Checklist IQA 9001-2015

Internal Quality Management System Audit Checklist (ISO9001:2015)
Q# ISO 9001:2015 Clause Audit Question Audit Evidence

4 Context of the Organization
4.1 Understanding the organization and its context
4.1q1 The organization shall determine external and How has the organization determined
internal issues that are relevant to its purpose external and internal issues relevant to
and its strategic direction and that affect its its purpose and strategic direction?
ability to achieve the intended result(s) of its How do these affect the ability to
quality management system. achieve the intended result of the
QMS?
4.1q2 The organization shall monitor and review How do you monitor and review
the information about these external and information about these internal and
internal issues. external issues?
NOTE 1 Understanding the external context can be facilitated by considering issues arising from
legal, technological, competitive, market, cultural, social, and economic environments, whether
international, national, regional or local.
NOTE 2 Understanding the internal context can be facilitated by considering issues related to values,
culture knowledge and performance of the organization.
4.2 Understanding the needs and expectations of interested parties

4.2q1 Due to their impact or potential impact on the How have you determined what
organization’s ability to consistently provide interested parties are relevant to the
products and services that meet customer and QMS?
applicable statutory and regulatory How have you determined what
requirements, the organization shall requirements those parties have that
determine: are relevant to the QMS?
a) the interested parties that are relevant to How has impact or potential impact
the quality management system; been determined?
b) the requirements of these interested
parties that are relevant to the quality
management system.
4.2q2 The organization shall monitor and review How do you monitor and review the
the information about these interested information about interested parties
parties and their relevant requirements. and their relevant requirements?
4.3 Determining the scope of the quality management system

4.3q1 The organization shall determine the How have the boundaries and
boundaries and applicability of the quality applicability of the QMS been used to
management system to establish its scope. establish the scope of the organization?
Page 1
4.3q2 When determining this scope, the How have:
organization shall consider: The external and internal issues;
a) the external and internal issues referred The requirements of relevant
to in 4.1; interested parties and;
b) the requirements of relevant The products and services of the
interested parties referred to in 4.2; organization been considered when
c) the products and services of determining the scope of the
the organization. organization?
4.3q3 Where a requirement of this International How has the application of the
Standard within the determined scope can be International Standard within the scope
applied, then it shall be applied by the been determined, and how has it been
organization. applied by the organization?
4.3q4 If any requirement(s) of this International How have any requirements of the
Standard cannot be applied, this shall not affect International Standard been determined
the organization’s ability or responsibility to as not applicable? Show me how
ensure conformity of products and services. conformity of products and services are
not affected by this.
4.3q5 The scope shall be available and be maintained Where is the scope available? Where is Scope required as documented information.
as documented information stating the: it maintained as documented
- products and services covered by information? Does it state what
the quality management system; products and services are covered by
- justification for any instance the QMS?
where a requirement of this Does it justify how instances of
International Standard cannot be requirements of the QMS cannot
applied. be applied?
4.4 Quality management system and its processes
4.4q1 The organization shall establish, implement, How has the QMS been established?
maintain and continually improve a quality Show me how this is implemented. How
management system, including the processes is it maintained and continually
needed and their interactions, in accordance improved? How have the processes
with the requirements of this International been determined and how do they
Standard. interact?
Page 2
4.4q2 The organization shall determine the How have the processes been
processes needed for the quality determined for the QMS?
management system and their application What are the inputs and outputs for
throughout the organization and shall those processes?
determine: What is the sequence and interaction of
a) the inputs required and the outputs the processes?
expected from these processes; What are the criteria, methods,
b) the sequence and interaction of measurement and related
these processes; performance indicators needed to
c) the criteria, methods, including operate and control those processes?
measurements and related performance What resources are needed and how
indicators needed to ensure the effective are these made available?
operation, and control of these processes; How are responsibilities and
d) the resources needed and ensure authorities assigned for those
their availability; processes?
e) the assignment of the responsibilities How are risks and opportunities
and authorities for these processes; considered and what plans are made to
f) the risks and opportunities in accordance implement actions to address them?
with the requirements of 6.1, and plan and What methods are used to monitor,
implement the appropriate actions to address measure and evaluate processes
them; and, if needed, what changes are
g) the methods for monitoring, measuring, as made to achieve intended results?
appropriate, and evaluation of processes and, How are opportunities to improve
if needed, the changes to processes to ensure the processes and the QMS
that they achieve intended results; determined?
h) opportunities for improvement of the
4.4q3 The organization shall maintain documented What documented information exists Documented information to support the operation
information to the extent necessary to support to support the operation of processes? of processes.
the operation of processes and retain How is this documented information
documented information to the extent retained? How is confidence that the
necessary to have confidence that the processes are being carried out as
processes are being carried out as planned. planned determined?
5 Leadership
5.1 Leadership and commitment
5.1.1 Leadership and commitment for the quality management system
5.1.1q Top management shall demonstrate Show me how top management
1 leadership and commitment with respect to demonstrates leadership and
the quality management system by: commitment
a) taking accountability of the effectiveness of w.r.t. the QMS by taking
the quality management system; accountability of the effectiveness of
b) ensuring that the quality policy and quality the QMS.
objectives are established for the quality How is the quality policy and objectives
management system and are compatible with established for the QMS and how are
the strategic direction and the context of the they compatible with the strategic
organization; direction and the organizational
c) ensuring that the quality policy is context?
communicated, understood and applied within How is the quality policy communicated
the organization; within the organization? Show me how
d) ensuring the integration of the quality this is understood and applied.
management system requirements into How are the requirements of the
the organization’s business processes; QMS integrated into the business
e) promoting awareness of the process processes? How do you promote
approach; awareness of the process approach?
f) ensuring that the resources needed for How do you ensure that resources
the quality management system are needed for the QMS area available?
available; How do you communicate the
g) communicating the importance of importance of effective quality
effective quality management and of management?
conforming to the quality management How do you communicate the
system requirements; importance of conforming to the QMS
h) ensuring that the quality management requirements? How do you ensure that
system achieves its intended results; the QMS achieves its intended results?
i) engaging, directing and supporting How do you engage, direct and support
persons to contribute to the effectiveness of people to contribute to the effectiveness
the quality management system; of the QMS?
j) promoting continual improvement; How do you promote
k) supporting other relevant management continual improvement?
NOTE Reference to “business” in this International Standard can be interpreted broadly to mean
those activities that are core to the purposes of the organization’s existence; whether the organization
is public, private, for profit or not for profit.
5.1.2 Customer focus

5.1.2q Top management shall demonstrate Show me how top management
1 leadership and commitment with respect to demonstrates leadership and
customer focus by ensuring that: commitment
a) customer requirements and applicable w.r.t. customer focus ensuring
statutory and regulatory requirements are requirements and applicable statutory
determined and met; and regulatory requirements are
b) the risks and opportunities that can affect determined and met.
conformity of products and services and the How are risks and opportunities that
ability to enhance customer satisfaction are can affect conformity of products and
determined and addressed; services determined?
c) the focus on consistently providing products
How is the ability to enhance customer
and services that meet customer and applicable
statutory and regulatory requirements is satisfaction determined and
maintained; addressed? How is the focus on
d) the focus on enhancing customer consistently providing products and
satisfaction is maintained. services that meet customer and
applicable statutory and regulatory
requirements maintained?
5.2 Quality policy
5.2.1
5.2.1q Top management shall establish, review How does top management establish,
1 and maintain a quality policy that: review and maintain a quality policy?
a) is appropriate to the purpose and context of How is it determined to be
the organization; appropriate to the purpose and
b) provides a framework for setting and context of the organization?
reviewing quality objectives; Does it provide a framework for setting
c) includes a commitment to satisfy and reviewing quality objectives?
applicable requirements; Does it contain a commitment to
d) includes a commitment to continual satisfy applicable requirements?
improvement of the quality management Does it include a commitment to
system. continual improvement of the QMS?
5.2.2
5.2.2q The quality policy shall: Where is the quality policy available as Quality Policy as document information
1 a) be available as documented information; documented information?
b) be communicated, understood and How is it communicated?
applied within the organization; Show me how it is understood and
c) be available to relevant interested applied within the organization.
parties, as appropriate. How have you made it available to
relevant interested parties?
5.3 Organizational roles, responsibility and authorities

