ISO 9001:2015 Checklist

Download Checklist

You need to answer all the questions on the checklist to get a result

Has the organization determined the external and internal issues relevant to the Purpose & strategic direction of its QMS and that can affect its ability to achieve the intended results?

Does the organization monitor and review information about these external and internal issues?

Has the organization determined the interested parties that are relevant to the QMS?

Has the organization determined the requirements of these interested parties relevant to the QMS?

Does the organization monitor and review the information about these interested parties and their relevant requirement?

Has the organization established the scope of its QMS?

Has the organization determined the boundaries and applicability of the QMS?

While determining the scope, has the organization determined the external and internal issues, requirements of relevant interested parties, product and services of the organization?

While determining Applicability, does the organization determine if it affects its ability or responsibility to ensure the conformity of its products and services and the enhancement of customer satisfaction?

Does the scope state the types of products and services covered?

Does the scope give justification for any requirements that the organization determines and is not applicable to the scope of its QMS?

Is the organization’s scope made available and maintained as a Documented Information?

Has the organization established, implemented, maintained and continually improved its QMS?

Has the organization determined the processes needed for the QMS?

Has the organization determined the application of these process throughout the organization?

Has the organization determined the sequence and the interaction of these process?

Has the organization determined and applied the criteria and methods needed to ensure the effective operation and control of these processes?

Do these methods include the monitoring, measurement and related performance indicator?

Has the organization determined the resources needed for the organization?

Has the organization ensured the availability of the resources needed for these processes?

Has the organization assigned the responsibilities and authorities for these processes?

Has the organization addressed the risk and opportunities associated with these processes?

Has the organization evaluated these processes and implemented any changes needed to ensure that these processes achieve its intended results?

Has the organization made improvement in its processes and its QMS?

Has the organization maintained documented information to support the operation of its processes?

Do the organization retain documented information as evidence that the processes have been carried out as planned?

Does the top management demonstrate leadership and commitment by taking accountability for the effectiveness of its QMS?

Has the top management ensured that the quality policy and quality objective are established?

Is the quality policy and quality objective compatible with the context and strategic direction of the organization?

Has the organization integrated the requirements of QMS with the business processes?

Is the organization promoting the use of process approach and risk-based thinking throughout the organization?

Is the top management ensuring that the resources needed for the QMS are available?

Is the importance of the effectiveness of QMS and meeting QMS requirements communicated?

Does the top management ensure that the QMS is achieving its intended results?

Does Top Management engage, directs and supports the persons required to contribute to the effectiveness of the QMS requirements?

Is Top Management promoting improvements?

Is Top Management supporting other relevant management roles to demonstrate their leadership as it applies to their area of responsibilities?

Does the Top Management demonstrate leadership and commitment by ensuring that customer and applicable statutory and regulatory requirements are determined, understood and are consistently meeting the requirements?

Are the risks and opportunities that can affect the conformity of products and services and the ability to enhance customer satisfaction are determined and addressed?

Is the focus of enhancing customer satisfaction maintained?

Has the Top Management established, implemented and maintained a quality policy?

Is quality policy appropriate to the purpose and context of the organization and does it supports its strategic directions?

Does the Quality policy provide the framework for setting quality objective?

Does the Quality policy include the commitment to satisfy applicable requirements and to continually improvement of the QMS?

Is Quality policy maintained as documented information?

Is Quality policy communicated, understood and applied within the organization?

Is Quality policy appropriate and made available to the relevant interested parties?

Has the Top management ensured that the responsibilities and authorities for relevant roles are assigned, communicated and understood within the organization?

While assigning the responsibilities and authorities, do the top management ensure that the processes are meeting their intended results?

While assigning the responsibilities and authorities, do the top management ensure that there is the promotion of customer focus throughout the organization?

While assigning the responsibilities and authorities, do the top management ensure that performance of its QMS and opportunities for improvement are reported to them?

While assigning the responsibilities and authorities, do the top management ensure that integrity of QMS is maintained when changes to the QMS are planned and maintained?

