A Guide to ISO Transitions



ISO standards are reviewed every 5 years to ensure they stay up-to-date and relevant in an ever-changing world.

With standards created by global consensus, there’s a Working Group formed of many contributors who are responsible for collating feedback and proposing any changes.

Despite the reviews, it’s not mandatory for changes to happen. As indicated by ISO 9001:2008’s full title, the revision to the Quality Management standard – now ISO 9001:2015 – had to wait 7 years. For ISO 14001:2004, the wait for change was clearly even longer.

How to make the transition

As soon as a new standard is issued, a transition period’s put into place. For the new, aforementioned standards, this is 3 years – 15th September 2018 being the deadline to move from the outgoing versions.

Any user of the outgoing versions of the standards can purchase a copy of the new standard and begin to map out the differences and resulting changes.

Both the updated standards now use a new structure which was previewed in a revision of ISO 27001 (Information Security Management) a few years earlier. Not only is this structure intended to be easier to understand, but commonality between all of the management standards is good news for those implementing more than one.

When it comes to the specific changes to both ISO 9001 and ISO 14001, we’ve given an overview of the important ones in various articles in our Knowledge Bank.

ISO 9001:2015 reading: ISO 9001:2015 revision moves forward

ISO 14001:2015 reading: ISO 14001:2015 takes a step forward

Other guides are also available freely on the internet. For more hands-on support, clients have the option to have a Gap Analysis at their next Surveillance Audit. This will reveal the ‘gaps’ between the old and new requirements, so you can then confidently take action. As your Assessor carries out the Gap Analysis, the added advantage is they’re there to clarify the requirements. Our updated template toolkit is also provided.

Making your transition plan

Undoubtedly, making the transition to the new standard(s) requires preparation. At a minimum, it will require some changes to your management system and resulting internal audits to be carried out. To make this easier, our advice is to communicate changes and organise appropriate training for those affected.

You need to be ready to be audited against the new standard(s) before the 15th September 2018. If your certificate expiry date is after September 2018, your Audit will have to be brought forward.

We’re able to carry out a Gap Analysis at any time, but to save costs it’s advantageous to schedule this to happen at the same time as your Surveillance Audit.

Those with the least time to make a decision are those who have a Surveillance Audit past September 2017, as they must be audited against the new standard(s) by the 15th September 2018, irrespective of their certificate’s expiry date or usual schedule of an audit every 12 months.

To talk through your options with an Account Manager, call us free on 0800 404 7007.

@TheBABOfficial: #CyberCrime is HUGE! Learn about different types and how to become #CyberSecure here: https://t.co/mcMVrMcgyJhttps://t.co/t3eWQ2LN7n