5.3q1 Top management shall ensure that the How does top management ensure that
responsibilities and authorities for relevant responsibilities and authorities for
roles are assigned, communicated and relevant roles are assigned,
understood within the organization. communicated and understood within
the organization?
5.3q2 Top management shall assign the How does top management assign
responsibility and authority for: the responsibility and authority for:
a) ensuring that the quality management Ensuring that the QMS conforms to
system conforms to the requirements of this the International standard?
International Standard; Ensuring processes are delivering
b) ensuring that the processes are delivering their intended outputs?
their intended outputs; How is the performance of the QMS,
c) reporting on the performance of the opportunities for improvement and the
quality management system, on need for change or innovation
opportunities for improvement and on the reported to top management?
need for change or innovation, and How is customer focus promoted within
especially for reporting to top the organization?
management; How is the integrity of the QMS
d) ensuring the promotion of customer maintained when changes to the QMS
focus throughout the organization; are planned and implemented?
e) ensuring that the integrity of the quality
management system is maintained when
changes to the quality management system are
planned and implemented.
6 Planning for the quality management system
6.1 Actions to address risks and opportunities
6.1.1
6.1.1q When planning for the quality management How are the internal and external
1 system, the organization shall consider the issues and interested parties
issues referred to in 4.1 and the requirements considered when planning for the
referred to in 4.2 and determine the risks and QMS?
opportunities that How are risks and opportunities
need to be addressed to: determined and addressed so that the
a) give assurance that the quality QMS can::
management system can achieve its a) achieve its intended results;
intended result(s); b) Prevent or reduce undesired
b) prevent, or reduce, undesired effects; effects;
c) achieve continual improvement. c) Achieve continual improvement?
6.1.2
6.1.2q The organization shall plan: How are actions planned to address
1 a) actions to address these risks risks and opportunities?
and opportunities; How are actions integrated and
b) how to: implemented into the QMS
1) integrate and implement the actions into its processes? How do you evaluate the
quality management system processes (see effectiveness of the actions?
4.4);
2) evaluate the effectiveness of these actions.
6.1.2q Actions taken to address risks and How are actions taken to address risks
2 opportunities shall be proportionate to the and opportunities determined as being
potential impact on the conformity of appropriate to the potential impact on
products and services. the conformity of products and services?
6.2.2.1 Product design skills
6.2.2. The organization shall ensure that personnel How do you determine that personnel
1
1q product design responsibility are competent to product design responsibility are
achieve design requirements and are skilled in competent
to achieve design requirements? How do
applicable tools and techniques. you determine skills required in applicable
Applicable tools and techniques shall be tools and techniques? How do you
identified
by the organization. identify
applicable tools and techniques?
NOTE Options to address risks and opportunities can include: avoiding risk, taking risk in order to pursue
an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, or
retaining risk by informed decision.
6.2 Quality objectives and planning to achieve them

6.2.1
6.2.1q The organization shall establish quality Where are the quality objectives and Documented information on quality objectives
1 objectives at relevant functions, levels and are these at all relevant functions,
processes. levels and processes?
The quality objectives shall: Are they consistent with the quality
a) be consistent with the quality policy, policy? Are they measureable?
b) be measurable; Do they consider applicable
c) take into account applicable requirements; requirements? Are they relevant to the
d) be relevant to conformity of products conformity of products and services and
and services and the enhancement of do they enhance customer satisfaction?
customer satisfaction; Are they monitored? How? How
e) be monitored; often? How are they
f) be communicated; communicated?
g) be updated as appropriate. How are they updated?
The organization shall retain Where is the documented information
documented information on the quality on the quality objectives?
6.2.2
6.2.2q When planning how to achieve its quality How does the organization determine
1 objectives, the organization shall what will be done, with what resources,
determine: when completed and how will results be
a) what will be done; evaluated for quality objectives?
b) what resources will be required;
c) who will be responsible;
d) when it will be completed;
e) how the results will be evaluated.
6.3 Planning of changes
6.3q1 Where the organization determines the need How are changes to the QMS
for change to the quality management system planned systematically?
(see 4.4) the change shall be carried out in a Demonstrate the purpose and
planned and systematic manner. potential consequences of changes;
The organization shall consider: Demonstrate the integrity of the
a) the purpose of the change and any of QMS; Demonstrate how resources
its potential consequences; are made available?
b) the integrity of the quality management Demonstrate how responsibility
system; and authority is allocated or
c) the availability of resources; reallocated.
d) the allocation or reallocation of
responsibilities and authorities.
7 Support
7.1 Resources
7.1.1 General
7.1.1q The organization shall determine and provide Demonstrate how resources are
1 the resources needed for the establishment, determined for the establishment,
implementation, maintenance and continual implementation, maintenance and
improvement of the quality management continual improvement of the QMS.
system. The organization shall consider: Show me how the capabilities
a) the capabilities of, and constraints on, and constraints on internal
existing internal resources; resources are considered.
b) what needs to be obtained from Show me how needs from
external providers. external providers are
considered.
7.1.2 People
7.1.2q To ensure that the organization can How do you provide persons
1 consistently meet customer and applicable necessary to consistently meet
statutory and regulatory requirements, the customer, applicable statutory and
organization shall provide the persons regulatory requirements for the QMS
necessary for the effective operation of the including the necessary processes?
quality management system, including the
processes needed.
7.1.3 Infrastructure
7.1.3q The organization shall determine, provide and How do you determine, provide and
1 maintain the infrastructure for the operation of maintain the infrastructure for the
its processes to achieve conformity of operation of processes to achieve
products and services. products and service conformity?
NOTE 1 Any product realization change affecting customer requirements requires notification to,
and agreement from, the customer.
7.1.4 Environment for the operation of processes

7.1.4q The organization shall determine, provide How do you determine, provide and
1 and maintain the environment necessary maintain the environment for the
for the operation of its processes and to operation of processes to achieve
achieve conformity of products and products and service conformity?
services.
NOTE Environment for the operation of processes can include physical, social, psychological,
environmental and other factors (such as temperature, humidity, ergonomics and cleanliness).
7.1.5 Monitoring and measuring resources

7.1.5q Where monitoring or measuring is used for How are the resources determined for
1 evidence of conformity of products and ensuring valid and reliable monitoring
services to specified requirements the and measuring results, where used?
organization shall determine the resources
needed to ensure valid and reliable monitoring
and measuring results.
7.1.5q The organization shall ensure that the How do you ensure that resources
2 resources provided: provided are suitable for the specific
a) are suitable for the specific type of monitoring and measurement activities
monitoring and measurement activities being and are maintained to ensure continued
undertaken; fitness for purpose?
b) are maintained to ensure their continued
fitness for their purpose.
7.1.5q The organization shall retain appropriate Show me the documented Documented information of fitness for purpose of
3 documented information as evidence of fitness information which is evidence of monitoring
for purpose of monitoring and measurement fitness for purpose of monitoring and & measurement resources.
resources. measurement resources.
7.1.5q Where measurement traceability is: a statutory Where applicable, show me Documented information for the basis of calibration
4 or regulatory requirement; a customer or how measurement or verification where no standards exist.
relevant interested party expectation; or instruments are:
considered by the organization to be an Verified or calibrated at specified
essential part of providing confidence in the intervals against national or
validity of measurement results; measuring international measurement standards;
instruments shall be: If there are no standards, show me the
-verified or calibrated at specified intervals or documented information which is used
prior to use against measurement standards as the basis used for calibration or
traceable to international or national verification. Show me how measurement
measurement standards. Where no such instruments are identified to determine
standards exist, the basis used for calibration their calibration status.
or verification shall be retained as documented Show me how they are safeguarded
information; from adjustments.
-identified in order to determine their Show me how they are safeguarded
calibration status; from damage and deterioration.
-safeguarded from adjustments, damage or
deterioration that would invalidate the
7.1.5q The organization shall determine if the validity How do you determine the validity
5 of previous measurement results has been of previous measurements if you
adversely affected when an instrument is found find an instrument to be defective
to be defective during its planned verification or during verification or calibration?
calibration, or during its use, and take What appropriate actions can you take?
appropriate corrective action as necessary.
7.1.6 Organizational knowledge

