3. ISO 9001:2008 – Periodic Review
► ISO 9001, like all standards is subject to periodic review to determine
whether it is still relevant, whether it needs to be updated or whether it
should be discarded
► The review period is around 5-6 years and for ISO 9001 it is designed
such that whenever there are significant changes to be done (major
revision) the next revision will be less significant (minor)
► Since the revisions issued in 2000 (implemented in 2003) were major,
the next one will be minor; changes are more based on the clarification
of the existing requirements rather than including new ones
New version released on the
New version released on the
15th of November 2008
15th of November 2008
ISO 9001:2008 - NOV 2008 3
5. ISO 9000:2000 Family
ISO
ISO
ISO
ISO
Annexes A & B for
information only
10012
Measurement 10012
10012
10012
Quality management
systems -
ISO
ISO ISO
ISO
9000 Audits 19011
19011
Fundamentals & 9000
vocabulary
Guidelines
Quality management
systems -
ISO
ISO ISO
ISO Quality management
systems -
Guidelines for 9004
9004 9001
9001 Requirements
performance
improvement
Technical
Technical
Reports
Reports
ISO 9001:2008 - NOV 2008 5
6. ISO 9001:2000 Process Approach
PROCESS
EFFECTIVENESS
Extent to which planned
CONTROLS activities are realized and
planned results achieved
PROCESS
PROCESS
“set of interrelated or
“set of interrelated or
INPUT interacting activities
interacting activities
OUTPUT PRODUCT
which transforms
which transforms
inputs into outputs
inputs into outputs
PROCESS EFFICIENCY
RESOURCES Relationship between the
result achieved and the
resources used
A desired result is achieved more efficiently
when activities and related resources are
managed as a process
ISO 9001:2008 - NOV 2008 6
7. ISO 9001:2000 System approach to management
Identifying,
understanding and
R R
managing interrelated
processes as a I Process O I Process
O
system contributes to A
R
B
R
I
the organization’s I
C C
effectiveness and I Process Process O
C D
efficiency in I = INPUT
O I
achieving its O = OUTPUT
R =
objectives RESOURCES
C C
C = CONTROLS
ISO 9001:2008 - NOV 2008 7
8. Concept of integration
► ISO 9001:2008, ISO 14001:2004 & OHSAS 18001:2007 standards
based on PDCA concept, therefore having similar structure:
Policy
Planning
Implementation and operation
Performance assessment
Improvement
Management review
ISO 9001:2008 - NOV 2008 8
10. ISO 9001:2008
► In 2000, major changes were put in place and continue to remain
important and valid
► The current changes are more a clarification of points already in
the standard rather than the inclusion of new requirements.
► Changes have also been made to be consistent with the current
ISO 14001 revision (2004) in order to make the combination
easier and more efficient.
ISO 9001:2008 - NOV 2008 10
11. ISO 9001:2008 main changes
► Reinforcement of Control over outsourced processes that affect product
conformity to requirements
► Management representative has to be a member of the organization
management and not an external individual
► Competence of all personnel affecting conformity to product requirement
must be controlled by the organization
► Additional guidance to explain the different methods on measuring and
monitoring customer satisfaction
► For internal audits, the management of the audited unit must ensure that
necessary corrections and corrective actions are taken
► Clarification that information systems are included as part of the company
infrastructure, and therefore the management system
► New requirement to review the effectiveness of corrective and preventive
actions
ISO 9001:2008 - NOV 2008 11
12. IAF and ISO policy for transition
► IAF and ISO have approved a transition policy
► Certification to new revision granted only after a surveillance or a recertification
audit
► New certificates can’t mention a standard which is not published (for example a
country version not yet translated)
► No 9001:2000 certificates issued after Nov 15 2009
► All 9001:2000 to be transitioned and withdrawn before Nov 15 2010
ISO 9001:2008 - NOV 2008 12
13. Bureau Veritas Certification policy for transition
► Process
The transition to this new revision will be performed either during your next
surveillance audit or your next recertification and no later than 15th of
November 2010
No additional auditing time, no change in your auditing cycle
A new certificate will be issued replacing your current certificate (including
multi-sites).
The expiration date of a new certificate issued after a surveillance audit
remains the same as the previous one.
ISO 9001:2008 - NOV 2008 13
15. Foreword
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
► 2000:
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 3.
International Standard ISO 9001 was prepared by Technical Committee ISO/TC 176, Quality management and quality
assurance, Subcommittee SC 2, Quality systems.
