We got our hands on the Committee Draft (CD) of ISO 9001:2025, and here’s my detailed breakdown. No, I can’t publish the actual document, so don’t ask.<\/p>\n
This appears to be a copy and paste of the “Secret Draft” that was written as a precursor to the CD. They sort of skipped the usual working Draft (WD) this time entirely, suggesting they are pushing hard for a 2025 publication date.<\/p>\n
TL;DR Version<\/strong><\/span><\/p>\n I’ll have a longer editorial on this thing shortly, but here’s the attention-deficit version.<\/p>\n If you hated ISO 9001:2015, you will still hate this. They don’t fix anything, but (so far) they haven’t added any new world-breaking requirements. In fact, the new requirements are minimal. This may change with the next version, the DIS (Draft International Standard), but I doubt it.<\/p>\n The new standard keeps nearly all the problems, errors, mistakes, blank clauses, non-requirement requirements, etc. from the 2015 version. Thsi is likely due to TC 176’s slavish adherence to the Annex SL core text.<\/p>\n OMG, do the 100-year old, dimbulb TC 176’ers want you to know they are hip. They name-drop so many awkward and already dated terms like “VR<\/em>” and “Metaverse,<\/em>” you’d think they actually know how to boot their own computers.<\/p>\n The standard adds a massive annex that reads like a consultant’s handbook to implementing ISO 9001. This was copied and pasted from the TC 176 document ISO 9001 for Small Enterprises<\/strong><\/em> published in 2016. This will increase the cover price immensely, as the page count is about to double or triple. The content is meh.<\/p>\n Most of the clauses that would require TC 176 to actually know what happens on a shop floor — like all of clause 8! — remain largely untouched. They spent a lot of time twiddling words in the leather-elbow parts, like COTO.<\/p>\n TC 176 still has no idea what a QMS actually is, and they break the PDCA and process approach midway through the standards.<\/p>\n Changes to Clauses<\/strong><\/span><\/p>\n 0.0 Introduction<\/strong><\/p>\n No real changes<\/p>\n Still maintains the lie that “risk-based thinking<\/em>” is part of the process approach. This was never true; still insists that risk-based thinking is to replace preventive action.<\/p>\n Contains errors, such as still referring to ISO 9001:2008 — LOL.<\/p>\n 1.0 Scope<\/strong><\/p>\n No changes<\/p>\n 2.0 Normative references<\/strong><\/p>\n No changes, still only references ISO 9000<\/p>\n 3.0 Terms and definitions<\/strong><\/p>\n Now adds definitions for: organization, interested party (stakeholder), top management, management system, policy, objective, risk, process, competence, documented information, performance, continual improvement, effectiveness, requirement, conformity, nonconformity, corrective action, audit, measurement, monitoring.<\/p>\n This section like to get excised; the CD of ISO 9001:2015 also included definitions which were later taken out.<\/p>\n Definition of risk is presented as “effect of uncertainty”<\/em> and still claims it can be either “positive or negative<\/em>“<\/p>\n New definitions are added, rather than just referring to ISO 9000. Includes definition of “documented information,” which still insists it refers to both documents and records simultaneously.<\/p>\n Still no definitions for “strategic direction<\/em>” or “opportunity<\/em>,” despite the terms being crucial for understanding the standard.<\/p>\n 4.0 Context of the Organization<\/strong><\/p>\n CD continues to present sub-clauses in the wrong order. You can’t identify issues until AFTER you identify your stakeholders, you window-licking morons! Just because Dick Hortensius is dyslexic doesn’t mean you need to copy and paste his mistakes.<\/p>\n 4.1 Understanding the Organization and Its Context<\/strong><\/p>\n Adds climate change language from the ISO 9001:2015 Amendment 2024. Still didn\u2019t fix the error that the text of the clause never discusses \u201ccontext<\/em>,\u201d and the standard never explains what that means.