7.1.6q The organization shall determine the knowledge How do you determine necessary
1 necessary for the operation of its processes knowledge for the operation of
and to achieve conformity of products and processes? How do you determine
services. necessary knowledge to achieve
conformity of products and services?
7.1.6q This knowledge shall be maintained, and How do you maintain this knowledge
2 made available to the extent necessary. and how do you make it available to
the extent necessary?
7.1.6q When addressing changing needs and trends, How do you consider current
3 the organization shall consider its current knowledge and how do you acquire
knowledge and determine how to acquire or additional knowledge when
access the necessary additional knowledge. addressing changing needs and
trends?
Page 10
NOTE 1 Organizational knowledge can include information such as intellectual property and
lessons learned.
NOTE 2 To obtain the knowledge required, the organization can consider:
a) internal sources (e.g. learning from failures and successful projects, capturing undocumented
knowledge and experience of topical experts within the organization);
b) external sources (e.g. standards, academia, conferences, gathering knowledge with
customers or providers).
7.2 Competence
7..2q1 The organization shall: Show me how: Documented information as evidence of competence
a) determine the necessary competence of You determine the necessary where appropriate.
person(s) doing work under its control that competence of people doing work
affects its quality performance; under your control that affects quality
b) ensure that these persons are competent on performance;
the basis of appropriate education, training, or How do you determine competence on
experience; the basis of appropriate education,
c) where applicable, take actions to acquire training or experience?
the necessary competence, and evaluate How do you take actions to acquire
the effectiveness of the actions taken; necessary competence where
d) retain appropriate documented information applicable and how do you evaluate the
as evidence of competence. effectiveness of those actions?
Show me documented information
where appropriate of competence.
NOTE Applicable actions can include, for example, the provision of training to, the mentoring of, or the
re- assignment of currently employed persons; or the hiring or contracting of competent persons.
7.3 Awareness
7.3q1 Persons doing work under the How are people aware
organization’s control shall be aware of: of: The quality policy?
a) the quality policy; Relevant quality objectives?
b) relevant quality objectives; Their contribution to the effectiveness
c) their contribution to the effectiveness of the of the QMS?
The benefits of improved performance?
quality management system, including the The implications of not conforming with
benefits of improved quality performance; the QMS requirements?
d) the implications of not conforming with
the quality management system
requirements.
7.4 Communication
Page 11
7.4q1 The organization shall determine the internal How do you determine internal and
and external communications relevant to the external communications relevant to
quality management system including: the QMS?
a) on what it will communicate; How do you
b) when to communicate; determine: What?
When?
c) with whom to communicate; With
d) how to communicate. Whom?
How?
7.5 Documented information
7.5.1 General
7.5.1q The organization’s quality management What documented information do Documented information required by this standard.
1 system shall include: you have as required by this Documented information necessary for the effectiveness
a) documented information required by standard? of the QMS.
this International Standard; What documented information do
b) documented information determined by the you have as being necessary for the
organization as being necessary for the effectiveness of your QMS?
effectiveness of the quality management
system.
NOTE The extent of documented information for a quality management system can differ from
one organization to another due to:
a) the size of organization and its type of activities, processes, products and services;
b) the complexity of processes and their interactions;
c) the competence of persons.
7.5.2 Creating and updating

7.5.2q When creating and updating Show me that your Documented information (in various media)
1 documented information the documented information needs identification, description.
organization shall ensure appropriate: contains: Identification; Review / approval process?
a) identification and description (e.g. a title, Description;
date, author, or reference number); In what media format?
b) format (e.g. language, software Show me how the documented
version, graphics) and media (e.g. paper, information is reviewed and approved for
electronic); suitability and adequacy.
c) review and approval for suitability
and adequacy.
7.5.3 Control of documented information
7.5.3.1
7.5.3. Documented information required by the quality Show me how you control documented Control of documented information.
1
1q management system and by this information. Suitability and availability for
International Standard shall be controlled Show me how you make it available use. How is it protected?
to ensure: and suitable for use.
a) it isitavailable
when and suitable for use, where and
is needed; How do you protect your documented
b) it is adequately protected (e.g. from loss of information?
confidentiality, improper use, or loss of integrity).
7.5.3.2
7.5.3. For the control of documented information, the When controlling documented Control of documented information.
1
2q organization shall address the how do you
information, Change control, distribution, access, retrieval, use,
following activities, as applicable: address: storage, preservation, legibility, retention and disposition.
a) distribution, access, retrieval and use; Distribution;
b) storage and preservation, including Access;
Retrieval;
preservation of legibility; Use;
c) control of changes (e.g. version control); Storage and preservation;
d) retention and disposition. Legibility;
Control of changes;
Retention and disposition.
7.5.3. Documented information of external origin How do you identify as appropriate and Control of external documented information.
2
2q determined by the organization to be necessary control documented information of
for the planning and operation of the quality external origin which you have
management system shall be identified as determined
as necessary for the QMS
appropriate, and controlled.
NOTE Access can imply a decision regarding the permission to view the documented information only, or
the permission and authority to view and change the documented information.
8 Operation
8.1 Operational planning and control
8.1q1 The organization shall plan, implement and How are processes needed to meet Documented information to show processes have been
control the processes, as outlined in 4.4, requirements for provision of products carried out as planned and can demonstrate conformity
needed to meet requirements for the provision and services planned, implemented of products and services.
of products and services and to implement the and controlled?
actions determined in 6.1, by: How are requirements for products
a) determining requirements for the product and services determined?
and services; How is criteria for processes and
b) establishing criteria for the processes and acceptance for products and
for the acceptance of products and services; services determined?
c) determining the resources needed to How are resources determined?
achieve conformity to product and service How is process control implemented?
requirements; Show me the documented information
d) implementing control of the that shows confidence in that the
processes in accordance with the processes have been carried out as
criteria; planned and can demonstrate
e) retaining documented information to the conformity of products and services.
extent necessary to have confidence that the
processes have been carried out as planned
and to demonstrate conformity of products
8.1q2 The output of this planning shall be suitable for How have you determined that the
the organization's operations. output from the planning process is
suitable for your operations?
8.1q3 The organization shall control planned How do you control planned changes?
changes and review the consequences of How do you review the consequences of
unintended changes, taking action to unintended changes? What action is
mitigate any adverse effects, as necessary. taken to mitigate any adverse effects?
8.1q4 The organization shall ensure that How do you control outsourced
outsourced processes are controlled in processes?
accordance with 8.4.
8.2 Determination of requirements for products and services
8.2.1 Customer communication
8.2.1q The organization shall establish the processes What are your processes for
1 for communicating with customers in relation communicating with customers? How
to: do you communicate information
a) information relating to products and services; relating to: Products;
b) enquiries, contracts or order handling, Services;
including changes; Enquiries;
c) obtaining customer views and Contracts;
perceptions, including customer Order
complaints; handling;
d) the handling or treatment of customer Customer views, perceptions
property, if applicable; and complaints;
e) specific requirements for contingency Handling or treatment of
actions, when relevant. customer property;
Specific requirements for
contingency actions?
8.2.2 Determination of requirements related to products and services
8.2.2q The organization shall establish, implement What is your process to determine the
1 and maintain a process to determine the requirements for products and services
requirements for the products and services to to be offered to potential customers?
be offered to potential customers. How do you establish, implement and
maintain this process?
8.2.2q The organization shall ensure that: How do you define product and
2 a) product and service requirements (including service requirements including
those considered necessary by the statutory and regulatory
organization), and applicable statutory and requirements?
regulatory requirements, are defined; How do you ensure that you have
b) it has the ability to meet the defined the ability to meet the defined
requirements and substantiate the claims for requirements and substantiate any
the products and services it offers. claims for your products and
services?
8.2.3 Review of requirements related to products and services
8.2.3q The organization shall review, as applicable: How do you review:
1 a) requirements specified by the customer, Customer requirements for delivery
including the requirements for delivery and and post-delivery?
post- delivery activities; Requirements necessary for
b) requirements not stated by the customer, but customers’ specified or intended use,
necessary for the customers' specified or where known; Additional statutory
intended use, when known; and regulatory requirements
c) additional statutory and regulatory applicable to products and services;
requirements applicable to the products and Any other contract or order requirements.
services;
d) contract or order requirements differing
from those previously expressed.
NOTE Requirements can also include those arising from relevant interested parties.
8.2.3q This review shall be conducted prior to the Show me that the review is conducted
2 organization’s commitment to supply products prior to your commitment to supply
and services to the customer and shall ensure products and services to your
contract or order requirements differing from customers. How do you resolve contract
those previously defined are resolved. or order requirements which differ from
those previously defined?
8.2.3q Where the customer does not provide a How do you confirm customer
3 documented statement of their requirements, requirements where the customer does
the customer requirements shall be confirmed not provide a documented statement?
by the organization before acceptance.
8.2.3q Documented information describing the Show me where you retain Documented information of reviews describing new
4 results of the review, including any new or documented information which or changed requirements to products and services.
changed requirements for the products and describes results of the review including
services, shall be retained. any new or changed requirements.
8.2.3q Where requirements for products and services Show me the documented Documented information of amended reviews and
5 are changed, the organization shall ensure that information containing changes to how relevant personnel are made aware of those
relevant documented information is amended products and services. How do you changes.
and that relevant personnel are made aware of ensure that relevant personnel are
the changed requirements. made aware of those changes?
8.3 Design and development of products and services

