ISO 9001 – 2008 Frequently Asked Questions (FAQ)

What Is The ISO 9001: 2008 Standard?

The latest edition of the ISO 9001 standard ISO 9001: 2008, Quality Management Systems Requirements, was officially published by (ISO) the International Organization for Standardization on November 14, 2008. It is the fourth edition of the ISO 9001 standard since it was first published in 1987.

ISO 9001:2008 is a standard that provides a generic set of requirements for organizations wishing to develop a quality management system (QMS). The ISO 9001:2008 standard focuses on improving an organizations business processes. It does not specify any requirements for product or service quality.  Customers typically set product and service quality requirements. However, the expectation is that an organization with an effective ISO 9001 based QMS will indeed improve its ability to meet customer, statutory and regulatory requirements.

This is the only QMS standard to which an organization may obtain formal third party certification. Because requirements are generic and not specific, organizations have flexibility in tailoring their QMS to fit their business, culture and risks.

ISO 9001 requirements complement contractual and applicable statutory and regulatory requirements. Those implementing a QMS conforming to ISO 9001 must ensure that the specific requirements of their customers and relevant statutory and regulatory agencies are met.

Who Is Responsible For Revising QMS Standards?

The ISO Technical Committee no.176, Sub-committee no.2 (ISO/TC 176/SC 2) is responsible for the revision process in collaboration with consensus among quality and industry experts nominated by ISO Member bodies, and representing all interested parties.

Does ISO 9001:2008 Have Additional Requirements Beyond ISO 9001:2000?

This latest (4th) edition of ISO 9001 contains no new requirements compared to the (3rd) year 2000 edition, which it replaces. What it does is provide clarification to the existing requirements of ISO 9001:2000 based on eight years experience of worldwide implementing of the standard and introduces changes intended to improve consistency with the environmental management system standard, ISO 14001:2004.

The clarifications and changes in ISO 9001:2008 represent fine-tuning, rather than a thorough overhaul. It focuses on changes that organizations might make to better comply with the spirit of the standard without adding, deleting, or altering its requirements. The changes are minor in nature and address such issues as the need to clarify, provide greater consistency, resolve perceived ambiguities, and improve compatibility with ISO 14001. The numbering system and the structure of the standard remain unchanged. As a result, the new standard looks much like the old standard.

ISO has organized the changes incorporated in this ISO 9001:2008 edition into the following categories:

– No changes or minimum changes on user documents, including records

– No changes or minimum changes to existing QMS processes

– No additional training required or minimal training required

– No effects on current certifications

In contrast, the 3rd edition, ISO 9001:2000 published in 2000, represented a major overhaul of the standard, including new requirements and a sharpened customer focus, reflecting developments in quality management and experience gained since the publication of the initial version.

Then Why Was It Necessary To Introduce This Revision?

All ISO standards, currently more than 17 400, are periodically reviewed. To ensure that ISO standards are maintained at the state of the art, ISO has a rule requiring them to be periodically reviewed and a decision taken to confirm, withdraw or revise the documents. The review process must be initiated within 3 years of publication of a standard. The review considers several factors such as technological evolution, new methods and materials, new quality and safety requirements, or questions of interpretation and application.

The review of ISO 9001 resulting in the 2008 edition was carried out by subcommittee SC 2 of ISO/TC 176. This subcommittee, which is responsible for the ISO 9000 family, unites expertise from 80 participating countries and 19 international or regional organizations, plus other technical committees.

This review has a number of inputs that help it:

o A global user questionnaire/survey 

o A market Justification Study 

o Suggestions arising from the ISO/TC 176 interpretation process 

o Opportunities for increased compatibility with ISO 14001 

o The need for greater clarity, ease of use, and improved translation

o Current trends – keeping up with recent developments in management system practices.

How Does The New ISO 9001 Standard Affect Existing ISO 9001 Quality Management Systems?

As currently certified organizations start looking at ISO 9001:2008, they will wonder to what extent the changes will affect them. To a large extent, the new standard will not result in significant change to existing quality management systems (QMS).