<\/p>\n 4.2 Understanding the needs and expectations of interested parties<\/strong><\/p>\n Adds climate change language from the ISO 9001:2015 Amendment 2024.<\/p>\n Minor language tweaks, no new requirements.<\/p>\n 4.3 Determining the scope of the quality management system<\/strong><\/p>\n Minor language tweaks, no new requirements.<\/p>\n 4.4 Quality management system and its processes<\/strong><\/p>\n Minor language tweaks, no new requirements.<\/p>\n 5.0 Leadership<\/strong><\/p>\n 5.1 Leadership & Commitment<\/strong><\/p>\n 5.1.1 General<\/strong><\/p>\n Adds requirements for top management to “promote ethics and integrity<\/em>” and “determine, implement and improve the organization\u2019s mission, vision and values, and promoting an aligned quality culture.<\/em>” More unenforceable platitudes keeping the clause largely useless and un-auditable.<\/p>\n This means the rumors of a new clause related to the “culture of quality” were bogus. They just added a tiny note.<\/p>\n The bit about “ethics and integrity” will ensure that ISO, itself, never adopts this standard. Snort.<\/p>\n 5.1.2 Customer focus<\/strong><\/p>\n No changes.<\/p>\n 5.2 Policy<\/strong><\/p>\n No changes.<\/p>\n 5.3 Organizational Roles Responsibilities and Authorities<\/strong><\/p>\n No changes.<\/p>\n 6.0 Planning<\/strong><\/p>\n 6.1 Actions to address risks and opportunities<\/strong><\/p>\n Largely improved. Now distinguishes more clearly the difference between risk and opportunity. Adds sub-clauses 6.1.1.1 for risks, and 6.1.1.2 for opportunities.<\/p>\n Still no requirement for procedure, process, records, root cause, or any legacy preventive action language, so this will remain a huge flaw in ISO 9001. TC 176 predictably ignored the world\u2019s feedback on \u201crisk-based thinking<\/em>.\u201d<\/p>\n 6.2 Quality objectives and planning to achieve them<\/strong><\/p>\n Adds a bizarre change now requiring that objectives be measurable only \u201cif practicable<\/strong><\/em>.\u201d Huge step backwards. Objectives should ALWAYS be measurable. tIt’s like they weren’t happy making Deming spin in his grave by invoking “measurement by objectives<\/em>” in the first place, they want the poor guy to drill his way to China with more “management by slogans<\/em>.”<\/p>\n TC 176 still does not close the loop on the process approach as the core of a QMS, thinks process metrics and quality objectives are different things.<\/p>\n 6.2.2 maintains the cringeworthy \u201cwho, what, where,<\/em>\u2026\u201d language of Annex SL and ISO 9001:2015. Remains a blank clause, with not actual requirements. Still no editors stepping in to fix this glaring flaw.<\/p>\n 6.3 Planning of changes<\/strong><\/p>\n No changes<\/p>\n 7.0 Support<\/strong><\/p>\n 7.1 Resources<\/strong><\/p>\n 7.1.1 General<\/strong><\/p>\n No changes.<\/p>\n 7.1.2 People<\/strong><\/p>\n No changes.<\/p>\n 7.1.3 Infrastructure<\/strong><\/p>\n No changes. Continues to put the requirements into the note, keeping the error from ISO 9001:2015.<\/p>\n 7.1.4 Environment for the operation of processes<\/strong><\/p>\n Continues to put the requirements into the note, keeping the error from ISO 9001:2015. Maintains the bonkers language on \u201csocial and psychological\u201d factors such as \u201cemotionally protective<\/em>\u201d workplace. Adds new suggestions to consider \u201ctechnological<\/em>\u201d and \u201ccultural<\/em>\u201d aspects. The \u201ctechnological<\/em>\u201d note adds cringeworthy name-drops of words like \u201cAI, Metaverse, VR, chatbots.<\/em>\u201d Absolutely embarrassing.<\/p>\n 7.1.5 Monitoring and measuring resources<\/strong><\/p>\n No changes. Still does not require a calibration log!<\/p>\n 7.1.6 Organizational knowledge<\/strong><\/p>\n No changes.<\/p>\n 7.2 Competence<\/strong><\/p>\n No changes.<\/p>\n 7.3 Awareness<\/strong><\/p>\n No changes.<\/p>\n 7.4 Communication<\/strong><\/p>\n Maintains the cringeworthy \u201cwho, what, where<\/em>,\u2026\u201d language of Annex SL and ISO 9001:2015. Remains a blank clause, with no actual requirements.