8.3.1 General
8.3.1q Where the detailed requirements of the How do you establish, implement and
1 organization’s products and services are not maintain a design and development
already established or not defined by the process (where detailed requirements
customer or by other interested parties, such of your products and services are not
that they are adequate for subsequent already established or defined by the
production or service provision, the organization customer or other parties).
shall establish, implement and maintain a
design and development process.
NOTE 1 The organization can also apply the requirements given in 8.5 to the development of processes
for production and services provision.
NOTE 2 For services, design and development planning can address the whole service delivery
process. The organization can therefore choose to consider the requirements of clauses 8.3 and 8.5
together.
8.3.2 Design and development planning
8.3.2q In determining the stages and controls for When determining the stages and Documented information that confirms
1 design and development, the organization control for design and development, design & development requirements have
shall consider: show me how you consider: been met.
a) the nature, duration and complexity of The nature, duration and complexity of
the design and development activities; the activities;
b) requirements that specify particular Requirements that specify
process stages, including applicable design particular process stages
and development reviews; including applicable reviews;
c) the required design and Required verification and
development verification and validation; Responsibilities and
validation; authorities;
d) the responsibilities and authorities How interfaces are controlled
involved in the design and development between individuals and parties;
process; The need for involvement of customer
e) the need to control interfaces between and user groups.
individuals and parties involved in the design Show me documented information
and development process; that confirms design and development
f) the need for involvement of customer and requirements have been met.
user groups in the design and development
process;
g) the necessary documented
information to confirm that design and
development requirements have been
met.
8.3.3 Design and development inputs

8.3.3q The organization shall determine: Can you show me how you determine:
1 a) requirements essential for the specific type Requirements essential for the type of
of products and services being designed and products and services being designed
developed, including, as applicable, functional and developed, including as applicable:
and performance requirements; Functional & performance requirements;
b) applicable statutory and Statutory and regulatory requirements;
regulatory requirements; Standards or codes of practice where
c) standards or codes of practice that there is a commitment to implement;
the organization has committed to Internal and external resources needed
implement; for the design and development of
d) internal and external resource needs for the products and services;
design and development of products and Potential consequences of failure;
services; Level of control expected of the design
e) the potential consequences of failure due to and development process by customers
the nature of the products and services; and other relevant parties.
f) the level of control expected of the design
and development process by customers and
8.3.3q Inputs shall be adequate for design and How do you determine that inputs are
2 development purposes, complete, and adequate, complete and unambiguous
unambiguous. Conflicts among inputs shall for design and development? How do
be resolved. you resolve conflicts among inputs?
8.3.4 Design and development controls

8.3.4q The controls applied to the design How do controls that are applied to the
1 and development process shall design and development process
ensure that: ensure: Results achieved by design
a) the results to be achieved by the design and development activities are clearly
and development activities are clearly defined? Design and development
defined; reviews are conducted as planned?
b) design and development reviews are Outputs meet the input requirements
conducted as planned; by verification/
c) verification is conducted to ensure that Validation is conducted to ensure that
the design and development outputs have the resulting products and services are
met the design and development input capable of meeting the requirements for
requirements; the specified application or intended use
d) validation is conducted to ensure that (when known)?
the resulting products and services are
8.3.5 Design and development outputs
8.3.5q The organization shall ensure that design How do you ensure that design
1 and development outputs: and development outputs:
a) meet the input requirements for design Meet the input requirements for design
and development; and development?
b) are adequate for the subsequent processes Are adequate for the subsequent
for the provision of products and services; processes for the provision of products
c) include or reference monitoring and and services?
measuring requirements, and acceptance Include or reference monitoring and
criteria, as applicable; measuring requirements, and
d) ensure products to be produced, or services acceptance criteria, as applicable?
to be provided, are fit for intended purpose and Ensure products to be produced, or
their safe and proper use. services to be provided, are fit for
intended purpose and their safe and
proper use?
8.3.5q The organization shall retain the Show me the documented Documented information from the design and
2 documented information resulting from the information which results from the development process.
design and development process. design and development process.
8.3.6 Design and development changes

8.3.6q The organization shall review, control and How do you review, control and identify
1 identify changes made to design inputs and changes made to the design inputs and
design outputs during the design and outputs during design and
development of products and services or development of products and services
subsequently, to the extent that there is no ensuring no impact on conformity to
adverse impact on conformity to requirements. requirements?
8.3.6q Documented information on design Show me the documented information Documented information for design and
2 and development changes shall be for design and development changes. development changes.
retained.
8.4 Control of externally provided products and services
8.4.1 General
8.4.1q The organization shall ensure that How do you ensure externally provided
1 externally provided processes, products, processes, products and services
and services conform to specified conform to specified requirements?
requirements.
8.4.1q The organization shall apply the specified Show me how you apply specified
2 requirements for the control of externally requirements for the control of
provided products and services when: externally provided products and
a) products and services are provided by services when: Products and services
external providers for incorporation into the are provided by external providers for
organization’s own products and services; incorporation into your own products
b) products and services are provided directly and services;
to the customer(s) by external providers on You provide products and services
behalf of the organization; directly to customers by external
c) a process or part of a process is provided by providers on your behalf;
an external provider as a result of a decision by A process or part-process is provided by
the organization to outsource a process or an external provider as a result of a
function. decision to outsource a process or
8.4.1q The organization shall establish and apply Show me how you establish and apply
3 criteria for the evaluation, selection, monitoring criteria for evaluation, selection,
of performance and re-evaluation of external monitoring of performance and re-
providers based on their ability to provide evaluation of external providers. How do
processes or products and services in you assess their ability to provide
accordance with specified requirements. processes or products and services in
accordance with specified
requirements?
8.4.1q The organization shall retain appropriate What documented information do Documented information of external providers’
4 documented information of the results of the you have of the results of performance.
evaluations, monitoring of the performance and evaluations, monitoring of
re- evaluations of the external providers. performance and re- evaluations of
external providers?
8.4.2 Type and extent of control of external provision

