The Future Structure of ISO Management System Standards - from HLS to HS (Harmonized Structure) September 2023

Sidney Vianna

Sidney Vianna

Post Responsibly
Leader
Admin
Paul Simpson said:
The sector specific guys and gals don't want (any) change as it means they have to go through a revision process.
Click to expand...
Let's remember that they also represent a good chunk of the interested parties here and, at the end of the day, standards should reflect what Industry and Society, at large, want them to be.

If you work in Automotive, Aerospace, Telecommunications, you should be aware of the implications (cost and otherwise) for your supply chain, whenever a significant change to a flown down QMS standard is effected. It creates disruption, friction and push back. As I said before, ISO runs the risk of alienating some very important stakeholders. The IATF, for example, did not hesitate to bypass the IAF accreditation process for the TS16949 certification scheme. If they strongly oppose the direction ISO 9001 is going, they could easily find another home for the 16949 document.

Sometimes it seems that the people working in some of the ISO TC's live in another planet. In my experience, the primary reason why organizations don't better integrate their individual management systems has much less to do with the structure of the ISO MSS documents and much more with the fact that the organizations manage the different disciplines in silos. The quality department does it's thing, the IT department does theirs, EHS plugs along, oblivious to the rest of the organization, etc...

You can have a set of very well aligned ISO MSS's (9001, 14001, 20000, 22000, 27001, 50001, etc...) but applying them in a "silo'ed" organization is not going to be any easier than with what we have now.
 
Paul Simpson

Paul Simpson

Trusted Information Resource
Sidney Vianna said:
Let's remember that they also represent a good chunk of the interested parties here and, at the end of the day, standards should reflect what Industry and Society, at large, want them to be.
Click to expand...
Agreed, Sidney. As with all these things there is a question of balance. IMHO the automotive and aerospace industries either punch above their weight or exert undue influence - depending on your point of view. :)

Sidney Vianna said:
If you work in Automotive, Aerospace, Telecommunications, you should be aware of the implications (cost and otherwise) for your supply chain, whenever a significant change to a flown down QMS standard is effected. It creates disruption, friction and push back. As I said before, ISO runs the risk of alienating some very important stakeholders. The IATF, for example, did not hesitate to bypass the IAF accreditation process for the TS16949 certification scheme. If they strongly oppose the direction ISO 9001 is going, they could easily find another home for the 16949 document.
Click to expand...
I have worked in two out of the three and with an organization closely associated with the 3rd and appreciate the point about changes creating cost .... but the other side is they bring opportunity and can lead to improvement.

IATF is a good example. Their predecessor the AIAG exerted great influence at ISO to get the text of the 94 edition for a very good price and built it in to QS-9000 and were happy to write rules for accredited certification. They were also very quick to hand off development of TS to a sub committee and bring CB accreditation in house. But this is all going over old ground. :)

Sidney Vianna said:
Sometimes it seems that the people working in some of the ISO TC's live in another planet.
Click to expand...
I'm sure you don't mean me, Sidney. :D

Sidney Vianna said:
In my experience, the primary reason why organizations don't better integrate their individual management systems has much less to do with the structure of the ISO MSS documents and much more with the fact that the organizations manage the different disciplines in silos. The quality department does it's thing, the IT department does theirs, EHS plugs along, oblivious to the rest of the organization, etc...
Click to expand...
I'd agree but the different structures of 'standards' is given as a reason for confusion / non adoption and ISO has responded.

Sidney Vianna said:
You can have a set of very well aligned ISO MSS's (9001, 14001, 20000, 22000, 27001, 50001, etc...) but applying them in a "silo'ed" organization is not going to be any easier than with what we have now.
Click to expand...
Also agreed. It doesn't matter to me what a MSS actually looks like but what it says. I will always start with the process and bring in elements of all the functions that apply (wherever the internal politics allow, anyway). That is why you never see terms like product realization, management review in my procedures.
 
Richard Regalado

Richard Regalado

Trusted Information Resource
ISO 22301 Societal Security - Business continuity management system - requirements is patterned after the format of an MSS as described in the article. The sections/clauses of ISO 22301 are:

  1. Scope
  2. Normative reference
  3. Terms and definitions
  4. Context of the organization
  5. Leadership
  6. Planning
  7. Support
  8. Operation
  9. Performance evaluation
  10. Improvement
Click to expand...