This third edition of ISO 9001 cancels and replaces the second edition (ISO 9001:1994) together with ISO 9002:1994 and
ISO 9003:1994. It constitutes a technical revision of these documents. Those organizations which have used ISO
9002:1994 and ISO 9003:1994 in the past may use this International Standard by excluding certain requirements in
accordance with 1.2.
The title of ISO 9001 has been revised in this edition and no longer includes the term “Quality assurance”. This reflects the
fact that the quality management system requirements specified in this edition of ISO 9001, in addition to quality assurance
of product, also aim to enhance customer satisfaction.
Annexes A and B of this International Standard are for information only.
► 2008:
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO
shall not be held responsible for identifying any or all such patent rights.
ISO 9001 was prepared by Technical Committee ISO/TC 176, Quality management and quality assurance, Subcommittee
SC 2, Quality systems.
This fourth edition cancels and replaces the third edition which has been technically revised.
Annex A of this International Standard is for information only
ISO 9001:2008 - NOV 2008 15
16. Introduction - 01 - General
► ISO 9001: 2000
…The design and implementation of an organization's quality management
system is influenced by varying needs, particular objectives, the products
provided, the processes employed and the size and structure of the
organization…
► ISO 9001: 2008
…The design and implementation of an organization‘s quality management
system is influenced by: its business environment, changes in that
environment, or risks associated with that environment; its varying needs; its
particular objectives; the products it provides; the processes it employs; its
size and organizational structure...
This International Standard can be used by internal and external parties,
including certification bodies, to assess the organization‘s ability to meet
customer, statutory and regulatory requirements applicable to the product, and
the organization’s own requirements.
► For the 1st time the word risk appears in ISO 9001
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 16
17. Introduction - 02 - Process approach
► 2000:
The application of a system of processes within an organization, together with the identification
and interactions of these processes, and their management, can be referred to as the “process
approach”.
► 2008:
The application of a system of processes within an organization, together with the identification
and interactions of these processes, and their management to produce the desired outcome,
can be referred to as the “process approach“.
► IAF and ISO have published a document on Desired Outcome of 9001
From the customer’s perspective
A certified organization, for the defined scope, consistently provides products that meet
customer and applicable statutory and regulatory requirements, and aims to enhance
customer satisfaction.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 17
18. Introduction - 03 - Relationship with ISO 9004
► 2000:
The present editions of ISO 9001 and ISO 9004 have been developed as a consistent pair of
quality management system standards which have been designed to complement each other,
but can also be used independently. Although the two International Standards have different
scopes, they have similar structures in order to assist their application as a consistent pair.
ISO 9004 gives guidance on a wider range of objectives of a quality management system than
does ISO 9001, particularly for the continual improvement of an organization's overall
performance and efficiency, as well as its effectiveness. ISO 9004 is recommended as a guide
for organizations whose top management wishes to move beyond the requirements of ISO
9001, in pursuit of continual improvement of performance.
► 2008:
The present edition of ISO 9004 has been developed to maintain consistency with ISO 9001.
Both standards complement each other, but can also be used independently.
ISO 9001 specifies requirements for a quality management system that can be used for internal
application by organizations, or for certification, or for contractual purposes. It focuses on the
effectiveness of the quality management system in meeting customer and applicable statutory
and regulatory requirements.
ISO 9004 gives guidance on a wider range of objectives of a quality management system than
does ISO 9001, particularly in managing for the sustainable success of an organization. ISO
9004 is recommended as a guide for organizations whose top management wishes to extend
the benefits of ISO 9001 in pursuit of systematic and continual improvement of the
organization’s overall performance.
9001 and 9004 are a consistent pair that should be used together but 9004
revision will be published only in 2009
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 18
19. Introduction - 04 - Compatibility with other management systems
•2000:
•This International Standard has been aligned with ISO
14001:1996 in order to enhance the compatibility of the two
standards for the benefit of the user community.
•2008:
•During the development of this International Standard, due consideration has
been taken of the provisions of ISO 14001:2004 to enhance the compatibility of
the two standards for the benefit of the user community.
• Important for the compatibility with ISO 14001 – this should
increase efficiency of combined audits
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 19
20. 1 - Scope
► 1.1 General - ISO 9001:2008
a) needs to demonstrate its ability to consistently provide product that meets customer and
applicable statutory and regulatory requirements, and
b) aims to enhance customer satisfaction through the effective application of the system, including
processes for continual improvement of the system and the assurance of conformity to customer
and applicable statutory and regulatory requirements.