8.4.2q In determining the type and extent of controls How do you determine the controls
1 to be applied to the external provision of applied to the external provision of
processes, products and services, the processes, products and services and
organization shall take into consideration: take into consideration:
a) the potential impact of the externally a) The potential impact of the externally
provided processes, products and services on provided processes, products and
the organization’s ability to consistently meet services on the ability to consistently
customer and applicable statutory and meet customer and applicable statutory
regulatory requirements; and regulatory requirements?
b) the perceived effectiveness of the b) The perceived effectiveness of the
controls applied by the external provider. controls applied by the external
provider?
8.4.2q The organization shall establish and implement What verification or other activities do
2 verification or other activities necessary to you have to ensure externally provided
ensure the externally provided processes, processes, products and services do not
products and services do not adversely affect adversely affect your ability to
the organization's ability to consistently deliver consistently deliver conforming products
conforming products and services to its and services to your customers?
customers.
8.4.2q Processes or functions of the organization When processes or functions have
3 which have been outsourced to an external been outsourced to external providers,
provider remain within the scope of the how do you consider a) and b) in 8.4.1
organization’s quality management system; and how do you define the controls
accordingly, the organization shall consider a) intended to be applied to the external
and b) above and define both the controls it provider and to the resulting process
intends to apply to the external provider and output?
those it intends to apply to the resulting
process output.
Page 20
8.4.3 Information for external providers
8.4.3q The organization shall communicate to Show me how you communicate to
1 external providers applicable requirements external providers, applicable
for the following: requirements for:
a) the products and services to be provided or Products and services to be provided or
the processes to be performed on behalf of the the processes to be performed on behalf
organization; of the organization;
b) approval or release of products and Approval or release of products
services, methods, processes or equipment; and services, methods,
c) competence of personnel, including processes or equipment;
necessary qualification; Competence of personnel,
d) their interactions with the organization's including necessary qualification;
quality management system; Their interactions with the
e) the control and monitoring of the organization's quality management
external provider’s performance to be system;
applied by the organization; The control and monitoring of the
f) verification activities that the organization, or external provider’s performance to be
its customer, intends to perform at the external applied by the organization;
provider’s premises. Verification activities that the
organization, or its customer, intends to
perform at the external provider’s
8.4.3q The organization shall ensure the Before you communicate with
2 adequacy of specified requirements prior to external providers, how do you
their communication to the external ensure the adequacy of specified
provider. requirements?
8.5 Production and service provision

8.5.1 Control of production and service provision
8.5.1q The organization shall implement controlled What controlled conditions do you have
1 conditions for production and service for production and service provision,
provision, including delivery and post- including delivery and post-delivery
delivery activities. activities?
Page 21
8.5.1q Controlled conditions shall include, as Can you show me controlled conditions Documented information defining characteristics of
2 applicable: for: the products and services
a) the availability of documented information a) the availability of documented
that defines the characteristics of the products information defining the
and services; characteristics of the products and
b) the availability of documented information services;
that defines the activities to be performed and b) the availability of documented
the results to be achieved; information defining the activities to
c) monitoring and measurement activities at be performed and the results to be
appropriate stages to verify that criteria for achieved;
control of processes and process outputs, and c) monitoring and measurement
acceptance criteria for products and services, activities at appropriate stages to verify
have been met. that criteria for control of processes
d) the use, and control of suitable and process outputs, and acceptance
infrastructure and process environment; criteria for products and services, have
e) the availability and use of suitable been met.
monitoring and measuring resources; d) the use, and control of suitable
f) the competence and, where applicable, infrastructure and process
required qualification of persons; environment;
g) the validation, and periodic revalidation, of e) the availability and use of
the ability to achieve planned results of any suitable monitoring and measuring
process for production and service provision resources;
where the resulting output cannot be verified f) the competence and, where
by subsequent monitoring or measurement; applicable, required qualification of
h) the implementation of products and persons;
services release, delivery and post-delivery g) the validation, and periodic
activities. revalidation, of the ability to achieve
planned results of any process for
8.5.2 Identification and traceability
8.5.2q Where necessary to ensure conformity of What means do you use to identify
1 products and services, the organization shall process outputs to ensure conformity of
use suitable means to identify process outputs. products and services?
8.5.2q The organization shall identify the status of How do you identify the status of
2 process outputs with respect to monitoring and process outputs?
measurement requirements throughout
production and service provision.
8.5.2q Where traceability is a requirement, the How do you control the unique Documented information of traceability, where required.
3 organization shall control the unique identification of process outputs,
identification of the process outputs, and retain where applicable? What
any documented information necessary to documented information do you
maintain traceability. retain?
NOTE Process outputs are the results of any activities which are ready for delivery to the
organization’s customer or to an internal customer (e.g. receiver of the inputs to the next process);
they can include products, services, intermediate parts, components, etc.
8.5.3 Property belonging to customers or external providers

8.5.3q The organization shall exercise care with What care do you provide for customer
1 property belonging to the customer or external or external provider’s property while
providers while it is under the organization's under your control?
control or being used by the organization. The How do you identify, verify, protect and
organization shall identify, verify, protect and safeguard that property which is
safeguard the customer’s or external provider’s provided for use or incorporation into
property provided for use or incorporation into your products or services?
the products and services.
8.5.3q When property of the customer or external What means do you use to report to the
2 provider is incorrectly used, lost, damaged customer or external provider if their
or otherwise found to be unsuitable for use, property is incorrectly used, lost,
the organization shall report this to the damaged or found to be unsuitable for
customer or external provider. use?
NOTE Customer property can include material, components, tools and equipment, customer
premises, intellectual property and personal data.
8.5.4 Preservation
8.5.4q The organization shall ensure preservation of How do you ensure preservation of
1 process outputs during production and service outputs
process during production and service
provision, to the extent necessary to maintain provision to maintain conformity to
conformity to requirements. product
requirements?
NOTE Preservation can include identification, handling, packaging, storage, transmission or
transportation, and protection.
8.5.5 Post-delivery activities

8.5.5q As applicable, the organization shall meet How do you meet requirements for
1 requirements for post-delivery activities post- delivery activities associated with
associated with the products and services. products and services?
8.5.5q In determining the extent of post-delivery How do you
2 activities that are required, the organization determine: Risk;
shall consider: Nature, use and intended
a) the risks associated with the products lifetime; Customer feedback;
and services; Statutory and Regulatory
b) the nature, use and intended lifetime of requirements, when determining the
the products and services; extent of post- delivery activities
c) customer feedback; required with products and services?
d) statutory and regulatory requirements.
NOTE Post-delivery activities can include actions under warranty provisions, contractual obligations such
as maintenance services, and supplementary services such as recycling or final disposal.
8.5.6 Control of changes

8.5.6q The organization shall review and control How do you review and control
1 unplanned changes essential for production unplanned changes to ensure
or service provision to the extent necessary continuing conformity with specified
to ensure continuing conformity with requirements?
specified requirements.
8.5.6q The organization shall retain documented What documented information can Documented information describing results of review
2 information describing the results of the you show me which describes the of changes, personnel and actions.
review of changes, the personnel authorizing results of reviews of changes, the
the change, and any necessary actions. personnel authorizing change and any
necessary actions?
8.6 Release of products and services

