ISO 9001:2015 | Requirements of ISO 9001:2015 Certification

ISO 9001 Certification Requirement

ISO 9001 Requirements in details with Clause structure:

→ ISO 9001 specifies Requirements for an ISO 9001:2015 (Quality Management System).
→ As per ISO 9001:2015, an organization needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements.

➤ Main 10 Clauses of ISO 9001:2015 is mentioned below:

  1. Scope
  2. Normative references
  3. Terms and definitions
  4. The context of the organization
  5. Leadership
  6. Planning
  7. Support
  8. Operation
  9. Performance evaluation
  10. Improvement
Main Clauses of ISO 9001-2015

Clause 01) Scope:

→  All the requirements of ISO 9001:2015 are intended to be applicable to any the organization, Regardless of its type or size or the products and services it provides.

Clause 02) Normative Reference:

→ For Normative Reference: Refer the ISO 9000:2015, Quality Management Systems – Fundamentals and Vocabulary.

Clause 03) Terms and Definition:

→ For Terms & Definitions: Refer the ISO 9000: 2015, Quality Management Systems – Fundamentals and Vocabulary.

Clause 04) Context of the organization - ISO 9001:2015 Requirement:

Clause 04) Context of the organization - ISO 9001:2015 Requirement

 4.1. Understanding the Organization and its context

     → “Context of the organization is a combination of internal and external issues that can have an effect on an organization’s approach to developing and achieving its objectives.”

 4.2. Understanding the Needs and expectations of interested parties

     → The organization shall determine The interested Parties that are relevant to the Quality Management System (ISO 9001:2015).
     → The requirement of these interested parties that are relevant to the QMS.

 4.3. Determining the Scope of the quality management system (ISO 9001:2015)

     → The Organization shall consider The external and Internal issues and the requirements of the relevant interested parties.

 4.4. Quality Management system (ISO 9001:2015and its processes

     → “The Organization shall establish, implement, maintain and continually improve a Quality Management System, in accordance with the requirements of ISO 9001:2015 .”

Clause 05) Leadership - ISO 9001:2015 Requirement:

Clause 05) Leadership - ISO 9001:2015 Requirement

 5.1 Leadership & Commitment

     → Top management shall demonstrate leadership and commitment with respect to the Quality Management System (ISO 9001:2015).

 5.2 Policy

→ Establishing the Quality Policy: Top management shall establish, implement and maintain a Quality Policy.
 Quality Policy is appropriate to the purpose and context of the organization and supports its strategic direction.
→ Quality Policy is Provide a framework for setting quality objectives.
→ Quality Policy is Includes a commitment to continual improvement of the quality management system ISO 9001:2015.

 5.3 Organizational Roles, Responsibilities and Authorities

→ Top management shall ensure that the responsibilities and authorities for relevant Role:
→ Ensuring that the quality management system conforms to the requirements of ISO 9001:2015.
→ Ensuring that the processes are delivering their intended outputs.
 Reporting on the performance of the quality management system (as per ISO 9001:2015) and on opportunities for improvement in particular to top management
→ Ensuring the promotion of customer focus throughout the organization.

Clause 06) Planning - ISO 9001:2015 Requirement:

Clause 06) Planning - ISO 9001:2015 Requirement

 6.1 Actions to Address risks & Opportunities

→ When Planning for the QMS, the organization shall determine the 
→ Give assurance that the quality management system (as per ISO 9001:2015) can achieve its intended results, Enhance desirable effects.
→ Prevent or reduce undesirable effects Achieve improvement.

 6.2 Quality Objectives & Planning to Achieve Them

→ The Organization shall establish quality objectives :
➥ The Quality Objective shall:
  • Be consistent with the quality policy
  • Be measurable
  • also, be relevant to the conformity of products and services and enhancement of customer satisfaction
  • Be Communicated
  • Be updated as appropriate
  • The Organization shall maintain documented information on the quality objectives.
➥ When planning how to achieve its quality objectives, the Organization shall determine:
  • What will be done
  • What resources will be required
  • Who will be responsible
  • When it will be completed
  • How the results will be evaluated

 6.3 Planning of Changes

→ When the organization determines the need for changes to the QMS, the changes shall be carried out in the planned manner
➥ The organization shall consider :
  • The purpose of the changes and their potential consequences
  • The availability of resources
  • The allocation or reallocation of responsibilities and authorities

Clause 07) Support - ISO 9001:2015 Requirement:

Clause 07) Support - ISO 9001:2015 Requirement

➤ 7.1. Resources

➥ The organization shall determine and provide the resources needed for the establishment, implementation, maintenance and continual improvement of the quality management system (as per ISO 9001:2015).
  • People
  • The infrastructure of a building,
  • Machine, equipment,
  • Transportation,
  • IT etc...
  • Suitable Environment for the operation of processes

➥ Measurement Tractability :

➥ The measuring equipment shall be:
  • Calibrated or verified
  • Identified in order to determine their status
  • Safeguarded from adjustments, damage or deterioration that would invalidate the calibration status and subsequent measurement results. 

