3 ISO 9001 Terms and Definitions

So, you want to brush up on your ISO 9001 Terms and Definitions? If you or your business is new to ISO 9001, it may appear a bit overwhelming; the entire process to become certified as an ISO 9001 organization can be complicated and time-consuming.

However, if you approach ISO 9001 by first understanding its key terms and definitions; doing so, you will find achieving accreditation is much simpler than it first seems.

ISO 9001 cloud words

Benefits of Learning ISO 9001 Terms and Definitions

There are two main reasons why it benefits businesses to be familiar with ISO 9001 terminology:

1 Comprehension

Learning ISO 9001 terminology is the first step towards being able to understand ISO 9001 requirements and what your organization needs to meet them, and eventually become certified.

2 Implementation

When implementing new quality management systems (QMS) to meet ISO 9001 requirements, you will be better equipped to educate employees throughout the company. In addition, you will be able to apply your new ISO 9001 vocabulary in drafting important ISO 9001 documents often required from businesses for certification.

ISO 9001 Terms

The following terms—and their respective definitions—are some of the most important you will need to know concerning the latest ISO 9001:2015 standard.

ISO 9001 lightbulb idea

Understanding ISO

These terms are what you’ll need to know to understand the basics behind ISO 9001:2015.

ISO - This is an acronym for the International organization for Standardization, a worldwide organization that is responsible for developing documents of “requirements, specifications, guidelines or characteristics that can be used consistently to ensure that materials, products, processes, and services are fit for their purpose.” (Source: https://www.iso.org/standards.html)

Standards - Standards—in relation to ISO 9001—are essentially benchmarks in quality. Businesses must meet these benchmarks to become ISO 9001 certified. The ISO 9001:2015 is the most updated standard, based on the creation and maintenance of quality management systems (QMS).

QMS folder

Quality Management Systems (QMS)

These terms are related to quality and quality management systems (QMS) within an organization.

Asset Inventory - Asset inventory is a compiled list of everything an organization has in its possession, from its database and technology used to items related to day-to-day operations.

Aspects & Impacts Register - This is a review that covers the effect your business has on the environment. Think of it as a standard environmental impact report.

Management - Management is the control of resources, systems and processes, and other aspects of the organization that require monitoring.

Management System - The management system is a process organizations use to help set up and organize policies, objectives, and more. Management systems come in a wide variety of unique types, including:

  1. Environmental management systems
  2. Financial management systems
  3. Quality management systems
  4. Food safety management systems
  5. Occupational health and safety management systems

Management Review Meetings - These meetings are brought together to have a proper evaluation of the management system and discuss what areas are successful, and what areas need improvement.

Policy - Policies are documents that include information about a set of standards.

Process - A process is a set of tasks that are completed to work towards an ultimate goal. Within ISO 9001, all processes are focused on satisfying the customer.

Process Approach - This term refers to how management plans strategies to improve processes.

Process-Based Quality Management System (QMS) - This term reflects processes that are integrated within an organization to improve quality.

Quality - This term is applied in a few different ways. For starters, quality can be represented by how time and energy is being used to accomplish tasks. Quality can also represent how many ISO 9001 requirements are met.

Quality Management - This term refers to any activity that is being performed by an organization to maintain or improve quality. This can include the adoption of a quality policy, quality assurance, quality planning, and more.

Quality Management System (QMS) - QMS is an organization’s system which implements policies and objectives into the processes that help improve a standard of quality. Some QMS implementations include:

  1. Records
  2. Techniques
  3. Programs
  4. Rules
  5. Role distribution
  6. Responsibility distribution

This term is by far one of the most important to be familiar with, as it is the basis of what ISO 9001 standards can help you accomplish.

Quality Objective - This term represents the plan laid out to ensure that quality results are achieved properly.

Quality Policy - The quality policy is a document that shows the standards your organization has set for itself in terms of improving and maintaining quality for customers, providers, and employees. The quality policy revolves around the quality management principles mentioned in ISO 9001. (With quality management principles, the main drive is on customers and those interested in the product/service and provide them with the resources they need.)

System - A system is how a certain set of processes operate to work towards a particular goal. There are a few different systems at work when it comes to ISO 9001 — all of which have different objectives.



This next set of terms are related to the internal implementation of ISO 9001 processes and systems.