8.6q1 The organization shall implement the planned Show me how planned arrangement
arrangements at appropriate stages to verify have been implemented at appropriate
that product and service requirements have stages to verify product and service
been met. Evidence of conformity with the requirements have been met. Show me
acceptance criteria shall be retained. what evidence you retain.
8.6q2 The release of products and services to the Show me how the release of products Documented information providing traceability,
customer shall not proceed until the planned and services is held until planned authorizing release of products and services.
arrangements for verification of conformity arrangements for verification of
have been satisfactorily completed, unless conformity have been satisfactorily
otherwise approved by a relevant authority completed, unless approved by a
and, as applicable, by the customer. relevant authority, or the customer if
Documented information shall provide applicable. Show me documented
traceability to the person(s) authorizing information which shows traceability to
release of products and services for delivery the person authorizing release of
to the customer. products and services.
8.7 Control of non-conforming process outputs, products and services
8.7q1 The organization shall ensure process How do you identify and control
outputs, products and services that do not process outputs, products and services
conform to requirements are identified and that do not conform to requirements
controlled to prevent their unintended use or and prevent their unintended use or
delivery. delivery?
8.7q2 The organization shall take appropriate What appropriate corrective actions are
corrective action based on the nature of the taken based on the nature of the
nonconformity and its impact on the conformity nonconformity and its impact on the
of products and services. This applies also to conformity of products and services?
nonconforming products and services detected How do you apply this to nonconformity
after delivery of the products or during the detected after delivery?
provision of the service.
8.7q3 As applicable, the organization shall deal How you deal with nonconforming
with nonconforming process outputs, process outputs, products and services
products and services in one or more of in terms of: Correction;
the following ways: Segregation, containment, return or
a) correction; suspension of provision of products
b) segregation, containment, return or and services?
suspension of provision of products and Informing the customer?
services; Obtaining authorization for use as-is?
c) informing the customer; Release, continuation or re-provision of
d) obtaining authorization for:
the products and service?
- use “as-is’;
Acceptance under concession?
- release, continuation or re-provision of
the products and services;
8.7q4 Where nonconforming process outputs, How do you verify conformance where
products and services are corrected, process outputs, products and services
conformity to the requirements shall be are corrected following
verified. nonconformance?
8.7q5 The organization shall retain documented What documented information do you Documented information for actions taken following
information of actions taken on nonconforming keep following actions taken to address nonconformance, including concessions and
process outputs, products and services, nonconformities, including any authority granted.
including on any concessions obtained and on concessions obtained and on the person
the person or authority that made the decision or authority that made the decision
regarding dealing with the nonconformity. regarding dealing with the
nonconformance.
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.1.1 General
9.1.1q The organization shall determine: Show me how you determine:

1 a) what needs to be monitored and measured; What needs to be monitored
b) the methods for monitoring, measurement, and measured?
analysis and evaluation, as applicable, to Methods for monitoring,
ensure valid results; measurement, analysis and
c) when the monitoring and measuring shall evaluation to ensure valid results?
be performed; When to perform monitoring
d) when the results from monitoring and and measuring?
measurement shall be analysed and When results shall be analysed
evaluated. and evaluated?
9.1.1q The organization shall ensure that monitoring What documented information can you Documented information of monitoring and
2 and measurement activities are implemented in show me that monitoring and measurement activities in accordance with determined
accordance with the determined requirements measurement activities have been requirements.
and shall retain appropriate documented implemented in accordance with
information as determined requirements?
evidence of the results.
9.1.1q The organization shall evaluate the quality Show me how you evaluate the
3 performance and the effectiveness of the quality performance and the
quality management system. effectiveness of the QMS.
9.1.2 Customer satisfaction

9.1.2q The organization shall monitor customer How do you monitor customer
1 perceptions of the degree to which perception of the degree to which
requirements have been met. requirements have been met?
9.1.2q The organization shall obtain information How do you obtain information
2 relating to customer views and opinions of the relating to customer views and
organization and its products and services. opinions of your products and
services?
9.1.2q The methods for obtaining and using What methods for obtaining and using
3 this information shall be determined. this information do you have?
NOTE Information related to customer views can include customer satisfaction or opinion surveys,
customer data on delivered products or services quality, market-share analysis, compliments, warranty
claims and dealer reports.
9.1.3 Analysis and evaluation

9.1.3q The organization shall analyse and So me how you analyse and evaluate
1 evaluate appropriate data and information data and information arising from
arising from monitoring, measurement and monitoring, measurement and other
other sources. sources.
9.1.3q The output of analysis and evaluation shall Show me how the output of analysis
2 be used to: and evaluation is used to:
a) demonstrate conformity of products Demonstrate conformity of products
and services to requirements; and services to requirements?
b) assess and enhance customer satisfaction; Assess and enhance
c) ensure conformity and effectiveness of customer satisfaction?
the quality management system; Ensure conformity and effectiveness of
d) demonstrate that planning has the QMS?
been successfully implemented; Demonstrate that planning has
e) assess the performance of processes; been successfully implemented?
f) assess the performance of external Assess process performance?
provider(s); Assess performance of external
g) determine the need or opportunities for providers? Determine the need or
improvements within the quality opportunities for improvements within
management system. the QMS?
9.1.3q The results of analysis and evaluation shall Show me where the results of analysis
3 also be used to provide inputs to management and evaluation are used to provide
review. inputs to management review.
9.2 Internal audit

9.2.1
9.2.1q The organization shall conduct internal Are internal audits being conducted at
1 audits at planned intervals to provide planned intervals? Do they determine
information on whether the quality whether the QMS conforms to the
management system; requirements of ISO 9001 and to the
a) conforms to: other requirements established by
1) the organization’s own Organization? (Review records to
requirements for its quality demonstrate conformance)
management system; Do they determine whether the QMS
2) the requirements of this is effectively implemented and
International Standard; maintained? (Review records)
b) is effectively implemented and maintained.
9.2.2
9.2.2q The organization shall: Can you show me audit programme(s) Documented information of the audit programme and
1 a) plan, establish, implement and maintain an that takes into consideration the quality results
audit programme(s) including the frequency, objectives, importance of the processes,
methods, responsibilities, planning customer feedback, changes impacting
requirements and reporting, which shall take the organization and the results of
into consideration the quality objectives, the previous audits?
importance of the processes concerned, Where are the audit criteria and scope
customer feedback, changes for each audit?
impacting on the organization, and the Can you demonstrate that selection
results of previous audits; of auditors and the conduct of audits
b) define the audit criteria and scope for are objective and impartial and that
each audit; auditors don’t audit their own work?
c) select auditors and conduct audits to ensure How are audit results reported to
objectivity and the impartiality of the audit relevant management?
process; Can you demonstrate that necessary
d) ensure that the results of the audits correction and corrective actions are
are reported to relevant management; taken without undue delay?
e) take necessary correction and Can you show me documented
corrective actions without undue delay; information of the audit programme
f) retain documented information as and the audit results?
evidence of the implementation of the audit
programme and the audit results.
NOTE See ISO 19011 for guidance.
9.3 Management Review

