ISO 9001:2026 Revision: What Is Changing and When

The ISO 9001 Revision Is Underway

ISO 9001:2026 is coming, and if you hold certification, manage a quality management system, or audit against the standard, you need to understand what is changing and why. The revision has been in development since 2021, and the final published standard is expected in late 2025 or early 2026, with a transition period running to approximately 2028 or 2029 depending on what ISO and the International Accreditation Forum ultimately confirm.

This is not a minor editorial update. The committee responsible for ISO 9001, known as ISO/TC 176/SC 2, has been working through a structured revision process that responds to years of feedback from certification bodies, practitioners, and national standards bodies around the world. The changes are targeted, but several of them will require real work from organisations that want to maintain conformity.

This article explains what is known about the key changes, what the timeline looks like, and what you should be doing now whether you are a quality manager preparing your system, an internal auditor updating your checklist, or a professional building your auditing credentials.

Why ISO 9001 Is Being Revised

ISO 9001:2015 was a significant step forward from the 2008 edition. It introduced risk based thinking, the process approach, and the High Level Structure that aligned ISO 9001 with other management system standards like ISO 14001 and ISO 45001. It removed the requirement for a quality manual and a management representative, which gave organisations more flexibility in how they structured their systems.

But ten years is a long time. Several areas have emerged as consistent weaknesses in how organisations implement and maintain their QMS:

• Climate change and sustainability have become mainstream business concerns, yet the 2015 edition says almost nothing about them.
• Digital transformation has changed how organisations manage processes, documented information, and customer interactions, but the standard has not kept pace.
• Organisational resilience, supply chain disruption, and remote working arrangements have all become pressing issues that the current text does not address directly.
• Feedback from auditors and certification bodies consistently highlighted that some clauses were being implemented superficially, particularly around context, interested parties, and risk based thinking.

The revision aims to sharpen these areas without adding unnecessary bureaucracy. ISO/TC 176 has been explicit that the goal is not to create a completely new standard, but to strengthen the existing framework where evidence shows it is not delivering intended outcomes.

Key Changes in ISO 9001:2026

Climate Change Considerations

One of the most discussed additions to ISO 9001:2026 is the explicit mention of climate change. Following the precedent set by ISO 14001:2026, which was published in early 2025, ISO 9001:2026 is expected to include a note or requirement in Clause 4.1 that organisations consider whether climate change is a relevant external issue for their context.

This does not mean ISO 9001 is becoming an environmental standard. It means that if climate related factors, such as extreme weather events, supply chain disruption from flooding, or regulatory changes around carbon emissions, are relevant to your organisation's ability to deliver conforming products and services, you need to account for them in your QMS.

For many Australian businesses, particularly those in construction, agriculture, mining services, and transport, this is already a practical reality. The revision simply formalises the expectation that quality planning accounts for it.

Strengthened Requirements for Organisational Context

Clause 4.1 and Clause 4.2 have been areas where auditors consistently find superficial implementation. Organisations produce a context document that lists generic internal and external issues, and a stakeholder register that names obvious parties like customers and regulators, but neither document is connected to actual QMS planning decisions.

The 2026 revision is expected to tighten the language around how context feeds into the QMS. The intent is to make it clearer that identifying issues and interested parties is not a documentation exercise. It is supposed to drive the scope of the QMS, the objectives that are set, and the risks and opportunities that are addressed.

Auditors will need to probe more deeply into whether the context analysis has actually shaped the system, not just whether a document exists. If you are preparing your system for the transition, this is a good time to revisit whether your context outputs are genuinely connected to your planning under Clause 6.

Explicit References to Resilience and Continuity

The 2015 edition touches on risk and opportunity but does not specifically address organisational resilience or business continuity. The 2026 revision is expected to introduce more explicit language around the organisation's ability to maintain operations and deliver conforming outputs when things go wrong.

This reflects the real world experience of organisations during supply chain disruptions, pandemic related closures, and natural disasters. A QMS that only works under normal conditions is not providing the assurance that certification is supposed to represent.

The specific language is still being finalised, but practitioners should expect requirements or guidance around identifying critical processes, understanding dependencies, and planning for disruption scenarios. This aligns with what many certification auditors have already been probing informally under risk based thinking.

Updates to Documented Information Requirements

The 2015 edition replaced the terms procedure, record, and document with the single term documented information, which caused confusion in practice. Many organisations either over documented everything or struggled to understand what was actually required.

The 2026 revision is expected to provide clearer guidance on what documented information is needed and in what form. There is also expected to be acknowledgement of digital and electronic formats, which is long overdue given how most organisations now operate.

This does not mean you need to rebuild your document control system. It means the standard will be clearer about what is required as evidence of conformity versus what is optional but useful.

Refinements to Risk Based Thinking

Risk based thinking was one of the most significant concepts introduced in 2015, but it has also been one of the most inconsistently applied. Some organisations treat it as a risk register exercise. Others confuse it with the formal risk assessment requirements of ISO 31000. Many treat it as a separate activity disconnected from day to day process management.

The 2026 edition is expected to clarify that risk based thinking is embedded in how processes are planned and managed, not a standalone compliance activity. The intent is to help organisations understand that every decision about how to run a process, who is responsible, what controls are in place, and what to do when things deviate, is an expression of risk based thinking.

For auditors, this means moving away from asking show me your risk register and toward asking questions that reveal whether risk thinking is genuinely influencing how the organisation operates.

Supply Chain and External Providers

Clause 8.4, which covers the control of externally provided processes, products, and services, is expected to receive attention in the revision. Supply chain resilience has become a critical quality issue, and the 2015 requirements have been applied inconsistently.

Expect clearer guidance on evaluating the performance of external providers, managing critical supplier dependencies, and ensuring that outsourced processes do not undermine the integrity of the QMS. This is an area where many certification audits have found nonconformities, and the revision is likely to make the expectations more explicit.

Alignment with the Harmonised Structure

ISO 9001:2026 will maintain the High Level Structure, also known as the Harmonised Structure, that was introduced in 2015. This structure aligns ISO 9001 with ISO 14001, ISO 45001, ISO 27001, and other management system standards, making it easier to run integrated systems.

However, some clause numbering and text refinements are expected to improve alignment with the latest version of the Harmonised Structure, which has itself been updated since 2015. Organisations running integrated management systems should find that the 2026 edition makes integration slightly more straightforward.

What the Transition Timeline Looks Like

Based on the current development schedule and the precedent set by ISO 14001:2026, here is what the ISO 9001:2026 transition is expected to look like:

• Publication: The final standard is expected to be published in late 2025 or in 2026. The exact date depends on the ballot and review process within ISO/TC 176.
• Transition period: A three year transition period is typical for ISO 9001 revisions. This would put the transition deadline somewhere around 2028 or 2029. The International Accreditation Forum will confirm the exact deadline once the standard is published.
• Certification body preparation: Certification bodies will need to update their audit criteria and train their auditors before they can conduct transition audits. This typically takes six to twelve months after publication.
• Certificate expiry: Certificates issued to ISO 9001:2015 will need to be transitioned to ISO 9001:2026 before the deadline. Organisations that do not complete the transition will have their certificates withdrawn.

If you are currently certified to ISO 9001:2015, you do not need to act immediately. But you should be monitoring developments and planning your transition. Waiting until the last twelve months is a common mistake that creates unnecessary pressure on your system and your team.

For context on how a similar transition is being managed, the ISO 14001:2026 transition guide published on this site provides a useful parallel. The ISO 14001 revision followed a similar development path, and many of the lessons from that transition apply directly to ISO 9001.

What This Means for Internal Auditors

If you conduct internal audits against ISO 9001, the revision requires you to update your approach in several areas.

Revising Your Audit Checklist

Your current checklist is built around the 2015 requirements. Once the 2026 standard is published, you will need to update it to reflect new or modified requirements. This is not a complete rebuild. Most of the structure stays the same. But clauses around context, risk, documented information, and supply chain will need new questions.

Probing Deeper on Context and Risk

The 2026 revision is expected to make it harder to satisfy context and risk requirements with a document that sits in a folder and never influences anything. As an internal auditor, you will need to ask questions that reveal whether the context analysis is genuinely driving QMS decisions, not just whether the document has been reviewed recently.