<\/p>\n 7.5 Documented information<\/strong><\/p>\n No changes except for possibly some minor word tweaks. Continues to mix up \u201cdocuments<\/em>\u201d and \u201crecords<\/em>,\u201d keeping the section confusing and rambling.<\/p>\n 8.0 Operation<\/strong><\/p>\n 8.1 Operational planning and control<\/strong><\/p>\n No changes, maintains ISO9001:2015\u2019s errors of (a) not clearly explaining that the standard views \u201coperational<\/em>\u201d and \u201corganizational<\/em>\u201d processes differently, (b) not fixing the clause so that it can in any way be understood without a consultant, and (c) still tossing \u201coutsourced processes\u201d over the 8.4 rather than fleshing out the real ways companies should manage these.<\/p>\n 8.2 Requirements for products and services<\/strong><\/p>\n 8.2.1 Customer communication<\/strong><\/p>\n Adds a cringeworthy note defining what \u201ccustomer communication”<\/em> is \u2013 really? we needed that? \u2013 then namedrops terms like \u201cweb site content, Frequently Asked Questions<\/em>\u201d as if it was written during the AOL era.<\/p>\n 8.2.2 Determining the requirements related to products and services<\/strong><\/p>\n No changes. Maintains bizarre language that this applies BEFORE a customer even exists (\u201cproducts and services to be<\/span><\/strong> offered to customers\u2026<\/em>\u201d) Still haven\u2019t fixed that.<\/p>\n 8.2.3 Review of requirements related to products and services<\/strong><\/p>\n No changes. Still a mess (\u201cto be offered\u2026<\/em>\u201d) and largely repeats what was said in 8.2.2. Old 2000 language was better, but they still won\u2019t restore it.<\/p>\n 8.2.4 Changes to requirements for products and services<\/strong><\/p>\n No changes.<\/p>\n 8.3 Design and development of products and services<\/strong><\/p>\n No changes. Maintains the jumbled nature of this clause from 2015, implying that design validation happens before you create design outputs, Again, the \u00a02000 language was better, but they won\u2019t restore it. Agile folks, you will still hate this.<\/p>\n The fact that this was not touched at all so far suggests that none of the TC 176 authors understand product design. The clause STILL<\/strong> <\/em>does not discuss service design, despite it being in the title of the clause. This speaks to a gross lack of subject matter experts on the committee.<\/p>\n 8.4 Control of externally provided processes, products and services<\/strong><\/p>\n No changes. This maintains the confusing repetition of requirements in 8.4.1 and 8.4.2. Also (again) the fact this wasn\u2019t touched suggests no actual SMEs are working on this standard. TC 176 doesn\u2019t know how supply chain management and procurement work.<\/p>\n Still doesn\u2019t require that you communicate with suppliers in actual writing, so still no PO requirement!<\/p>\n Outsourced process still get no love.<\/p>\n 8.5 Production and service provision<\/strong><\/p>\n 8.5.1 Control of production and service provision<\/strong><\/p>\n No changes.<\/p>\n 8.5.2 Identification and traceability<\/strong><\/p>\n No changes.<\/p>\n 8.5.3 Property belonging to customers or external providers<\/strong><\/p>\n No changes.<\/p>\n 8.5.4 Preservation<\/strong><\/p>\n No changes.<\/p>\n 8.5.5 Post-delivery activities<\/strong><\/p>\n No changes. This clause still doesn\u2019t know what it wants to say.<\/p>\n 8.5.6 Control of changes<\/strong><\/p>\n No changes.<\/p>\n 8.6 Release of products and services<\/strong><\/p>\n No changes. Still maintains the horrid 2015 error or switching terms mid-standard. Until this clause, \u201cmeasurement and monitoring<\/em>\u201d has been used to refer to inspection and testing. Now, at clause 8.6, they call inspection and testing \u201cplanned arrangements.<\/em>\u201d Readers would have no way to know this. Clause is still not about \u201crelease<\/em>\u201d (delivery) at all.<\/p>\n Oh, and still no actual delivery clause! So product never needs to be shipped. TC 176 has never set foot in an actual company, I think.<\/p>\n 8.7 Control of nonconforming outputs<\/strong><\/p>\n No changes, and we desperately needed fixes here.<\/p>\n 9.0 Performance evaluation<\/strong><\/p>\n 9.1 Monitoring, measurement, analysis and evaluation<\/strong><\/p>\n 9.1.1 General<\/strong><\/p>\n No changes, remains nearly entirely useless. Never ties back to process approach, so breaks PDCA entirely.<\/p>\n 9.1.2 Customer satisfaction<\/strong><\/p>\n No changes.<\/p>\n 9.1.3 Analysis and evaluation<\/strong><\/p>\n No changes. Again, never ties back to process approach, so breaks PDCA entirely. Treats \u201cperformance and effectiveness of the quality management system<\/em>\u201d as something totally apart from process approach.<\/p>\n Keeps \u201cstatistical techniques<\/em>\u201d as an afterthought note, ensuring problems for companies that use them.<\/p>\n Fails to alert the reader to the (idiotic) fact that now, in clause 9, TC 176 is using the term \u201cmonitoring and measurement<\/em>\u201d in an entirely different context. Now it is NOT about inspection testing, despite that being understood up until clause 8.7. So, for those keeping tarack at home:<\/p>\n Clauses 4 through 8.5<\/strong>: \u201cmonitoring and measuring<\/em>\u201d means inspection and testing.<\/p>\n Clause 8.6:<\/strong> now, inspection and testing are referred to as \u201cplanned arrangements<\/em>\u201d you do prior to \u201crelease<\/em>.\u201d<\/p>\n Clauses 9 & 10:<\/strong> \u201cMonitoring and measurement<\/em>\u201d now means a more holistic (and literal) monitoring and measurement of data related to the QMS, and not inspection and testing.<\/p>\n Got it?<\/p>\n 9.2 Internal audit programme<\/strong><\/p>\n Weird: changes name of clause to add the word \u201cprogramme<\/em>.\u201d Then uses the word, but not consistently. Refers to auditing as a \u201cprocess\u201d then \u201cprogramme<\/em>\u201d and then \u201cprocess<\/em>\u201d again, all in one single sentence<\/strong><\/em>. What a bunch of shitbirds.<\/p>\n Still no requirement or language about \u201cprocess-based auditing<\/em>,\u201d so \u2013 again \u2013 PDCA and the process approach are abandoned by the time we get to clause 9.<\/p>\n Odd how bad this is, since the TC 176 consultants love to write books about auditing, and they appear to have no clue how to do it.<\/p>\n 9.3 Management review<\/strong><\/p>\n Nio changes. Maintains 2015\u2019s errors of (a) failing to tie back to PDCA and process approach, (b) conflating \u201cprocess performance<\/em>\u201d with \u201cconformity of products and services<\/em>\u201d when the two are very, very different things, (c)<\/p>\n 10.0 Improvement<\/strong><\/p>\n 10.1 General<\/strong><\/p>\n Still largely repeats what is later said in 10.3, making them effectively duplicates. Adds cringeworthy note namedropping terms like \u201cincremental and breakthrough change<\/em>,\u201d \u201cinnovation and re-organization<\/em>,\u201d and \u201cemerging technology<\/em>.\u201d<\/p>\n 10.2 Nonconformity and corrective action<\/strong><\/p>\n No changes, doesn\u2019t\u2019 fix the confusion between this clause and 8.7\u2019s nonconformities. Still doesn\u2019t require a procedure because TC 176 is doing an outreach program for illiterates.<\/p>\n 10.3 Continual improvement<\/strong><\/p>\n No changes. Still never ties back to processes or anything in clause 4 at all, so breaks the PDCA cycle one last time.<\/p>\n New Appendix A<\/strong><\/span><\/p>\n The standard adds an absolutely huge new appendix called “Guidance on Use of this International Standard<\/em>.” While this was clearly written by a consultant, this will have some competing and contradictory ramifications. First, it might confuse people more, pushing folks to have to go out and hire a consultant. But, alternatively, this might cripple the sale of all those TC 176’er books, since this section essentially IS<\/strong> <\/em>an entire implementation guide. A shitty one, but still, a guide.