Gap Analysis Checklist ISO 9001-2015

ISO 9001:2015 Self-assessment

Scope of the Quality Management System

Greater emphasis has been placed on the definition of scope of the quality management system. The scope of quality management system should be
determined in consideration to your organization’s context.


The previously titled Management Responsibility from ISO 9001:2008 has been replaced with ‘Leadership’. Top management are now required to be actively
involved in the operation of the quality management system. The removal of the role of ‘management representative’ reinforces a need to see the quality
management system embedded into routine business operations, rather than operating as an independent system in its own right with its own dedicated
management structure.

Risks and Opportunities

All references to preventive action have been removed from the ISO 9001:2015 and replaced with Clause 6.1 – Actions to Address Risks and Opportunities.
Your organization is now required to determine, consider and, where necessary, take action to address any risks or opportunities that might impact your
quality management system’s ability to deliver conformance, or which might adversely impact customer satisfaction.

Products and Services

The term ‘product’ is being replaced by ‘products and services’. By including specific reference to services as well as products, ISO 9001:2015 reinforces the
idea that quality management systems are applicable to all types of business and not just to are manufacturing or supplying products.

Control of Externally Provided Products & Services

ISO 9001:2008 Clause 7.4 – Purchasing has been replaced with clause 8.4 ‘Control of externally provided products and services’. This clause addresses all types
of external provision, purchasing from a supplier, or through the outsourcing of processes. Your organization is now required to take a risk-based approach
to determine the type and extent of controls that are appropriate for each external provider and all outsourced processes.

Documented Information

Requirements for a documented quality manual, documented procedures and records have been removed and replaced with the term ‘Documented
Information’. This is the information your organization is required to control, retain and maintain.

Non-conforming Processes

The Control of non-conforming products now includes non-conforming processes. Your organization is now required to evaluate whether a process is not
conforming to planned arrangements and, where necessary, investigate the cause and take action to prevent recurrence.

How to Make the Changes

Purchase copies of ISO 9000:2015 and ISO 9001:2015. Read them both and make yourself familiar with their language and concepts. Although it is written in a
dense, formal language, the clause titles in ISO 9001:2015 are fairly self-explanatory. We suggest that you use the familiar Plan-Do-Check-Act (PDCA)
methodology to manage your organization’s transition from the old to the new requirements. The following guidance provides nine simple steps to make the
transition, using the PDCA approach:

  1. Plan: Undertake a gap analysis to understand how the requirements affect your QMS and then prepare the
    transition plan based on the results.
  2. Do: Implement the transition plan by ensuring that the new requirements are embedded in to your QMS
    and your processes.
  3. Check: Evaluate the effectiveness of the newly implemented aspects by performing a full system (element)
    audit, review the findings and implement any corrective actions.
  4. Act: Take action to address transition any problems and improve the QMS before beginning process

Existing ISO 9001:2008 Documentation

The extent of the documented information will differ from your organization to another because of to the size of organization and its activities, processes,
products and services; the complexity of processes and their interactions, and the competence of personnel. In ISO 9001:2008, the quality manual helped to
establish and document the framework of your organization’s quality management system while articulating those aspects of the QMS to any interested
While there is no requirement for a quality manual or any documented procedures in ISO 9001:2015, it is suggested that if they add value, then they should
not simply be binned. You will be expected to maintain the integrity of the QMS during the transition process. You do not need to renumber your existing

for more information or get certified please visit

Leave a Reply

Your email address will not be published. Required fields are marked *