Deadlines for ISO 9001:2015 and ISO 14001:2015 registration have appeared on the horizon. Although we have 24 months to get registered to these new standards, some related timelines are looming even closer, notably scheduling a recertification or surveillance audit.
Some organizations have already passed their surveillance audits since the standards’ publication in 2015, but most audits have yet to take place. Many organizations will begin their recertification audits to ISO 9001:2015 and ISO 14001:2015 around the middle of 2017. This doesn’t leave a lot of time for updating management systems to comply with new requirements.
Transition strategies for ISO 9001 and ISO 14001
There are several strategic changes to ISO 9001:2015 and ISO 14001:2015. One of them, touted by many as the most important, is the high-level structure (HLS). The HLS provides the same structure and terminology for all ISO management systems standards. The key benefit of this change is realized when organizations implement an integrated management system (IMS) that incorporates more than one standard. Organizations would be remiss if they don’t take advantage of this important change. For a summary of integrated management systems, see the appendix of Integrated Management Systems (ASQ Quality Press, 2015), by Chad Kymal, Greg Gruska, and Dan Reid, or contact Omnex for an executive primer.
The HLS highlights expanded leadership opportunities in the revised standards as well. Clause 5.1.1—“Leadership and commitment” says top management is accountable for the organization’s QMS and EMS. For more information, see our webinar, “What will be the role of top management in ISO 9001:2015 and ISO 14001:2015?”
Next, risk-based thinking allows organizations to think beyond measuring risk and become proactive in preventing it. Risk-based thinking addresses ISO 9001:2015’s clause 6.1—“Planning risk” and clause 5.1.2—“Customer satisfaction risk.” Organizations need to choose a methodology to implement planning, and for this Omnex proposes the business operating system (BOS)methodology. See also the Omnex seminar, “Risk and implementing risk strategies based on ISO 9001:2015.”
The second important proactive measure concerns product realization processes—project risk, design risk using DFMEA, manufacturing process risk using PFMEA, and shop floor control using process controls and control plans.
With ISO 14001:2015, organizations will be required to rethink their process approach. In previous editions, ISO 14001 only required procedures (which were defined as processes, although not very well) and did not use any language similar to ISO 9001’s process approach. ISO 14001:2015, clause 4.4, now specifically uses the word “process.” This, along with the requirement that top management integrate environmental management system (EMS) requirements into the organization’s processes (per clause 5.1.1 c), means that companies with both a QMS and an EMS must integrate these systems’ requirements into one process approach. This is an important element of the 2015 revision that’s not getting enough attention.
Another important opportunity for organizations transitioning to ISO 14001:2015 is integrating “protecting the environment” and social responsibility (sustainability) into their EMS. This is especially important with the new IATF 16949:2016 standard that requires a code of conduct for ethics in environmental and social responsibility. Additionally, many organizations have sustainability standards and are being required by their customers to create social responsibility-related initiatives. This is an organization’s chance to integrate all their requirements and standards into one system. For more information, see the Omnex webinar, “Planning for ISO 9001:2015 and ISO 14001:2015.”
Another important strategy for transitioning to ISO 9001:2015/ISO 14001:2015 is implementing an integrated management system that will improve the organization’s efficiency and effectiveness. An integrated management system saves time and money by reducing confusion, duplication of efforts, implementation costs, maintenance costs, and internal and external auditing costs. Additionally, implementing enterprise software for the QMS, EMS, or IMS is an important for transitioning to ISO 9001:2015 and/or ISO 14001:2015. For more information on why enterprise software is an important, see the Omnex webinar, “Implementing ISO 9001, ISO 14001 and ISO 45001 using enterprise integrated management systems software, part 2.”
