This document provides a summary of the changes between the 2008 and 2015 versions of the ISO 9001 quality management system standard. It outlines the key changes to requirements, including an increased emphasis on risk-based thinking, leadership involvement, and flexibility in documenting processes. There is also a mapping of how requirements from the 2008 standard correspond to sections of the new 2015 version. Finally, there is a list of the minimum documented information now required by each clause of ISO 9001:2015.

1. ISO 9001:2015
Summary of changes
Quality Management System Requirements
Transition Series
Compliance Training Panel

2. www.compliancetrainingpanel.com
Transition Series
1 | P a g e
Introduction
This document has been prepared to provide a summary on the changes between ISO
9001:2008 and ISO 9001:2015. The documents contains the following:
a. Benefits of the new version of the standard.
b. Summary of key changes between the versions of the standard.
c. Few key definitions
d. Mapping between the versions as per ISO.org.
e. List of documented information requirements as per the new version of the
standard.
Why standards are revised?
The standards are revised to reflect the changes in the marketplace and to ensure they
remain as useful tool for the stakeholders. Organizations operate in increasingly complex
environment when compared to last decade and the standards are revised to adapt to
the changing world.
What are the benefits of the new version?
•10 Clause Structure, core text & Terms and Definitions
as per HLS. Better integration and consistency.
Structure, Language &
Terms and Definitions
•Emphasis on Risk Based thinking. Preventive
actions taken under planning. Identification of of
risks and oppurtunities a key requirement
Risk Based Thinking
•From demonstrating commitment to
demonstrating participation in management
systems.
Leadership
• Focus on process based approach and
determination of input and output of processes.
Process based
approach
•Emphasis on planning of processes, thier input
and output. Determining who, what, when and
how a requirement under many clauses.
Enhanced Planning
•Flexibility in the medium of archiving and
controlling the documented information.
Documented
information

3. www.compliancetrainingpanel.com
Transition Series
2 | P a g e
Summary of changes:
ISO 9001:2008 ISO 9001:2015 Summary of Changes
4 Quality system 4 Context of the
organization
New requirement: The Organization need
to determine relevant external & internal
issues that can affect its strategic
direction.
The organization need to determine
relevant interested parties and their
needs and expectations. Monitor and
review the changes to the needs and
expectations.
Justification for exclusions of any specific
clauses which was previously indicated
under permissible exclusions.
5 Management
responsibility
5 Leadership Enhanced requirements: Movement from
demonstrating commitment to the
management system to demonstrating
participation in the effective
management system through integrating
the management system into the
organisation’s business processes;
promote awareness of the process
approach and improvement etc
Requirement to determine risks and
opportunities that can affect the
conformity of products and services.
No specific mention on management
representative.
6 Resource
management
6 Planning New requirements Need to determine Risk
and Opportunities that can affect the
intended results and achieve
improvement. Plan actions to address the
Risks and opportunities and evaluate
effectiveness.
Management of change introduced.
Significant change & Enhanced
requirements Objectives need to be
measurable and to determine What,
when, Who, How and Resources required
to be planned.
7 Product
realization
7 Support New requirement. Introduces
documented information, Organization
knowledge.
Enhanced requirement. Resources both
internal and external to be considered

4. www.compliancetrainingpanel.com
Transition Series
3 | P a g e
including people.
Specific requirements under monitoring
and measuring resources included.
8 Measurement,
analysis and
improvement
8 Operation New requirement on management of
change.
Enhanced requirement on post delivery
activities and type and extent of external
provision.
Simplified requirements under design and
development of products and services.
Enhanced requirements on contingency
actions and control of production and
service provision.
9 Performance
evaluation
New requirement on analysing the data
obtained through monitoring and
measurement.
The organization need to consider the
strategic direction and changing business
environment in Management Review.
10 Improvement More structured approach.
Few Key Definitions:
• Person or organization that can affect, be affected
by, or perceive itself to be affected by a decision or
activity
Interested Party
•Effect of uncertaintyRisk
•Information required to be controlled and
maintained by an organization and the medium
on which it is contained
Documented
Information
•combination of internal & external issues that can
have an effect on an organization’s approach to
developing and achieving its objectives
Context of the
Organization
•Extent to which planned activities are realized
and planned results are achievedEffectiveness
•Provider that is not part of the organization.External Provider

