C P CHANDRASEKARAN QUALITY MANAGEMENT CONSULTANT PUNE INDIA
LIST OF CHANGES IN ISO 9001:2008 AND LIKELY IMPACT ON QMS
No Clause Change done
No/Title
1 0.1 General The design and implementation of the
QMS is influenced by organizational
environment, change in that and the risks
associated with that environment.
2 0.1 General Statutory requirements and regulatory
requirements mentioned together.
3 0.2 Process Organisation needs to determine the
Approach processes (not just identify).
The processes have been recognised as
producing outcomes (not just outputs)
4 1.1 Scope- Note The product includes any intended
General. output from product realisation process
5 4.1 General Note has been added to define the
Requirements Outsourced processes:
An outsourced process is a process that
the organisation needs in its QMS and
which the organisation chooses to have
performed by an external agency.
6 4.1 Quality The type and extent of control on
management outsourced processes shall be defined
system within the QMS. Ensuring control over
General outsourced process does not absolve the
Requirements organization of its responsibility of
conformity to all customer, statutory and
regulatory requirements. The type and
extent of control to be applied to
outsourced process can be influenced by
factors such as a) Potential impact of
outsourced process on the organization
and its capability to provide a product that
conforms to requirements. b) the degree
to which the control for process is shared
c) the capability of achieving the
necessary control through 7.4
7 4.1 Quality The process covered under QMS include
management the processes for management activities
system like planning , provision of resources,
General product realization and measurement
requirements analysis and improvement.
8 4.2.3 Editorial clarification:
Document A single document may address a
control requirement for 2 procedures or a
requirement for a procedure can be met
Dec 5th 2008 confidential to the recipient
Likely Impact on QMS
Though not auditable, one needs to know
whether the QMS as it is designed
addresses the organizational environment
which includes the supply chain, product
features, ability to cope up with customer
demands etc. Risks could be product
liability or penalties and loss of export
orders.
Now legal requirements mean statutory
requirements (passed as a law in
parliament) and regulatory requirements
( issued by the enforcing authorities as
rules)
These changes are in the direction of award
models and reflect the current thinking that
the process design and deployment is to be
taken more rigorously.
This marks a departure from the earlier
standard.
Earlier product is what is supplied to
customer. Now any intended output (like
tooling or a test fixture or a packaging) is
also a product. This elevates the importance
to be given to such outputs in QMS.
With this definition, you may have a)
infrastructure maintenance b) logistics c)
commissioning d) Tools manufacture e) IT
and all these will get included, if not
already done. Refer to scope once again for
clarity.
Outsourced process needs to have an
assessment of its impact on product and
mechanisms need to be in place for
controlling the process. If any system is
there already under 7.4 please link it here.
The controls may be shared so that you are
always in the know of things.
You need to have a process for analysis and
improvement. This needs to be under QMS.
This is not likely to impact on existing
QMS but it provides support in case you
have got say two procedures for 8.3.
C P CHANDRASEKARAN QUALITY MANAGEMENT CONSULTANT PUNE INDIA

with by two documents.

9 4.2.4 Control Records shall be controlled We need to know the date on which the
of Records records were created by whom and if they
were distributed to whom and when. Lot of
work for you if you are MR.
10 6.2.1 Human Note has been added as follows: This brings all people in QMS at same level
Resource Conformity to product requirements can whether a designer or an accountant or a
be affected directly or indirectly by storekeeper all can affect product. So, the
personnel performing any task within resources need to be planned with his in
QMS. mind.
11 6.2.2 The training should be provided to This places direct responsibility to
Competence achieve the necessary competence demonstrate that the required competences
Training and (earlier requirement was to satisfy have been achieved after training.
awareness competence needs)
12 6.3 Information system has been added in IT planning, providing latest software and
infrastructure supporting services. hardware and maintaining these now will
be included in QMS.
13 6.4 Work It has been elaborated as follows: Work One has to collect data on all these and
Environment environment relates to those conditions show that these are monitored. It is getting
under which work is performed including closer to OHSAS 18001 now.
physical environmental and other factors
(such as noise, temperature, humidity,
lighting and weather)
14 7.2.1 Post delivery activities include, for The entire product life cycle is given in one
Requirements example, actions under warranty sentence and very clearly. This needs to be
related to provisions, contractual obligations such reviewed for adequacy in the QMS.
product as maintenance services and
supplementary services such as recycling
or final disposal.
15 7.3.1 Design Note : Design and development review, Designers have been weak on this clause
and verification and validation have distinct because of overlap between review and
Development purposes. They can be conducted and verification. This note brings out the intent
Planning recorded separately or in any combination of the standard clearly.
as suitable for the product and the
organization.
16 7.3.3. Design Note: Information for production and Packing and Packaging specification needs
and service provision can include details of to be included as a design output. Output
Development preservation of product. linked to 7.5.3. Also refer scope
outputs (Companies with TS certification may have
already done it.)
17 7.5.2 The organization shall validate ANY This hits the nail on its head as every one
Validation of process for production and service wants to take a short cut on validation of
processes provision where the resulting output process.
cannot be verified by subsequent Let the fresh thinking be done now about
monitoring and measurement AND AS A validation and any non inspectable activity
CONSEQUENCE DEFICIENCIES should be validated.
BECOME APPARENT only after the
product or service has been delivered.
18 7.5.4 Customer property includes personal It is more for service organizations like
Customer data. banks/educational institutions etc..
property
19 7.5.5 The sentence on preservation says now The conformity to requirements is to be
preservation ” in order to maintain the conformity validated at customer’s place and so
of product to requirements.” preservation needs to be validated by
getting customer feedback
20 7.6 Control of Note : Confirmation of the ability of the For the computer software in QMS
monitoring computer software to satisfy the intended organization needs to maintain
and measuring application would typically include its configuration management and periodic test
equipment verification and configuration results of its performance. New releases

Dec 5th 2008 confidential to the recipient

C P CHANDRASEKARAN QUALITY MANAGEMENT CONSULTANT PUNE INDIA

management to maintain its suitability need to be monitored till the acceptance is

for use. obtained.
21 8.2.1 Monitoring customer perception can There are now more avenues to obtain the
Customer include obtaining input from sources such on information on customer perception and
perception as customer satisfaction surveys, some like warranty claims are actually data
customer data on delivered product and not perceptions.
quality, user opinion surveys, lost
business analysis ,compliments, warranty
claims dealer reports.etc
22 8.2.2 Internal Reference to ISO 19011 given. ISO 19011 was released in 2002 and was
audit treated with disdain by auditors, trainers
and MRs apparently because the ISO 9001
still was referring to ISO 10011. This
hopefully will change now. However, it will
call for more efforts on the part of auditors
to conform to ISO 19011.
23 8.2.2 Internal Management will ensure We may need to differentiate in the Audit
Audit CORRECTIONS and CORRECTIVE report which corrections are to be done
ACTIONS ……. immediately and what corrective actions
will be required to close the findings.
24 8.2.3 When determining methods for This will call for categorization of
Monitoring monitoring of processes, it is advisable processes as core, and others so that the
and that the organization consider the type monitoring can be decided. Critical process
measurement and extent of monitoring and More measures higher frequency and less
of processes measurement appropriate to each of its leeway. Less critical less measures and
processes in relation to their impact on lower frequency.
the conformity to product requirements
and on the effectiveness of QMS.
25 8.3 Control of A para d is added to the list of ways to This in a way was there already but it is
non deal with the non conforming product : emphasized now as one of the ways of
conforming d) by taking action appropriate to the dealing with the non conforming product..
product effects or potential effects of the non The word Potential effects indicates the
conformity when non conforming need for a risk analysis and without a
product is detected after delivery or use FMEA it may not be possible to comply
has started. with this requirement.
26 8.4 analysis of Reference to the sections are added Analysis is very well linked to other clauses
data against the para a to d. to give linkages and hence QMS should provide the linkage
within the standard. practically.
1. cust sat against 8.2.1
2.conformity to product requirements
8.2.4
3. processes and products 8.2.3 and 8.2.4
4 suppliers 7.4
27 8.5.2 and Reviews have been specifically This is to emphasise the need for reviewing
8.5.3 mentioned as reviews of effectiveness of the effectiveness rather than the actions
Corrective corrective/preventive actions as the case themselves.
action and may be.
Preventive
action

General:
1. wherever the word “Product Quality Requirements” was used now it is replaced by “Product requirements”.
2. Many sentences in passive voice have been changed to active voice.

Dec 5th 2008 confidential to the recipient