Context of organization - Everything that is represented by the organization, including customer experience, work environment, values and mission, and performance. There are a few clauses in ISO 9001:2015 that relate to the context of the organization, including:

  • 4.1 Understanding
  • 4.2 Understanding the needs and expectations of interested parties
  • 4.3 Determining the scope of the QMS
  • 4.4 QMS and its processes

Controlled Document Register - The controlled document register is compiled of all of the organizations standard documents such as forms, policies, etc.

Customer Satisfaction - Although every business owner should know what customer satisfaction is, it is especially important to know how it relates to ISO 9001. According to ISO 9001 standards, customer satisfaction reflects the level of pleasure that has been received from a customer during their experience.

  • ISO 9001 puts an emphasis on customer satisfaction and requires processes that help improve short- and long-term satisfaction for both returning and new customers.

Defect - This falls under the same category as “nonconformity.” This refers to an issue that has come short of meeting a certain standard from ISO 9001.

Design & Development - This refers to how resources are distributed within the organization.

Determination - Determination involves finding and identifying values of data and what they represent.

Documentation - These are required ISO 9001 documents that provide data related to systems and processes in addition to procedures related to job or department functions.

Document Control - Document control is the idea of making sure only the most updated documents are being used and referred to at any given time.

Effectiveness - Effectiveness determines how well a plan or operation is going. Effectiveness is a key aspect of the ISO 9001 system, as it looks to cut out any unnecessary time spent on tasks that either doesn’t require as many resources or need a change in approach altogether.

Feedback - Feedback reflects a customer or employee’s comments on either a product, service, or work environment. Typically, feedback is given from customers expressing how they feel about a particular product or service.

Function - This is referring to a particular role that is filled by a department within the company.

Gap Analysis - This is an initial assessment of the organization’s systems and processes. The gap analysis determines whether or not business requirements are currently being met with existing systems in place, and what is required to bring the company closer to meeting these requirements.

Implement - Implementation is the process of putting a system or plan into place.

Improvement - The ultimate goal of establishing a QMS is improvement, or continually bettering your systems and processes to ensure the highest quality is provided to your customers, providers, and employees. ISO 9001 requires businesses to take advantage of their improvement to be certified. For more information regarding improvement and ISO 9001, see the following clauses:

Information System - Information systems refer to the communication methods that are embedded in an organization.

Infrastructure - This term reflects the operations of all departments that are run by an organization. This can include physical locations, as well as hardware and software owned by the business.

Initial Assessment - This reflects the current status of an organization and where their goals need to be set to comply with ISO 9001 standards. This is synonymous with a gap analysis.

Leadership - Leadership may consist of Top Management, a board of directors, or an ISO 9001 assigned lead within an organization. The leadership in a business is responsible for creating the systems and processes that reflect ISO 9001 standards. ISO 9001: 2015 has clauses directly related to leadership:

  • 5.1 Leadership and commitment
  • 5.2 Quality policy
  • 5.3 organizational roles, responsibilities, and authorities

Monitoring - This is to check how processes are operating and to make sure they are all in compliance with ISO 9000 standards. Monitoring needs to be done on a continual basis. Certain processes or departments may have to be monitored more closely than others.

Objective - An objective is a goal set out by an organization that has planning behind it for execution. An objective will include a series of actionable items to reach that goal, as well as possible obstacles that may be faced while attempting to meet the goal.

Operation - Operation is related to internal and external systems within an organization. ISO 9001:2015 addresses all of these systems, including:

  1. Operational planning and control
  2. Design and development and requirements for products/services
  3. Control of externally provided processes, products, and services
  4. Provisions
  5. Release of products/services
  6. Control of nonconforming outputs

Output - An output is the result of a process that has been successfully completed. Outputs are listed into four types of categories:

  1. Software
  2. Hardware
  3. Processed materials
  4. Services

Planning - Related to ISO 9001, planning involves creating a series of actionable items within a QMS framework that prepares the organization for success. Certain clauses within ISO 9001:2015 offer planning objectives for your team to follow:

  • 6.1 Actions to address risks and opportunities
  • 6.2 Quality objectives and planning to achieve them
  • 6.3 Planning of implementation

Record Control - Similar to document control, record control is how a business organizes their documents and records to have them readily available for management and employees to access. The process of record control also includes removing outdated records and replacing them with updated information.