Good questions to develop now include: How did your context analysis change your quality objectives this year? Which interested party requirements have influenced your process design? What risks did you identify that led to specific controls or monitoring activities?

Updating Your Audit Programme

If your audit programme does not currently include specific coverage of climate related issues, resilience planning, or supply chain performance, you will need to add these. The frequency and depth of coverage should reflect the risk profile of your organisation, not just a rotation schedule.

For a practical approach to building a risk based audit programme, the article on planning an ISO 9001 internal audit schedule provides a solid starting framework that you can adapt as the new requirements become clear.

What This Means for Quality Managers

If you are responsible for maintaining your organisation's QMS, the ISO 9001:2026 revision is an opportunity as much as it is a compliance task. Many of the changes address areas where QMS implementations have been weak in practice. Getting ahead of the transition means building a stronger system, not just updating documentation.

Start with a Gap Analysis

Once the standard is published, conduct a gap analysis against the new requirements. Identify which clauses require changes to your system, your documented information, or your processes. Prioritise the gaps by risk and impact, not just by clause number.

Engage Top Management Early

Some of the expected changes, particularly around climate considerations, resilience, and supply chain, will require decisions from senior leadership. Do not wait until the transition deadline to have those conversations. Frame the revision as an opportunity to strengthen the system and demonstrate that the QMS is genuinely connected to how the business operates.

Plan Your Transition Audit

Work with your certification body to understand their transition audit process. Some bodies will conduct a combined surveillance and transition audit. Others will require a separate transition assessment. Understanding the process early will help you plan your resources and avoid surprises.

What This Means for Lead Auditors and ISO Consultants

If you conduct third party audits or provide consulting support to certified organisations, the revision requires you to update your technical knowledge and your audit approach.

Lead auditors will need to demonstrate competence against the new requirements before conducting transition audits. Certification schemes like Exemplar Global and IRCA will update their competence requirements accordingly. If you are currently registered as a lead auditor, monitor communications from your certification scheme about what updating your registration will require.

ISO consultants supporting organisations through the transition will need to understand the new requirements in depth before advising clients. Clients will be relying on you to interpret the changes accurately and help them prioritise their efforts. Getting this wrong will damage your credibility and potentially your clients' certification status.

If you are building your auditing credentials now, training against the current standard remains the right approach. The 2026 revision maintains the same fundamental structure. The skills you develop in risk based thinking, process auditing, and evidence gathering under ISO 9001:2015 will transfer directly to the 2026 edition. The ISO auditor career path article provides useful context on how to build your credentials in a way that remains relevant through standard revisions.

Should You Certify to ISO 9001:2015 Now or Wait?

This is one of the most common questions from organisations that have not yet achieved certification. The short answer is: certify now. Do not wait for the 2026 edition.

Here is why. The transition period will give you time to update your system after the new standard is published. Organisations that are already certified and operating a mature QMS will find the transition far easier than organisations that are starting from scratch. Waiting for the 2026 edition means delaying the business benefits of certification, which include improved process control, stronger customer confidence, and access to tenders that require ISO 9001 certification.

The changes in the 2026 edition are not so fundamental that a system built to the 2015 requirements will need to be rebuilt. They are refinements that a well run QMS should be able to accommodate without significant disruption.

Staying Informed as the Revision Progresses

The ISO 9001:2026 revision is still in progress as of the time of writing. The most reliable sources of information are ISO's own website, your national standards body (Standards Australia for Australian practitioners), and your certification body. Be cautious about summaries from sources that are not closely connected to the actual development process, as speculation can sometimes be presented as confirmed changes.

Audit Workshop will continue to publish updated guidance as the standard progresses toward publication. If you are preparing your team for the transition, or if you are building your auditing credentials and want to ensure your training remains current through the revision, the ISO 9001 auditor training courses at Audit Workshop are built around practical application of the standard, not just memorisation of clause text. That foundation will serve you well regardless of which edition you are auditing against.

For anyone looking to understand the broader picture of what the revision involves, the companion article ISO 9001:2026: What Is Changing in the New Edition provides additional detail on specific clause level changes as they are confirmed.