What We Learned While Re-Certifying to ISO 9001:2015

Posted by Wendy Smith on Jun 21, 2017 2:25:52 PM

 Businessman in a data center selecting a green label with iso 9001 written on it.jpeg

Optimation has been certified in ISO 9001 since 1996 There have been several revisions to the standard since that time, with the current ISO 9001:2015 being the latest with the most significant changes.  Knowing that the changes were significant, I did some research to help us prepare for the audit.  I have included some visual comparisons of the standards that I found helpful as noted below.     


The first ISO 9001 standard was introduced in 1994 and they have been evolving over time since then.  Approximately every 7 years, the ISO 9001 standard is updated.  In 1994 the theme was “say what you do and do what you say.”  When it was updated in 2000 the focus was on proper processes and continuous improvement (ultimately improving your customer satisfaction).  The 2008 standard provided more precision (structure) around interpretation of the standard. The new 2015 standard has undergone a more dramatic revision with an emphasis on Risk Management.

One of the criticisms of the old ISO 9001 standards were that they were more product based; the new standard provides more provisions for service providers.  They have also simplified the language (instead of having strict wording around procedures, documents and records the new term is “Documented Information”). The new standard has a higher-level structure that increases the focus on risk and the importance of risk management. The older versions focused more on managing process and less on documentation, the new standard focuses on performance. The basic principle of “do what you say you do” is still the focus at all levels. 

What the ISO 9001:2015 standard does better is that it has been streamlined to facilitate multiple certifications without requiring separate manuals or systems for each of them.  It aligns with other “Sector” Quality Standards and takes into account the needs of regulators helping to shape one quality system to help manage your entire business including the external “interested parties.”

The other notable change is the elimination of the ‘management representative’ from the ISO 9001:2008 standard. The management representative was a member of the management team who had the responsibility and authority for driving the quality management system throughout the organization. This is no mentioned in ISO 9001:2015. The idea behind the change is that everyone is responsible for quality at all levels within the organization.


As mentioned before, risk-based thinking has a very important place in ISO 9001:2015. To emphasize this dominance, the concept of ‘risk’ occurs 48 times in ISO 9001:2015, compared with only three times in ISO 9001:2008.

The addition of risk-based thinking has made the ‘preventive measures’ of ISO 9001:2008 redundant. Preventive measures are not included in ISO 9001:2015.

Because ISO 9001:2015 pays more attention to risk management, interested parties and the context of the organization, the quality management system also fits in better with the needs of the top management. The quality management system is now more than ever a means for being strategically successful by addressing the needs of interested parties and by managing opportunities and threats.


ISO 9001:2015 requires an organization to construct its quality management system to meet its own needs in conducting its business.  This means that, as an organization, you have to take into account the needs and expectations of interested parties and that you evaluate and deal with internal and external strategic questions. You have to show that, as an organization, you understand and respond to the expectations of all the parties concerned.  You cannot make or deliver a good product without knowing the requirements and expectations of customers and interested parties. This is the basis of a quality management system.

In ISO 9001:2008, customers were often named as being the only interested party. This concept has been extended in ISO 9001:2015. Suppliers, personnel, shareholders, legislative bodies, society, internal customers, etc. are now included as interested parties, in addition to customers. As an organization, you have to be aware of the importance of these interested parties’ (changing) requirements and standards, and anticipate them in the features of your products and services

A SIDE-BY-SIDE LOOK AT ISO 9001:2008 vs ISO 9001:2015

The new standard has ten clauses instead of eight. The first three clauses in ISO 9001:2015 are largely the same as those in ISO 9001:2008, but there are considerable differences between ISO 9001:2008 and ISO 9001:2015 from the fourth clause on.


ISO 9001:2008

ISO 9001:2015

0. Introduction

0. Introduction

1. Scope

1. Scope

2. Normative reference

2. Normative reference

3. Terms and definitions

3. Terms and definitions

4. Quality management system

4. Context of the organization

5. Management responsibility

5. Leadership

6. Planning

6. Resource management

7. Support

7. Product realization

8. Operation

8. Measurement, analysis and improvement

9. Performance evaluation

10. Improvement

Table Source: https://www.pauwelsconsulting.com/blog/iso-9001-2015/

The last seven clauses are now arranged according to the PDCA cycle (Plan, Do, Check, Act). The following figure shows this.

Plan Do Check Act - Pauwels Consulting

Clauses 4, 5, 6 and 7 of ISO 9001:2015 come under PLAN, clause 8 co

* Figure Source: https://www.pauwelsconsulting.com/blog/iso-9001-2015 /  


Some of the changes in terminology in the new standard are aligned below


ISO 9001:2008

ISO 9001:2015


Products and services

Documentation, quality manual, documented procedures, records, instructions

Documented information

Work environment

Environment for the operation of processes

Monitoring and measuring equipment

Monitoring and measuring resources

Purchased product

Externally provided products and services


External provider

Table Source: https://www.pauwelsconsulting.com/blog/iso-9001-2015/


The ISO 9001:2015 standard is constructed around seven quality management principles:

  1. customer focus;
  2. leadership;
  3. engagement of people;
  4. process approach;
  5. improvement;
  6. evidence-based decision making;
  7. relationship management

These principles were not part of the old scope of ISO 9001:2008 but are requirements in the new ISO 9001:2015 standard.


The auditor started our audit with a comment in the opening meeting that many companies “our size” that were certified under ISO 9001:2008 do not get certified in ISO 9001:2015 on the first try.  He emphasized the differences in the standards and how most companies don’t have their quality systems set up in that way. 

I am happy to report that we passed our recertification audit to the new ISO 9001:2015 standard on the first try with no non-conformities.  Of course, we had a few Opportunities for Improvement, but we feel that one of the keys to our success is that we are also certified by the Control Systems Integrators Association (CSIA) to their Best Practices and Benchmarks Standard.  We would like to share what we learned during this process with our “friends” to help others attempting to get certified to the ISO 9001:2015 standard. I will talk more about that in a future post. 

Topics: Quality

Welcome to the Optimation Blog

Tips, tricks and trends

The goal of this blog is to be helpful to readers by providing useful information about applications in industrial engineering, design and skilled trades, as well as industry knowledge. We're passionate about manufacturing in the United States. We have a little fun with it too.  

Subscribe to Email Updates