While planning for QMS, does the organization considers the issues referred to in clause 4.1 and requirement referred to in clause 4.2?

Has the organization determined the risks and opportunities that have to be addressed so that QMS can achieve its intended results, enhance desirable effects, prevent, or reduce undesired effects and achieve improvement?

Has the organization planned actions to address these risks and opportunities?

Have these actions implemented and integrated into its QMS processes?

Has the organization evaluated the effectiveness of these actions?

Is the action proportionate to the potential impact on the conformity of product and services?

Has the organization established quality objectives at relevant functions, levels and process needed for the QMS?

Are the quality objectives consistent with the quality policy?

Does the organization have quality objectives which are relevant to the conformity of product and services and enhancement of customer satisfaction?

Are the quality objective measurable and do they take account of applicable requirements?

Are the quality objectives monitored, communicated and updated as required?

Does the organization maintain documented information on the quality objectives?

For achieving quality objectives do the organization determines what will be done, what resources are required, who will be responsible, when will it be completed and how are the result to be evaluated?

While determining changes for the QMS, are changes carried out in a planned manner?

While planning for change, does the organization consider the purpose of the change and their potential consequence; the integrity of the QMS; the availability of resources; and allocation and reallocation of responsibilities and authorities?

Has the organization determined and provided the resources needed for the establishment, implementing, maintaining and continually improvement of the QMS?

Has the organization considered the capabilities and constraints of existing internal resources?

Has the organization considered what needs to be obtained from external providers?

Has the organization determined and provided the persons required for effective maintenance of QMS and for operation and control of its processes?

Has the organization determined and maintained the infrastructure needed for the operation of its processes and to achieve conformity of product and services?

Has the organization determined, provided and maintain the environment necessary for the operation of its processes and to achieve conformity of products and services?

Has the organization determined and provided the necessary resources needed when monitoring and measuring are used to verify conformity to product and service requirement?

Are resources suitable for the type of monitoring and measurement activities undertaken?

Are resources maintained to ensure their continuing fitness?

Does the organization retain appropriate documented information as evidence of fitness for the purpose of the monitoring and measurement resources?

Is there a requirement for measurement traceability?

Where measurement traceability is a requirement, is measurement equipment calibrated or verified at a specified interval or prior to use?

Is the calibration or done against measurements standards traceable to national or international standards?

Where no such standard is existing, are documented information retained for the basis used for calibration or verification?

Are the measuring equipment identified in order to determine their status?

Are the measuring equipment safeguarded from adjustments, damage or deteriorated that would invalidate the calibration and subsequent measurement results?

Does the organization determine and take appropriate action if the validity of previous measurement results has been adversely affected when measuring equipment is found to be unfit for its intended purpose?

Does the organization determine the knowledge necessary for the operation of its processes and to achieve conformity of product and services?

Does the organization maintain this knowledge and make it available to the extent necessary?

While addressing changing needs and trends, does the organization considers its current knowledge and determine how to acquire or access any necessary additional knowledge and required updates?

Does the organization determine the necessary competence of its employees whose work affects the performance and effectiveness of the QMS?

Does the organization ensure that its employees are competent on basis of appropriate education, training or experience?

Does the organization take applicable actions to acquire the necessary competence and evaluate the effectiveness of action taken?

Does the organization retain the appropriate documented information as evidence of competence?

Does the organization ensure that the persons doing work under the organization’s control are aware of its quality policy, relevant quality objectives, their contribution to the effectiveness of QMS including the benefits of improved performance and the implications of not meeting QMS requirements?

Does the organization determine the internal and external communication relevant to the QMS including on what it will communicate, when to communicate, with whom to communicate, how to communicate, and who communicates?

Does the organization’s QMS include documents required by ISO 9001:2015 and documents determined by the organization necessary for the effectiveness of the QMS?

While creating and updating documented information, does the organization ensure it is appropriate in terms of identification descriptions?

While creating and updating documented information does the organization ensure that it is in proper format and in the correct media?

While creating and updating documented information, does the organization ensure that there are appropriate review and approval for suitability and adequacy?

