ISO 9001 2008 vs ISO 9001 2000

Also see our comparison of ISO 9001 2008 and ISO 9001 2015.

Outsourced Processes

The process approach continues to be of central importance to
ISO 9001. And since outsourcing has become increasingly common
during the last few years, the ISO 9001 2008 standard has expanded
its discussion of outsourced processes (see ISO 9001 Part 4.1).

The new standard makes it clear that an outsourced process is
still part of your QMS even though it is performed by a party that
is external to your organization. The new standard emphasizes
the need to ensure that outsourced processes comply with all
customer and legal requirements. While the responsibility for
a process may have been outsourced, your organization is,
nevertheless, still responsible for ensuring that it meets all
customer, regulatory, and statutory requirements.

While the old standard said that outsourced processes must be
controlled, the new standard goes further by expecting you also
to specify the type, nature, and extent of control. ISO 9001 2008
also wants you to think carefully about how youíre going to control
outsourced processes. How you choose to control an outsourced
process should be influenced by the potential impact it could have
on your products, whether or not process control will be shared
with the process supplier, and whether or not adequate controls
can be contractually established using your purchasing process.


ISO 9001 2008, Part 4.2.1, makes it clear that QMS documentation
includes not only the records required by the standard but also the
records that your organization needs to have in order to be able to
plan, operate, and control its QMS processes. So the new standard
has expanded the definition of documentation to include all QMS
process records.

Part 4.2.1 makes it clear that a single document may contain several
procedures or several documents may be used to describe a single
procedure. While this has always been an option, the new standard
makes this possibility explicit.

ISO 9001 2000 Part 4.2.3 gave the impression that all external
documents needed to be identified and controlled. This has now
been clarified. The new standard says that you need to identify and
control the distribution of only those external documents that you
need in order to be able to plan and operate your QMS. In other
words, only relevant external QMS documents need to be
controlled, not all of them.

Management Representative

ISO 9001 2000, Part 5.5.2, allowed you to appoint any member
of management to oversee the organizationís QMS. Since the old
standard did not explicitly say that the management representative
must be a member of the organizationís own management, outsiders
were sometimes appointed, instead. This loophole has now
been closed.

ISO 9001 2008 now makes it clear that the management representative
must be a member of the organizationís own management. Outsiders
may no longer perform this important function.


While both old and new standards stress the importance of
competence, the old standard wasn't very clear about who they
were talking about. Not it's pretty clear that all QMS personnel must
be competent. ISO 9001 2008, Part 6.2.1, makes it clear that any task
within the QMS may directly or indirectly affect the organization's
ability or willingness to meet product requirements. Since any
QMS task could directly or indirectly influence product quality,
the competence of anyone and everyone who carries out
any QMS task must be assured.


For ISO 9001 2000 (Part 6.3) the term infrastructure includes
buildings, workspaces, equipment, software, utilities, and support
services like transportation and communications. ISO 9001 2008
has now added information systems to the previous list of support
services. Both old and new standards expect you to provide the
infrastructure (including information systems) that your
organization needs in order to ensure that product
requirements are being met.

Work Environment

According to ISO 9001 2000, Part 6.4, you are expected to
manage the work environment that your organization needs
in order to be able to ensure that all product requirements are
being met. However, it failed to indicate exactly what they were
talking about. This problem has now been solved. ISO 9001 2008
says that the term work environment refers to working conditions.
These working conditions include physical and environmental
conditions, as well as things like noise, temperature, humidity,
lighting, and weather. According to the new standard, all of
these conditions need to be managed in order to help
ensure that product requirements are being met.

Customer Requirements

According to ISO 9001 2000, Part 7.2.1, you are expected to identify
your customersí specific delivery and post delivery requirements.
Since some people werenít sure about what post delivery meant,
the new standard has tried to clarify this.

According to ISO 9001 2008, post delivery requirements include
things like warranty provisions, contractual obligations (such as
maintenance), and supplementary services (such as recycling
and final disposal).

Design and Development Planning

Both old and new standards expect organizations to plan and
perform product design and development review, verification,
and validation activities (Part 7.3.1).