Key Changes to ISO 9001:2015 and ISO 14001:2015
Omnex has identified 24 key changes in ISO 9001:2015 and 15 key changes in ISO 14001:2015. These are distinct changes in the standards that need to be addressed for an organization to effectively transition from ISO 9001:2008 and ISO 14001:2004 to the new 2015 standards. Some of the key changes for both standards are identified below:
ISO 9001:2015 | ISO 14001:2015 | ||
4.1 Context | New | 4.1 Context | New |
4.2 Interested Party Expectations | New | 4.2 Interested Party Expectations | New |
4.4 Quality Management System and its Processes | Expanded | 4.4 Environmental Management System | Addition of processes |
5.1.1.Leadership and Commitment | Expanded | 5.1.1.Leadership and Commitment | Expanded |
5.1.2 Customer Focus | Addition of Risk for product conformance and customer satisfaction | 5.1.2 Customer Focus | Addition of Risk for product conformance and customer satisfaction |
6.1.1 Actions to Address Risks and Opportunities | New addition of “Planning Risk” or “Risk of meeting intended outcomes” | 6.1.1 Actions to Address Risks and Opportunities | New addition of “Planning Risk” or “Risk of meeting intended outcomes” |
Research has shown that both ISO 9001 and ISO 14001 have changed significantly with these 2015 revisions. With the addition of context, interested-party expectations, and risk-based thinking, one would think ISO 9001:2015 has changed the most, but actually, ISO 14001 has changed in the most dramatic fashion, requiring companies to rethink their EMS.
One of the key changes in ISO 14001 is the concept of “strategic environmental management,” where the organization is asked to give more importance to environmental management in the strategic planning process. This idea is further expanded by calling for increased participation of the organization in the EMS. This, along with lifecycle thinking, protection of the environment, and environmental performance, have fundamentally changed the standard. Organizations should give themselves a chance to rethink their management system. This is not just Omnex’s view but is shared by the International Register of Certificated Auditors (IRCA):
“The 2015 release of ISO 14001, however, is set to be particularly significant as a result of fundamental changes to both its structure and its contents, and consequently complying with the revised requirement will present new challenges for organizations and environment and audit professionals alike.
“Culture can be described as: ‘The way things are done around here.’ However, this culture will have to be reviewed and revised, if necessary, as a consequence of the adoption of Annex SL as the basis for ISO 14001:2015. This includes the behaviors of everyone connected with the environmental system, and in particular, of those operating at the most senior level within an organization.
“Culture change can be notoriously difficult to effect, and it’s primarily for this reason that the CQI and the IRCA have taken the position that ISO 14001:2015 represents such a significant revision.”
The next steps
Here are the steps Omnex recommends for transitioning to ISO 9001:2015 and ISO 14001:2015. It’s important to create an implementation leader and a steering committee for this important transition. When creating the leader and team, management should stress that both management systems are for the organization’s benefit overall, and not for a specific department. The steering and leadership teams, championed by top management, ensure the completion of the processes shown below.
1. Discuss and plan the approach to QMS and EMS changes. The strategy must be determined before the gap analysis is conducted. As touched on above, key strategies include:
• Implementing a BOS for planning risk
• Considering proactive preventive processes for risk during the product-realization processes
• Determining how top management can be pulled into the planning and implementation of the QMS and EMS
• Integrating QMS and EMS processes into the same process approach (as required by clause 5.1.1 in the HLS)
• Adopting an IMS and enterprise software to make implementation easy and reduce costs
• Integrating social responsibility, including “protecting the environment” to the EMS system
Following this strategic planning process, the next steps are:
2. Conduct a gap analysis to analyze where the organization is in relationship to the overall plan and strategy, including ISO 9001:2015 and ISO 14001:2015 management systems.
3. Create an implementation plan with a steering committee and process owners.
4. Implement the key strategies and initiatives.
5. Document the processes and procedures.
6. Roll out the new system.
7. Conduct internal audits.
8. Conduct a management review.
9. Conduct third-party audits.
To efficiently implement the changes required by ISO 9001:2015 and ISO 14001:2015, and to do so with a value-added focus, organizations must begin the process now. As the surveillance audit and final deadlines draw near, organizations should avoid waiting until the last minute to begin this process. Otherwise they will find themselves forced to focus only on conformance to the standards (at a minimum), rather than building true value into their management systems.