Issue 126 – Who’s interested in Quality (Clause 4.2)?
ISO 9001:2015…
Who’s interested in Quality (Clause 4.2)?
I appreciate receiving emails with questions and/or comments from readers of this Newsletter… please continue to do so since it provides me with ideas on what these publications should cover. In my last Newsletter (ISO 9001:2015 Newsletter Issue 125) we discussed the topic of “How to prep employees before an audit?”, and now in this Newsletter we will discuss “Who’s interested in Quality (Clause 4.2)?”.
The ISO 9001:2015 Element numbering…
Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement
Clause 4.2 Understanding the needs and expectations of interested parties – who are they?… I decided to cover this topic for the Newsletter since in the past 12 months I have had a few external auditors raising audit findings against Clause 4.2… which were simply NOT justified. Some of this confusion comes from external auditors who also conduct audits on ISO 14001:2015 (EMS – Environmental Mgmt System) and ISO 45001:2018 (OH&S – Occupational Health & Safety Mgmt System), since both of those Management Systems DO HAVE regulatory bodies/agencies interested in the Environment and in Health & Safety. The external audit findings I am seeing raised against Clause 4.2 seem to fall into 2 categories… first, those external auditors that want you to document a long list of Interested Parties… and second, those external auditors that want to see the “needs and expectations” of EACH Interested Party identified somewhere.
Let me begin by addressing “needs and expectations of Interested Parties”… To be clear, Clause 4.2 of the ISO 9001:2015 Standard is titled “Understanding the needs and expectations of Interested Parties” HOWEVER inside the paragraphs of Clause 4.2 the words “needs and expectations” does NOT show up… nowhere are those words used as part of a “shall” requirement… What Clause 4.2 does state is: “…the organization shall determine… a) the interested parties that are relevant to the quality management system; b) the requirements of these interested parties that are relevant to the quality management system“. NOT “needs and expectations”… but rather “relevant requirements”. I am making this distinction because the word “requirements” imply specifics, whereas “needs and expectations” suggest generalities.
The primary intent of Clause 4.2 is to identify what types of organizations (or groups) have an obvious and specific interest in the QUALITY of your products, and the QUALITY of your services because the level of quality impacts them directly. You’ll note that within Clause 4.2 the use of the word “relevant”… which means YOU get to decide which interested parties are relevant to your Quality Management System… AND… which of their requirements are relevant. So lots of flexibility is provided in how you can address the requirements within this Clause.
How can you push back on adding more Interested Parties?… I mentioned “flexibility” above so your first way of resisting an audit finding is to remember that the phrase “documented information” does NOT exist within Clause 4.2, so you are free to simply verbally describe how your organization determines who the “interested parties” are (to your QMS)… and what the requirements are for EACH Interested Party. If the External Auditor sees only a verbal response as a documentation gap, and wishes to pursue this further, they will be faced with demonstrating that a lack of “documented information” in Clause 4.2 somehow makes this particular QMS activity/process, ineffective (see Clause 4.4.2).
Let me repeat… Clause 4.2 can have NO documentation and still be addressed through verbal discussion/evidence. Unfortunately, what appears to be happening is that companies are trying to do more than what ISO requires, and are being subsequently punished by the external auditor for actually writing down a list of Interested Parties. One of my Clients who was frustrated with all of the different interpretations for Clause 4.2, decided to identify only ONE party that is truly interested in Quality… that being the Customer… period! This Client obtained ISO Certification (and maintains it) with no problem at all from their ISO Registrar/Certification Body (btw, my Client is a large international company, who uses a large international ISO Registrar).
So when you are facing an external auditor who insists that your list of Interested Parties be expanded to include groups such as the EPA or OSHA (in the US), or the MOE and MOL (in Canada), or the Surrounding Community, etc, etc… you just need to keep repeating that the ONLY parties that are interested in your Quality, are already listed. Feel free to further add that “there are no statutes or regulations, nor regulatory bodies nor regulatory agencies, who have laws or statutes or legislation or regulations regarding the QUALITY of your products or services”. If the external auditor continues to insist that regulatory agencies be added, then ask them: “Where can I find out what OHSA’s or EPA’s requirements are for the QUALITY of my products?” (…since that’s what part [b] wants inside of Clause 4.2).
