by Emily Hill

Volkswagen and ISO 9001:2015 - How ISO 9001:2015 can Prevent Compliance Scandals

Large Scale Noncompliance at Volkswagen

One of the world’s largest car manufacturers, Volkswagen, had billions of pounds wiped off the value of the company following a scandal whereby software was deliberately designed to deceive emissions tests.

The scandal came about following a compliance violation letter issued by the US Environmental Protection Agency (EPA) and California Air Resources Board (CARB) after a discussion with Volkswagen representatives who admitted that diesel vehicles had been deliberately fitted with software designed to deceive nitrogen emissions tests.

The scope of the scandal is still being investigated. However, it is expected that 11 million Volkswagen cars worldwide have been fitted with rigged software and it has also been speculated that other automotive manufacturers are also involved.

Whether Volkswagen will be able to survive such a reputational and financial hit is uncertain. However, what is clear from this scandal is that there was an evident requirement for a more robust system for managing governance, risk and compliance.

To support organisations to avoid such damaging scandals, the revised quality management standard, ISO 9001, focuses even more on top management taking the lead to ensure governance controls are in place, risks are identified, assessed, and applicable standards & regulations are complied with.

The revision of the ISO 9001 standard is an opportune time to advance, scale and evolve a quality management system to ensure regulations are adhered to, to avoid expensive losses and use the QMS to develop competitive advantage and drive bottom-line corporate growth.

This article discusses five new requirements of the ISO 9001:2015 framework and apply this to the Volkswagen emissions scandal. The article aims to support you to emphasise the importance of implementing the improved standard into a quality management system.



  Is this Volkswageddon? - Image Credits:


Context of the organisation:

Section four of the revised ISO 9001: 2015 framework puts a stronger focus on understanding the context of the organisation by assessing the needs of stakeholders, ensuring strategic cohesion and determining the scope of the quality management system within the organisation.

The new requirement specifies that the organisation should determine external and internal issues that are relevant to its purpose and its strategic direction. Volkswagen neglected to integrate strategic direction with internal issues. For example, Volkswagen communicated a strategy as a thought-leader in supplying environmentally sustainable cars - in Volkswagen’s sustainability strategy, the company claims “Environmental protection is an essential element of our corporate strategy aimed at long-term growth in value”, and the car maker launched a number of environmentally-friendly campaigns such as “Blue Motion” and “Think Blue”. It is estimated that Volkswagen diesel vehicles’ nitrogen oxide emissions exceeded regulatory limits by up to 40 times and caused up to one million tonnes of extra air pollution. Not only do the internal issues not align with the strategic goals of the company, it neglect the needs of stakeholders.

A key new requirement of ISO 9001 is ensuring that the organisation meets customer, statuary and regulatory requirements. The framework states the organisation must understand the needs and expectations of interested parties by providing products and services which meet customer and applicable statutory and regulatory requirements. The revised ISO 9001 standard will support companies to assess, manage and practise greater cohesion by putting the context of the organisation at the centre of the quality management system.



The ISO 9001 revision emphasises the importance of managing governance, risk and compliance from the top of the organisation. Section 5, Leadership, requires top management to develop the quality policy. This is to prevent CEO’s being surprised with any wrongdoing in the organisation – exactly the situation Martin Winterkorn, Volkswagen Chief Executive, supposedly found himself in.

Winterkorn claimed: "I am shocked by the events of the past few days. Above all, I am stunned that misconduct on such a scale was possible in the Volkswagen Group."

By ensuring that quality is managed from the top of the organisation, Winterkorn would avoid, or at least mitigate such large-scale noncompliance scandals.



Section eight of the revised ISO 9001 standard includes a new clause on operational planning and control. The clause focuses on establishing criteria for the processes and the acceptance of products.

Volkswagen developed processes and procedures to deliberately bypass the vehicles emission control system. In fact, in a compliance violation letter from the EPA and CABR Volkswagen admitted that vehicles were designed and manufactured with a defeat device to bypass, defeat and render inoperative elements of the vehicles emission control system.

By systematically planning, implementing and controlling the processes needed to meet the requirements of the products or services, the QMS can be used to avoid wide-scale operational problems.



There is a much greater focus on risk management in the revised ISO 9001 standard. Organsiations are required to assess risks when planning for QMS to ensure that they can enhance desirable effects or prevent and reduce undesirable effects.

In the Volkswagen emissions scandal, it is reported that Volkswagen used deceptive software since 2009. To meet the regulatory standards, Volkswagen inserted intricate code into the vehicle software that tracked steering and pedal movements which detected when the car was in a laboratory. The rest of the time, the pollution controls switched off. Rather than improving the issue over the past six years, Volkswagen neglected the risk and in return lost 30% off the value of the company in a week.



Communication in large, multi-national organisations is key to avoiding noncompliance. Clause 7.4 of the revised ISO 9001 standard requires organisations to determine what the quality management system will communicate, when, with whom and how it will communicate.

Standardised protocol for communicating quality management can avoid governance, risk and compliance issues by quickly identifying who is responsible and why an issue as occurred. This can help prevent organisations such as Volkswagen being liable for billions of dollars’ worth of fines.

EQMS by Qualsys is an intuitive software solution which supports companies to manage, document and assess governance, risk and compliance regulations. With built-in electronic signatures and a range of other governance, risk and compliance tools, EQMS can support companies who need to meet the requirements of ISO 9001 .


What Next?

What exactly went wrong for such a popular and trusted brand to cause such as huge environmental, reputational and financial catastrophe is yet to be known. ISO 9001:2015 is undoubtedly the best global quality management standard available to support an organisation to ensure a well-managed and cohesive governance, risk and compliance strategy.


Download the ISO 9001:2015 Revision Toolkit for checklists, guides and more.


ISO 14001 Revision

Tags: ISO 9001, Governance Risk and Compliance News