What is ISO 9001?

Published November 5, 2019 • 2 min read

What is ISO 9001?

ISO 9001:2015 is the international standard for quality management systems (QMS) established by the International Organization for Standardization (ISO). Among the most widely used ISO standards, it promotes a process approach to management, examining more than 20 processes.

The ISO 9001 standard is part of the ISO 9000 family of international standards, all of which address quality management. Among these, only ISO 9001 is eligible for certification.

Seven Quality Management Principles (QMPs) form the basis of ISO 9000, ISO 9001, and other ISO quality management standards. These principles can help your organization optimize its QMS.

The principles (in no specific order):

  1.   Customer focus: The primary focus of quality management is customer satisfaction: meeting customer requirements and striving to exceed customer expectations.
  2.   Leadership: Leaders at all levels establish unity of purpose and direction and create conditions in which people are engaged in achieving the organization’s quality objectives.
  3.   Engagement of people: Competent, empowered and engaged people at all levels throughout the organization are essential to enhance its capability to create and deliver value.
  4.   Process approach: Consistent and predictable results are achieved more effectively and efficiently when activities are understood and managed as interrelated processes that function as a coherent system.
  5. Improvement: Successful organizations have an ongoing focus on improvement (continual improvement).
  6.   Evidence-based decision making: Decisions based on the analysis and evaluation of data and information are more likely to produce desired results.
  7.   Relationship management: For sustained success, an organization manages its relationships with interested parties, such as suppliers.

ISO 9001:2015’s requirements are divided into ten sections, or “clauses.”  

  • Introduction: Includes the standard’s process-oriented approach and the importance of risk-based thinking.
  • Scope: Specifies the requirements of a QMS.
  • Normative references: Points to ISO 9000:2015 as an important source of information for implementing ISO 9001:2015
  • Terms and definitions: Taken directly from ISO 9000:2015
  • Context of the Organization: Requirements for aligning your QMS with business objectives. 
  • Leadership: Requirements for customer commitment and focus, as well as a quality policy and quality objectives; elements of planning in the QMS along with the need to define responsibility, authority and communication in the company; and requirements of the periodic management review, including mandatory inputs and outputs.
  • Planning: Requirements for QMS planning to address associated risks, opportunities, changes, and quality objectives
  • Support: Requirements for management to provide human resources (with an emphasis on competence, awareness and training), infrastructure including the QMS, work environment, and other resources 
  • Operation: Requirements for planning the product or service: determining product requirements including review, design, development and purchasing, plus equipment used to monitor or measure the product or service
  • Performance Evaluation: Requirements for assessing customer satisfaction and internal audits, and monitoring the product and processes so that you know your QMS is functioning properly 
  • Improvement: Requirements for addressing deficiencies and continually improving your QMS.

ISO 9001 Certification

Although certification for ISO 9001 is not compulsory, many organizations choose to become ISO 9001 certified because they realize the important benefits of ISO certification.

 Achieving an attestation of ISO compliance from a certification body accredited by ISO’s Committee on Conformity Assessment (CASCO) demonstrates that your enterprise is serious about quality assurance, enhancing your reputation and giving you the competitive edge over non-certified organizations.

Certification also ensures that your QMS is functioning at its full potential, which means your processes are running efficiently and effectively. Your goods and services will meet customer requirements as well as statutory and regulatory requirements.

Learn how we can fit into your business.

Schedule a demo to learn how we can help guide your organization to confidence in infosec risk and compliance.

Help us get to know you.

Get a demo