What Is ISO 9001?

ISO 9001 is an international standard for a quality management system (QMS) — a set of processes, documents, and responsibilities an organization uses to ensure a product or service meets customer expectations and industry standards and regulations. It gets its name from the International Organization for Standardization (ISO), which published the first ISO standards in 1987. Industries from manufacturing and healthcare to educational institutions and non-profit organizations use the ISO 9001 standard, which is the most popular set of QMS standards within the ISO 9000 family of standards.

The ISO 9000 family also contains the following process standards, each of which pertains to a different aspect of QMS:

  • ISO 9000:2015: Explanations of the fundamental concepts, principles, and vocabulary used to describe quality management and QMS
  • ISO/TS 9002:2016: Information about the intent behind the ISO 9001:2015 requirements and examples for how to apply those requirements
  • ISO 9004:2018: Details guidance for how organizations can achieve sustained success and includes a self-assessment tool to help organizations determine how well they’re adopting QMS concepts

The ISO released the most current version of ISO 9001, ISO 9001:2015, in September 2015; it’s the only certifiable standard in the ISO 9000 family.

What Are the Principles of ISO 9001?

The quality management principles (QMPs) are a set of values that serve as the foundation for the ISO 9000 family. They provide a framework for the ISO 9001 standard and serve as guidelines that help organizations create, implement, and maintain effective quality management.

The seven QMPS are:

  1. Customer focus: Listening to customer feedback, anticipating their needs, and exceeding their expectations
  2. Leadership: Encouraging employee input, prioritizing ISO 9001 training, and focusing on long-term goals
  3. Engagement of people: Emphasizing the importance of working together to achieve goals and ensuring employees have the resources to succeed
  4. Process approach: Treating teams, resources, and tasks as interconnected elements that rely on each other to reach goals
  5. Improvement: Continuously assessing the QMS, identifying areas that require development, and changing processes as necessary to improve the system
  6. Evidence-based decision-making: Analyzing data and using objective evidence to make decisions about organizational processes
  7. Relationship management: Establishing quality relationships with employees, customers, and stakeholders through empathy, engagement, and legal compliance

Naturally, investing resources into upholding these principles is a boon for any organization. Some of the most important benefits of the ISO 9001 framework include:

  • Customer loyalty
  • Complaint resolution
  • Continuous improvement
  • Process efficiency
  • Waste reduction
  • Cost savings
  • Informed decision-making
  • Accountability
  • Employee satisfaction

Why Is ISO 9001 Important?

ISO 9001 — and ISO 9001 certification — is important, because it signals the commitment of organizations of all sizes and in all industries to maintaining efficient and consistent quality management processes. In short, it’s a sign that an organization takes its operations, products, services, and customers seriously — something that builds trust among customers and partners who choose to work with that organization.

Also, by committing to and practicing the principles of ISO 9001, organizations experience an array of benefits, like those we discussed in the previous section, that impact nearly every facet of operations. As a result of these benefits and the trust that ISO 9001 certification instills, it’s the most widely used QMS standard in the world, with organizations in 189 countries holding ISO 9001 certification.

What Are the Requirements for ISO 9001 Certification?

The ISO 9001 requirements are the rules outlined in clauses four through 10 of the ISO 9001 that specify the QMS improvements and requirements for certification. While the first three clauses don’t contain mandatory requirements for certification, they provide information that help organizations understand how to implement the ISO 9001 standard. 

  1. Scope: Explains which QMS elements are included and excluded under the ISO 9001 standard
  2. Normative references: Lists any other ISO documents required to implement ISO 9001 standards
  3. Terms and definitions: Defines relevant ISO 9001 jargon

The clauses that contain the actual certification requirements include the following: 

  1. Context of the organization: Outlines the importance of aligning an organization’s QMS with how it operates — specifically, how internal and external issues can impact reaching organizational goals; also describes requirements for defining the scope of the organization’s QMS as well as mapping and defining processes
  2. Leadership: Describes the requirements of managers and other leadership, including their focus on the customer, their role in defining, communicating, and upholding policies concerning quality
  3. Planning: Documents the requirements related to determining and planning for how the organization will handle risks and opportunities
  4. Support: Lists the types of work environment (temperature control, sterilization, etc.) and resources (human resources, infrastructure such as equipment, etc.) that managers and leadership need to provide to staff in order to support QMS
  5. Operation: Details the steps an organization must take in order to deliver quality products and services to customers, including developing product specifications, determining necessary purchases and acquisitions, controlling third-party providers, etc.
  6. Performance evaluation: Delineates the requirements for establishing a process for measuring, analyzing, and recording QMS performance
  7. Improvement: States the requirements an organization needs to follow in order to improve the quality of services and products over time

The ISO 9001 Certification Process

Of course, it’s not enough to simply know and understand the requirements for getting an ISO 9001 certification. The process for earning a certification can be lengthy and can require a fair amount of planning and research.

