I was stunned by the fact that the latest revision no longer talks about documents and records.  I did not see one place where it says a documented procedure is required.  Does that mean we get to decide what gets documented and ISO no longer cares? 

Also, I found the clause on corrective action to be disturbing.  It says "When a nonconformity occurs, the organization shall:  a) react to the nonconformity, and as applicable 1) take action to control and correct it; and 2) evaluate the need for eliminating the causes of the nonconformity, in order that it does not recur or occur elsewhere...".  This entire statement says we need to react to everything and then decide in each case whether a corrective action (not just a correction) is warranted.  In fact, the way it should be done is a correction should be done for all nonconformities.  A corrective action should be done through the analysis of all or a sample of all nonconformities in order to determine if a systemic issue is in place.  To require a response to each nonconformity which also evaluates the need for corrective action seems a bit like overkill to me.   I know that the previous standard was not that clear on this either.  But the point is, if we keep treating common cause issues as if they are special cause, we will quickly wear ourselves out with huge expenditures of resources and little to show for it. 

- Mike Harkins

Yes, I can't but think of the Bee Gees' Words song lyrics, when reading about the "new" ISO 9001. I'm especially concerned with the requirements 4.4.2 - 5.1.2 - 6.1 and 9.2: my comments on which so called novelties can probably be read somewhere else. In short: the elephant gave birth to a mouse, I expected a much more thorough job from ISO, to counter-act its addiction to the year 2000 edition approach. Thank you.