9.3.1
9.3.1q Top management shall review the What is the frequency that top
1 organization's quality management system, at management reviews the
planned intervals, to ensure its continuing organization's QMS? How is the QMS
suitability, adequacy, and effectiveness. deemed suitable, adequate and
effective?
9.3.1q The management review shall be planned What kinds of information are reviewed
2 and carried out taking into consideration: in management reviews? These must
a) the status of actions from include: actions status of previous
previous management reviews; reviews; changes to internal/external
b) changes in external and internal issues that issues relevant to the QMS;
are relevant to the quality management system issues that affect strategy;
including its strategic direction; KPIs for nonconformities and
c) information on the quality corrective actions;
performance, including trends and monitor and measurement of
indicators for: results; audit results;
1) nonconformities and corrective actions; customer satisfaction;
2) monitoring and measurement results; issues concerning external providers;
3) audit results; issues concerning other relevant parties;
4) customer satisfaction; adequacy of resources and effectiveness
5) issues concerning external providers and of QMS;
other relevant interested parties; process performance;
6) adequacy of resources required for conformity of products and services;
maintaining an effective quality management actions taken to address risks and
system; opportunities and their effectiveness;
7) process performance and new potential opportunities for
conformity of products and services; continual improvement.
d) the effectiveness of actions taken to
address risks and opportunities (see clause
6.1);
9.3.2
9.3.2q The outputs of the management review Show me that management reviews
1 shall include decisions and actions include decisions and actions relating
related to: to: Continual improvement
a) continual improvement opportunities; opportunities;
b) any need for changes to the quality The need for changes to the QMS
management system, including resource including resource needs.
9.3.2q The organization shall retain Show me what documented Documented information of management reviews.
2 documented information as evidence information you have as evidence of
of the results of management reviews. management reviews.
10 Improvement
10.1 General
10.1q The organization shall determine and select How do you determine and select
1 opportunities for improvement and implement opportunities for improvement? What
necessary actions to meet customer necessary actions have you
requirements and enhance customer implemented so that you have met
satisfaction. customer requirements and enhanced
customer satisfaction?
10.1q This shall include, as appropriate: Show me how you have:
2 a) improving processes to Improved processes to
prevent nonconformities; prevent nonconformities;
b) improving products and services to meet Improved products and services to
known and predicted requirements; meet known and predicted
c) improving quality management system results. requirements; Improved QMS results.
NOTE Improvement can be effected reactively (e.g. corrective action), incrementally (e.g. continual
improvement), by step change (e.g. breakthrough), creatively (e.g. innovation) or by re-organization
(e.g. transformation).
10.2 Nonconformity and corrective action

10.2.1
10.2.1 When a nonconformity occurs, including those When nonconformities occur, show me
1
q arising from complaints, the organization shall: how;
a) react to the nonconformity, and as applicable: You react;
1) take action to control and correct it; Take action to control and correct it;
2) deal with the consequences; Deal with the consequences;
b) evaluate the need for action to eliminate the Evaluate the need for action to eliminate
cause(s) of the nonconformity, in order that it the cause so that it does not recur or
not recur or occur elsewhere, by: elsewhere by:
1) reviewing the nonconformity; Reviewing the nonconformity;
2) determining the causes of the nonconformity; Determining the cause of the
3) determining if similar nonconformities exist, or nonconformity;
could potentially occur; Determining if similar nonconformities
c) implement any action needed; or could potentially occur;
d) review the effectiveness of any corrective Actions needed are implemented;
taken; Review the effectiveness of corrective
e) make changes to the quality management actions taken, if any;
system, if necessary. Make necessary changes to the QMS.
10.2.1 Corrective actions shall be appropriate to the Show me how correction actions were
2
q effects of the nonconformities encountered. appropriate to the effects of the
nonconformities encountered.
NOTE 1 In some instances, it can be impossible to eliminate the cause of a
nonconformity. NOTE 2 Corrective action can reduce the likelihood of recurrence to an
acceptable level.
10.2.2
10.2.2 The organization shall retain What documented information can Documented information of the nature of
q documented information as evidence you show me as evidence of: nonconformities, subsequent actions and results of
1 of: The nature of the nonconformities and
subsequent actions taken; subsequent actions taken; corrective action.
b) the results of any corrective action. The results of any corrective action.
10.3 Continual improvement

10.3q The organization shall continually improve Demonstrate that you continually
1 the suitability, adequacy, and effectiveness improve the suitability, adequacy and
of the quality management system. effectiveness of the QMS.
10.3q The organization shall consider the outputs of Demonstrate that outputs of analysis
2 analysis and evaluation, and the outputs from and evaluation and the outputs from
management review, to confirm if there are management review are considered to
areas of underperformance or opportunities confirm if there are areas of
that shall be addressed as part of continual underperformance or opportunities
improvement. that shall be addressed as part of
continual improvement.
10.3q Where applicable, the organization shall select What applicable tools and
3 and utilise applicable tools and methodologies methodologies for investigation of the
for investigation of the causes of causes of underperformance and to
underperformance and for supporting support continual improvement are
continual improvement. selected?
ISO 9001:2008 to ISO/DIS 9001

Correlation Matrix
ISO 9001:2008 ISO/DIS 9001

4 Quality management system 4 Quality management system
4.1 General requirements 4.4 Quality management system and its processes
4.2 Documentation requirements 7.5 Documented information
4.2.1 General 7.5.1 General
4.2.2 Quality manual 4.3 Determining the scope of the
quality management system
7.5.1 General
4.4 Quality management system and its processes
4.2.3 Control of documents 7.5.2 Creating and updating
7.5.3 Control of documented Information
4.2.4 Control of records 7.5.2 Creating and updating
7.5.3 Control of documented Information
5 Management responsibility 5 Leadership
5.1 Management commitment 5.1 Leadership and commitment
5.1.1 Leadership and commitment for the

5.2 Customer focus 5.1.2 Customer focus
5.3 Quality policy 5.2 Quality policy
5.4 Planning 6 Planning for the quality management system
5.4.1 Quality objectives 6.2 Quality objectives and planning to achieve them
Page 30
5.4.2 Quality management system planning 6 Planning for the quality management system
6.3 Planning of changes
5.5 Responsibility, authority and communication 5 Leadership
5.5.1 Responsibility and authority 5.3 Organizational roles, responsibilities
and authorities
5.5.2 Management representative Title removed
5.3 Organizational roles, responsibilities
and authorities
5.5.3 Internal communication 7.4 Communication
5.6 Management review 9.3 Management review
5.6.1 General 9.3.1 Management review
5.6.2 Review input 9.3.1 Management review
5.6.3 Review output 9.3.2 Management review
6 Resource management 7.1 Resources
6.1 Provision of resources 7.1.1 General
7.1.2 People
6.2 Human resources Title removed
7.2 Competence
6.2.1 General 7.2 Competence
6.2.2 Competence, training and awareness 7.2 Competence
7.3 Awareness
6.3 Infrastructure 7.1.3 Infrastructure
6.4 Work environment 7.1.4 Environment for the operation of processes
7 Product realization 8 Operation
7.1 Planning of product realization 8.1 Operational planning and control
7.2 Customer-related processes 8.2 Determination of requirements for products
and services
7.2.1 Determination of requirements related to 8.2.2 Determination of requirements related to
the product products and services
Page 31
7.2.2 Review of requirements related to the product 8.2.3 Review of requirements related to the
products and services
7.2.3 Customer communication 8.2.1 Customer communication
7.3 Design and development 8.5 Production and service provision
7.3.1 Design and development planning 8.3 Design and development of products and
services
8.3.1 General
8.3.2 Design and development planning
7.3.2 Design and development inputs 8.3.3 Design and development Inputs
7.3.3 Design and development outputs 8.3.5 Design and development outputs
7.3.4 Design and development review 8.3.4 Design and development controls
7.3.5 Design and development verification 8.3.4 Design and development controls
7.3.6 Design and development validation 8.3.4 Design and development controls
7.3.7 Control of design and development changes 8.3.6 Design and development changes
7.4 Purchasing 8.4 Control of externally provided products
and services
7.4.1 Purchasing process 8.4.1 General
8.4.2 Type and extent of control of external provision
7.4.2 Purchasing information 8.4.3 Information for external providers
7.4.3 Verification of purchased product 8.6 Release of products and services
7.5 Production and service provision 8.5 Production and service provision
7.5.1 Control of production and service provision 8.5.1 Control of production and service provision
8.5.5 Post-delivery activities
7.5.2 Validation of processes for production and 8.5.1 Control of production and service provision
service provision
7.5.3 Identification and traceability 8.5.2 Identification and traceability
7.5.4 Customer property 8.5.3 Property belonging to customers or
external providers
7.5.5 Preservation of product 8.5.4 Preservation
7.6 Control of monitoring and measuring equipment 7.1.5 Monitoring and measuring resources
8.0 Measurement, analysis and improvement 9.1 Monitoring, measurement, analysis
and evaluation
8.1 General 9.1.1 General
8.2 Monitoring and measurement 9.1 Monitoring, measurement, analysis

