ISO 9001:2000 published in 2000, represented a major revision of the standard, including new requirements and a sharp customer emphasis, reflecting the evolution of quality management and experience gained since the publication of the initial version.

Why Was It Necessary To Introduce This Revision?

All ISO standards - currently over 17,400 - will be reviewed periodically. To ensure that ISO standards are maintained as the state of the art, ISO has a rule that requires periodic review and a decision to affirm, reverse or revise the documents. The review process should start within 3 years after the publication of a standard. The review considers several factors, including technological change, new methods and materials, new quality and safety requirements or issues of interpretation and application.

The revision of ISO 9001 which led to the 2008 edition was carried out by the subcommittee SC 2 of ISO / TC 176. This subcommittee, which is responsible for the ISO 9000 family, unites expertise from 80 participating countries and 19 international or regional organizations, plus other technical committees.

This review has a number of inputs that help:

- An overview of user questionnaire / survey

- A market study justification

- Tips from the ISO / TC 176 interpretation process

- Opportunities for greater compatibility with ISO 14001

- The need for greater clarity, ease of use, and improvement of translation

- Current trends -- keeping pace with latest developments in management practices.

How Does The New ISO 9001 Standard Affect Existing ISO 9001 QMS's?

As organizations get acquainted with ISO 9001:2008, they will wonder to what extent they will need to change their QMS. To a large extent, the new standard will not result in significant change to their quality management systems (CMS). ISO / TC 176 was careful not to make change for change sake. The changes that have been incorporated into this edition of ISO 9001 include changes that should lead to better understanding across a broader range of product types, including service organizations, the deliberate use of specific wording to reduce the possibility of misinterpretation by the user and to clearly bring out nuances of similar concepts. Finally, some changes were made to specific clauses on the basis of the 2004 International User Feedback Survey. This survey was conducted after the publication of ISO 9001:2000 and has invited respondents to identify the areas that they most wanted to see improved.

What Is The Transition Time Frame To Comply With This Revision And Does My Organization Require Full Re-Assessment For Certification?

The rules for the transition are:

1. ISO 9001:2008 certification is not considered an "update". The new edition will not require any special or additional assessment for certification. Certification Bodies will evaluate conformity to the new ISO 9001:2008 standard during regular surveillance visits and full reassessment will only take place once your current certificate expires.

2. ISO and the IAF have agreed that all certificates to ISO 9001 should be transitioned to ISO 9001:2008 within 2 years of publication date, (i.e., by November 14, 2010). Your organization can request your Certification Body (Registrar) to asses your QMS to ISO 9001:2008 at your next Surveillance audit.

3. One year after publication of ISO 9001:2008 (i.e., by November 14, 2009), all certifications issued (new certifications and re-certifications) must be to ISO 9001:2008.

4. Two years after publication of ISO 9001:2008 (i.e., by November 14, 2010), existing ISO 9001:2000 certifications will not be valid.

5. Organizations in the process of implementing ISO 9001 are recommended to apply for certification to ISO 9001:2008

This transition plan is regarded as realistic, since ISO 9001:2008 does not introduce new requirements. So basically, you have a two-year transition window starting November 14, 2008, so do not leave it until the last minute to make the transition.

What Will Happen To The Other Standards And Documents In The Current (2000) ISO 9000 Family?

The four main standards of the ISO 9000 family are:

- ISO 9000:2005 and published - no major changed expected in 2009

- ISO 9001:2000 now replaced by ISO 9001:2008

- Major changes are planned for ISO 9004 with a planned publication date of late 2009.

- ISO 19011:2002 is currently in the initial stages of the review process, with a new version expected in 2011.

The other standards and documents will be reviewed and updated as necessary.

How Much Is The Implementation Of The New Standard Going To Cost?

One of the goals of ISO / TC 176/SC 2 is to produce standards that minimize the potential costs of implementation or transition. Any additional costs can be considered as a value-added investment. A key factor in the development of ISO 9001:2008 is to limit the impact of changes and costs for users. So don't hestitate to negotiate with your certification / registration body, if they try to increase costs of certification or suggest additional assessments.

What Do Auditors Need To Know About ISO 9001:2008 Standard?

Auditors, whether external or internal, must be able to demonstrate their competence on the structure, content and terminology of the standards listed below, and also on the Principles of Quality Management. The standards require that auditors are able to understand the organization's activities and audit processes adequately to the requirements of ISO 9001 and in relation to the goals of the organization. Auditors should be able to demonstrate competence in:

- The requirements of ISO 9001:2008.

- The concepts and terminology of ISO 9000:2005.

- The Eight Principles of Quality Management

- A general understanding of ISO 9004

- Familiarity with the auditing guidance standard ISO 19011.

ISO / TC 176, ISO / CASCO and the IAF have established an ISO 9001 Auditing Practices Group, which has issued a series of web-based guidance notes to assist the auditors.

How Will ISO 9001:2008 Relate To The Needs Of Specific Business Sectors?

ISO 9001:2008 is compatible with existing management systems standards for specific business sectors such as the ISO / TS 16949, AS 9000/EN 9100 and TL 9000. Users of a sector specific scheme should refer to the organization responsible for the specific sector scheme, for example:

- ISO / TS 16 949 relate to the IATF,

- TL 9000 refer to the QuEST Forum

- For AS 9000/EN 9100 refer to the IAQG

Art Lewis is a semi-retired business consultant. He has provided consulting, training and auditing services for a number of standards to a wide range of businesses, over the past 18 years. He had made available a wealth of information absolutely free on his website Askartsolutions.com, including the specific changes to ISO 9001:2008.