ISO 9001_2025 Committee Draft Leaked_ An In-depth Look - Oxebridge Quality Resources

02/07/2024 17:29 ISO 9001:2025 Committee Draft Leaked: An In-depth Look - Oxebridge Quality Resources
Comic Strip  Services  Q001  Resources  Videos Site Content  Whistleblowing 
Request Quote About  
LATEST
YOUTUBE
VIDEOS
ISO 9001:2025 Committee
Draft Leaked: An In-depth
Look
Posted by Christopher Paris | Apr 26, 2024 | Opinion
UPCOMING
TRAINING
We got our hands on the Committee Draft (CD) of ISO

9001:2025, and here’s my detailed breakdown. No, I
can’t publish the actual document, so don’t ask.
This appears to be a copy and paste of the “Secret

Draft” that was written as a precursor to the CD. They
sort of skipped the usual working Draft (WD) this time SERVICES
entirely, suggesting they are pushing hard for a 2025
publication date.
TL;DR Version
I’ll have a longer editorial on this thing shortly, but
here’s the attention-deficit version.
If you hated ISO 9001:2015, you will still hate this. They AVAILABLE
don’t fix anything, but (so far) they haven’t added any TOOLS
new world-breaking requirements. In fact, the new
requirements are minimal. This may change with the
https://www.oxebridge.com/emma/iso-90012025-committee-draft-leaked-an-in-depth-look/ 1/15
next version, the DIS (Draft International Standard), but

I doubt it.
The new standard keeps nearly all the problems,

errors, mistakes, blank clauses, non-requirement
requirements, etc. from the 2015 version. Thsi is likely
due to TC 176’s slavish adherence to the Annex SL core
text.
OMG, do the 100-year old, dimbulb TC 176’ers want you

to know they are hip. They name-drop so many
awkward and already dated terms like “VR” and
“Metaverse,” you’d think they actually know how to boot
their own computers.
The standard adds a massive annex that reads like a

consultant’s handbook to implementing ISO 9001. This
was copied and pasted from the TC 176 document ISO
9001 for Small Enterprises published in 2016. This will
increase the cover price immensely, as the page count
is about to double or triple. The content is meh.
Most of the clauses that would require TC 176 to

actually know what happens on a shop floor — like all
of clause 8! — remain largely untouched. They spent a
lot of time twiddling words in the leather-elbow parts,
like COTO.
TC 176 still has no idea what a QMS actually is, and they
break the PDCA and process approach midway through
the standards.
Changes to Clauses
0.0 Introduction
No real changes
Still maintains the lie that “risk-based thinking” is

part of the process approach. This was never
true; still insists that risk-based thinking is to
replace preventive action.
Contains errors, such as still referring to ISO

9001:2008 — LOL.
1.0 Scope
No changes
2.0 Normative references
No changes, still only references ISO 9000
3.0 Terms and definitions
Now adds definitions for: organization, interested

party (stakeholder), top management,
management system, policy, objective, risk,
process, competence, documented information,
performance, continual improvement,
effectiveness, requirement, conformity,
nonconformity, corrective action, audit,
measurement, monitoring.
This section like to get excised; the CD of ISO

9001:2015 also included definitions which were
later taken out.
Definition of risk is presented as “effect of

uncertainty” and still claims it can be either
“positive or negative“
New definitions are added, rather than just

referring to ISO 9000. Includes definition of
“documented information,” which still insists it
refers to both documents and records
simultaneously.
Still no definitions for “strategic direction” or

“opportunity,” despite the terms being crucial for
understanding the standard.
4.0 Context of the Organization
CD continues to present sub-clauses in the wrong

order. You can’t identify issues until AFTER you
identify your stakeholders, you window-licking
morons! Just because Dick Hortensius is dyslexic
doesn’t mean you need to copy and paste his
mistakes.
4.1 Understanding the Organization and Its Context
Adds climate change language from the ISO

9001:2015 Amendment 2024. Still didn’t fix the
error that the text of the clause never discusses
“context,” and the standard never explains what
that means.
4.2 Understanding the needs and expectations of

interested parties
Adds climate change language from the ISO

9001:2015 Amendment 2024.
Minor language tweaks, no new requirements.
4.3 Determining the scope of the quality

management system
4.4 Quality management system and its processes
5.0 Leadership
5.1 Leadership & Commitment
5.1.1 General
Adds requirements for top management to

“promote ethics and integrity” and “determine,
implement and improve the organization’s mission,
vision and values, and promoting an aligned quality
culture.” More unenforceable platitudes keeping
the clause largely useless and un-auditable.
This means the rumors of a new clause related to

the “culture of quality” were bogus. They just
added a tiny note.
The bit about “ethics and integrity” will ensure

that ISO, itself, never adopts this standard. Snort.
5.1.2 Customer focus
No changes.
5.2 Policy
No changes.
5.3 Organizational Roles Responsibilities and

Authorities
No changes.
6.0 Planning
6.1 Actions to address risks and opportunities
Largely improved. Now distinguishes more

clearly the difference between risk and
opportunity. Adds sub-clauses 6.1.1.1 for risks,
and 6.1.1.2 for opportunities.
Still no requirement for procedure, process,

records, root cause, or any legacy preventive
action language, so this will remain a huge flaw in
ISO 9001. TC 176 predictably ignored the world’s
feedback on “risk-based thinking.”
6.2 Quality objectives and planning to achieve them
Adds a bizarre change now requiring that

objectives be measurable only “if practicable.”
Huge step backwards. Objectives should ALWAYS
be measurable. tIt’s like they weren’t happy
making Deming spin in his grave by invoking
“measurement by objectives” in the first place, they
want the poor guy to drill his way to China with
more “management by slogans.”
TC 176 still does not close the loop on the

process approach as the core of a QMS, thinks
process metrics and quality objectives are
different things.
6.2.2 maintains the cringeworthy “who, what,

where,…” language of Annex SL and ISO
9001:2015. Remains a blank clause, with not
actual requirements. Still no editors stepping in
to fix this glaring flaw.
6.3 Planning of changes
No changes
7.0 Support
7.1 Resources
7.1.1 General
No changes.
7.1.2 People
No changes.
7.1.3 Infrastructure
No changes. Continues to put the requirements

into the note, keeping the error from ISO
9001:2015.
7.1.4 Environment for the operation of processes
Continues to put the requirements into the note,

keeping the error from ISO 9001:2015. Maintains
the bonkers language on “social and
psychological” factors such as “emotionally
protective” workplace. Adds new suggestions to
consider “technological” and “cultural” aspects.
The “technological” note adds cringeworthy name-
drops of words like “AI, Metaverse, VR, chatbots.”
Absolutely embarrassing.
7.1.5 Monitoring and measuring resources
No changes. Still does not require a calibration

log!
7.1.6 Organizational knowledge
No changes.
7.2 Competence
No changes.
7.3 Awareness
No changes.
7.4 Communication
Maintains the cringeworthy “who, what, where,…”

language of Annex SL and ISO 9001:2015.
Remains a blank clause, with no actual
requirements.
7.5 Documented information
No changes except for possibly some minor word

tweaks. Continues to mix up “documents” and
“records,” keeping the section confusing and
rambling.
8.0 Operation
8.1 Operational planning and control
No changes, maintains ISO9001:2015’s errors of

(a) not clearly explaining that the standard views
“operational” and “organizational” processes
differently, (b) not fixing the clause so that it can
in any way be understood without a consultant,
and (c) still tossing “outsourced processes” over
the 8.4 rather than fleshing out the real ways
companies should manage these.
8.2 Requirements for products and services
8.2.1 Customer communication
Adds a cringeworthy note defining what

“customer communication” is – really? we needed
that? – then namedrops terms like “web site

content, Frequently Asked Questions” as if it was
written during the AOL era.
8.2.2 Determining the requirements related to

products and services
No changes. Maintains bizarre language that this

applies BEFORE a customer even exists (“products
and services to be offered to customers…”) Still
haven’t fixed that.
8.2.3 Review of requirements related to products

and services
No changes. Still a mess (“to be offered…”) and

largely repeats what was said in 8.2.2. Old 2000
language was better, but they still won’t restore
it.
8.2.4 Changes to requirements for products and

services
No changes.
8.3 Design and development of products and

services
No changes. Maintains the jumbled nature of this

clause from 2015, implying that design validation
happens before you create design outputs,
Again, the 2000 language was better, but they
won’t restore it. Agile folks, you will still hate this.
The fact that this was not touched at all so far

suggests that none of the TC 176 authors
understand product design. The clause STILL
does not discuss service design, despite it being
in the title of the clause. This speaks to a gross
lack of subject matter experts on the committee.
8.4 Control of externally provided processes,

products and services
No changes. This maintains the confusing

repetition of requirements in 8.4.1 and 8.4.2. Also
(again) the fact this wasn’t touched suggests no
actual SMEs are working on this standard. TC 176
doesn’t know how supply chain management and
procurement work.
Still doesn’t require that you communicate with

suppliers in actual writing, so still no PO
requirement!
Outsourced process still get no love.
8.5 Production and service provision
8.5.1 Control of production and service provision
No changes.
8.5.2 Identification and traceability
No changes.
8.5.3 Property belonging to customers or external

providers
No changes.
8.5.4 Preservation
No changes.
8.5.5 Post-delivery activities
No changes. This clause still doesn’t know what it

wants to say.
8.5.6 Control of changes
No changes.
8.6 Release of products and services
No changes. Still maintains the horrid 2015 error

or switching terms mid-standard. Until this
clause, “measurement and monitoring” has been

used to refer to inspection and testing. Now, at
clause 8.6, they call inspection and testing
“planned arrangements.” Readers would have no
way to know this. Clause is still not about
“release” (delivery) at all.
Oh, and still no actual delivery clause! So product

never needs to be shipped. TC 176 has never set
foot in an actual company, I think.
8.7 Control of nonconforming outputs
No changes, and we desperately needed fixes

here.
9.0 Performance evaluation
9.1 Monitoring, measurement, analysis and

evaluation
9.1.1 General
No changes, remains nearly entirely useless.

Never ties back to process approach, so breaks
PDCA entirely.
9.1.2 Customer satisfaction
No changes.
9.1.3 Analysis and evaluation
No changes. Again, never ties back to process

approach, so breaks PDCA entirely. Treats
“performance and effectiveness of the quality
management system” as something totally apart
from process approach.
Keeps “statistical techniques” as an afterthought

note, ensuring problems for companies that use
them.
Fails to alert the reader to the (idiotic) fact that

now, in clause 9, TC 176 is using the term
“monitoring and measurement” in an entirely

different context. Now it is NOT about inspection
testing, despite that being understood up until
clause 8.7. So, for those keeping tarack at home:
Clauses 4 through 8.5: “monitoring and

measuring” means inspection and testing.
Clause 8.6: now, inspection and testing are

referred to as “planned arrangements” you
do prior to “release.”
Clauses 9 & 10: “Monitoring and

measurement” now means a more holistic
(and literal) monitoring and measurement
of data related to the QMS, and not
inspection and testing.
Got it?
9.2 Internal audit programme
Weird: changes name of clause to add the word

“programme.” Then uses the word, but not
consistently. Refers to auditing as a “process”
then “programme” and then “process” again, all in
one single sentence. What a bunch of shitbirds.
Still no requirement or language about “process-

based auditing,” so – again – PDCA and the
process approach are abandoned by the time we
get to clause 9.
Odd how bad this is, since the TC 176 consultants

love to write books about auditing, and they
appear to have no clue how to do it.
9.3 Management review
Nio changes. Maintains 2015’s errors of (a) failing

to tie back to PDCA and process approach, (b)
conflating “process performance” with “conformity
of products and services” when the two are very,
very different things, (c)
10.0 Improvement
10.1 General
Still largely repeats what is later said in 10.3,

making them effectively duplicates. Adds
cringeworthy note namedropping terms like
“incremental and breakthrough change,”
“innovation and re-organization,” and “emerging
technology.”
10.2 Nonconformity and corrective action
No changes, doesn’t’ fix the confusion between

this clause and 8.7’s nonconformities. Still doesn’t
require a procedure because TC 176 is doing an
outreach program for illiterates.
10.3 Continual improvement
No changes. Still never ties back to processes or

anything in clause 4 at all, so breaks the PDCA
cycle one last time.
New Appendix A
The standard adds an absolutely huge new appendix
called “Guidance on Use of this International Standard.”
While this was clearly written by a consultant, this will
have some competing and contradictory ramifications.
First, it might confuse people more, pushing folks to
have to go out and hire a consultant. But, alternatively,
this might cripple the sale of all those TC 176’er books,
since this section essentially IS an entire
implementation guide. A shitty one, but still, a guide.
UPDATE: I since learned this is just the 2016 publication

ISO 9001:2015 for Small Enterprises -What to Do – Advice
from TC 176 literally copied and pasted and put into the
CD. The only change is where the original document
says things like “you should do XYZ” the CD text says “the
organization should do XYZ.” So TC 176 didn’t even work
on this part during their breathless scrambling to
develop ISO 9001:2025.] The problem here is that this
publication is — as the title says — for SMALL
enterprises, and the ISO 9001 standard is for everyone.

