1.0 - ISO 9001 QMS Scope
This clause defines the scope of the ISO 9001 standard. This
clause defines the set of requirements that form the scope of the ISO 9001 standard. This clause
does not define the scope of your QMS which is discussed
under clause 4.3.
It defines a set of requirements that you can use to develop a quality management system (QMS). The scope of
control requirements needed for a “Quality” management system (QMS),
will obviously differ from other management standards such as environmental or health and safety systems. The
requirements defined in ISO 9001 are designed to achieve two objectives:
To demonstrate your ability to consistently provide quality products and services that meet customer and applicable
Help you to enhance customer satisfaction by:
Effectively implementing your QMS;
Setting up processes for improvement;
Providing assurance of conformity to customer and regulatory requirements.
refers to the
of your organization to - determine your customer needs and requirements; design and develop product and
services; know-how and capacity to manufacture, package and deliver on time product and services; and provide
service and support; etc;
is being able to
your capability within specified parameters for quality as defined by customers, your own organization or
regulatory bodies. Can you consistently provide conforming product and services or service, day in day
This standard provides generic
requirements to effectively plan, develop, implement, operate, control and improve your QMS processes. The focus of
all ISO 9001 generic control requirements is to help you develop a QMS that will achieve the two objectives stated
at the start of this section.
Because this standard is generic, ISO provides you with flexibility in applying its requirements as opposed to
prescribing specific controls that may not apply to all businesses. So not only can you pick which controls apply
to your business, you can also tailor each requirement to fit the particular needs of your
come from selecting and implementing applicable requirements from the ISO 9001 standard and customizing these
controls to suit the specific needs, activities and risks related to each of your QMS processes.
To achieve and demonstrate your capabilities, you must effectively plan, operate and control the various processes
within your QMS that provide them.
The scope of your QMS and determination of what processes to include in it will be covered in clause 4.3
effective application of your QMS
can be determined by how well QMS activities and results measure up to planned performance
Improvement of the QMS
is achieved by increasing the ability of the QMS to meet requirements through raising and achieving higher
performance targets and making more efficient use of resources.
By effectively controlling and continually improving your QMS processes, there will obviously be a positive impact
on product and service quality and conformity to customer requirements. These requirements focus on prevention
(through the application of risk-based controls) and to a lesser extent detection of problems, as well as continual
improvement of your QMS.
Assurance of conformity to requirements
may be achieved by providing confidence that requirements will be fulfilled. This confidence may be achieved
through - implementing prevention based controls using risk evaluation and PDCA (to be discussed later); conducting
internal/external audits; 3rd party certification of your QMS;
It is important to note that the ISO 9001 standard does not specify requirements
for product or service. Requirements for products and services come from customers, end-users,
regulatory bodies and other interested parties. The standard sets generic systemic control requirements on how
these customer and relevant interested party requirements, needs and expectations are consistently and effectively
met to drive sustained improvement, business growth and enhance customer satisfaction.
Organizations implementing an ISO 9001 based QMS must conform to all
applicable requirements that the standard specifies. This provides internal and external parties
(customers, registrars and regulatory bodies), the basis (i.e. a benchmark) against which to assess the
organizations ability to meet customer, regulatory and internal requirements. It is now a common practice to
use ISO 9001 certification as a requirement
for making contractual decisions.
QMS design and implementation will vary from organization to organization. ISO 9001 allows this flexibility because
organizations may have differing - goals and objectives; business risks; range and complexity of product and
services; processes and resources; organizational size and structure; workforce competence and stability; etc. This
flexibility may relate to QMS scope
You must ensure that the scope of your QMS addresses all customer requirements. Customer requirements may show up
in contracts, blueprints, their supplier quality manuals, or referenced to applicable industry and regulatory
standards and codes, etc. QMS scope will be covered in more detail under clause 1.0 and 4.3.
statutory and regulatory requirements
(often referred to as legal requirements) applicable to your organization. These requirements may come from
your customer; the industry you are in; from within your own organization; or state or federal organizations or
even from the countries you do business in as a seller or purchaser. These requirements may relate to your
products or services; the technology and processes used to make them; the terms and conditions of doing business.
You may need to apply regulatory requirements to your suppliers, subcontractors and external service providers.
Your ultimate objective is to
enhance customer satisfaction
. You achieve this by planning, operating and improving your QMS (PDCA) to effectively meet customer and regulatory
Test your understanding of this section before moving on to the next section:
1. How does this ISO 9001 standard enhance
2. What two objectives are ISO 9001
requirements designed to achieve?
3. Why are ISO 9001 requirements generic and
not specific or prescriptive?
4. How can you make ISO 9001 controls more
5. Describe a way to improve your
6. How does an organization provide assurance
of conformity to requirements?
7. Why does ISO 9001 not specify requirements
for products and services?
8. Where do requirements for products and
services come from?
9. Why do organizations make certification to
ISO 9001 a contractual requirement for doing business?
10. What factors should be considered in
designing and implementing your QMS?
11. What do applicable regulatory requirements
This article is an extract from my eCourse
This eCourse shows you how to easily and effectively IMPLEMENT all the
requirements of this Standard.