There are many revisions within the standard. The most prevalent change that one can readily identify is risk. The standard expects manufacturers to apply a risk-based approach to the control of the appropriate processes needed for the quality management system.
Risk is mentioned some 15 times throughout the standard, to account for the specific issues being addressed. Risk is to be considered in outsourcing and supplier controls, with respect to software validations, and in the training of personnel commensurate with risks inherent in the processes they perform. Risk is to be taken into account in product planning processes. Risk management activities should also be incorporated during the processes of:
Verification, validation, revalidation
Documentation of risk management in product realization
Monitoring, testing, and traceability
Corrective actions and preventive actions
In this context, management of risk is an explicit part of executive decision-making about company (quality) objectives.