➤ 7.2. Competence

➥ The organization shall:
  • Determine the necessary competence of a person(s) doing work 
  • Ensure that these persons are competent on the basis of appropriate education, training, or experience
  • Retain appropriate documented information as evidence of competence.

➤ 7.3. Awareness

➥ The organization shall ensure that persons doing work under the organization’s control are aware of:
  • The quality policy
  • Relevant quality objectives
  • Their contribution to the effectiveness of the QMS, including the benefits of improved performance

⇒  7.4. Communication

➥ The organization shall determine the internal and external communications relevant to the quality management system (as per ISO 9001:2015), including :
  • On what it will communicate
  • When to communicate
  • With whom to communicate
  • How to communicate
  • Who communicate

➤ 7.5. Documented Information

 The organization’s quality management system (as per ISO 9001:2015) shall include :
 Documented information required by ISO 9001:2015

➥ [A] Creating and updating:

→ When creating and updating documented informationthe organization shall ensure appropriate :
  • Identification and description (e.g. a title, date, reference number, etc...)
  • Format (e.g. language, software version, graphics)
  • Media (e.g. paper, electronic)
  • Review and approval for suitability and adequacy

➥ [B] Control of documented information:

→ Documented information required by the QMS and ISO 9001:2015 shall be controlled to ensure:
  • It is available 
  • suitable for use, 
  • where and when it is needed
→ for the control of documented information, the organization shall address the following activities :
  • Distribution, access, retrieval, and use
  • Storage and preservation, including preservation of legibility
  • Control of changes (e.g. version control)          
  • Retention and disposition

Clause 08) Operation - ISO 9001:2015 Requirement:

Clause 08) Operation - ISO 9001:2015 Requirement

➤ 8.1. Operation Planning and Control

 The organization shall plan, implement and control the processes.
 Determining the requirements for the products and services
➥ Establishing criteria for :
  • The processes
  • The acceptance of products and services

➤ 8.2. Requirements for Products

→ Customer Communication :
➥ Communication with the customer shall include:
  • Providing information relating to products and services
  • Handling inquiries, contracts or orders, including changes
  • Obtaining customer feedback relating to products and services, including customer complaints
  • Handling or controlling customer property
➥ The organization shall ensure that
  • The requirements for the products and services are defined, including
  • Any applicable statutory and regulatory requirements
  • Those considered necessary by the organization

➤ 8.3. Design and development of products and Services

→ The organization shall establish, implement and maintain design and development the process that is appropriate to ensure the subsequent provision of products and services.

➥ [A] Design and development inputs:

  • Function and performance requirements
  • Statutory and regulatory requirements

➥ [B] Design and development controls

→ The organization shall apply controls to the design and development process to ensure:
  • The results to be  achieved are defined
  • Verification activities – meet the input requirements
  • Validation activities – meet the requirements for the specified application 
  • Any necessary actions are taken on problems determined during the reviews, or verification and validation activities
  • Documented information of these activities is retained

➥ [C] Design and development outputs

→ The organization shall ensure that the design and development outputs:
→ Meet the input requirements
➥ The organization shall retain documented information on:
  • Design and development changes
  • The results of reviews
  • The authorization of the changes
  • The actions are taken to prevent impact

➤ 8.4. Control of Externally Provided Processes, Products, and Services

→ The organization shall determine :
→ A process, or part of a process, is provided by an external provider as a result of a decision by the organization
➥ The organization shall determine and apply criteria for:
  • Evaluation,
  • Selection, 
  • Monitoring of performance and
  • Re-evaluation of external providers

➤ 8.5. Production and Service Provision

➥ [A] Control of product and service provision:

➥ The availability of documented information that defines:
  • Characteristics of the products to be produced and the services to be provided
  • The results to be achieved
  • Implementation of monitoring and measurement activities
  • Use of suitable infrastructure and environment for the operation of processes
  • The implementation of release, delivery, and post-delivery activities

➥ [B] Identification and Traceability:

  • The organization shall identify outputs when it is necessary to ensure the conformity of products and services
  • The organization shall control the unique identification of the outputs when traceability is a requirement, 
  • The organization shall retain the documented information necessary to enable traceability.

➥ [C] Property belonging to customer or external providers

→ The organization shall identifyverifyprotect and safeguard customers’ or external providers’ property provided.
→ When the property of a customer or external provider is lost, damaged or otherwise found to be unsuitable for use, the organization shall report this to the customer or external provider and retain documented information on what has occurred.

