M a n a g e m e n t s y s t e m s t a n d a r d s a n d I S O 3 1 0 0 0

© 2012, QSP

August, 2012

Forthcoming ISO 9001:2015 will include Risk Management (according to ISO 31000),

Stakeholder Management, etc.

Francesco De Cicco1 ISO has just completed work to provide identical structure, text and common terms and definitions for ALL management system standards. This will ensure consistency among future and revised management system standards and make integrated use simpler. ISO 31000 will be a “natural” reference of management systems standards of the future... Three management system standards have already been published in this new harmonized format with another seven on the way. Both ISO 9001 and ISO 14001 will follow the new outline during their revision process. The three MSS published in the new harmonized format are:

NBR ISO 20121:2012, Event sustainability management systems - Requirements

with guidance for use

ISO 22301:2012, Societal security - Business continuity management systems -

Requirements

ISO 30301:2011, Information and documentation - Management systems for

records - Requirements

In 2013, the new version of ISO / IEC 27001, Information technology - Security techniques - Information security management systems - Requirements - will also be aligned to the new harmonized format. New requirements There are subtle language issues such as the change from document and records to documented information, to the use of IT and other tools to illustrate what is being done. The new text recognizes the use of the broad concept of risk and the need to understand risk in the context of the management system. It also encourages everyone to view preventive action as a broader concept than simply preventing an incident from re-occurring.

1 Executive Director

QSP - Quality, Safety and Productivity Center http://www.qsp.org.br

M a n a g e m e n t s y s t e m s t a n d a r d s a n d I S O 3 1 0 0 0

© 2012, QSP

The forthcoming ISO 9001:2015, Quality management systems - Requirements , will likely have the following general structure:

Clause 1 - Scope

Clause 2 - Normative references

Clause 3 - Terms and definition

Clause 4 - Context of the organization

4.1 Understanding the organization and its context

4.2 Understanding the needs and expectations of interested parties

4.3 Determining the scope of the quality management system

4.4 Quality management system

Clause 5 - Leadership

5.1 Leadership and commitment

5.2 Policy

5.3 Organization roles, responsibilities and authorities

Clause 6 - Planning

6.1 Actions to address risks and opportunities

6.2 Quality objectives and planning to achieve them

Clause 7 - Support

7.1 Resources

7.2 Competence

7.3 Awareness

7.4 Communication

7.5 Documented information

7.5.1 General

7.5.2 Creating and updating

7.5.3 Control of documented information

Clause 8 - Operation

8.1 Operational planning and control

Clause 9 - Performance evaluation

9.1 Monitoring, measurement, analysis and evaluation

9.2 Internal audit

9.3 Management review

M a n a g e m e n t s y s t e m s t a n d a r d s a n d I S O 3 1 0 0 0

© 2012, QSP

Clause 10 - Improvement

10.1 Nonconformity and corrective action

10.2 Continual improvement

Example of identical definitions:

Organization, Interested party (preferred term) and Stakeholder (admitted term),

Effectiveness, Policy, Objective, Risk (according to ISO 31000 and ISO Guia 73),

Competence, Documented information, Performance, Conformity.

Example of identical texts that shall be included in ISO 9001:2015:

The organization shall determine external and internal issues that are relevant

to its purpose and that affect its ability to achieve the intended outcome(s) of

its quality management system.

The organization shall determine:

- the interested parties that are relevant to the quality management system,

and

- the requirements of these interested parties.

Therefore, gentlemen, ISO 31000 standard on risk management will be a mandatory

reference in management systems standards of the future. In fact, this is one reason

why our Curso de Capacitação em Gestão de Riscos e Auditoria Baseada em Riscos -

Nova ISO 31000:2009 - has been a "champion of audience" ...

For over 25 years I have been pointing this way. It seems that it is becoming reality now!

M a n a g e m e n t s y s t e m s t a n d a r d s a n d I S O 3 1 0 0 0

© 2012, QSP

Curso Exclusivo do QSP Capacitação em Gestão de Riscos e Auditoria Baseada em Riscos

Para mais informações, clique na figura ou acesse: http://www.qsp.org.br/capacitacao_gr.shtml

___________________________________________________________________

Conheça nossa nova página sobre os Serviços de Apoio Técnico do QSP

Para mais informações, clique na figura ou acesse: http://www.qsp.org.br/apoio.shtml

___________________________________________________________________

M a n a g e m e n t s y s t e m s t a n d a r d s a n d I S O 3 1 0 0 0

© 2012, QSP

Conheça nossos “Cursos Fechados”

Para mais informações, clique na figura ou acesse: http://www.qsp.org.br/cursos_fechados.shtml

___________________________________________________________________

Curso Exclusivo do QSP Seleção de Ferramentas e Técnicas de Risk Assessment

Para mais informações, clique na figura ou acesse: http://www.qsp.org.br/curso_risk.shtml _____________________________________________________________________________________

Fale conosco:

11 3704-3200 | qsp@qsp.org.br