NOTE 1 In this International Standard, the term “product” applies to the product intended for, or
required by, a customer or the product realization processes. This applies to any intended output
resulting from product realization processes, including purchasing.
NOTE 2 Statutory and regulatory requirements may be expressed as legal requirements.
Clarification as to what is a product
► 1.2 Application – ISO 9001:2008
Where exclusions are made, claims of conformity to this International Standard are not
acceptable unless these exclusions are limited to requirements within clause 7, and
such exclusions do not affect the organizations ability, or responsibility, to provide
product that meets customer and applicable statutory and regulatory requirements.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 20
21. 2 - Normative reference
► 2000
The following normative document contains provisions which, through reference in this text,
constitute provisions of this International Standard. For dated references, subsequent
amendments to, or revisions of, any of these publications do not apply. However, parties to
agreements based on this International Standard are encouraged to investigate the possibility of
applying the most recent edition of the normative document indicated below. For undated
references, the latest edition of the normative document referred to applies. Members of ISO
and IEC maintain registers of currently valid International Standards.
ISO 9000:2000, Quality management systems — Fundamentals and vocabulary.
► 2008
The following referenced documents are indispensable for the application of this document. For
dated references, only the edition cited applies. For undated references, the latest edition of the
referenced document (including any amendments) applies.
ISO 9000:2005 Quality management systems — Fundamentals and vocabulary.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 21
22. 3 - Terms and definitions
► 2000
The following terms, used in this edition of ISO 9001 to describe the supply chain, have been
changed to reflect the vocabulary currently used:
supplier organization customer
The term “organization” replaces the term “supplier” used in ISO 9001:1994, and refers to the
unit to which this International Standard applies. Also, the term “supplier” now replaces the term
“subcontractor”.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 22
23. 4 - QMS - 4.1 General requirements New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
► 2000
Where an organization chooses to outsource any process that affects product conformity with requirements, the
organization shall ensure control over such processes. Control of such outsourced processes shall be identified
within the quality management system.
► 2008
e) monitor, measure (where applicable), and analyse these processes, and f) implement actions necessary to
achieve planned results and continual improvement of these processes.
Where an organization chooses to outsource any process that affects product conformity to requirements, the
organization shall ensure control over such processes. The type and extent of control to be applied to these
outsourced processes shall be defined within the quality management system.
NOTE 1 Processes needed for the quality management system referred to above include processes for
management activities, provision of resources, product realization and measurement, analysis and improvement.
NOTE 2 An outsourced process is the process that the organization needs for its quality management system and
which the organization chooses to have performed by an external party
NOTE 3 Ensuring control over outsourced processes does not absolve the organization of the responsibility of
conformity to all customer, statutory and regulatory requirements.
a) the potential impact of the outsourced process on the organization’s capability to provide product that conforms to
requirements;
b) the extent to which the control for the process is shared;
c) the capability of achieving the necessary control through the application of clause 7.4.
ISO 9001:2008 - NOV 2008 23
24. 4 - QMS - 4.2. Documentation requirements
► 4.2.1 General
► 2000
d) documents needed by the organization to ensure the effective planning, operation and control
of its processes, and
e) records required by this International Standard (see 4.2.4).
► 2008
c) documented procedures and records required by this International Standard, and
d) documents, including records, determined by the organization to be necessary to ensure the
effective planning, operation and control of its processes.
NOTE 1 Where the term “documented procedure“ appears within this International Standard,
this means that the procedure is established, documented, implemented and maintained. A
single document may include the requirements for one or more procedures. A requirement for a
documented procedure may be covered by more than one document .
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 24
25. 4 - QMS - 4.2. Documentation requirements
► 4.2.3 Control of documents
► 2008
f) to ensure that documents of external origin determined by the organization to be necessary for
the planning and operation of the quality management system are identified and their distribution
controlled, and
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 25
26. 4 - QMS - 4.2. Documentation requirements
► 4.2.4 Control of records
► 2000
Records shall be established and maintained to provide evidence of conformity to requirements
and of the effective operation of the quality management system. Records shall remain legible,
readily identifiable and retrievable. A documented procedure shall be established to define the
controls needed for the identification, storage, protection, retrieval, retention time and disposition
of records.
