4.2 Understanding the Needs and Expectations of Interested Parties

Interested Parties are those stakeholders who receive your products or services, who may be impacted by them, or those parties who may otherwise have a significant interest in your organization.

Similar to context review, cross functional input is vital, as certain functions will identify with particular stakeholders, for example procurement with suppliers, and sales with customers.

A workshop approach should be encouraged which can be undertaken independent to, or in conjunction with the context review workshop.

Once stakeholders and their requirements are identified, the next step is to consider which stakeholder requirements generate legal and compliance obligations for ISO standards. Legal requirements should be identified before other requirements.

ISO 9001:2015 ISO 9001:2008 Summary of Changes
4.0 Context Of The Organization 1.0 Scope

Title only

4.1 Understanding The Organization And Its Context

1.1

General This new requirement requires an organisation to demonstrate that it understands all internal and external influences that may affect its strategic direction and market position and what effect any changes may have on its future.
4.2 Understanding The Needs And Expectations Of Interested Parties 1.1 General This is a new requirement which requires the organisation to determine the boundaries and applicability of the QMS. It also makes reference to 4.1.

There is now a requirement to state the scope in terms of the ‘goods and services’ delivered and the sites of the organisation to be included. There is a requirement to document and justify any exclusion from the standard; exclusion must be limited to Clauses 7.1.4 to 8.0.
4.3 Determining The Scope Of The Quality Management System 1.2 Application This requirement is comparable to ISO 9001:2008 Clause 4 - Quality Management System and Clause 4.1 – General Requirements. Organizations should review their process-based management system to ensure that it captures elements from 4.1 and 4.2.
4.2.2 Quality Manual
4.4 Quality Management System And Its Processes 4.0 Quality Management System Process approach – now a stated requirement but the content is largely the same as previous clause 4.1 apart from a requirement to determine the risks to conformity if processes are ineffective.
4.1 General Requirements

 

You should also determine whether these groups’ requirements are reviewed and updated as changes in their requirements occur, or when changes to your organization’s QMS are planned in order to meet the requirements of ISO.

Who are your interested parties?

Identify your Interested Parties

Ensure that your organization has properly identified its interested parties, and subsequently determined if any of their needs and expectations to be adopted as a compliance obligation.

Ensure that this process is revisited periodically because the requirements of relevant interested parties may change over time.

Although not specifically required for ISO standards, objective evidence could be a list or matrix of the interested parties, their corresponding needs and expectations, and indication of which of these accepted as compliance obligations might include:

  • All relevant legal requirements
  • All requirements imposed by upper levels in the organization (for example corporate requirements)
  • All relevant requirements of relevant interested parties that the organization decides to comply with, whether contractually (customers) or voluntarily (environmental or safety commitments)

In order to determine the relevance of an interested party or its requirements, your organization needs to answer: ‘does this interested party, or their requirements, affect the organization’s ability to achieve the intended outcomes of its QMS?’

If the answer is yes, the interested parties’ requirements should be captured.

How to capture interested parties’ requirements

There are many ways to capture this information, your approach might include:

  • Information summarised as part of inputs to risk and opportunity registers
  • Recorded in a simple spreadsheet
  • Logged and maintained in a database
  • Captured and recorded through key meetings
  • Requirements for products
  • Gap analysis or internal audit output by Internal Auditors

Departmental Managers should identify and list the needs and expectations of any interested parties in relation with their department that may have potential impact on the achievement of your organization’s objectives and policy, the conformity of our products, services and management system.

Also, you should map out and understand the expectations of parties that are relevant and how you plan to deal with their requirements through the management system.

This information should be retained as a strategy or tactical planning document to underpin your organization’s policies and to provide a road map to achieve future goals.

Managing the Needs and Expectations of Interested Parties

Based on a scoring output, consider and implement handling approaches to manage and comply with the needs and expectations of our interested parties.

The output should be reviewed by Top management for acceptance and incorporation into the QMS via addition to the scope, or incorporation into customer requirements, operational activities, process controls, hazard and aspect registers, risk and opportunity registers, and legal and compliance registers.

We suggest your rank the interested parties requirements according to their degree of Priority and their Relevance (e.g. 1 low, 5 high) to current objectives, policies and conformity of products and services as relevant to your QMS.

Communication with Stakeholders

Communicating with stakeholders - particularly in relation to legal and compliance obligations is vital. Communication with stakeholders should be based on performance data generated by your QMS, which will require robust monitoring and measurement to ensure that the data is reliable.

You should ensure that a monitoring and measurement process is included in the internal audit programme (which leads to corrective action) so your organization can assure itself that the checking processes are validated and that the data it is communicating is accurate.

In Summary

‘Understanding the Needs and Expectations of Interested Parties’ is a new requirement for ISO certification. You should allow additional time to prepare for each audit in order to establish a suitable understanding of the relevant interests of relevant interested parties that impact the QMS.

If this differs from the perception, you should be prepared to challenge this.

Look for evidence that the organization has undergone a process to initially identify examples of interested parties and then to identify any of their requirements of interested parties that are relevant to your organization’s quality management system.

You should also determine whether these groups’ requirements are reviewed and updated as changes in their requirements occur (continual improvement), or when changes to your organization’s QMS are planned.

 

ISO 9001 Clauses - PLAN

 

Updated: 10th October 2019
Author: Richard Keen

Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard