{"id":33733,"date":"2026-04-22T12:32:17","date_gmt":"2026-04-22T16:32:17","guid":{"rendered":"https:\/\/www.oxebridge.com\/emma\/?p=33733"},"modified":"2026-04-22T12:38:41","modified_gmt":"2026-04-22T16:38:41","slug":"iso-fdis-90012026-full-review","status":"publish","type":"post","link":"https:\/\/www.oxebridge.com\/emma\/iso-fdis-90012026-full-review\/","title":{"rendered":"ISO FDIS 9001:2026 Full Review"},"content":{"rendered":"<p>I obtained a copy of the pre-publication version of the ISO 9001:2025 Final Draft International Standard (FDIS). This version is <em><strong>nearly guaranteed to be the exact, word-for-word text that appears in the final published standard<\/strong><\/em>, as ISO rules only allow up-or-down voting on the FDIS and disallow changes at this point. (Edits for grammar and formatting are allowed, however.)<\/p>\n<p>Having said that, for the 2015 version, they added that whole &#8220;<em>emotionally protective workplace&#8221;<\/em> nonsense after the FDIS version last time, so ISO may not follow its rules and make changes anyway.<\/p>\n<p>The PDF is 50 pages long. This will increase the cover price over what ISO is currently charging for ISO 9001:2015 and is entirely due to the addition of (potentially controversial) guidance materials within a new Annex, a bibliography with 27 references to other ISO standards (ISO wants to upsell), the inclusion of definitions (rather than referring to ISO 9000) and bloated front matter.<\/p>\n<p>Big takeaways:<\/p>\n<ul>\n<li>The bulk of changes are to non-requirements text, in the front matter and the Annex. Very, very few changes to actual requirements.<\/li>\n<li>Updating to the new standard will likely take most companies about an hour. I am not kidding. Anyone paying for upgrade classes or training is getting robbed; if you want to get ripped off, just send me your money and I&#8217;ll spend it for you.<\/li>\n<li>All mistakes in the 2015 version remain uncorrected. Some are made worse.<\/li>\n<li><em><strong>No<\/strong> <\/em>new requirements on sustainability, cybersecurity, digitalization AI, etc., despite false claims made by consultants and CBs for years now.<\/li>\n<li>As expected, TC 176 left clause 8 largely untouched, but then added a\u00a0<em><strong>significant amount<\/strong><\/em><em>\u00a0<\/em>of text to the Annex to discuss\u00a0it. None of it helpful.<\/li>\n<li>PDCA is still broken. Clause 10 never loops back to clause 4.<\/li>\n<li>Still no clause on shipping.<\/li>\n<li>The auditing clause is crippled by the removal of a paragraph on the purpose of internal audits; this will cause chaos when CBs audit client&#8217;s internal audit programs.<\/li>\n<\/ul>\n<p>Let&#8217;s take a look at what is in this document and, more importantly, what isn&#8217;t.<\/p>\n<p><span style=\"font-size: 18pt;\"><strong>Changes to Clauses<\/strong><\/span><\/p>\n<p><strong>0.0 Introduction<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Rewrite on the intent of ISO 9001, references &#8220;<em>sustained success<\/em>&#8221; which seems to be why people think the standard is about &#8220;<em>sustainability<\/em>.&#8221; It&#8217;s not.<\/p>\n<p style=\"padding-left: 40px;\">Still only 7 quality management principles. Yes, when the consultants took over in 2015, they eliminated an entire principle, and the 2026 team didn&#8217;t add it back. When consultants take over anything, you always end up with fewer principles.<\/p>\n<p style=\"padding-left: 40px;\">Rewrite of the section on the &#8220;<em>process approach<\/em>,&#8221; with a new graphic that illustrates a typical process&#8217;s inputs and outputs, which may only cause confusion. Worse, they revise the process approach to make it appear that risk-based thinking and opportunity-based thinking were always parts of the process approach, which is an Orwellian rewriting of history. Deming said nothing about risk or opportunity, but they want you to think he did.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-33746\" style=\"border: 1px solid #000000;\" src=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2026\/04\/fdisprocessgraphic.png\" alt=\"\" width=\"500\" height=\"271\" \/><\/p>\n<p style=\"text-align: left; padding-left: 40px;\">They maintain another graphic from 2015 on how the clauses align with PDCA, which was wrong in 2015 and is <em><strong>still<\/strong><\/em> wrong. They put clause 7 under &#8220;<em>Do<\/em>&#8221; rather than &#8220;<em>Plan<\/em>,&#8221; for example, and have clause 5 (Leadership) sit outside, not assigning it to any of the four steps. (It&#8217;s &#8220;<em>Plan<\/em>,&#8221; too, dummies.)<\/p>\n<p style=\"padding-left: 40px;\">Stunningly, the entire section on risk-based thinking is removed. I am as shocked as you are. Instead, RBT is now solely discussed in the guidance materials appearing in the Annex.<\/p>\n<p style=\"padding-left: 40px;\">Thankfully, the user&#8217;s &#8220;<em>Bill of Rights<\/em>&#8221; remains untouched except for a minor rewording. This is the paragraph that starts with <em>&#8220;this document does not imply the need for &#8230;<\/em>&#8221; and it is an invaluable tool for users who are harassed by uninformed auditors.<\/p>\n<p><strong>1.0 Scope<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Very minor rewording, no changes<\/p>\n<p><strong>2.0 Normative references<\/strong><\/p>\n<p style=\"padding-left: 40px;\">References ISO\/DIS 9000 (still being drafted).<\/p>\n<p><a href=\"https:\/\/www.oxebridge.com\/emma\/request-a-quote\/\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-32318\" src=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getaquote1.png\" alt=\"\" width=\"800\" height=\"133\" srcset=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getaquote1.png 1200w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getaquote1-150x25.png 150w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getaquote1-200x33.png 200w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getaquote1-768x128.png 768w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getaquote1-1080x180.png 1080w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getaquote1-560x93.png 560w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/p>\n<p><strong>3.0 Terms and Definitions<\/strong><\/p>\n<p style=\"padding-left: 40px;\">References ISO\/CD 9000 (again) and points to the ISO\/IEC &#8220;<em>Electropedia<\/em>&#8221; website for more definitions. Yes, &#8220;<em>Electropedia<\/em>&#8221; sounds like something Jeffrey Epstein got arrested for.<\/p>\n<p style=\"padding-left: 40px;\">Now adds definitions for: organization, interested party (stakeholder), top management, management system, quality management system, policy, quality policy, objective, quality objective, risk, process, competence, documented information, performance, continual improvement, nonconformity, corrective action, audit, measurement, monitoring.<\/p>\n<p style=\"padding-left: 40px;\"><span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\">The definition of risk\u00a0<em><strong>still<\/strong><\/em><em>\u00a0<\/em>claims it can be either &#8220;<em>positive or negative.<\/em>&#8221; Then a <em><strong>new<\/strong> <\/em>note\u00a0says, &#8220;<em>the word &#8216;risk&#8217; is sometimes used when there is the possibility of only negative consequences<\/em>.&#8221; So they can&#8217;t even be consistent. There are five notes on this definition, showing TC 176 really struggling with this whole &#8220;<em>positive risk<\/em>&#8221; insanity.<\/span><\/p>\n<p style=\"padding-left: 40px;\">Still <em><strong>no<\/strong><\/em> definitions for &#8220;<em>strategic direction<\/em>&#8221; or &#8220;<em>opportunity<\/em>,&#8221; despite the terms being crucial for understanding the standard. &#8220;<em>Opportunity<\/em>&#8221; is 50% of the clause, and no one knows what it means. After nearly a decade!<\/p>\n<p style=\"padding-left: 40px;\">The definitions of &#8220;<em>monitoring<\/em>&#8221; and &#8220;<em>measurement<\/em>&#8221; don&#8217;t accurately reflect the words as they are used within the context of the standard itself, and this remains a problem. In this draft, &#8220;<em>monitoring and measuring<\/em>&#8221; refers to inspection and testing until clause 8.6; at 8.6, the term &#8220;<em>planned arrangements<\/em>&#8221; is swapped in to replace &#8220;<em>monitoring and measuring<\/em>,&#8221; and by clause 9, &#8220;<em>monitoring and measuring<\/em>&#8221; takes on an entirely different meaning. It&#8217;s a mess.<\/p>\n<p><strong>4.0 Context of the Organization<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Still presents sub-clauses in the wrong order.<\/p>\n<p style=\"padding-left: 40px;\">Embeds the 2024 amendment language about climate change, but no other additions.<\/p>\n<p><strong>4.1 Understanding the Organization and Its Context<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Embeds the 2024 amendment language about climate change, but no other additions.<\/p>\n<p><strong>4.2 Understanding the needs and expectations of interested parties<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Adds climate change language from the ISO 9001:2015 Amendment 2024.<\/p>\n<p style=\"padding-left: 40px;\">Minor language tweaks, no new requirements.<\/p>\n<p><strong>4.3 Determining the Scope of the Quality Management System<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Minor language tweaks, no new requirements.<\/p>\n<p style=\"padding-left: 40px;\">Still does not require that the scope statement include <em><strong>locations<\/strong> <\/em>that fall under the QMS, despite this being a requirement for certification going back to the late 1980s. Still does not conclude that the scope statement <em><strong>is<\/strong> <\/em>the expression of the organization&#8217;s &#8220;<em>context<\/em>&#8220;; the authors don&#8217;t understand how to interpret Annex SL for quality management.<\/p>\n<p><strong>4.4 Quality Management System<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Minor language tweaks, no new requirements. Despite the change to the clause name, this is the &#8220;<em>process approach<\/em>&#8221; clause.<\/p>\n<p><strong>5.0 Leadership<\/strong><\/p>\n<p><strong>5.1 Leadership &amp; Commitment<\/strong><\/p>\n<p><strong>5.1.1 General<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Adds requirements for top management to promote &#8220;<em>quality culture and ethical behavior.<\/em>&#8221; \u00a0More unenforceable platitudes, keeping the clause largely useless and un-auditable. Adds a note that tries to explain this, but it&#8217;s weak.<\/p>\n<p style=\"padding-left: 40px;\">This has led consultants and poor readers to think that &#8220;<em>quality culture<\/em>&#8221; and &#8220;<em>ethics<\/em>&#8221; are some kind of hard requirement, but that&#8217;s not true. This clause has always listed various non-auditable concepts, which are then entirely ignored. TC 176 did not follow this up with <em><strong>actual clauses<\/strong><\/em> requiring a quality culture or ethics, so anyone saying the standard now emphasizes these concepts is lying.<\/p>\n<p><strong>5.1.2 Customer Focus<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Still a largely useless clause, as it simply refers to content already addressed elsewhere.<\/p>\n<p><strong>5.2 Policy<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Adds new requirement that the Quality Policy &#8220;<em>takes into account the context of the organization and supports its strategic direction<\/em>.&#8221; Likely language mandated by the Annex SL update. The standard still never defines what a &#8220;<em>strategic direction<\/em>&#8221; is or actually requires a company to have one.<\/p>\n<p><strong>5.3 Organizational Roles, Responsibilities and Authorities<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Adds new requirement to assign someone the responsibility to report &#8220;<em>on opportunities for improvement to top management<\/em>.&#8221;<\/p>\n<p><strong>6.0 Planning<\/strong><\/p>\n<p><strong>6.1 Actions to address risks and opportunities<\/strong><\/p>\n<p style=\"padding-left: 40px;\">TC 176 clearly spent &#8212; or some may say wasted &#8212; time on this one. Each CD has had different language here, and the DIS takes another shot at it. The sub-clauses are divided as follows:<\/p>\n<p style=\"padding-left: 40px;\"><strong>6.1.1 Determining Risks and Opportunities:<\/strong> largely the same language as 2015. Still a mess, as it mangles the interpretations of risk and opportunity into one incomprehensible bulleted list. This clauses claims the risks and opportunities discussed are only those relevant to &#8220;planning for the QMS.&#8221; Hold that thought.<\/p>\n<p style=\"padding-left: 40px;\"><strong>6.1.2 Actions to Address Risks:<\/strong> largely the same language as 2015. Whereas the prior clause said the risks are related only to QMS planning, this clause immediately contradicts that, and now says the risks &#8220;<em>that can have an undesired effect on its ability to continually and consistently provide conforming products and services and enhance customer satisfaction.<\/em>&#8221; This gets it a bit closer to being true preventive action, but not quite.<\/p>\n<p style=\"padding-left: 40px;\"><strong>6.1.3 Actions to Address Opportunities:<\/strong> new language that (cringingly) takes the exact same text from 6.1.2 and swaps in the word &#8220;<em>opportunity<\/em>&#8221; for &#8220;<em>risk<\/em>.&#8221; Again, TC 176 is pretending to do stuff by copying-and-pasting. They made clause 6.1 larger but without adding any new words. As I said, &#8220;<em>opportunity<\/em>&#8221; is never defined.<\/p>\n<p style=\"padding-left: 40px;\">Still no requirement for procedure, process, records, root cause, or any legacy preventive action language, so this will remain a huge flaw in ISO 9001. TC 176 predictably ignored the world\u2019s feedback on \u201c<em>risk-based thinking<\/em>.\u201d Worse, the Annex now leans into the astonishingly insipid new branding of &#8220;<em>opportunity-based thinking<\/em>.&#8221;<\/p>\n<p><a href=\"https:\/\/www.oxebridge.com\/emma\/subscribe\/\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-32320\" src=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/signupweekly.png\" alt=\"\" width=\"800\" height=\"133\" srcset=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/signupweekly.png 1200w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/signupweekly-150x25.png 150w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/signupweekly-200x33.png 200w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/signupweekly-768x128.png 768w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/signupweekly-1080x180.png 1080w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/signupweekly-560x93.png 560w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/p>\n<p><strong>6.2 Quality Objectives and Planning to Achieve Them<\/strong><\/p>\n<p style=\"padding-left: 40px;\">ISO was humiliated by Oxebridge and others for toying with the idea of adding language that says objectives are to be measurable only \u201c<em>if practicable.<\/em>\u201d That humiliation worked, and ISO backtracked. Now, objectives (once again) must be measurable.<\/p>\n<p style=\"padding-left: 40px;\">6.2.1 only re-orders the bulleted list; no new requirements as compared to 2015.<\/p>\n<p style=\"padding-left: 40px;\">TC 176 still does not close the loop on the process approach as the core of a QMS, and thinks process metrics and quality objectives are different things. They are not, but sure, let&#8217;s be unnecessarily redundant.<\/p>\n<p style=\"padding-left: 40px;\">6.2.2 maintains the cringeworthy \u201c<em>who, what, where,<\/em>\u2026\u201d language of Annex SL and ISO 9001:2015. Remains a blank clause, with no actual requirements. Still, no editors are stepping in to fix this glaring flaw.<\/p>\n<p><strong>6.3 Planning of changes<\/strong><\/p>\n<p style=\"padding-left: 40px;\">The bullet list here expands, but it&#8217;s another &#8220;shall consider&#8221; clause. Whenever thoes two words are put together, the &#8220;consider&#8221; neuters the &#8220;shall,&#8221; and the text following it becomes, essentially, a non-binding note. It&#8217;s bad practice, and once again, no editors stepped in to fix this. The new bullet items include suggestions (not requirements) that the user consider &#8220;<em>how the effectiveness of the changes will be monitored and evaluated<\/em>&#8221; and &#8220;<em>how the results of the changes will be reviewed<\/em>.&#8221; But without a mandate that anything be documented or recorded, the clause is largely useless.<\/p>\n<p><strong>7.0 Support<\/strong><\/p>\n<p><strong>7.1 Resources<\/strong><\/p>\n<p><strong>7.1.1 General<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes.<\/p>\n<p><strong>7.1.2 People<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes.<\/p>\n<p><strong>7.1.3 Infrastructure<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Continues to put the requirements into the note, keeping the error from ISO 9001:2015. <span style=\"color: #ff0000;\"><em><strong>Hey, ISO editors: you cannot <span lang=\"EN-GB\">put <\/span>requirements in notes.<\/strong><\/em><\/span> I put that in boldface red font so you can read it more easily.<\/p>\n<p><strong>7.1.4 Environment for the Operation of Processes<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Continues to put the requirements into the note, keeping the error from ISO 9001:2015. <span style=\"color: #ff0000;\"><em><strong>Hey, ISO editors: you cannot <span lang=\"EN-GB\">put <\/span>requirements in notes.<\/strong><\/em><\/span><\/p>\n<p style=\"padding-left: 40px;\">Maintains the bonkers language on \u201c<em>social and psychological<\/em>\u201d factors such as \u201c<em>emotionally protective<\/em>\u201d workplace.<\/p>\n<p style=\"padding-left: 40px;\">The language from prior CD versions, including references to consider \u201c<em>technological<\/em>\u201d and \u201c<em>cultural<\/em>\u201d aspects, was\u00a0<em><strong>removed<\/strong><\/em>.<\/p>\n<p style=\"padding-left: 40px;\">A final sentence is included in the requirements section that says, &#8220;<span lang=\"EN-GB\"><em>Some factors are dependent on the organizational quality culture, including ethical behaviour<\/em>.&#8221; Let&#8217;s do this again: <span style=\"color: #ff0000;\"><em><strong>Hey, ISO editors: you cannot put requirements in notes.<\/strong><\/em><\/span> <\/span><\/p>\n<p><strong>7.1.5 Monitoring and Measuring Resources<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Still no requirement for records of calibration, but still requires a generic list of all inspection devices (whether calibrated or not.) The sentence related to records is clearly in 7.1.5.1 and not 7.1.5.2, but ISO never moved it.<\/p>\n<p><strong>7.1.6 Organizational knowledge<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Minor rewording of the note, no changes to requirements.<\/p>\n<p><strong>7.2 Competence<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes.<\/p>\n<p><strong>7.3 Awareness<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Adds requirement to ensure employees are aware of &#8220;<em>quality culture and ethical behaviour<\/em>.&#8221;<\/p>\n<p><strong>7.4 Communication<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Still unauditable, still doesn&#8217;t include customer communication (which instead appears in 8.2, out of place). Maintains cringeworthy &#8220;<em>who, what, where, when<\/em>&#8221; approach as if written by a thirteen-year-old.<\/p>\n<p><strong>7.5 Documented information<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Continues to mix up \u201c<em>documents<\/em>\u201d and \u201c<em>records<\/em>,\u201d keeping the section confusing and rambling. A lot of people complained about this in the 2015 version, but TC 176 ignored them.<\/p>\n<p style=\"padding-left: 40px;\">The Annex guidance on this clause goes full-on meth-head batshit crazy. Now it has the following decoding language:<\/p>\n<p style=\"padding-left: 80px;\">&#8211; If the standard says \u201c<em>shall be available as documented informatio<\/em>n\u201d = requirement for documentation.<\/p>\n<p style=\"padding-left: 80px;\">&#8211; If the standard says \u201c<em>documented information shall be available as evidence of<\/em>\u201d = requirement for a record.<\/p>\n<p style=\"padding-left: 40px;\">Because that is easier than just using the words &#8220;<em>document<\/em>&#8221; or &#8220;<em>record<\/em>&#8221; in the actual text.<\/p>\n<p style=\"padding-left: 40px;\">You don&#8217;t believe me, so here it is. Consultants think this makes things <strong><em>easier<\/em><\/strong>.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-33748\" style=\"border: 1px solid #000000;\" src=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2026\/04\/docrecsworse.png\" alt=\"\" width=\"800\" height=\"83\" \/><\/p>\n<p><strong>8.0 Operation<\/strong><\/p>\n<p><strong>8.1 Operational planning and control<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Maintains ISO 9001:2015\u2019s errors of (a) not clearly explaining that the standard views \u201c<em>operational<\/em>\u201d and \u201c<em>organizational<\/em>\u201d processes differently, (b) not fixing the clause so that it can in any way be understood without a consultant.<\/p>\n<p style=\"padding-left: 40px;\">Added some additional language requiring documentation &#8220;<em>to the extent necessary to have confidence that the processes have been carried out as planned<\/em>&#8221; and &#8220;<em>to the extent necessary as evidence of the conformity of products and services<\/em>.&#8221; Removed vestigial sentence related to quality plans.<\/p>\n<p style=\"padding-left: 40px;\">Still doesn&#8217;t fully discuss outsourced processes, since the TC 176 authors don&#8217;t really know what they are. Removed the term &#8220;<em>outsourced processes<\/em>.&#8221;<\/p>\n<p><strong>8.2 Requirements for Products and Services<\/strong><\/p>\n<p><strong>8.2.1 Customer communication<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes, but clarifies what ISO 9001:2015\u00a0 meant by &#8220;<em>contingency actions<\/em>,&#8221; adding language that says these include &#8220;<em>disruptions in the products or services provided<\/em>.&#8221; Not great, but better than 2015.<\/p>\n<p style=\"padding-left: 40px;\">Adds a cringeworthy note defining what \u201c<em>customer communication&#8221;<\/em> is \u2013 really? Did we need that? \u2013 then namedrops terms like \u201c<em>website content, publications, social media, responses to frequently asked questions and training.&#8221; <\/em>Again, this is a <em><strong>note<\/strong><\/em>, so not a requirement.<\/p>\n<p><strong>8.2.2 Determining the Requirements Related to Products and Services<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Maintains bizarre language that this applies BEFORE a customer even exists (\u201c<em>products and services <strong><span style=\"text-decoration: underline;\">to be<\/span><\/strong> offered to customers\u2026<\/em>\u201d) Still haven\u2019t fixed that.<\/p>\n<p><strong>8.2.3 Review of Requirements Related to Products and Services<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Still a mess (\u201c<em>to be offered\u2026<\/em>\u201d) and largely repeats what was said in 8.2.2. The old 2000 language was better, but they still won\u2019t restore it.<\/p>\n<p><strong>8.2.4 Changes to Requirements for Products and Services<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes.<\/p>\n<p><a href=\"https:\/\/www.oxebridge.com\/emma\/q001-faq-frequently-asked-questions\/\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-32321\" src=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getq001certified.png\" alt=\"\" width=\"800\" height=\"92\" srcset=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getq001certified.png 1184w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getq001certified-150x17.png 150w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getq001certified-200x23.png 200w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getq001certified-768x88.png 768w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getq001certified-1080x124.png 1080w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/getq001certified-560x64.png 560w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/p>\n<p><strong>8.3 Design and Development of Products and Services<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No substantive changes. Maintains the jumbled nature of this clause from 2015, implying that design validation happens before you create design outputs, Again, the \u00a02000 language was better, but they won\u2019t restore it. Agile folks, you will still hate this.<\/p>\n<p style=\"padding-left: 40px;\">To trick the Agile folks into thinking they are relevant, a new note was added that drops the word &#8220;<em>iterative<\/em>.&#8221;\u00a0TC 176 thinks that if you present a waterfall model but <em><strong>call<\/strong> <\/em>it &#8220;<em>iterative<\/em>,&#8221; it becomes Agile.<\/p>\n<p style=\"padding-left: 40px;\">The fact that this was not touched at all so far suggests that none of the TC 176 authors understand product design. The clause <em><strong>STILL<\/strong> <\/em>does not discuss service design, despite it being in the title of the clause. This highlights a significant lack of subject matter expertise on the committee.<\/p>\n<p><strong>8.4 Control of Externally Provided Processes, Products and Services<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. This maintains the confusing repetition of requirements in 8.4.1 and 8.4.2. Also (again), this suggests there were no actual subject matter experts working on this. TC 176 doesn\u2019t know how supply chain management and procurement work.<\/p>\n<p style=\"padding-left: 40px;\">Still doesn\u2019t require that you communicate with suppliers in actual <em><strong>writing<\/strong><\/em>. So you can order a billion dollars in military components over the phone with no record whatsoever.<\/p>\n<p style=\"padding-left: 40px;\">Did correct the 2015 mistake and added &#8220;as applicable&#8221; to the bulleted list of possible flowdown requirements. That one was driven by me, so you&#8217;re welcome.<\/p>\n<p><strong>8.5 Production and Service Provision<\/strong><\/p>\n<p><strong>8.5.1 Control of Production and Service Provision<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Special process clause is still entirely unintelligible.<\/p>\n<p><strong>8.5.2 Identification and Traceability<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes.<\/p>\n<p><strong>8.5.3 Property Belonging to Customers or External Providers<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Still puts the requirements in the notes, so:<\/p>\n<p style=\"padding-left: 40px;\"><span lang=\"EN-GB\"><span style=\"color: #ff0000;\"><em><strong>Hey, ISO editors: you cannot put requirements in notes.<\/strong><\/em><\/span><\/span><\/p>\n<p><strong>8.5.4 Preservation<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Still puts the requirements in the notes, so:<\/p>\n<p style=\"padding-left: 40px;\"><span lang=\"EN-GB\"><span style=\"color: #ff0000;\"><em><strong>Hey, ISO editors: you cannot put requirements in notes.<\/strong><\/em><\/span><\/span><\/p>\n<p><strong>8.5.5 Post-delivery activities<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. This clause still doesn\u2019t know what it wants to say. Still puts the requirements in the notes, so:<\/p>\n<p style=\"padding-left: 40px;\"><span lang=\"EN-GB\"><span style=\"color: #ff0000;\"><em><strong>Hey, ISO editors: you cannot put requirements in notes.<\/strong><\/em><\/span><\/span><\/p>\n<p><strong>8.5.6 Control of changes<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes.<\/p>\n<p><strong>8.6 Release of Products and Services<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Still maintains the horrid 2015 error or switching terms mid-standard. From clause 7 until 8.5, &#8220;<em>monitoring and measuring<\/em>&#8221; was meant to mean inspection and testing. Now, in 8.7, they drop that term and instead use &#8220;<em>planned arrangements<\/em>&#8221; and &#8220;<em>release<\/em>&#8221; to mean inspection and testing. This comes from a fundamental mis-read of the 2000 text. Worse, &#8220;<em>monitoring and measuring<\/em>&#8221; then re-appears in clause 9 under a different meaning entirely!<\/p>\n<p style=\"padding-left: 40px;\">The clause is <em><strong>not<\/strong> <\/em>about \u201c<em>release<\/em>\u201d (delivery) at all.<\/p>\n<p style=\"padding-left: 40px;\">Oh, and <em><strong>still no actual delivery clause!<\/strong><\/em> So, per ISO 9001, the product never needs to be shipped, and services are never delivered. Astonishing.<\/p>\n<p><strong>8.7 Control of Nonconforming Outputs<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes, and we desperately needed fixes here. Given that ISO 9001 is, itself, a defective product, it&#8217;s no wonder TC 176 doesn&#8217;t know anything about controlling such things.<\/p>\n<p><a href=\"https:\/\/www.oxebridge.com\/emma\/oxebridge-recommended-certification-bodies\/\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-32322\" src=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/recommendedcbs.png\" alt=\"\" width=\"800\" height=\"92\" srcset=\"https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/recommendedcbs.png 1184w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/recommendedcbs-150x17.png 150w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/recommendedcbs-200x23.png 200w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/recommendedcbs-768x88.png 768w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/recommendedcbs-1080x124.png 1080w, https:\/\/www.oxebridge.com\/emma\/wp-content\/uploads\/2025\/06\/recommendedcbs-560x64.png 560w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/p>\n<p><strong>9.0 Performance evaluation<\/strong><\/p>\n<p><strong>9.1 Monitoring, Measurement, Analysis and Evaluation<\/strong><\/p>\n<p><strong>9.1.1 General<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes, remains nearly entirely useless. Never ties back to the process approach, so breaks PDCA entirely.<\/p>\n<p style=\"padding-left: 40px;\">Still improperly includes a requirement for records that (allegedly) flows down to 9.1.2 and 9.1.3, which is against ISO&#8217;s drafting rules. Each sub-clause is supposed to be self-contained and include its own records callout.<\/p>\n<p><strong>9.1.2 Customer satisfaction<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes to requirements. Adds the term &#8220;<em>social media<\/em>&#8221; to the note, which is hilarious since TC 176 bans anyone who provides feedback on social media. Yes, I am talking about you, Sam Somerville, you hunchbrained troll.<\/p>\n<p><strong>9.1.3 Analysis and Evaluation<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes. Again, never ties back to the process approach, so breaks PDCA entirely. Treats \u201c<em>performance and effectiveness of the quality management system<\/em>\u201d as something totally apart from the process approach.<\/p>\n<p style=\"padding-left: 40px;\">Keeps \u201c<em>statistical techniques<\/em>\u201d as an afterthought note, ensuring problems for companies that use them.<\/p>\n<p><strong>9.2 Internal Audit<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Puts back legacy language after the prior DIS version tried to go in a different direction.<\/p>\n<p style=\"padding-left: 40px;\">Still refers to auditing as a \u201c<em>process<\/em>\u201d then \u201c<em>programme<\/em>\u201d then \u201c<em>process<\/em>\u201d again, <em><strong>all in one single sentence<\/strong><\/em>. No one is editing this.<\/p>\n<p style=\"padding-left: 40px;\">Still no requirement or language about \u201c<em>process-based auditing<\/em>,\u201d so \u2013 again \u2013 PDCA and the process approach are abandoned by the time we get to clause 9.<\/p>\n<p style=\"padding-left: 40px;\">Odd how bad this is, since the TC 176 consultants love to write books about auditing, and they appear to have no clue how to do it.<\/p>\n<p><strong>9.3 Management Review<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes other than a call back to opportunities. Maintains 2015\u2019s errors of (a) failing to tie back to PDCA and process approach, (b) conflating \u201c<em>process performance<\/em>\u201d with \u201c<em>conformity of products and services<\/em>\u201d when the two are very, <em><strong>very<\/strong> <\/em>different things.<\/p>\n<p><strong>10.0 Improvement<\/strong><\/p>\n<p><strong>10.1 General<\/strong><\/p>\n<p style=\"padding-left: 40px;\">No changes to requirements. Adds cringeworthy note, namedropping terms like \u201c<em>incremental and breakthrough change<\/em>,\u201d \u201c<em>innovation and re-organization.&#8221; <\/em>Removed the DIS phrase<em> &#8220;<\/em><em>emerging technology,&#8221; <\/em>which so many consultants insisted was a requirement. It was only in a note, and now it was excised entirely.<\/p>\n<p><strong>10.2 Nonconformity and Corrective Action<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Stunningly bad, if nearly invisible change: they put the requirement to process customer complaints in an optional <em><strong>note<\/strong><\/em>, meaning you no longer need to file corrective actions if you get complaints. Again, moving ISO9001 back to the pre-Industrial Revolution era.<\/p>\n<p style=\"padding-left: 40px;\">Still doesn&#8217;t fix the confusion between this clause and 8.7\u2019s &#8220;<em>nonconformities<\/em>.&#8221; (This was because Hortensius and his Annex SL crew don&#8217;t understand the difference, never having worked outside a standards body.) Still doesn\u2019t require a procedure; apparently, you can control your nonconformities through song or slam poetry.<\/p>\n<p><strong>10.3 Continual improvement<\/strong><\/p>\n<p style=\"padding-left: 40px;\">Removed entirely! That&#8217;s because under ISO 9001:2015, it was redundant with 10.1. So the requirements are still there, just in one place (rather than two).<\/p>\n<p><span style=\"font-size: 18pt;\"><strong>New Annex A<\/strong><\/span><\/p>\n<p>This version expands the Guidance material first cooked up in CD2&#8217;s first draft. This is where TC 176 spent all of its time, while ignoring the key clause 8 material that really needed to be fixed. This is what happens when you allow consultants, rather than end users, to write standards. They consult.<\/p>\n<p>This annex adds a massive fifteen pages to the standard, and it&#8217;s crucial to understand that <em><strong>all of it<\/strong><\/em> may be ignored. <em><strong>Th<\/strong><strong><em>ere <\/em>are no requirements here.\u00a0<\/strong><\/em><\/p>\n<p>My full review of Annex A is coming soon,\u00a0but &#8212; again &#8212; <em><strong>there are no requirements here,<\/strong><\/em> so all of it is simply the consultant-authors riffing.<\/p>\n<p>&nbsp;<\/p>","protected":false},"excerpt":{"rendered":"<p>A line-by-line review and breakdown of the Final Draft International Standard version of ISO 9001:2026.<\/p>","protected":false},"author":2,"featured_media":33745,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","mc4wp_mailchimp_campaign":[],"footnotes":""},"categories":[5],"tags":[268,8852,43,14,8277,42],"class_list":["post-33733","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-opinion","tag-fdis","tag-final-draft-international-standard","tag-iso","tag-iso-9001","tag-iso-90012026","tag-tc-176","et-has-post-format-content","et_post_format-et-post-format-standard"],"_links":{"self":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/33733","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/comments?post=33733"}],"version-history":[{"count":5,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/33733\/revisions"}],"predecessor-version":[{"id":33752,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/33733\/revisions\/33752"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/media\/33745"}],"wp:attachment":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/media?parent=33733"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/categories?post=33733"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/tags?post=33733"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}