Guidance

Plan your management system

The ISO Navigator™ database hyperlinks the ISO 9000:2005 principles and the ISO 9001:2008 requirements; and explains them in plain English with practical guidance.

This guidance has been superseded by ISO 9001:2015 Clause 5.2 Quality Policy. If you want to see a comparison matrix that correlates the requirements of ISO 9001:2008 to the revised requirements of ISO 9001:2015, please click here to begin comparing.

Our range of ISO 9001:2015 quality manuals and integrated manual templates cover the requirements of ISO 14001:2015 and ISO 45001:2018, and offer an easy way to implement and document your organization's quality management system or integrated management system.

ISO 9001:2008: Quality policy (superseded)

Auditors will wish to determine if the policies meet the intent and are understood, by interviewing personnel at all levels. Although the exact content of the policies does not need to be recited by interviewees, the awareness of the policies and how their job affects the company objectives should be determined.

This does not require your employees to memorize the policies but it does mean they should be aware of it, know where it may be found and be able to paraphrase, or give an interpretation as it applies to them.

The quality policy must be fully integrated with the overall business strategy and objectives. Define, establish and manage the policies by:

  1. Ensuring its relevance to organizational goals and objectives
  2. Ensuring it affirms the need to achieve customer requirements
  3. Ensuring it promotes the continual development of objectives
  4. Ensuring it commits the organization to a process of continual improvement
  5. Ensuring it is communicated throughout the organization
  6. Reviewing the policies for continuing suitability and relevance

Understanding the policy

If the personnel who are interviewed do not know what their objectives are or do not know what the organizational objectives are, this alone would cause the auditor evaluate top management’s communication of the policies and objectives. Inferred awareness through knowledge of procedures is not considered sufficient; otherwise why have the requirement in the first place?

Communicating the policy

A quick and convenient way to promote and communicate the policy might be to create a shortened version of main policy; try condensing it to five key words or even a couple of short sentences. This can be posted on bulletin boards in each department.

You could even add it to the reverse side of staff security passes or ID badges. If an auditor asks an employee whether they are aware of the policy; they can point to the bulletin board, or point to it on their badge. The employee can further elaborate to the auditor, what the policy means to them and how it influences their work.

Want to know more?

SSL certification

A certificate guarantees the information your internet browser is receiving now originates from the expected domain - https://www.iso9001help.co.uk. It guarantees that when you make a purchase, sensitive data is encrypted and sent to the right place, and not to a malicious third-party.

Free PDCA guidance

ISO Navigator™ is our FREE online training tool that shows you how to apply the principles of PDCA to your operations. We also offer many helpful templates that get you on the road to documenting your management system, please visit the download page.

Planning

ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
4.1 Organizational Context 4.1 Organizational Context 4.1 Organizational Context
4.2 Relevant Interested Parties 4.2 Relevant Interested Parties 4.2 Relevant Interested Parties
4.3 Management System Scope 4.3 Management System Scope 4.3 Management System Scope
4.4 QMS Processes 4.4 EMS Processes 4.4 OH&S Management System
 
ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
5.1 Leadership & Commitment 5.1 Leadership & Commitment 5.1 Leadership & Commitment
5.2 Quality Policy 5.2 Environmental Policy 5.2 OH&S Policy
5.3 Roles, Responsibilities/Authorities 5.3 Roles, Responsibilities/Authorities 5.3 Roles, Responsibilities/Authorities
    5.4 Consultation & Participation
 
ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
6.1.1 Address Risks & Opportunities 6.1.1 Address Risks & Opportunities 6.1.1 Address Risks & Opportunities
6.2.1 Quality Objectives 6.1.2 Environmental Aspects 6.1.2 Hazard Identifcation
6.2.2 Planning to Achieve Objectives 6.1.3 Compliance Obligations 6.1.3 Legal & Other Requirements
6.3 Planning for Change 6.1.4 Planning Action 6.1.4 Planning Action
  6.2.1 Environmental Objectives 6.2.1 OH&S Objectives
  6.2.2 Planning to Achieve Objectives 6.2.2 Planning to Achieve Objectives
 

Doing

ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
7.1.1 Resources - General
7.1 Resources 7.1 Resources
7.1.2 People 7.2 Competence 7.2 Competence
7.1.3 Infrastructure
7.3 Awareness 7.3 Awareness
7.1.4 Operational Environment 7.4.1 Communcation - General 7.4.1 Communcation - General
7.1.5 Monitoring & Measuring 7.4.2 Internal Communcation 7.4.2 Internal Communcation
7.1.6 Organizational Knowledge 7.4.3 External Communcation 7.4.3 External Communcation
7.2 Competence 7.5 Documented Information 7.5 Documented Information
7.3 Awareness    
7.4 Communcation    
7.5 Documented Information    
 
ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
8.1 Operational Planning & Control
8.1 Operational Planning & Control 8.1.1 General
8.2.1 Customer Communication 8.2 Emergency Preparedness 8.1.2 Eliminating Hazards
8.2.2 Determining Requirements
  8.1.3 Management of Change
8.2.3 Reviewing Requirements   8.1.4 Outsourcing
8.2.4 Changes in Requirements
  8.2 Emergency Preparedness
8.3.1 Design Development - General    
8.3.2 Design Development - Planning
   
8.3.3 Design Development - Inputs    
8.3.4 Design Development - Controls    
8.3.5 Design Development - Outputs    
8.3.6 Design Development - Changes    
8.4.1 External Processes - General    
8.4.2 Purchasing Controls    
8.4.3 Purchasing Information    
8.5.1 Production & Service Provision    
8.5.2 Identification & Traceability    
8.5.3 3rd Party Property    
8.5.4 Preservation    
8.5.5 Post-delivery Activities    
8.5.6 Control of Changes    
8.6 Release of Products & Services    
8.7 Nonconforming Outputs    
 

Checking

ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
9.1.1 Performance Evaluation 9.1.1 Performance Evaluation 9.1.1 Performance Evaluation
9.1.2 Customer Satisfaction 9.1.2 Evaluation of Compliance 9.1.2 Evaluation of Compliance
9.1.3 Analysis & Evaluation 9.2 Internal Audit 9.2 Internal Audit
9.2 Internal Audit 9.3 Management Review 9.3 Management Review
9.3 Management Review    
 

Acting

ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
10.1 Improvement - General 10.1 Improvement - General 10.1 Improvement - General
10.2 Nonconformity & Corrective Action 10.2 Nonconformity & Corrective Action 10.2 Incident, Nonconformity & Corrective Action
10.3 Continual Improvement 10.3 Continual Improvement 10.3 Continual Improvement