Deconstructing the Draft International Standard (DIS)

The new ISO 9001 Draft International Standard (DIS) recently released provides some great general direction of where the standard is headed. However, we must remember that its development is not yet finished and it still has some flaws which will certainly be corrected at the next revision to the Final Draft International Standard (FDIS). Any detailed look at the DIS will show the inconsistency and error at this time. Here is a hard look at 5 lines.

Section 7.1.2 People is about resources and explains that “to ensure that the organization can consistently meet customer and applicable statutory and regulatory requirements, the organization shall provide the persons necessary for the effective operation of the quality management system including the processes needed”.

It is in the next section that 7.1.3 Infrastructure requires “the organization shall provide and maintain the infrastructure for the operation of its processes to achieve conformity of products and services.

Note that the reason “to ensure” comes first in 7.1.2 and last “to achieve” in 7.1.3. Does the order matter? And why “ensure” versus “achieve”? Is there a significance to the different choice of words? Are they meant to be different?

The reason for each is different too. In 7.1.2 it is to “ensure consistently meeting customer and applicable statutory and regulatory requirements” whereas in 7.1.3 it’s to “achieve conformity of products and services”. Do persons exclusively or more commonly affect customer requirements whereas infrastructure impacts conformity? Surely persons have all sorts of effects and impacts.

And why “provide the persons” in 7.1.2 and “provide and maintain the infrastructure” in 7.1.3? Don’t we need to determine the persons we need? Yes maintenance of infrastructure seems more commonly found but surely “maintenance” of persons is also important. Persons do require maintenance (just not often in those terms). And for that matter, how come “persons”. They use people in the title.

Also note the use of the word “necessary” in section 7.1.2 but “necessary” is missing from section 7.1.3 and further, “necessary for the effective operation” in 7.1.2 but “for the operation” in 7.1.3.

Does such level of detail matter? Absolutely yes! We need a consistent standard that when it uses the same words it means the same things. When it says things differently it does it for a reason. Similar but different wording such as “needed” versus “necessary” is confusing. Determine, provide and maintain versus provide is very different.

More importantly the difference between “for” and “of” can have huge implications of what you implement and how you do it. The words are everything! (just look at section 5.1.1 a.)

The DIS is still a useful document. It does provide great general direction at this stage (ignoring the details) but lacks consistency? This is nothing to worry about now. The FDIS should fix much of this. Some big improvements were seen from the previous CD Committee Draft version and this is the type of thing that the committees are good at clearing up. If they don’t get them all (and they didn’t in other versions of the standard), well that just gives you more to argue with the auditor.

Cavendish Scott, Inc. has been helping organizations interpret and implement ISO standards for over 25 years. We have been through all the transitions and watched all the versions of all the standards.

Upgrading to ISO 13485 from ISO 9001