and evaluation
8.2.1 Customer satisfaction 9.1.2 Customer satisfaction

8.2.2 Internal audit 9.2 Internal audit
8.2.3 Monitoring and measurement of processes 9.1.1 General
8.2.4 Monitoring and measurement of product 8.6 Release of products and services
8.3 Control of nonconforming product 8.7 Control of nonconforming process
outputs, products and services
8.4 Analysis of data 9.1.3 Analysis and evaluation
8.5 Improvement 10 Improvement
8.5.1 Continual improvement 10.1 General
10.3 Continual Improvement
8.5.2 Corrective action 10.2 Nonconformity and corrective action
8.5.3 Preventive action Clause removed
(see 6.1.1, 6.1.2)
ISO/DIS 9001 to ISO 9001:2008
Correlation Matrix
ISO/DIS 9001 ISO 9001:2008

4 Context of the organization 1.0 Scope
4.1 Understanding the organization and its context 1.1 General
4.2 Understanding the needs and expectations 1.1 General
of interested parties
4.3 Determining the scope of the 1.2 Application
quality management system 4.2.2 Quality manual
4.4 Quality management system and its processes 4 Quality management system
4.1 General requirements
5 Leadership 5 Management responsibility
5.1 Leadership and commitment 5.1 Management commitment
5.1.1 Leadership and commitment for the 5.1 Management commitment
5.1.2 Customer focus 5.2 Customer focus
5.2; 5.2.1 & 5.2.2 Quality policy 5.3 Quality policy
5.3 Organizational roles, responsibilities 5.5.1 Responsibility and authority
and authorities 5.5.2 Management representative
6 Planning for the quality management system 5.4.2 Quality management system planning
6.1 Actions to address risks and opportunities 5.4.2 Quality management system planning
8.5.3 Preventive action
6.2 Quality objectives and planning to achieve them 5.4.1 Quality objectives
6.3 Planning of changes 5.4.2 Quality management system planning
7 Support 6 Resource management

7.1 Resources 6 Resource management
7.1.1 General 6.1 Provision of resources
7.1.2 People 6.1 Provision of resources
7.1.3 Infrastructure 6.3 Infrastructure
7.1.4 Environment for the operation of processes 6.4 Work environment
7.1.5 Monitoring and measuring resources 7.6 Control of monitoring and measuring equipment
7.1.6 Organizational knowledge New
7.2 Competence 6.2.1 General
6.2.2 Competence, training and awareness
7.3 Awareness 6.2.2 Competence, training and awareness
7.4 Communication 5.5.3 Internal communication
7.5 Documented information 4.2 Documentation requirements
7.5.1 General 4.2.1 General
7.5.2 Creating and updating 4.2.3 Control of documents
4.2.4 Control of records
7.5.3 Control of documented Information 4.2.3 Control of documents
4.2.4 Control of records
8 Operation 7 Product realization
8.1 Operational planning and control 7.1 Planning of product realization
8.2 Determination of requirements for products 7.2 Customer-related processes
and services
8.2.1 Customer communication 7.2.3 Customer communication
8.2.2 Determination of requirements related to 7.2.1 Determination of requirements related to
products and services the product
8.2.3 Review of requirements related to the 7.2.2 Review of requirements related to the product
products and services
8.3 Design and development of products and 7.3 Design and development
services
8.3.1 General New
8.3.2 Design and development planning 7.3.1 Design and development planning
8.3.3 Design and development Inputs 7.3.2 Design and development inputs
8.3.4 Design and development controls 7.3.4 Design and development review
7.3.5 Design and development verification
7.3.6 Design and development validation
8.3.5 Design and development outputs 7.3.3 Design and development outputs
8.3.6 Design and development changes 7.3.7 Control of design and development changes
8.4 Control of externally provided products 7.4.1 Purchasing process
and services
8.4.1 General 7.4.1 Purchasing process
8.4.2 Type and extent of control of external provision 7.4.1 Purchasing process
7.4.3 Verification of purchased product
8.4.3 Information for external providers 7.4.2 Purchasing information
8.5 Production and service provision 7.5 Production and service provision
8.5.1 Control of production and service provision 7.5.1 Control of production and service provision
8.5.2 Identification and traceability 7.5.3 Identification and traceability
8.5.3 Property belonging to customers or 7.5.4 Customer property
external providers
8.5.4 Preservation 7.5.5 Preservation of product
8.5.5 Post-delivery activities 7.5.1 Control of production and service provision
8.5.6 Control of changes 7.3.7 Control of design and development changes
8.6 Release of products and services 8.2.4 Monitoring and measurement of processes
7.4.3 Verification of purchased product
8.7 Control of nonconforming process 8.3 Control of nonconforming product
outputs, products and services
9 Performance evaluation New
9.1 Monitoring, measurement, analysis 8 Measurement, analysis and improvement
and evaluation
9.1.1 General 8.1 General

9.1.2 Customer satisfaction 8.2.1 Customer satisfaction
9.1.3 Analysis and evaluation 8.4 Analysis of data
9.2 Internal audit 8.2.2 Internal audit
9.3 Management review 5.6 Management review
10 Improvement 8.5 Improvement
10.1 General 8.5.1 Continual improvement
10.2 Nonconformity and corrective action 8.3 Control of nonconforming product
8.5.2 Corrective action
10.3 Continual Improvement 8.5.1 Continual improvement

Checklist IQA 9001-2015

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Checklist IQA 9001-2015

Hochgeladen von

Copyright:

Verfügbare Formate

Internal Quality Management System Audit Checklist (ISO9001:2015)

Q# ISO 9001:2015 Clause Audit Question Audit Evidence

4.2 Understanding the needs and expectations of interested parties

4.3 Determining the scope of the quality management system

5.1.2 Customer focus

5.3 Organizational roles, responsibility and authorities

6.2 Quality objectives and planning to achieve them

7.1.4 Environment for the operation of processes

7.1.5 Monitoring and measuring resources

7.1.6 Organizational knowledge

7.5.2 Creating and updating

8.3 Design and development of products and services

8.3.3 Design and development inputs

8.3.4 Design and development controls

8.3.6 Design and development changes

8.4.2 Type and extent of control of external provision

8.5 Production and service provision

8.5.3 Property belonging to customers or external providers

8.5.5 Post-delivery activities

8.5.6 Control of changes

8.6 Release of products and services

9.1.1q The organization shall determine: Show me how you determine:

9.1.2 Customer satisfaction

9.1.3 Analysis and evaluation

9.2 Internal audit

9.3 Management Review

10.2 Nonconformity and corrective action

10.3 Continual improvement

ISO 9001:2008 to ISO/DIS 9001

ISO 9001:2008 ISO/DIS 9001

quality management system

8.2 Monitoring and measurement 9.1 Monitoring, measurement, analysis

8.2.1 Customer satisfaction 9.1.2 Customer satisfaction

ISO/DIS 9001 ISO 9001:2008

7 Support 6 Resource management

9.1.1 General 8.1 General

Das könnte Ihnen auch gefallen