5. www.compliancetrainingpanel.com
Transition Series
4 | P a g e
Mapping of ISO 9001:2008 & 2015 versions:
ISO 9001:2015 ISO 9001:2008
1 Scope 1 Scope
1.1 General
4 Context of the organization 4 Quality management system
4.1 Understanding the organization and its
context
4 Quality management system
5.6 Management review
4.2 Understanding the needs and
expectations of interested parties
4 Quality management system
5.6 Management review
4.3 Determining the scope of the quality
management system
1.2 Application
4.2.2 Quality manual
4.4 Quality management system and its
processes
4 Quality management system
4.1 General requirements
5 Leadership 5 Management responsibility
5.1 Leadership and commitment 5.1 Management commitment
5.1.1 General 5.1 Management commitment
5.1.2 Customer focus 5.2 Customer focus
5.2 Policy 5.3 Quality policy
5.2.1 Establishing the Quality Policy 5.3 Quality policy
5.2.2 Communicating the Quality Policy 5.3 Quality policy
5.3 Organizational roles, responsibilities and
authorities
5.5.1 Responsibility and authority
5.5.2 Management representative
5.4.2 Quality management system planning
6 Planning 5.4.2 Quality management system planning
6.1 Actions to address risks and
opportunities
5.4.2 Quality management system planning
8.5.3 Preventive action
6.2 Quality objectives and planning to
achieve them
5.4.1 Quality objectives
6.3 Planning of changes 5.4.2 Quality management system planning
7 Support 6 Resource management
7.1 Resources 6 Resource management
7.1.1 General 6.1 Provision of resources
7.1.2 People 6.1 Provision of resources
7.1.3 Infrastructure 6.3 Infrastructure
7.1.4 Environment for the operation of
processes
6.4 Work environment
7.1.5 Monitoring and measuring resources 7.6 Control of monitoring and measuring
equipment
7.1.5.1 General 7.6 Control of monitoring and measuring
equipment
7.1.5.2 Measurement traceability 7.6 Control of monitoring and measuring
equipment
7.1.6 Organizational knowledge No equivalent clause
7.2 Competence 6.2.1 General
6.2.2 Competence, training and awareness
7.3 Awareness 6.2.2 Competence, training and awareness
7.4 Communication 5.5.3 Internal communication
7.5 Documented information 4.2 Documentation requirements

6. www.compliancetrainingpanel.com
Transition Series
5 | P a g e
7.5.1 General 4.2.1 General
7.5.2 Creating and updating 4.2.3 Control of documents
4.2.4 Control of records
7.5.3 Control of documented Information 4.2.3 Control of documents
4.2.4 Control of records
8 Operation 7 Product realization
8.1 Operational planning and control 7.1 Planning of product realization
8.2 Requirements for products and services 7.2 Customer-related processes
8.2.1 Customer communication 7.2.3 Customer communication
8.2.2 Determination of requirements for
products and services
7.2.1 Determination of requirements related
to the product
8.2.3 Review of the requirements for products
and services
7.2.2 Review of requirements related to the
product
8.2.4 Changes to requirements for products
and services
7.2.2 Review of requirements related to the
product
8.3 Design and development of products
and services
7.3 Design and development
8.3.1 General 7.3.1 Design and development planning
8.3.2 Design and development planning 7.3.1 Design and development planning
8.3.3 Design and development inputs 7.3.2 Design and development inputs
8.3.4 Design and development controls 7.3.4 Design and development review
7.3.5 Design and development verification
7.3.6 Design and development validation
8.3.5 Design and development outputs 7.3.3 Design and development outputs
8.3.6 Design and development changes 7.3.7 Control of design and development
changes
8.4 Control of externally provided
processes, products and services
7.4.1 Purchasing process
8.4.1 General 4.1 General requirements
7.4.1 Purchasing process
8.4.2 Type and extent of control 7.4.1 Purchasing process
7.4.3 Verification of purchased product
8.4.3 Information for external providers 7.4.2 Purchasing information
7.4.3 Verification of purchased product
8.5 Production and service provision 7.5 Production and service provision
8.5.1 Control of production and service
provision
7.5.1 Control of production and service
provision
7.5.2 Validation of processes for production
and service provision
8.5.2 Identification and traceability 7.5.3 Identification and traceability
8.5.3 Property belonging to customers or
external providers
7.5.4 Customer property
8.5.4 Preservation 7.5.5 Preservation of product
8.5.5 Post-delivery activities 7.5.1 Control of production and service
provision
8.5.6 Control of changes 7.3.7 Control of Design and Development
Changes