So I have no idea what the authors were thinking of by
including it, since it reduces the scope of use for ISO
9001, and doesn’t expand it.
I won’t go over this in detail, because it is absolutely

massive. Here are some brief first impressions:
Includes subsections on Clarification of Structure

and Terminology, Clarification of Concepts, and
then long-winded clarifications on each of the
requirements clauses from 4 through 10.
Repeats the mindbogglingly bad sentence,

“Organizational knowledge is the specific knowledge
of the organization.” Good lord, what utter
morons these people are.
Oh, they try to make a case for the design clause

in 8.3 applying to a “coffee-shop.” Which is
hyphenated, yes.
The narrative on “internal audits” suddenly starts

talking about conducting audits by process, but
that was never indicated in the actual
requirements of clause 9.2. So there’s some
cognitive disconnects here.
Namedrops “ISO 9000:2025,” suggesting that

2025 will definitely be the year ISO 9001 itself is
published.
On the benefit side, there are a few good nuggets

amidst the piles of crap. There are a few
guidance suggestions for service organizations,
to help them understand this despite ISO 9001
still being written for widget manufacturers. So at
least the service sector is getting a teeny bit of lip
service.
Remaining Bits
The last parts are:
Appendix B: Other Standards

Just the usual product placement and up-selling

ads for other ISO standards.
Bibliography
No changes that I noticed.
UPDATE 29 April, 2024: Updated the text above to

clarify that the new Appendix A is actually the 2016
publication, ISO 9001 for Small Enterprises, now
plopped into the ISO 9001 standard.
Christopher Paris
Christopher Paris is the
founder and VP Operations of
Oxebridge. He has over 30
years’ experience
implementing ISO 9001 and
AS9100 systems, and helps establish certification
and accreditation bodies with the ISO 17000
series. He is a vocal advocate for the
development and use of standards from the
point of view of actual users. He is the writer and
artist of THE AUDITOR comic strip, and is
currently writing a pulp novella called DR. CUBA.
Advertisements
SHARE:   
 PREVIOUS NEXT 
PRI Buys Competitor Platinum Sen. Rubio Responds to Russia

Registration Concern One Year Late, and With
Campaign Spam
Designed by Elegant Themes | Powered by WordPress    

ISO 9001_2025 Committee Draft Leaked_ An In-depth Look - Oxebridge Quality Resources

Uploaded by

Copyright:

Available Formats

You might also like

ISO 9001_2025 Committee Draft Leaked_ An In-depth Look - Oxebridge Quality Resources

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ISO 9001_2025 Committee Draft Leaked_ An In-depth Look - Oxebridge Quality Resources

Uploaded by

Copyright:

Available Formats

02/07/2024 17:29 ISO 9001:2025 Committee Draft Leaked: An In-depth Look - Oxebridge Quality Resources

Comic Strip  Services  Q001  Resources  Videos Site Content  Whistleblowing 

Request Quote About  

We got our hands on the Committee Draft (CD) of ISO

This appears to be a copy and paste of the “Secret

next version, the DIS (Draft International Standard), but

The new standard keeps nearly all the problems,

OMG, do the 100-year old, dimbulb TC 176’ers want you

The standard adds a massive annex that reads like a

Most of the clauses that would require TC 176 to

Still maintains the lie that “risk-based thinking” is

Contains errors, such as still referring to ISO

2.0 Normative references

No changes, still only references ISO 9000

3.0 Terms and definitions

Now adds definitions for: organization, interested

This section like to get excised; the CD of ISO

Definition of risk is presented as “effect of

New definitions are added, rather than just

Still no definitions for “strategic direction” or

4.0 Context of the Organization

CD continues to present sub-clauses in the wrong

4.1 Understanding the Organization and Its Context

Adds climate change language from the ISO

4.2 Understanding the needs and expectations of

Adds climate change language from the ISO

Minor language tweaks, no new requirements.

4.3 Determining the scope of the quality

Minor language tweaks, no new requirements.

4.4 Quality management system and its processes

Minor language tweaks, no new requirements.

5.1 Leadership & Commitment

Adds requirements for top management to

This means the rumors of a new clause related to

The bit about “ethics and integrity” will ensure

5.1.2 Customer focus

5.3 Organizational Roles Responsibilities and

6.1 Actions to address risks and opportunities

Largely improved. Now distinguishes more

Still no requirement for procedure, process,

6.2 Quality objectives and planning to achieve them

Adds a bizarre change now requiring that

TC 176 still does not close the loop on the

6.2.2 maintains the cringeworthy “who, what,

6.3 Planning of changes

No changes. Continues to put the requirements

7.1.4 Environment for the operation of processes

Continues to put the requirements into the note,

7.1.5 Monitoring and measuring resources

No changes. Still does not require a calibration

7.1.6 Organizational knowledge

Maintains the cringeworthy “who, what, where,…”

7.5 Documented information

No changes except for possibly some minor word

8.1 Operational planning and control

No changes, maintains ISO9001:2015’s errors of

8.2 Requirements for products and services

8.2.1 Customer communication

Adds a cringeworthy note defining what