What’s the fastest way to stop adding more groups to the list of Interested Parties?… Probably the quickest way to stop an external auditor from challenging your list of Interested Parties is to show them that in ISO’s own words, these other regulatory agencies are out of scope of your QMS… have them take a minute or two to read Section 0.4 within the ISO 9001:2015 Standard… here it is verbatim:
0.4 Relationship with other management system standards
This International Standard applies the framework developed by ISO to improve alignment among its International Standards for management systems (see Clause A.1).
This International Standard enables an organization to use the process approach, coupled with the PDCA cycle and risk-based thinking, to align or integrate its quality management system with the requirements of other management system standards.
This International Standard relates to ISO 9000 and ISO 9004 as follows:
– ISO 9000 Quality management systems – Fundamentals and vocabulary provides essential background for the proper understanding and implementation of this International Standard;
– ISO 9004 Managing for the sustained success of an organization – A quality management approach provides guidance for organizations that choose to progress beyond the requirements of this International Standard.
Annex B provides details of other International Standards on quality management and quality management systems that have been developed by ISO/TC 176.
This International Standard does NOT include requirements specific to other management systems, such as those for environmental management, occupational health and safety management, or financial management. (… it continues on for 2 more paragraphs…)
I took the liberty of bolding and using red color to emphasize the key words found in that last sentence… Environmental?… Safety?… both are clearly out-of-scope of a QMS… what more needs to be said?
How can you push back addressing “needs & expectations” of Interested Parties?… Recall from the discussion at the top of this Newsletter, it is NOT “needs and expectations”… but rather “relevant requirements”… so that’s the first clarification you need to make with any external auditor who is using this incorrect terminology. If you feel uncomfortable not documenting anything for Clause 4.2 then I suggest you consider building a table that lists your interested parties (with Customers being at the top of this list), followed by anybody else… and don’t forget about accreditation bodies (your ISO Certification organization). Next to each of these interested parties you can either list their relevant requirements and/or simply reference which area of your Quality Manual, or which Procedures, or which Work Instructions (within your QMS) addresses their requirements. For example, if you listed “Customers” as an interested party, then you could point to Section 8.2 of your Quality Manual, which is where you describe where Customer requirements are identified and handled. This table of relevant interested parties (along with their associated relevant requirements) can be inserted into Section 4.2 of your Quality Manual and it should be reviewed by the Management Team, finalized/approved, and then re-visited by them once a year to keep this list up-to-date. This can be accomplished nicely during the Quality Manual review cycle, or as part of the Management Review process.
Be sure to watch for our next Newsletter issue where I will be answering some of the questions that I get from Readers of my Newsletters about how to implement the requirements of ISO 9001:2015 in a specific and practical way, that will also help improve business performance…
To view all of our past Newsletters or to sign up to receive them… click here
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Need Help?
ISO 9001:2015 Internal Audit Outsourcing (we can do it for you OR with you!)
For cost effectiveness, the Internal Audit function can be outsourced to an external experienced auditor on a periodic basis. This will provide an independent and objective assessment to management, of where process issues may exist, along with identifying opportunities for improvement. It will also provide the evidence needed to satisfy the Internal Audit requirements in the ISO Standards. We have used two different approaches with this service: a) We conduct the entire audit ourselves, or b) We act as the lead auditor, and along with your Team of internal auditors, we complete the entire audit together. This latter approach allows your people to receive guidance and direction from an experienced lead auditor while at the same time maintaining significant involvement in the internal audit process.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Internal Process Auditor Training for ISO 9001:2015
The two (2) day Internal Process Auditing for ISO 9001:2015 Training Session is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Until next time…
Tim Renaud
Helping Business Professionals Reduce Risk and Remove Waste!