7. www.compliancetrainingpanel.com
Transition Series
6 | P a g e
Documented Information requirements ISO 9001:2015
These are the minimum documented information requirements. Organizations themselves can
decide that they need additional documented information.
Clause Documentation requirement
4.3 The scope of the organization’s quality management system shall be available and
be maintained as documented information. The scope shall state the types of
products and services covered, and provide justification for any requirement of this
International Standard that the organization determines is not applicable to the
scope of its quality management system.
4.4 4.4.2 To the extent necessary, the organization shall:
a) maintain documented information to support the operation of its processes;
b) retain documented information to have confidence that the processes are being
carried out as planned.
5.2 5.2.2 The quality policy shall:
a) be available as documented information;
b) be communicated, understood and applied within the organization;
c) be available to interested parties, as appropriate;
6.2 The organization shall retain documented information on the quality objectives.
7.1.5.1 The organization shall retain appropriate documented information as evidence of
fitness for purpose of monitoring and measuring devices.
7.1.5.2 When measurement traceability is a requirement, or is considered by the
organization to be an essential part of providing confidence in the validity of
measurement results, measuring equipment shall be:
a) calibrated or verified, or both, at specified intervals, or prior to use, against
measurement standards traceable to international or national measurement
standards; when no such standards exist, the basis used for calibration or verification
shall be retained as documented information;
7.2 The organization shall retain appropriate documented information as evidence of
competence.
7.5.1 The organization’s quality management system shall include:
a) documented information required by this International Standard;
b) documented information determined by the organization as being necessary for
the effectiveness of the QMS.
7.5.3.2 Documented information of external origin determined by the organization to be
necessary for the planning and operation of the QMS shall be identified as
appropriate, and be controlled.
8.1 The organization shall determine, maintain and retain documented information to
the extent necessary to have confidence that the processes have been carried out
as planned and to demonstrate conformity of products and services to their
requirements.
8.2.3 8.2.3.2: The organization shall maintain documented information, as applicable a)
on the results of the review and b) on any new requirements for the products and
services.
8.3.3 The organization shall retain documented information on design and development
inputs.
8.3.4 The organization shall apply controls to the design and development process to
ensure that a) design review is conducted, b) Validation is conducted and c)
verification is conducted as per the requirements of the clause and the

8. www.compliancetrainingpanel.com
Transition Series
7 | P a g e
documented information of these activities are retained.
8.3.5 The organization shall retain documented information on design and development
outputs.
8.3.6 The organization shall retain documentation information on:
a) design and development changes
b) the results of reviews
c) the Authorization of changes
d) the actions taken to prevent adverse impacts.
8.4.1 The organization shall determine and apply criteria for the evaluation, selection,
monitoring of performance, and re-evaluation of external providers, based on their
ability to provide processes or products and services in accordance with
requirements. The orgainzation shall retain documented information of these
activities and any necessary actions arising from the evaluations.
8.5.1 The organization shall implement production and service provisions under controlled
conditions. The controlled conditions shall include, as applicable: a) the availability
of documented information that defines 1) the characteristics of the products to be
produced, the services to be provided, or the activities to be performed; 2) the
results to be achieved.
8.5.2 The organization shall control the unique identification of the outputs when
traceability is a requirement, and shall retain the documented information necessary
to enable traceability.
8.5.3 When the property of a customer or external provider is lost, damaged or otherwise
found to be unsuitable for use, the organization shall report this to the customer or
external provider and retain documented information on what has occurred.
8.5.6 The organization shall retain documented information describing the results of the
review of changes, the person(s) authorizing the change, and any necessary actions
arising from the review.
8.6 The organization shall retain documented information on the release of products
and services. The documented information shall include: a) evidence of conformity
with the acceptance criteria; b) traceability to the person(s) authorizing the release.
8.7.2 The organization shall retain documented information that: a) describes the
nonconformity; b) describes the actions taken; c) describes any concessions
obtained; d) identifies the authority deciding the action in respect of the
nonconformity.
9.1 The organization shall retain appropriate documented information as evidence of
the monitoring, measurement, analysis and evaluation results.
9.2.2 The organization shall retain documented information as evidence of the
implementation of the audit programme and the audit results.
9.3 The organization shall retain documented information as evidence of the results of
management reviews.
10.1 The organization shall retain documented information as evidence of: a) the nature
of the nonconformities and any subsequent actions taken; b) the results of any
corrective action.
Visit www.compliancetrainingpanel.com for all your online
compliance trainings