While each of these three activities serves a different purpose,
ISO 9001 2008 makes it clear that these three activities can be
carried out and recorded separately or in any combination as
long as it makes sense for the product and the organization.

Design and Development Outputs

Part 7.3.3 of ISO 9001 2000 wants you to make sure that the
design and development process generates information
(outputs) that your purchasing, production, and service
provision processes need to have.

ISO 9001 2008 now also says that design and development
outputs could include information that explains how products
can be preserved during production and service provision.

Monitoring and Measuring Equipment

While ISO 9001 2008, Part 7.6, refers to the need to control
monitoring and measuring equipment, the old standard talked
about controlling devices. Since the term device can refer to
almost anything from a literary contrivance to a machine, its
meaning wasnít exactly clear. The new ISO 9001 standard
has removed this ambiguity by using the term equipment.

Both the old and the new standard wants you to confirm that
monitoring and measuring software is capable of doing the job
you want it to do. In addition to this requirement, the new standard
suggests (in a note) that configuration management and well
established verification methods can be used to ensure the
ongoing suitability of monitoring and measuring software.
However, this is not a requirement, just a statement that
explains how the ongoing suitability of software can
be maintained.

Customer Satisfaction

Both old and new standards want you to monitor and
measure customer satisfaction (perceptions). A new note to
ISO 9001 2008, Part 8.2.1, explains that there are many ways
to monitor and measure customer satisfaction. You could use
customer satisfaction and opinion surveys. And you could collect
product quality data (post delivery), track warranty claims, examine
dealer reports, study customer compliments and criticisms, and
analyze lost business opportunities.

Internal Audit Records

Both old and new standards refer to the need to establish
a procedure to define how internal audits should be planned,
performed, reported, and recorded (Part 8.2.2). However, the old
standard did not explicitly state that audit records must actually be
maintained. This oversight has now been corrected. ISO 9001 2008
now explicitly says that you must maintain a record of your internal
audit activities and results.

Process Monitoring and Measurement

Both old and new standards expect you to monitor and
measure your QMS processes. A new note to ISO 9001 2008,
Part 8.2.3, wants you to consider the impact each process has
on the overall effectiveness of your QMS and the impact it has
on your ability to meet product requirements (when youíre
making decisions about what kinds of process monitoring
and measurement methods should be used).

Release of Product

According to ISO 9001 2000, Part 8.2.4, you must make sure
that product monitoring and measuring records indicate who
was responsible for authorizing the release of products. However,
the old standard did not specify who must be on the receiving end.
This has now been clarified.

ISO 9001 2008 now makes it clear that products are released for
delivery to customers. Records must now indicate who releases
products for delivery to customers.

ISO 9001 2015 LIBRARY

ISO 9001 2015 Introduction

Quality Management Principles

Outline of ISO 9001 2015 Standard

Overview of ISO 9001 2015 Standard

ISO 9001 2015 versus ISO 9001 2008

Plain English ISO 9001 2015 Definitions

ISO's Process Approach in Plain English

ISO 9001 2015 Translated into Plain English

Plain English Quality Management Checklist


ISO 9004 2009 QMS Library

ISO 19011 2011 Auditing Library

AS9100C 2009 Aerospace QMS Library

ISO 13485 2003 Medical Device QMS Library

ISO 14001 2015 Environmental Management Library

Home Page

Our Libraries

A to Z Index


How to Order

Our Products

Our Prices


Praxiom Research Group Limited    780-461-4514

Updated on January 14, 2015. First published on October 28, 2000.

 Legal Restrictions on the Use of this Page
Thank you for visiting this page. You are, of course, welcome to view our
 material as often as you wish, free of charge. And as long as you keep intact
 all copyright notices, you are also welcome to print or make one copy of this
 page for your own personal, noncommercial, home use. But, you are not
 legally authorized to print or produce additional copies or to copy and paste
 any of our material onto another web site or to republish it in any way.

Copyright © 2000 - 2015 by Praxiom Research Group Limited. All Rights Reserved.

Praxiom Research Group Limited