► 2008
Records established to provide evidence of conformity to requirements and of the effective
operation of the quality management system shall be controlled.
The organization shall establish a documented procedure to define the controls needed for the
identification, storage, protection, retrieval, retention and disposition of records.
Records shall remain legible, readily identifiable and retrievable.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 26
27. 5 - Management responsibility
► 5.5.2 Management representative
► 2000
Top management shall appoint a member of the management who,
irrespective of other responsibilities …..
► 2008
Top management shall appoint a member of the organisation’s
management who, irrespective of other responsibilities …..
► The management representative must be a member of the
organisation management team
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 27
28. 6 - Resource management
► 6.2.1 Human resources - General
► 2008
Personnel performing work affecting conformity to product quality requirements shall be
competent on the basis of appropriate education, training, skills and experience
NOTE Conformity to product requirements may be affected directly or indirectly by personnel
performing any task within the quality management system .
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 28
29. 6 - Resource management
► 6.2.2 Human resources – Competence, training and awareness
► 2000
a) determine the necessary competence for personnel performing work affecting product quality,
b) provide training or take other actions to satisfy these needs,
c) evaluate the effectiveness of the actions taken
► 2008
a) determine the necessary competence for personnel performing work affecting conformity to
product requirements,
b) where applicable, provide training or take other actions to achieve the necessary competence,
c) ensure that the necessary competence has been achieved,
► Competence for personnel that affect the conformity to product requirements must
be defined
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 29
30. 6 - Resource management
► 6.3 Infrastructure
► 2008
c) supporting services (such as transport, communication or information systems).
► Information systems are explicitly part of the infrastructure
► 6.4 Work environment
► 2008
NOTE The term "work environment" relates to conditions under which work is performed
including physical, environmental and other factors (such as noise, temperature, humidity,
lighting, or weather).
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 30
31. 7 - Product realization - 7.1 Planning of product realization
► 2000
b) the need to establish processes, documents, and provide resources specific to the product;
► 2008
b) the need to establish processes and documents, and to provide resources specific to the
product;
c) required verification, validation, monitoring, measurement, inspection and test activities
specific to the product and the criteria for product acceptance;
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 31
32. 7 - Product realization – 7.2. Customer related processes
► 7.2.1 Determination of requirements related to the product
► 2000
c) statutory and regulatory requirements related to the product, and
d) any additional requirements determined by the organization.
► 2008
c) statutory and regulatory requirements applicable to the product, and
d) any additional requirements considered necessary by the organization.
NOTE Post delivery activities include, for example, actions under warranty provisions,
contractual obligations such as maintenance services, and supplementary services such as
recycling or final disposal.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 32
33. 7 - Product realization – 7.3. Design and development
► 7.3.1 Design and development planning
► 2008
NOTE Design and development review, verification and validation have distinct purposes. They
may be conducted and recorded separately or in any combination as suitable for the product
and the organization.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 33
34. 7 - Product realization – 7.3. Design and development
► 7.3.3 Design and development outputs
► 2000
The outputs of design and development shall be provided in a form that enables verification
against the design and development input and shall be approved prior to release.
► 2008
The outputs of design and development shall be in a form suitable for verification against the
design and development input and shall be approved prior to release.
Design and development outputs shall
a) meet the input requirements for design and development,
b) provide appropriate information for purchasing, production and for service provision,
c) contain or reference product acceptance criteria, and
d) specify the characteristics of the product that are essential for its safe and proper use.
NOTE Information for production and service provision may include details for the preservation
of product.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 34
35. 7 - Product realization – 7.5 Production and service provision
► 7.5.1 Control of production and service provision
► 2000
d) the availability and use of monitoring and measuring devices,
► 2008
d) the availability and use of monitoring and measuring equipment,
e) the implementation of monitoring and measurement, and
f) the implementation of product release, delivery and post-delivery activities.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 35
36. 7 - Product realization – 7.5 Production and service provision
► 7.5.2 Validation of processes for production and service provision
► 2000
The organization shall validate any processes for production and service provision where the
resulting output cannot be verified by subsequent monitoring or measurement. This includes any
processes where deficiencies become apparent only after the product is in use or the service
has been delivered.
► 2008
The organization shall validate any processes for production and service provision where the
resulting output cannot be verified by subsequent monitoring or measurement and as a
consequence, deficiencies become apparent only after the product is in use or the service has
been delivered.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 36
37. 7 - Product realization – 7.5 Production and service provision
7.5.3 Identification and traceability
► 2000
Where traceability is a requirement, the organization shall control and record the unique
identification of the product (see 4.2.4).