ISO/TC 176 was careful in not making change for change sake. The changes that have been incorporated into this edition of the ISO 9001 standard include changes that should lead to a better understanding across a broader range of product types, including service organizations; use of deliberate wording to minimize the potential for incorrect user interpretation; and reflect nuances of similar word concepts. Lastly, some of the changes to specific clauses were made based on the 2004 International User Feedback Survey. This survey was conducted after the publication of ISO 9001:2000 and had invited respondents to identify areas they most wanted to see improved.

What Is The Transition Time Frame To Comply With This Revision And Does My Organization Require Full Re-Assessment For Certification?

Certification to ISO 9001:2008 is not considered an upgrade.  The rules for transition are as follows:

1. The new edition will not require any specific reassessment for certification. Certification Bodies will evaluate conformity to the new ISO 9001:2008 standard during regular surveillance visits and full reassessment will only take place once your current certificate expires.

2. ISO and the IAF have agreed that all certificates to ISO 9001 should be transitioned to ISO 9001:2008 within 2 years of publication date, (i.e., by November 14, 2010). Your organization can request your Certification Body (Registrar) to asses your QMS to ISO 9001:2008 at your next Surveillance audit.

3. One year after publication of ISO 9001:2008 (i.e., by November 14, 2009), all certifications issued (new certifications and re-certifications) must be to ISO 9001:2008.

4. Two years after publication of ISO 9001:2008 (i.e., by November 14, 2010), existing ISO 9001:2000 certifications will not be valid.

5. Organizations in the process of certification to ISO 9001:2000 are recommended to apply for certification to ISO 9001:2008.

This transition plan is deemed realistic, because ISO 9001:2008 introduces no new requirements. So basically, you have a two year transition window starting from November 14, 2008, so don’t leave it to the last moment to make the transition.

What Will Happen To The Other Standards And Documents In The Current (2000) ISO 9000 Family?

The four primary standards of the current ISO 9000 family are the following:

o ISO 9000:2005 already published  – no major changes expected for 2009 

o ISO 9001:2000 to be superseded by ISO 9001:2008 

o Significant changes are planned for ISO 9004 with a planned publication date of late 2009. 

o ISO 19011:2002 is currently in the initial stages of the revision process, with a new version expected in 2011.

The other standards and documents will be reviewed and updated as necessary.

How Much Is The Implementation Of The New Standard Going To Cost?

One of the goals of ISO/TC 176/SC 2 is to produce standards that will minimize any potential costs in implementation or transition.  Any additional costs may be considered as a value-adding investment. A key factor in the development of ISO 9001:2008 was to limit the impact of changes and costs on users. So don’t flinch at negotiating with your certification / registration body, if they try to increase costs of certification.

What Do Auditors Need To Know About ISO 9001:2008 Standard? 

Auditors, whether external or internal, should be able to demonstrate their competence on the structure, content and terminology of the standards listed below, and also on the underlying Quality Management Principles.

The standards require that auditors are able to understand the organization’s activities and processes and appropriately audit against the requirements of the ISO 9001 in relation to the organization’s objectives. Auditors should be able to demonstrate competency in:

o The requirements of the ISO 9001:2008. 

o The concepts and terminology of the ISO 9000:2005. 

o The eight Quality Management Principles 

o A general understanding of  ISO 9004 

o Familiarity with the auditing guidance standard ISO 19011. 

How Will ISO 9001:2008 Relate To The Needs Of Specific Business Sectors? 

ISO 9001:2008 remains compatible with existing management systems standards for specific business sectors like ISO/TS 16949, AS 9000/EN 9100 and TL 9000. 

Users of a specific sector scheme should refer to the organization that is responsible for that sector scheme, e.g. for:

o           ISO/TS 16 949 refer to the IATF, 

o           TL 9000 refer to the QuEST Forum 

o           For AS 9000/EN 9100 refer to the IAQG