Regulatory Requirement - A task or action that is required from the organization and/or standard to gain ISO 9001 certification.

Requirements - For ISO 9001, requirements come in many forms but mainly focus on the standard itself. Some of the requirements include:

  1. Product requirements
  2. Service requirements
  3. Regulatory requirements
  4. Quality requirements

Risk - Risk revolves around calculating the difference in negative and positive features of a process. By assessing risk, organizations are able to determine exactly how much there is to gain from changing a particular aspect of a system or process.

Risked-Based Thinking- This method of thought is related to reflecting on how much risk is involved for a certain amount of gain. Typically, you’ll want to find the best low-risk/high-reward ratio.

Risk Assessment - A risk assessment analyzes potential risks to the business and its effects on both customers and employees. A risk assessment can also include a series of possible solutions to overcome such risks. 

Safeguard - A safeguard is a form of protection. In relation to ISO 9001, a safeguard may be a possible solution to solve issues that stem from risks, or a preemptive action to prevent possible problems.

Scope - Scope is the area in which something is applicable or a radius for something to be effective.

Standard Form - This is a piece of documentation that is frequently used within the company.

Strategy - This is how a person or organization plans to reach a goal successfully.

Support - Support is related to a number of issues within ISO 9001, including:

  1. Documentation
  2. Personnel
  3. Resources
  4. Competence
  5. Awareness
  6. Communication



The following terms are related to the auditing process in relation to ISO 9001:

Audit - An audit is a routine inspection performed by either internal employees or an external third-party auditor. The goal of audits is to ensure that your business is following ISO 9001 requirements.

  1. Internal Audit - This type of audit assesses your organization’s performance and implementation of its Quality Management System (QMS). An internal auditor is usually one or more employees within the company who have been thoroughly trained on ISO 9001 standards.
  2. External Audit - An external audit is similar to an internal audit; the main difference is that the auditor will come from a third-party source outside of the organization (consultant or registrar).
  3. External Audit - The final external audit is the certification audit. This is from a registrar. This determines your company’s ISO 9001 certification (and if you pass or fail).

Audit Findings - The findings of an audit (both internal and external) are the outcome or results of an audit following completion.

  1. Internal Audit Findings - If your internal auditor(s) find that your business is not meeting ISO 9001 requirements, they will discuss their findings with you so that you can adjust your QMS to conform to such requirements. If you are meeting the requirements, you will be encouraged to continue improving your QMS to keep surpassing ISO 9001 standards.
  2. External Audit Findings - If your organization has, in fact, met ISO 9001 requirements, you will be granted ISO 9001 certification. However, if your business does not meet all of the requirements, you will be notified and offered some input as to how you can resolve the issues preventing conformity.

Audit Evidence - Audit evidence is what is used to support the solutions taken from an audit. This can include documentation such as records, statements, and more.

Audit Criteria - The criteria of an audit is essentially a list of expectations the business must meet to pass the audit. For ISO 9001 audits, the audit criteria may include a series of policies that the company must have to be compliant.

Audit Program - The audit program lists the details surrounding an audit, such as the time it will take place, frequency, etc. This program is usually developed between the auditor(s) and the chosen ISO 9001 lead.

Objective Audit Evidence - This is saved information that is represented in the forms of documentation and records. They are required as a criterium for the ISO 9001 audit.

Outsource - Outsourcing is the action of requesting the aid of an external organization for specific tasks. As an example, businesses may bring in, or outsource, an auditor from an external source for audits.

Performance - Performance is a measure of how well or poorly a particular subject is doing in an area. An example of this would be how efficiently tasks are being completed based on the time, resources, and finances used.

A performance evaluation is required to assess performance within an organization. ISO 9001 offers more information about performance evaluations in the following clauses:

Performance Indicator - This term refers to a tool that is used for gauging how satisfied customers are, as well as how often the outputs are coming to realization.

Periodic - Periodic refers to a time-frame in which something is done or completed. For example, audits are performed periodically to ensure the long-term success of an organization.

Review - Reviews usually come after assessments and are essentially an overview of how a particular process went. They can be both internal and external.