<\/p>\n UPDATE<\/strong><\/em>: I since learned this is just the 2016 publication ISO 9001:2015 for Small Enterprises -What to Do – Advice from TC 176<\/em> literally copied and pasted and put into the CD. The only change is where the original document says things like “you should do XYZ<\/em>” the CD text says “the organization<\/strong> should do XYZ<\/em>.” So TC 176 didn’t even work on this part during their breathless scrambling to develop ISO 9001:2025.] The problem here is that this publication is — as the title says — for SMALL enterprises, and the ISO 9001 standard is for everyone. So I have no idea what the authors were thinking of by including it, since it reduces<\/strong> <\/em>the scope of use for ISO 9001, and doesn’t expand it.<\/p>\n I won’t go over this in detail, because it is absolutely massive. Here are some brief first impressions:<\/p>\n Includes subsections on Clarification of Structure and Terminology, Clarification of Concepts, and then long-winded clarifications on each of the requirements clauses from 4 through 10.<\/p>\n Repeats the mindbogglingly bad sentence, \u201cOrganizational knowledge is the specific knowledge of the organization<\/em>.\u201d Good lord, what utter morons these people are.<\/p>\n Oh, they try to make a case for the design clause in 8.3 applying to a \u201ccoffee-shop<\/em>.\u201d Which is hyphenated, yes.<\/p>\n The narrative on \u201cinternal audits<\/em>\u201d suddenly starts talking about conducting audits by process, but that was never indicated in the actual requirements of clause 9.2. So there\u2019s some cognitive disconnects here.<\/p>\n Namedrops \u201cISO 9000:2025<\/span>,\u201d suggesting that 2025 will definitely be the year ISO 9001 itself is published.<\/p>\n On the benefit side, there are a few good nuggets amidst the piles of crap. There are a few guidance suggestions for service organizations, to help them understand this despite ISO 9001 still being written for widget manufacturers. So at least the service sector is getting a teeny bit of lip service.<\/p>\n Remaining Bits<\/strong><\/span><\/p>\n The last parts are:<\/p>\n Appendix B: Other Standards<\/strong><\/p>\n Just the usual product placement and up-selling ads for other ISO standards.<\/p>\n Bibliography<\/strong><\/p>\n No changes that I noticed.<\/p>\n UPDATE<\/span> 29 April, 2024:<\/strong> Updated the text above to clarify that the new Appendix A is actually the 2016 publication, ISO 9001 for Small Enterprises, now plopped into the ISO 9001 standard.<\/p>","protected":false},"excerpt":{"rendered":" Oxebridge has obtained the CD version of the new ISO 9001:2025 standards, and presents a breakdown of the changes and additions.<\/p>","protected":false},"author":2,"featured_media":30205,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","mc4wp_mailchimp_campaign":[],"footnotes":""},"categories":[5],"tags":[8471,158,43,8470,7934,251,42],"class_list":["post-30202","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-opinion","tag-cd","tag-committee-draft","tag-iso","tag-iso-9001-2025-cd","tag-iso-90012025","tag-quality-management","tag-tc-176","et-has-post-format-content","et_post_format-et-post-format-standard"],"_links":{"self":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/30202","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/comments?post=30202"}],"version-history":[{"count":8,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/30202\/revisions"}],"predecessor-version":[{"id":30233,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/30202\/revisions\/30233"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/media\/30205"}],"wp:attachment":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/media?parent=30202"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/categories?post=30202"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/tags?post=30202"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n