► 2008
The organization shall identify the product status with respect to monitoring and measurement
requirements throughout product realization.
Where traceability is a requirement, the organization shall control the unique identification of the
product and maintain records (see 4.2.4).
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 37
38. 7 - Product realization – 7.5 Production and service provision
► 7.5.4 Customer property
► 2000
The organization shall exercise care with customer property while it is under the organization's
control or being used by the organization. The organization shall identify, verify, protect and
safeguard customer property provided for use or incorporation into the product. If any customer
property is lost, damaged or otherwise found to be unsuitable for use, this shall be reported to
the customer and records maintained (see 4.2.4).
NOTE Customer property can include intellectual property.
► 2008
The organization shall exercise care with customer property while it is under the organization‘s
control or being used by the organization. The organization shall identify, verify, protect and
safeguard customer property provided for use or incorporation into the product. If any customer
property is lost, damaged or otherwise found to be unsuitable for use, the organization shall
report this to the customer and maintain records (see 4.2.4).
NOTE Customer property can include intellectual property and personal data.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 38
39. 7 - Product realization – 7.5 Production and service provision
7.5.5 Preservation of product
► 2000
The organization shall preserve the conformity of product during internal processing and delivery to
the intended destination. This preservation shall include identification, handling, packaging, storage
and protection. Preservation shall also apply to the constituent parts of a product.
► 2008
The organization shall preserve the product during internal processing and delivery to the intended
destination in order to maintain conformity to requirements. As applicable, preservation shall include
identification, handling, packaging, storage and protection. Preservation shall also apply to the
constituent parts of a product.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 39
40. 7 - Product realisation - 7.6 Control of monitoring and measuring
equipment
New in ISO 9001:2008
► 2000 Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
7.6 Control of monitoring and measuring devices
The organization shall determine the monitoring and measurement to be undertaken and the monitoring
and measuring devices needed to provide evidence of conformity of product to determined requirements
(see 7.2.1).
c) be identified to enable the calibration status to be determined;
NOTE See ISO 10012-1 and ISO 10012-2 for guidance.
► 2008
7.6 Control of monitoring and measuring equipment
The organization shall determine the monitoring and measurement to be undertaken and the monitoring
and measuring equipment needed to provide evidence of conformity of product to determined
requirements.
a) be calibrated and/or verified, or both, at specified intervals, or prior to use, against measurement
standards traceable to international or national measurement standards; where no such standards exist,
the basis used for calibration or verification shall be recorded (see 4.2.4);
c) have identification in order to determine its calibration status;
NOTE Confirmation of the ability of computer software to satisfy the intended application would typically
include its verification and configuration management to maintain its suitability for use.
ISO 9001:2008 - NOV 2008 40
41. 8 - Measurement analysis and improvement - 8.1 General
► 2000
a) to demonstrate conformity of the product,
► 2008
a) to demonstrate conformity to product requirements,
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 41
42. 8 - Measurement analysis and improvement - 8.2 Monitoring and measurement
8.2.1 Customer satisfaction
► 2008
NOTE Monitoring customer perception may include obtaining input from sources such as customer
satisfaction surveys, customer data on delivered product quality, user opinion surveys, lost business
analysis, compliments, warranty claims, dealer reports.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 42
43. 8 - Measurement analysis and improvement - 8.2 Monitoring and measurement
8.2.2 Internal audit
► 2000
The responsibilities and requirements for planning and conducting audits, and for reporting results
and maintaining records (see 4.2.4) shall be defined in a documented procedure.
NOTE See ISO 10011-1, ISO 10011-2 and ISO 10011-3 for guidance.
► 2008
A documented procedure shall be established to define the responsibilities and requirements for
planning and conducting audits, establishing records and reporting results.
The management responsible for the area being audited shall ensure that any necessary corrections
and corrective actions are taken without undue delay to eliminate detected nonconformities and their
causes. Follow-up activities shall include the verification of the actions taken and the reporting of
verification results (see 8.5.2).
NOTE See ISO 19011 for guidance.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 43
44. 8 - Measurement analysis and improvement - 8.2 Monitoring and measurement
8.2.3 Monitoring and measurement of processes
► 2000
The organization shall apply suitable methods for monitoring and, where applicable, measurement
of the quality management system processes. These methods shall demonstrate the ability of the
processes to achieve planned results. When planned results are not achieved, correction and
corrective action shall be taken, as appropriate, to ensure conformity of the product.
