Attaining ISO 9001 registration was commonly viewed as a costly endeavour.  Companies believed that they would be obligated to invest multiple staff months, for the purposes of documenting their development and operational processes.  The investment was seen as necessary to satisfy the inquisitive ISO 9001 auditor, who was seeking to uncover undocumented processes.

The encouraging news for businesses is that the ISO 9001 developers have been anxious to change their customers’ perceptions.   The ISO 9001 standards development team has refined the guidelines that are at the core of the ISO 9001 standard, and in almost every way, the ISO 9001:2015 standard mimics best in class management principles.

Three of the biggest improvements attributed to the ISO 9001:2015 revision are based upon well known business management practices. The three improvements are: (1) senior management collectively take direct responsibility for the business’ product/service quality, (2) organizations should incorporate process models to encoding their product/service activities, and (3) risk assessment and management should be built into the core product/service business activities.   There are numerous other improvements that come with the ISO 9001:2015 standard revision, but these three improvements are critical to building strong businesses, and are the headline examples of how ISO is incorporating strong business principles into the standard framework.

ISO has discarded the notion of a “Quality Manager”, as it has a tendency to marginalize core quality to a senior role that was “outside” the core business divisional roles.   By making senior managers accountable for product or service quality aspects, quality will be incorporated into the daily business thinking.

Secondly, businesses develop activities that deliver repeatable outcomes by encoding their activities as a process. Organizations must monitor articles, information and specifications that are involved in their production processes.  Typically, the processes are measureable, with feedback that is key to deliver improvements, and delivering a quality product or service.

Lastly, incorporating risk assessment and risk management in business processes helps an organization best deal with the threats and opportunities that are ever present, and the businesses that best deal with these challenges are likely to be the most successful. ISO 9001:2015 assessments look for evidence that Risk assessment/analysis is applied in every process definition and checkpoint.

ISO 9001 has evolved through each of its major releases into a highly applicable set of modern business guidelines.   What used to be considered overly bureaucratic, and burden to achieve compliance, is now a concise, valuable framework which any business director would be well advised to consider, if not fully implement.

For more information, please visit our consultancy page at:

Author:  Jim Blair, Aspira Software Development