blog main image

ISO 9001:2015 Revision – Things Could Get Risky

ISO 9001 2015 Revision, globe and dice

What you need to know about the ISO 9001:2015 Revision

ISO 9001 has been the quality management standard, with almost 1 million businesses certified around the world, according to American Society for Quality. ISO has had many revisions including, 1994, 2000, and 2008 versions, respectively. But the 2015 revision has an added element to consider– RISK.

We are all acutely aware of how ISO International Standards ensure that products and services are safe, reliable, and of good quality. ISO Standards serve as strategic tools to reduce costs, minimize waste and errors, and increase productivity. The adoption of ISO Standards can also provide a roadmap to new markets by leveling the playing field for developing countries by facilitating free and fair global trade.

This revision deserves particular attention, because it’s not only a change to the requirements themselves; it’s a change to the structure of the Standard, with a new focus on risk management,” said Terry Weiner, Senior Consultant, California Manufacturing Technology Consulting, a Manufacturing Extension Partnership (MEP) affiliate.

Companies in the know will need to re-examine the structure of current systems and documentation to ensure it fits the new ‘High Level Format’ or HLF that is now under consideration by the committee.

Even AS9100, which already has a requirement for risk identification, assessment and mitigation, will be affected.  Risk management as part of AS9100, currently focuses on product-based risk.  The risk management proposed in the ISO 9001:2015 Standard encompasses supply chain risks from the suppliers all the way to the customer, and includes consideration of both risks and opportunities, alike.

In the aerospace world, AS9100 is the de facto standard and anyone who qualifies is assumed to be in compliance to the ISO Standard,” said Bob Uptagrafft, Aerospace Specialist from Impact Washington, the state’s MEP.

We assist about 25 to 30 companies a year to prep for initial registration or audits to AS9100, and the risk component is of particular concern for this industry – which is so heavily regulated,” continued Uptagrafft.

The MEP has developed a Risk Management Program as part of their Supply Chain Optimization program, which helps companies incorporate risk management components, strategically and effectively throughout their supply chain. The program developed as a result of a Voice of the Customer Study identified weaknesses in mitigating global risk as a top concern.

Embedded in all of this change is a movement to incorporate Risk Management into all of the Standards, as witnessed in an excerpt from the current draft of the 2015 revision. The following is excerpted from Committee Draft Document dated June 3, 2013: ISO/TC 176/SC 2/N 1147.

Screen Shot 2014-05-14 at 10.35.46 PM

A Risk Management Program has three elements that are tied together in a top level Risk Management Plan.

  1. Risk Assessment
  2. Risk Action Management
  3. Risk Reporting and Monitoring


MEP assisted more than 800 companies in 2013 with an industry-specific certification (like AS9100) or general quality certification or system. The MEP has created tools that simplify the development of each of the four stages of the Risk Management Plan as part of the Supply Chain Optimization program. Templates are provided for planning, reaction to trigger events, and risk management meeting minutes.

The result of participating is learning a structured process for identifying and mitigating risks and acquiring knowledge of how to:

  • Create a Risk Management Plan to document mitigation strategies
  • Describe trigger events
  • Establish monitoring metrics and assign monitoring activities
  • Determine the financial impact of risk through a tool called Value at Risk (VaR)
  • Implement a Risk Management Program that complies with ISO 9001:2015

MEP affiliates across the country can help manufacturers incorporate a Risk Management Plan into their existing processes; building healthier value chains better able to respond to risk events. Please click here to find your local center.


Meet the Author

Mark Schmit

Mark Schmit, National Accounts Manager for NIST-MEP, develops outreach programs and partnerships within the private sector to solve real-world competitive deficiencies. With experience attracting foreign and domestic investment in the United States through increased industry efficiency, Mark understands the importance of supply chain optimization as a key component. He is the key point of contact for MEP Centers across the country, acting as liaison for outreach and development for the MEP SCO program. Mark can be reached at His full bio may be viewed here.

One response to “ISO 9001:2015 Revision – Things Could Get Risky”

  1. […] our blog post: Things Could Get Risky for more information on the ISO 9001:2015 […]

Leave a Reply

  • twitter
  • linkedin
  • youtube
  • rss
What are your Supply Chain Weaknesses?
Supply Chain Vitality Quiz
Supply Chain Optimization in the field

"MEP has put together an intelligent program that was well thought out and challenging for supply chain management team. They challenged our supply chain approach and current paradigm – forcing us to take a fresh look at what we do and how we do it. We are using the supply chain strategy tools that they provided as “take-aways” to change how we do things."


-Bruce Broxterman, President, Richards Industries

Would you like to receive MEP Supply Chain Updates?
Sign up for our E-Newsletter
Supply Chain Optimization Case Study
Syn Strand Supply Chain Case Study Download Case Study