  1. Internal Reviews - Reviews can come after an internal audit and may be used to improve processes based on the feedback auditors provide. The internal review can be used to ensure organizations satisfy ISO 9001 requirements before official audits and re-certification audits.
  2. External Reviews - Reviews can come from a customer, and may mention how satisfied or dissatisfied they were with a specific product or service.


Audit Results & Certification

The following terms are related to audit outcomes and ISO 9001 certification.

Accordance - If you are in accordance with ISO 9001, it means that you have adequately or sufficiently conformed to its standards/requirements.

Certification - Gaining certification means that your organization has demonstrated that its QMS is in line with ISO 9001 standards.

Competence - Competence describes a company that is able to meet an ISO 9001 requirement through its QMS or other processes.

Compliance - Similar to competence, compliance describes an organization that has successfully fulfilled a requirement for ISO 9001. Also known as conformity.

Concession - A concession is a type of special approval given to release a nonconforming product or service to a customer.

Continual Improvement - This refers to the activities of a business that are driven towards the constant improvement or betterment of their internal systems and processes.

Corrective Action - This is a term that describes an action that needs to take place to improve processes to meet ISO 9001 standards. Corrective actions are often related to the term, continual improvement.

Non-Conformance - This is a term that is used to describe a process that does not meet a requirement set out by the standard.

Re-Certification Audit - These audits are done to ensure that all requirements are still being met and that there are no arising issues that have come up between audits. Re-certification audits usually take place every three years.

Verification - Verification is the final step in achieving ISO 9001 certification, as it acknowledges that your organization has met the proper ISO 9001 requirements to be granted accreditation.

ISO 9001

Other ISO 9001 Terms to Know

Innovation - This term reflects various changes that are made either through the standards and/or the organization. Innovation can be done in just about any area, such as customer service, customer satisfaction, products/services, resources, tools, methods, and more.

Involvement - When a group comes together to distribute ideas and resources to work towards a similar goal.

Interested Party - Interested parties are people that are concerned with helping in a decision or participating in a particular activity.

Knowledge - Knowledge reflects all data/information that has been compiled in a system, documents, or data, or known by a particular group or person.

Maintain - This refers to making sure consistency is in place, whether that be in customer satisfaction, profits, etc.

Measuring Equipment - Measuring equipment refers to all of the tools used by organizations to analyze data, including software, reference materials, and more.

Object - An object can be practically anything available to the organization, including:

  • Products
  • Services
  • Documents
  • Software
  • Hardware
  • Methods
  • Resources

Preservation - This term refers to keeping something as it was, and not allowing changes to affect it in any way.

Preventive Action - This kind of action is done pro-actively to address potential problems. An example of this is backing up certain files in case of an emergency.

Procedure - Procedures are how certain processes are performed to achieve a desired result, and documents how steps will be completed.

Property - This term refers to what is owned by an organization or an individual.

Product - The product of an organization is what is being sold to the customer. Products can be both tangible and intangible. Many factors make up the success of a product, including location, price, and quality.

Provider - A provider is a supplier of a particular product or service. They can be either external or internal, although external providers are more common.

Relevant - This is referring to what is important to a particular part of the process at a given time.

Release - This term refers to permission to send out information that aids in a process. This can come in many forms, like documentation and software.

Responsibility - This is a task or role assigned to an individual or department and consists of what they are accountable for.

Retain - This is a term that means “to keep.”

Sequence - A sequence is an order in which events occur.

Service - A service is an actionable task that is provided by an organization—or an external source, such as a supplier.

Supplier - A supplier is an individual or organization who provides businesses with either products, services, or both.

Traceability - This term is referring to the ability to be able to track down locations of products and services. It also refers to how these products or services are distributed.

For more common-knowledge words you can expect to find in ISO 9001:2015, refer to the ISO’s glossary that can be found on their website.

ISO 9001 handshake


If you aren’t already familiar with some of the terms mentioned, don’t feel like your business is behind; the ISO 9001 standard and its documentation, in general, can be difficult to comprehend for many organizations.

However, now that you have this comprehensive list of ISO 9001 vocabulary on hand, you will be able to recognize key terms in their context. Things will become much clearer, and you will be better suited to properly implement ISO 9001 requirements in your company’s quality management system.

Next ISO 9001 Clause

Each ISO 9001 Clause Explained

Updated: 26th February 2022
Author: Richard Keen

Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard