1. When were the ISO 9001:2015 and ISO 14001:2015 standards issued?
The International Organization for Standardization (ISO) officially issued the standards ISO 9001:2015 and ISO 14001:2015 on September 15, 2015.
High Level Structure helps combining ISO standards and management system. Moreover, the standard emphasizes on market trends and user friendliness. The newer version also puts more emphasis on the organization's characteristics and need for a flexible documentation system. Direct responsibility from the organization, procedure approach and the responsibility of the highest leader is much more emphasized compared the old version.
ISO 9001:2015 and ISO 14001:2015 both uses High Level Structure. This is also applied to all management system standards and giving 2 significant benefits. Firstly, technical terms, definition and structures could be used for all standards. Secondly, standards will be much more comprehensive and could easily be intergrated during certification.
The standard structure consists of 10 items:
- Range
- Quotation documents
- Terms and defintion
- Organization Circumstances
- Leadership
- Planning of management system
- Support
- Operation
- Assessment
- Improvement
Risk management mindset plays an important role in the new standards, especially in "Leadership" and "Planning". Although the new standard does not require a particular risk manage system, the organization must be able to indentify risks and have suitable solutions. The new standards also does not have any specific requirements about risk mitigation solutions. Despite this new approach, organization should be able to indentify risks soon and act correspondingly.
According to the new standards, aside from meeting legal requirements and customer expectations, the organization must also meet third parties's requirements. This indicates the sophisticality of modern social environment and work environment has been taken into account in the new standards. This is also the chance to have necessary improvements and risk mitigation solutions in the organization.
The standard requires organization to consider risks within the entire PDCA procedure. Risks must be approached procedurely. Risks which may affect customer satisfactory must be considered, especially risks involving end products or risks affecting production of the organization.