➥ [D] Preservation

→ The organization shall preserve the outputs during production and service provision.
➥ Preservation can include:
  • Identification,
  • Handling,
  • Contamination control,
  • Packaging storage,
  • Transmission or transportation, and
  • Protection.

➥ [E] Post-delivery activities:

→ The organization shall consider:
  • Statutory and regulatory requirements
  • Nature, use and intended lifetime of its products and services
  • Customer requirements
  • Customer feedback
  • Warranty provisions

➥ [F] Control of changes:

→ The organization shall review and control changes for production or service provision.
→ The organization shall retain documented information.

➤ 8.6. The Release of Products and Services

 The organization shall retain documented information on the release of products and services
➥ The documented information shall include:
  • Evidence of conformity with the acceptance criteria
  • Traceability to the person(s) authorizing the release

➤ 8.7. Control of Nonconforming outputs

→ The organization shall ensure that outputs that do not conform to its requirements are identified and controlled to prevent their unintended use or delivery
→ The organization shall take appropriate action based on the nature of the nonconformity.
➥ The organization shall deal with nonconforming outputs like,
  • Correction
  • Segregation, containment, return
  • Informing the customer
  • Obtaining authorization for acceptance under concession
→  Conformity to the requirements shall be verified when nonconforming outputs are corrected.
➥ The organization shall retain documented information that
  • Describes the nonconformity
  • Mentions the actions taken
  • Describe any concessions obtained
  • Identifies the authority deciding the action in respect of the nonconformity

Clause 09) Performance Evaluation - ISO 9001:2015 Requirement:

Clause 09) Performance Evaluation - ISO 9001:2015 Requirement

 9.1. MonitoringAnalysis, Measurement & Evaluation

➥ [A] The organization shall determine:

  • What needs to be monitored and measured
  • The methods for monitoring, measurement, analysis, and evaluation needed to ensure valid results
  • When the monitoring and measuring shall be performed
  • The organization shall retain appropriate documented information as evidence of the results

➥ [B] Customer satisfaction

→ The organization shall monitor customers’ perceptions of the degree to which their needs and expectation have been fulfilled

➥ [C] Analysis and Evaluation

→ The results of the analysis shall be used to evaluate :
  • Conformity of product and services
  • The degree of customer satisfaction
  • The performance and effectiveness of the quality management system
  • The effectiveness of actions taken to address risks and opportunities
  • The performance of external providers

 9.2. Internal Audit

→ The organization shall conduct internal audits at planned intervals to provide information on whether the quality management system (as per ISO 9001:2015Conforms to:
→ The organization’s requirements for its QMS
→ The requirements of ISO 9001:2015
→ Is effectively implemented and maintained
➥ The organization shall
  • Plan, establish, implement and maintain an audit programme(s) including the frequency, method, responsibilities & planning requirements.
  • Select auditors and conduct audits
  • Take appropriate correction and corrective actions without undue delay
  • Retain documented information as evidence of the implementation of the audit program and the audit results

 9.3 Management Review

→ Top management shall review the organization’s QMS at planned intervals, to ensure its continuing suitability, effectiveness, and alignment with the strategic direction of the organization

➥ [A] Management Review Inputs:

  • The status of actions from previous management reviews
  • Customer satisfaction and feedback from relevant interested parties
  • Non-conformities and corrective actions
  • Audit results
  • The performance of external providers
  • Adequacy of resources
  • The effectiveness of actions taken to address risks and opportunities

➥ [B] Management Review Outputs:

  • Opportunities for improvement 
  • Any need for changes to the quality management system (as per ISO 9001:2015)
  • Resource needs
→ The organization shall retain documented information as evidence of  the results of management reviews

Clause 10) Improvement - ISO 9001:2015 Requirement:

Clause 10) Improvement - ISO 9001:2015 Requirement

➤ 10.1. General

→ This shall include :
→ Improving products and services to meet requirements as well as to address future needs and expectations
→ Correctingpreventing or reducing undesired effects
→ Improving the performance and effectiveness of the QMS

➤ 10.2. Non-conformity & corrective action

➥ The organization shall :
  • Take action to control and correct it
  • Deal with the consequences
  • Reviewing and analyzing the nonconformity
  • Determining the causes of the nonconformity
  • Determining if similar nonconformities exist, or could potentially occur
  • Corrective actions shall be appropriate to the effects of the nonconformities encountered
➥ The organization shall retain documented information as evidence of
  •  The nature of the nonconformities and any subsequent action is taken
  •  The results of any corrective action

10.3. Continual Improvement

→ The organization shall continually improve the quality management system (as per ISO 9001:2015).