Does the organization control its documented information to ensure that it is available and suitable for use, whenever it is needed?

Is the documented information adequately protected?

Is the distribution, access, retrieval and use of documented information adequately controlled?

Is the documented properly stored and adequately preserved and it is legible?

Is there control of changes (e.g. version control)?

Are their adequate control in place for retention and disposition?

Is external origin documented information necessary for planning and operation of QMS appropriately identified and controlled?

Are records protected for unintended alterations?

Does the organization plan, implement and control the processes needed to meet the requirement for the provision of product and services and to implement the action determined in clause 6?

Does the organization determine the requirements for the products and services?

Has the organization established criteria for the processes and acceptance of products and services?

Does the organization determine the resources needed to achieve conformity to the product and service requirements?

Does the organization implement controls of the processes in according with the criteria?

Does the organization determine, maintain and retain necessary documented information to have confidence that the processes have been carried out as planned and to demonstrate the conformity of products and services?

Does the organization control its planned changes and review the consequences of unintended changes?

Does the organization take action to mitigate any adverse effects of its unintended changes?

Does the organization communicate with customers to provide information relating to products and services, handling enquiries, contracts or orders (including any changes)?

Does the organization obtain customer feedback relating to products and services including customer complaint?

Does the organization communicate with the customers relating to handling or controlling customer property?

Has the organization established requirements for contingency action, where required?

Has the organization determined the requirements for product and services to be offered the customer?

Are the requirements defined and does it includes applicable statutory regulatory requirements and those considered necessary by the organization?

Can the organization meet the claims for the product and services it offers?

Has the organization ensured that it has the ability to meet the requirements for products and services?

Has the organization conducted a review before committing to supply product and services?

Has the organization reviewed the requirements specified by the customer, including the requirements for delivery and post-delivery activities?

Has the organization reviewed the requirements not stated by the customers but necessary for the specified or intended use when know?

Has the organization reviewed the statutory & regulatory requirements applicable to the product and services and requirements specified by the organization?

Have the organization reviewed and resolved contract or order requirements differing for those previously defined?

When the customer does not provide a documented statement of their requirement, does the organization conform to the customer’s requirements before acceptance?

Does the organization retain documented information on the results of the review and on any new requirements for the products and services?

Does the organization ensure that the relevant documented information is amended and the relevant persons are made aware of the changed requirements when the requirements for the products and services are changed?

Has the organization established, implemented and maintain a D&D process that is appropriate to the subsequent provision of product and services?

In determining the stages and controls for D&D, has the organization is taken into consideration the nature, duration and complexity of D&D activities?

In determining the stages and controls for D&D, has the organization taken into consideration the required process stages including D&D reviews?

In determining the stages and controls for D&D, has the organization taken into consideration the D& D verification and validation activities?

In determining the stages and controls for D&D, has the organization taken into consideration the responsibilities and authorities involved in the D&D process?

In determining the stages and controls for D&D, has the organization taken into consideration the external and internal resources needed?

In determining the stages and controls for D&D, has the organization taken into consideration the need to control interfaces between persons involved in D&D?

In determining the stages and controls for D&D, has the organization taken into consideration the need for involvement of customer and user?

In determining the stages and controls for D&D, has the organization taken into consideration the requirements of the subsequent provision of product and services?

In determining the stages and controls for D&D, has the organization taken into consideration the level of the control expected for the D&D by customers and other relevant interested parties?

In determining the stages and controls for D&D, has the organization taken into consideration the documented information needed to demonstrate that design and development requirement has been met?

Has the organization determined the essential requirements for the specific types of products and services to be designed and developed?

Does the organization consider the following functional and performance requirements; statutory and regulatory requirements; standards or code of practices that the organization has committed to implement; information derived from previous design and development activities; potential consequences of failure due to the nature of the product and services?

Does the organization ensure that the inputs are adequate for D&D purpose, complete and unambiguous?

Does the organization resolve the conflicting D&D inputs?

Are documented information for D&D inputs retained?

Has the organization applied the necessary controls to D & D processes to ensure that the result to be achieved are defined?

Has the organization conducted a review to evaluate the ability of the results of D& D to meet the requirements?

Has the organization conducted the verification to ensure that D&D meet input requirements?

Has the organization conducted the validation to ensure that the resulting product and service meet the requirements of the specified application or intended use?

Has the organization taken necessary action on the problems determined during reviews, verification or validation activities?

Has the organization retained documented information on the above-mentioned activities?

Does the organization ensure that D&D outputs meet the input requirements?

Does the organization ensure that D&D outputs are adequate for the subsequent processes for the provision of product and services?

Does the organization ensure that D&D outputs include (or has reference) monitoring and measuring requirements and acceptance criteria?

Does the organization ensure that D&D outputs specify the characteristics of the products and services that are essential for their intended use?

Has the organization identified, reviewed and controlled changes made during, or subsequent to the D & D of the product and services to ensure that there is no averse to the impact on conformity to requirement?

Has the organization retained the documented information on D&D changes, the result of reviews, authorization of the changes and the action taken to prevent adverse impact?

Does the organization ensure that the externally provided processes, products and services conform to the requirements?

Does the organization determine the controls needed when the product and services from the external providers are incorporated into their own product and services?

Does the organization determine the controls needed when the product and services from the external providers are provided directly to the customer by external providers?

Does the organization determine the controls needed when the process or part of the process is provided by the external providers?

Has the organization determined and applied the criteria for selection, evaluation, monitoring of performance and re-evaluation of external providers?

Has the organization retained the documented information of these activities and any action arising out or evaluation/re-evaluation?

Does the organization ensure that the externally provided processes, product and services do not adversely affect its ability to consistently deliver conforming products and services to the customers?

Does the organization ensure that the externally provided process remains within the control of its QMS?

Has the organization defined the controls to be applied to an external provider and its resulting outputs?

Has the organization taken into consideration the potential impact of the organization’s ability to consistently meet customer and applicable statutory and regulatory requirement?

Has the organization taken into consideration the effectiveness of the controls applied by the external providers?

Has the organization determined the verification or other activities, necessary to ensure that the externally provided processes, products and services meet requirements?

Does the organization ensure the adequacy of requirements prior to their communication to the external provider?

Does the organization communicate to the external providers its requirements for the processes, products and services required?

Does the organization communicate to the external providers its requirements for the approval of the product and services; methods, processes and equipment; the release of product and services?

Does the organization communicate to the external providers its requirements for competence including any qualification of persons?

Does the organization communicate to the external providers its requirements for external provider’s interactions with the organizations?

Does the organization communicate to the external providers its requirements for control and monitoring of the external providers’ performance to be applied by the organization?

Does the organization communicate to the external providers its requirements for verification or validation activities that the organization or its customer intends to perform at the external providers’ premises?

Has the organization implemented production and service provision under controlled conditions?

Are there any documented information available that defines the characteristics of the product, services or activities to be performed and the results to be achieved?

Are any suitable monitoring and measuring resources available? Are they being used?

Are monitoring and measuring activities being performed at appropriate stages?

Are competent persons (including qualification) being appointed?

Is the infrastructure and environment being used suitable for operation of processes?

Has the organization implemented any actions to prevent human error?

Has the organization implemented any release, delivery and post-delivery activities?

Where resulting output cannot be verified by subsequent monitoring or measurement, has the organization conducted validation and periodic revalidation of the process for production and service provision?

Has the organization used any suitable means to identify output when it is necessary to ensure the conformity of products and services?

Has the status of outputs with respect to monitoring and measuring requirements throughout the production and service provision being identified by the organization?

Has the organization controlled the unique identification of the outputs when traceability is a requirement?

Has the organization retain the documented information necessary to enable traceability, when traceability is a requirement?

When property belonging to customers or external providers is under the organization’s control or being used by the organization, does the organization exercise adequate care?

Does the organization identify, verify, protect and safeguard customers’ or external providers’ property?

When the property or the customer or external provider is lost, damaged or otherwise, fount to be unsuitable for use, does the organization report this to the customer or external provider? Does the organization retain documented information on what has occurred?