► 2008
NOTE When determining suitable methods, the organization should consider the type and extent of
monitoring or measurement appropriate to each of its processes in relation to their impact on the
conformity to product requirements and on the effectiveness of the quality management system.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 44
45. 8 - Measurement analysis and improvement - 8.2 Monitoring and measurement
8.2.4 Monitoring and measurement of product
► 2000
Product release and service delivery shall not proceed until the planned arrangements (see 7.1)
have been satisfactorily completed, unless otherwise approved by a relevant authority and, where
applicable, by the customer.
► 2008
Evidence of conformity with acceptance criteria shall be maintained
The release of product and delivery of service to the customer shall not proceed until the planned
arrangements (see 7.1) have been satisfactorily completed, unless otherwise approved by a relevant
authority and, where applicable, by the customer.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 45
46. 8 - Measurement analysis and improvement - 8.3 Control of nonconforming
product
► 2000
The organization shall ensure that product which does not conform to product requirements is
identified and controlled to prevent its unintended use or delivery. The controls and related
responsibilities and authorities for dealing with nonconforming product shall be defined in a
documented procedure.
When nonconforming product is detected after delivery or use has started, the organization shall
take action appropriate to the effects, or potential effects, of the nonconformity.
► 2008
The organization shall ensure that product which does not conform to product requirements is
identified and controlled to prevent its unintended use or delivery. A documented procedure shall be
established to define the controls and related responsibilities and authorities for dealing with
nonconforming product.
Where practicable, the organization shall deal with nonconforming product by one or more of the
following ways:
d) by taking action appropriate to the effects, or potential effects, of the nonconformity when
nonconforming product is detected after delivery or use has started.
New in ISO 9001:2008
Does not appear in ISO 9001:2008 anymore
Text slightly changed in ISO 9001:2008
ISO 9001:2008 - NOV 2008 46
47. 8 - Measurement analysis and improvement - 8.5 Improvement
8.5.2 Corrective action
► 2000
f) reviewing corrective action taken
► 2008
e) reviewing the effectiveness of the corrective action taken
8.5.3 Preventive action
► 2000
f) reviewing preventive action taken
► 2008
e) reviewing the effectiveness of the preventive action taken
ISO 9001:2008 - NOV 2008 47
A working group, WG 18, was established within ISO/TC 176 which undertook an extensive global survey of the ISO 9000 series users and customers. From the majority of responses received, the indications were that these groups wanted to see the following embraced within the revised ISO 9000 family of standards: The adoption of a process approach. Compatibility with other management system standards. The additional requirement for continual improvement. Recognition of the needs of stakeholders. The need to be user friendly. Remove the manufacturing focus. A further element to the background was the intention that the three models for quality assurance, ISO 9001, 9002 and 9003, would be consolidated into a single revised standard with tailoring, as appropriate. The eventual objective therefore is that there will be four core standards: ISO 9000:2000 - Concepts and terminology. ISO 9001:2000 - Requirements for quality management. ISO 9004:2000 - Guidance for quality management of organisations. ISO 19011 - Guidelines on quality and environmental auditing. Until the next revision any further clarification or guidelines will be issued in the form of Technical Reports. Add few words about ISO 9002 and ISO 9003 ISO 9002 & ISO 9003 incorporated in ISO 9001 and are withdrawn Users of ISO 9002/9003 may use ISO 9001 : 2000 by excluding certain requirements (ref. Clause 1.2) The revised title (from 1994 version) does not include the term quality assurance to reflect addressing both QA of product and customer satisfaction. Have the delegates read 0.1 General The standard highlights the need for commitment by strongly emphasising that the adoption of the quality management system (in accordance with the standard) needs to be a strategic decision of the organisation. The standard again states that its purpose is not to enforce uniformity of quality systems. Again the standard acknowledges that organisation’s quality management systems are structured in many varied formats and that there is no obligation for the organisation to change the structure of their quality management systems and/or the relevant documentation to align with the structure of the standard. Further it states that the quality management system requirements are complementary to product requirements. Any information marked “NOTE” is for guidance in understanding or clarifying the associated requirement. The standard can be used by internal and external parties, including certification bodies, to audit and assess the ability to address this satisfaction. Further there is a statement that the quality management system principles have been taken into consideration during the development of the standard.