ISO 9001:2015 – Newsletter – Issue 44



Issue 44 – Clause 5.2:  Policy


ISO 9001:2015…

Clause 5.2:  Policy


What’s the intent of Clause 5.2?… In our last Newsletter (ISO 9001:2015 Newsletter Issue 43) we discussed the topic of “Leadership”, and now here in this Clause we address “Policy”, as in Quality Policy.  The intent of Clause 5.2 is to have Top Management of your organization put pen to paper and write down in words what their policy is regarding the quality of their products, and the quality of their services.  This action sets the tone for everyone to see how important “quality” is to the organization, both for their Employees and their Customers.

Note A:  This Clause DOES include requirements for “documented information”.
Note B:  As some of you already know, the content for these Newsletters comes from working in the field with my Clients, and with their ISO Certification Bodies. I gain a lot of hands-on experience from conducting training workshops and gap audits, where the requirements of the Standard have to be interpreted and applied to each unique situation.  A popular training request is our on-site Internal Process Auditor Training for ISO 9001:2015 since you will need to do a complete round of internal audits to the new Standard prior to your external upgrade audit.  On that note, some organizations are opting to use an outside resource to assist with their internal audits in order to meet deadlines (…more details on this service, as well as the training sessions we offer, can be found below).


The new numbering format… 

Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement


Clause 5.2  Policy consists of two (2) Sub-Clauses as listed below:

5.2.1  Establishing the quality policy

5.2.2  Communicating the quality policy


Sub-Clause 5.2.1 Establishing the quality policy – This first sub-clause is asking top management to write a quality policy, implement it throughout the organization and then re-read it periodically to make sure it’s still saying what they want it to say.  This is no different than asking top management to take a stance (establish a policy) on how they view “safety” in the company.  This sub-clause goes on to provide guidance on what is expected from this statement on “Quality”.

Sub-Clause 5.2.1 a) wants the organization to write a Quality Policy that makes sense with respect to why it exists (its purpose/context) and that the Quality Policy moves the organization in the same direction that its Strategies are doing.  Test your current Quality Policy and see if you can tell what kind of products or services it provides to the marketplace since that would connect it to your purpose/context.  Also, if the Quality Policy is written by (and signed by) a top manager, this implies that it supports the strategic direction of the organization, since these same people establish the business strategies, right?

Sub-Clause 5.2.1 b) is asking you to make sure and “connect” the Quality Policy with your Quality Objectives.  This is the next step for adding substance to the words used within the Quality Policy, without which it would just be a statement with no teeth.  The Quality Objectives are what you use to achieve the Quality Policy.  For example, if you use words such as “…on-time, every time, defect free…” in your Quality Policy then you need to need one Quality Objective that measures on-time delivery and another Quality Objective to measure the number of defects in what you produce or provide to your Customers.  This is what they mean by “…the quality policy shall… provide a framework for setting quality objectives…”.  Test the key words used within the Quality Policy to see if they can be linked to your Quality Objectives… because they should be.  In other words, achieving your Quality Objectives achieves your Policy on Quality.

Sub-Clause 5.2.1 c) asks top management to include a commitment (within the words of the Quality Policy) to satisfy applicable requirements.  These would be Customer quality requirements, statutory/regulatory quality requirements, organizational quality requirements, and so on, and so on.

Finally, sub-clause 5.2.1 d) asks top management to include a commitment (within the words of the Quality Policy) to continually improve your QMS (Quality Management System).


Sub-Clause 5.2.2 Communicating the quality policy – This requirement leads off by asking top management to communicate its Quality Policy through various methods.

Sub-Clause 5.2.2 a) wants top management to make sure the Quality Policy is available to anyone who affects the quality of its products and services, not just once when they were first hired, but available to everyone, at any time.  It also expects the organization to maintain this statement on quality as documented information (instead of it being only verbal).

Sub-Clause 5.2.2 b) asks that top management ensure that the Quality Policy is communicated to everyone who affects the quality of its products and services; that it is understood by everyone who affects the quality of its products and services; and that it is applied by everyone who affects the quality of its products and services.  The information collected during internal audit interviews is one way to show how this requirement is being met.

Sub-Clause 5.2.2 c) finishes off by asking top management to ensure that its Quality Policy is made available to relevant interested parties (that you identified back in Clause 4.2).  There are a few ways to handle this requirement… one way is to post the Quality Policy on your external website for anyone to see and the other is to handle it by providing a copy of the Quality Policy “upon request” from any interested party.