Does the organization preserve the outputs during production and service provision, to the extent necessary to ensure conformity to requirements?

Does the organization meet requirements for post-delivery activities associated with the product and services?

In determining the extent of post-delivery activities does the organization considers the statutory & regulatory requirements; the potential undesired consequences associated with its product and services; customer requirement & feedback; nature, use and intended lifetime of its product and services?

Do the organization conduct review and control changes for production or service provision to ensure continuing conformity with requirements?

Does the organization retain documented information describing the results of the review of changes, the person(s) authorizing the change and any necessary actions arising from the review?

Has the organization implemented planned arrangements, at appropriate stages, to verify that the product and service requirements have been met?

Does the organization ensure that the release of product and service proceed only after the planned arrangement is satisfactorily completed or approved by the relevant authority and as applicable by the customer?

Does the organization retain the documented information on the release of products and services and it includes information relating to the evidence of conformity with the acceptance criteria; traceability of the person authorizing the release?

Does the organization ensure that the outputs which do not conform to their requirements are identified and controlled to prevent their unintended use or delivery?

Is the action appropriate to the nature of the nonconformity and its effect on the conformity of products and services?

Do the organization also consider nonconforming product and services detected after delivery of products, during and after the provision of services?

When non-conforming products and services are detected does the organization take correction action and/or segregation, containment, return, or suspension of the provision of product & services and/or informing the customer and/or obtaining authorization for acceptance under concession?

Does the organization retain documented information that describes the nonconformity; describes the actions taken; describes any concession obtained; identifies the authority deciding the action in respect of the nonconformity?

Did the organization plan how to monitor, measure, analyze, and evaluate its QMS?

Did the organization plan how to monitor QMS performance and effectiveness?

Did the organization figure out what needs to be monitored and select methods?

Did the organization determine its QMS monitoring requirements?

Does the organization select monitoring methods that can produce valid results?

Did the organization establish when monitoring should be done and who should do it?

Did the organization plan how to measure QMS performance and effectiveness?

Did the organization figure out what needs to be measured and did the organization select methods?

Did the organization determine its QMS measurement requirements?

Does the organization select measurement methods that can produce valid results?

Did the organization establish when measuring should be done and who should do it?

Did the organization plan how to analyze QMS performance and effectiveness?

Did the organization select analytical methods that are capable of producing valid results?

Did the organization decide when monitoring and measurement results are analyzed?

Did the organization plan how to evaluate QMS performance and effectiveness?

Did the organization select evaluation methods that are capable of producing valid results?

Did the organization decide when monitoring and measurement results are evaluated?

Do the organization monitor, measure, analyze, and evaluate the organization’s QMS?

Does the organization monitor the performance and effectiveness of the organization’s QMS?

Do the organization record monitoring results and does the organization retain and control these records?

Does the organization measure the performance and effectiveness of the organization’s   QMS?

Do the organization record measurement results and does the organization retain and control these records?

Does the organization analyze the performance and effectiveness of its   QMS?

Do the organization record analytical results and does the organization retain and control these records?

Does the organization evaluate the performance and effectiveness of its QMS?

Do the organization record evaluation results and does the organization retain and control these records?

Does the organization establish methods that the organization can use to monitor customer perceptions?

Does the organization figure out how the organization is going to obtain information about how customers feel about how well it is meeting their needs and expectations?

Does the organization figure out how the organization is going to review information about how customers feel about how well it is meeting their needs and expectations?

Do the organization monitor how well customer needs and expectations are being fulfilled?

Do the organization monitor how the organization’s customers feel about how well the organization is meeting their needs and expectations (do the organization monitor the organization’s customers’ perceptions)?

Does the organization analyze its monitoring and measurement results?

Does the organization analyze and evaluate appropriate data and information?

Does the organization use its analytical results to evaluate performance?

Does the organization evaluate the performance of its QMS?

Does the organization determine if it needs to improve its performance?

Does the organization evaluate the performance of its external providers?

Does the organization use its analytical results to evaluate effectiveness?