Oh and no preventive action in sight. Under the corrective action requirement is the phrase "..eliminate the cause of the NC, in order that it does not recur or occur elsewhere..."
 
Richard Regalado

Richard Regalado

Trusted Information Resource
JaneB said:
I'd consider the whole thing (ie, creating and maintaing a BCP) as preventive action!
Click to expand...

Agree. But in the case of ISO/IEC 27001 ISMS Standard, which is another "preventative" standard, preventive action is a requirement with its own clause separate from corrective action.
 
Sidney Vianna

Sidney Vianna

Post Responsibly
Leader
Admin
JaneB said:
I'd consider the whole thing (ie, creating and maintaing a BCP) as preventive action!
Click to expand...
Richard Regalado said:
Agree. But in the case of ISO/IEC 27001 ISMS Standard, which is another "preventative" standard, preventive action is a requirement with its own clause separate from corrective action.
Click to expand...

Implementing ANY Management System is, by definition, putting processes in place to PREVENT problems. Even corrective actions PREVENT recurrence of a problem. Still, just because something is PREVENTIVE in nature, it does not necessarily fit the definition of preventive action in ISO 9000, according to the wisdom of the standard authors. We have several threads on the issue and I would hope that we don't take this thread too off course.
 
Last edited:
D

deprofundis

IS there anyone who has the standart itself as pdf? I will be greatful
 
Sidney Vianna

Sidney Vianna

Post Responsibly
Leader
Admin
Richard Regalado said:
Oh and no preventive action in sight. Under the corrective action requirement is the phrase "..eliminate the cause of the NC, in order that it does not recur or occur elsewhere..."
Click to expand...
At first, I thought that the ISO Guide 83 was also doing away with the concept of preventive action as well, but in section 9, Performance evaluation, the standard reads
The organization shall evaluate the XXX performance and the effectiveness of the XXX management system. Additionally, the organization shall:
- take action when necessary to address adverse trends or results before a nonconformity occurs.
Click to expand...
 
Sidney Vianna

Sidney Vianna

Post Responsibly
Leader
Admin
Sidney Vianna said:
At first, I thought that the ISO Guide 83 was also doing away with the concept of preventive action as well, but in section 9, Performance evaluation, the standard reads
Click to expand...
I need to correct myself. (broken link removed) and now the High level structure (HLS), identical core text, common terms and core definitions of ISO Management System Standards is contained as Appendix 3 of the ISO/IEC Directives, Part 1 - Consolidated ISO Supplement – Procedures specific to ISO. The only part close to preventive action in that document is in the Planning section
When planning for the XXX management system, the organization shall consider the issues referred to in 4.1 and the requirements referred to in 4.2 and determine the risks and opportunities that need to be addressed to

prevent, or reduce, undesired effects
Click to expand...

But remember, just because preventive action is not explicitly mentioned in the HLS text, this would not prohibit an ISO TC/SC, e.g., ISO TC 176 SC 2 to add a requirement related to preventive action in the body of the future ISO 9001:2015.
 
You must log in or register to reply here.

Similar threads

Sidney Vianna
Informational ISO releases second edition of handbook on Integration of Management System Standards
Replies
0
Views
1K
Sidney Vianna
Sidney Vianna
Sidney Vianna
  • Sticky
ISO 9001 News ISO 9001:2025 - What should be changed in the next Edition of ISO 9001? - REVISION PROCEEDING- August 2023
33 34 35 36 37 38 39 40 41 42
Replies
411
Views
72K
Sidney Vianna
Sidney Vianna
Sidney Vianna
ISO 41001:2018 - System Standard for Facility Management
Replies
8
Views
5K
Randy
Randy
Paul Simpson
Informational The role of Annex SL - High Level Structure of ISO MSS's - Revision Update February 2019
2 3
Replies
26
Views
9K
Sidney Vianna
Sidney Vianna
Sidney Vianna
Sector specific Information Security ISO Management System Standards
Replies
1
Views
4K
Marc
Marc
Top Bottom