ISO 9001: Navigating the new risk management requirements

ISO 9001: Navigating The New Risk Management Requirements

WHITE PAPER: How to Remove Risks to Your ISO 9001 Accreditation | Dec 7, 2015

Among the 19,500 business and technology standards that the International Organization for Standardization (ISO) supports, perhaps none is more popular than ISO 9001, and with good reason.

An organization’s ISO 9001 accreditation says the enterprise applies rigorous quality management systems. Accreditation confers a badge of credibility that customers trust. Even firms not obligated to maintain ISO 9001 certification will do so anyway because of the message it conveys: Best Practices Followed Here.

  • DEC 9 BW WORKSHOP: Newforma VP Dan Conery presents on Lean Software. Get tix here.

Certification is painstaking to achieve. Before the external auditor comes knocking, ready to poke through documents to assess whether a firm's ISO procedures are actually practiced or just theories, the organization must internally test its quality management systems (QMS) and processes. The accreditation process involves extensive external audits of internal procedures to promote continuous improvement, build quality in supplier-customer relationships, disseminate good managerial practices across the organization, and more.

ISO 9001 standards are only becoming more rigorous. New 2015 standards require even more risk management integration across QA/QC management systems

Today, ISO says some 1.1 million businesses and organizations worldwide have achieved ISO 9001 certification. And ISO 9001 standards are only becoming more rigorous. For example, new 2015 standards require even more risk management integration across a company’s quality assurance/ quality control (QA/QC) management systems.

According to the ISO committee publishing the 2015 revision to 9001 standards, the main changes address “a greater focus on the customer, risk-based thinking, aligning quality management system policy and objectives with the strategy of an organization, and greater flexibility with documentation.” Industry experts say “risk management systems” are the main watchwords with the 9001 revision.


“We’re at a critical juncture in the [AEC] industry,” says Newforma co-founder Allen Preger, VP of global customer accounts. Technology is exploding on jobsites, replacing traditional, paper-based methods. Workers on jobsites now have mini computers on their phones, collecting, sharing and receiving expanding amounts of data.

Preger eyes QMS boost.

Preger eyes QMS boost.

“It’s been a boon to individual productivity and collaboration, but not all that data is landing in the right spot,” notes Preger. “With the proliferation of construction-focused apps and file-sharing tools, how do you mitigate the risk of all that information being scattered in the wind, or in the cloud? In light of these transformative changes, it becomes critically important that firms revisit existing QMS procedures, and put something new together [in their processes] that is repeatable.”

Project managers used to issue instructions with business letters, typically referenced with a QC code and filed by their personal assistants. “That’s been largely replaced by email, mobile apps, and project collaboration sites in the cloud, creating disconnected silos of information that challenge existing QMS procedures,” Preger says.

From Newforma’s perspective, the key is simplicity, with the ability to seamlessly adapt technological innovations to existing quality management systems, as well as the flexibility to adjust to any standard. It shouldn’t matter whether a person is using a punch list app on a construction site, reviewing emailed contract changes in an airport, or resolving design conflicts within a 3D modeling tool, Preger says. As long as it all can be audited as part of the project record. “This plays to our strengths.”

To download the full White Paper, click here.


Google+ Google+