Does the organization evaluate the effectiveness of its QMS?

Does the organization determine if it needs to improve its effectiveness?

Does the organization evaluate the effectiveness of its planning?

Does the organization determine if its plans were effectively implemented?

Does the organization evaluate the effectiveness of its actions?

Does the organization evaluate the effectiveness of actions taken to address risks?

Does the organization evaluate the effectiveness of actions taken to address opportunities?

Does the organization use its analytical results to evaluate conformity?

Does the organization evaluate the conformity of products and services?

Does the organization use its analytical results to evaluate satisfaction?

Does the organization evaluate the degree of customer satisfaction?

Does the organization conduct internal audits at planned intervals?

Did the organization plan a program that can find out if QMS meets the Organization’s own requirement and ISO 9001:2015 requirements?

Did the organization plan a program that can find out if QMS is effectively implemented and maintained?

Did the organization plan, establish, implement, and maintain an audit program?

Did the audit program include the frequency, methods, responsibilities, planning requirements, and reporting?

Does the audit program take into consideration the importance of the process concerned, changes affecting the organization, and the results of previous audits?

Did the organization define the audit criteria and scope of each audit?

Does the organization ensure that the audit is conducted by the auditors to ensure objectivity and impartiality of the audit process?

Does the organization ensure that the results of the audits are reported to relevant management?

Does the organization take appropriate correction and corrective action without undue delays?

Does the retain documented information as evidence of the implementation of the audit program and the audit results?

Does the Top Management review the organization QMS at planned intervals?

Does the review ensure QMS’s continuing suitability, adequacy, effectiveness, and alignment with the strategic direction of the organization?

Does the review take into consideration the status of actions from previous management reviews?

Are the changes in external and internal issues relevant to QMS considered?

Does the review take into consideration information on the performance and effectiveness of the QMS?

Does the review take into consideration customer satisfaction and feedback from relevant interested parties?

Does the review take into consideration the extent to which the quality objectives have been met?

Does the review take into consideration the process performance and conformity of products and services?

Does the review take into consideration nonconformities and corrective actions?

Does the review take into consideration monitoring and measuring results?

Does the review take into consideration audit results?

Does the review take into consideration the performance of external providers?

Does the review take into consideration the adequacy of resources?

Does the review take into consideration the effectiveness of actions taken to address risks and opportunities?

Does the review take into consideration the opportunities for improvement?

Do the outputs of the Management review include decisions and actions related to the opportunities for improvement; any need for changes to the QMS; and resources needed?

Does the organization retain documented information as evidence of the result of the management review?

Has the organization determine and select opportunities for improvement?

Has the organization implemented any necessary action to meet customer requirements and enhance satisfaction?

Has the organization taken action for improving products & services to meet requirements as well as to address future needs and expectations?

Has the organization taken action for correcting, preventing, or reducing undesired effects?

Has the organization taken action for improving the performance and effectiveness of the QMS?

When any nonconformity (including complaints) occurs, does the organization take action to control and correct it and deal with the consequences?

When any nonconformity (including complaints) occurs, does the organization evaluate the need for action to eliminate the causes of the nonconformity?

Does the organization reviews and analyzes the nonconformity?

Does the organization determine the causes of the nonconformity?

Does the organization determine similar nonconformity exist or could potentially occur?

Has the organization implemented any action needed?

Has the organization reviewed the effectiveness of the corrective action taken?

Has the organization updated risk and opportunities determined during planning if necessary?

Has the organization made changes to the QMS if necessary?

Are the corrective actions appropriate to the effects of the nonconformities encountered?

Does the organization retain documented information on the nature of the nonconformities and any subsequent actions taken; and the result of any corrective action?

Does the organization continually improve the suitability, adequacy, and effectiveness of the QMS?

Does the organization consider the results of analysis and evaluation, and output from management review to determine if there are needs or opportunities to be addressed as part of continual improvement?

Get your “ISO 9001:2015 Checklist”

Download Checklist

Related checklists

Get a FREE trial period

Checklist completed

30%Evaluation

4Comments

Leave your email and we’ll send you a checklist