Be sure to watch for our next Newsletter issue where we will cover another section of ISO 9001:2015…


PS: Don’t forget to look at the Q&A section below for some final thoughts…


To view all of our past Newsletters or to sign up to receive them… click here



Need Help?

ISO 9001:2015 Internal Audit Outsourcing (we can do it for you OR with you!)

For cost effectiveness, the Internal Audit function can be outsourced to an external experienced auditor on a periodic basis. This will provide an independent and objective assessment to management, of where process issues may exist, along with identifying opportunities for improvement.  It will also provide the evidence needed to satisfy the Internal Audit requirements in the ISO Standards.  We have used two different approaches with this service: a) We conduct the entire audit ourselves, or b) We act as the lead auditor, and along with your Team of internal auditors, we complete the entire audit together.  This latter approach allows your people to receive guidance and direction from an experienced lead auditor while at the same time maintaining significant involvement in the internal audit process.


Documentation Development Training Workshop for ISO 9001:2015

This Documentation Development Training Workshop for ISO 9001:2015 Session is intended to be a very interactive, hands-on session (hence the name Workshop) where your QMS documentation will be created/revised, with guidance from an experienced facilitator.  This type of session can help launch your transition efforts by getting a lot accomplished within a compressed time-frame.  If your organization has already begun the re-write then this session can be used to validate what you’ve accomplished so far, or if you haven’t yet begun, it can be the catalyst to get things started (…which is usually the hardest part).  Deciding how to move from your current QMS structure into a new one can be a daunting task and this session can help you navigate through it.  A copy of a sample Quality Manual (re-iterating the “shall” requirements found within the ISO 9001:2015 Standard) will be provided to each participant.  As always, our focus will be on how to develop a simplified and streamlined quality management system, that helps to drive improvement in your business.


Internal Process Auditor Training for ISO 9001:2015

The two (2) day Internal Process Auditing for ISO 9001:2015 Training Session is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.


ISO 9001:2015 Essentials + Gap Audit

This combines the ISO 9001:2015 Essentials Session with a Gap Audit – This approach is used to assist organizations in launching their transition efforts for this new ISO Standard. This event accomplishes two things: a) it provides education on the new ISO 9001:2015 Standard for your key personnel (i.e. internal auditors; etc.), by highlighting the differences from the 2008 version; and b) assesses the gap from where you are today to where you need to be to achieve compliance to this new ISO Standard. Training certificates covering education on the new ISO 9001:2015 Standard, as well as issuing of a Gap Audit Report for distribution to your Top Management, are the two deliverables from this event. On a final note, a closing meeting can be arranged with key individuals so they can hear first hand the results of the Gap Audit that was performed.  PS: We’ve also done this session with just the QMS Management Rep attending, which allowed them to quickly get up to speed on this new Standard, as well as to see how much of an effort the transition will be… and of course they receive their own Training Certificate as part of this event.  This also allowed them to avoid traveling offsite to get the training they needed anyways, as evidence for their Certification Bodies.



Q:  How do you perform an audit for Clause 5.2 of ISO 9001:2015?

A:  For Clause 5.2, an Audit Checklist should cover these areas:

–  Has top management established a Quality Policy?  Implemented it?  How?  Maintained it?  How?
–  Is the Quality Policy purpose/context of the organization?  Does it state what they produce or provide?
–  Does the Quality Policy support, and is it aligned with, the strategic direction of the business?
–  Are the key words used in the Quality Policy linked to the Quality Objectives?
–  Does the Quality Policy include words that commit the organization to satisfying Customer requirements?  Satisfying statutory and regulatory requirements?  Satisfying other requirements?
–  Does the Quality Policy include words that commit the organization to continually improving its QMS?
–  Has the Quality Policy been made available to everyone who impacts quality?  How?
–  Has the Quality Policy been maintained as a documented statement?  How?
–  Has the Quality Policy been communicated to everyone who impacts quality?  How?
–  Has top management ensured that the Quality Policy has been understood by everyone who impacts quality?  How?
–  Has top management made the Quality Policy available to interested parties?  How?

(Make sure to interview more than one person and obtain examples for the items listed above)


Until next time…

Tim Renaud

Helping Business Professionals Reduce Risk and Remove Waste!