The ISO itself doesn’t issue certifications, but there are many accredited certification bodies that exist all over the world that offer the service. While there may be some variance in the certification process, depending on your country and your certification body, the ISO 9001 certification steps are typically as follows:

  • Prepare your organization: Put together a team that will own the process and will drive critical actions like developing a thorough understanding of the clauses, conducting a gap analysis of which QMS elements and ISO 9001 requirements already exist and which ones are missing, developing action plans for meeting the missing requirements, and more.
  • Audit, create, and organize documentation: For documentation your organization already has, have your team review and determine if it needs to be reformatted or edited in order to meet requirements. For documentation you don’t have, have your team create a plan for who will create what and develop a timeline for submission, reviews, etc.
  • Implement QMS: Roll out any QMS policies and training programs that you need to have in place order to meet the ISO requirements.
  • Conduct an internal, post-implementation audit: After an appropriate amount of time, have the project team audit your new processes, policies, documentation, etc. to see what’s working and what needs to be improved in order to meet requirements.
  • Research and choose a certification body: Once your organization is in a good spot, start looking into certification bodies in your country to see which ones meet your organization’s needs. Consider factors like timeline, the price of certification, etc.
  • Apply for certification per your certification body’s process: Follow the steps that your certification body requires of you. At the very least, your certification body will conduct their own audit of your QMS, though there may be some additional steps, especially if the audit reveals that your organization needs to take corrective measures.

What Is Needed to Achieve ISO 9001 Compliance?

Once your organization gains its ISO 9001 certification, it typically lasts for three years. You can maintain compliance by continuing to meet the mandatory and non-mandatory ISO 9001 requirements listed in the 10 clauses and passing periodic (often annual) audits from your certifying body during those three years; these periodic audits are usually shorter and more focused than the certification audit.

Mandatory compliance requirements

Here’s a comprehensive list of the mandatory documentation and records that an organization needs in order to comply with the ISO 9001 standard and maintain certification. (Note that this list aligns with ISO 9001:2015, clause 7.5 and related subclauses.) 

  • Monitoring and measuring equipment calibration records
  • Records of training, skills, experience, and qualifications
  • Product/service requirements and review records
  • Records about design and development outputs review
  • Records of design and development controls
  • Records of design and development outputs
  • Records of design and development changes
  • Characteristics of the products and services an organization provides
  • Records about customer property
  • Records of production/service provision change control
  • Records of conformity of product/service with acceptance criteria
  • Records of nonconforming outputs
  • Monitoring and measurement results
  • Internal audit program
  • Results of internal audits
  • Results of the management review
  • Results of corrective actions

Non-mandatory Compliance Requirements

Some organizations have supporting documents that help ensure their QMS functions according to plan, but these documents aren’t required to achieve compliance. They may include:

  • Procedure for determining the scope of the organization’s QMS and how it interacts with internal and external parties
  • Procedure for addressing risks and opportunities
  • Procedure for competence, training, and awareness of staff
  • Procedure for equipment maintenance and providing proper working conditions for staff
  • Procedure for document and record control
  • Sales procedure
  • Procedure for design and development of products and services
  • Procedure for production and service provision
  • Warehousing procedure
  • Procedure for management of nonconformities and corrective actions
  • Procedure for monitoring customer satisfaction
  • Procedure for internal audit
  • Procedure for management review

How ISO 9001 Can Help Your Calibration Efforts

While ISO 9001 certification can be helpful to any organization, the quality management systems that ISO 9001 requires can be particularly helpful to organizations that rely on measurement tools and calibration of those tools. Especially for industries such as food and beverage, aerospace and avionics, and manufacturing (automotive, pharmaceutical, semiconductor, etc.), processes based on ISO 9001 QMS can help ensure measurements are accurate and reliable and that maintenance of measurement equipment is done correctly and consistently.

Want to learn more about the importance of high-quality calibration practices? Please review these resources:

Chat with ourFluke assistant
Clear Chat