Contact us Client area Consultant area FAQS
Global Certification Body
Phone Created with Sketch.

+27 87 286 8213
0
menu Created with Sketch. close Created with Sketch.
Home Resources Blog September 2018
Evidence of Top Management involvement in meeting ISO 9001

Evidence of Top Management involvement in meeting ISO 9001

17 September 2018
Understanding what comprises sufficient evidence of Top Management involvement in meeting ISO 9001 requirements can often be confusing, this article suggests a number of ways organizations can display evidence of Top Management involvement.

ISO 9001 is the internationally recognized standard for Quality Management Systems (QMS). It provides a framework and set of principles that ensure a common-sense approach to the management of an organization to consistently satisfy customers and other stakeholders.
 
The previous version of the standard required Top Management (Leadership) to display evidence that demonstrated their commitment to the development and implementation of the quality management system. As the onus was not placed solely upon the involvement of Top Management, the responsibility was often delegated to a junior manager, such as the Quality Manager.

The new standard (ISO 9001:2015) requires Top Management demonstrate effective leadership through involvement and engagement with meeting the standard as opposed to just a commitment to developing a quality management system.

Criteria for meeting ISO 9001

While ISO 9001 provides a detailed set of requirements for meeting the standard, it effectively focuses on assessing three key components of a quality management system: the operations of the system itself, evidence of a customer focus and implementation of resources to support meeting the standard throughout the organization.

Auditing the quality management system

Clause 5.1 requires that Top Management demonstrate effective leadership and a commitment to continual improvement, which should be reviewed regularly accordingly.

Leadership and commitment

5.1.1 General

Top management shall demonstrate leadership and commitment with respect to the quality management system by:

  • taking accountability for the effectiveness of the quality management system;

  • ensuring that the quality policy and quality objectives are established for the quality management system and are compatible with the context and strategic direction of the organisation;

  • ensuring the integration of the quality management system requirements into the organisation’s business processes;

  • promoting the use of the process approach and risk-based thinking;

  • ensuring that the resources needed for the quality management system are available;

  • communicating the importance of effective quality management and of conforming to the quality management system requirements;

  • ensuring that the quality management system achieves its intended results;

  • engaging, directing and supporting persons to contribute to the effectiveness of the quality management system;

  • promoting improvement;

  • supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility.

5.1.2 Customer focus

Clause 5.1.2 requires that Top Management demonstrate a customer focus, to ensure products consistently meet customer requirements.

Top management shall demonstrate leadership and commitment with respect to customer focus by ensuring that:

  • customer and applicable statutory and regulatory requirements are determined, understood and consistently met;

  • the risks and opportunities that can affect conformity of products and services and the ability to enhance customer satisfaction are determined and addressed;

  • the focus on enhancing customer satisfaction is maintained.

Effective delegation of roles

Clause 5.3 requires Top Management delegate, communicate and monitor implementation of the quality management system throughout the organization.
 
5.3 Organizational roles, responsibilities and authorities
 
Top management shall ensure that the responsibilities and authorities for relevant roles are assigned, communicated and understood within the organisation.
 
Top management shall assign the responsibility and authority for:

  • ensuring that the quality management system conforms to the requirements of this International Standard;

  • ensuring that the processes are delivering their intended outputs;

  • reporting on the performance of the quality management system and on opportunities for improvement, in particular to top management;

  • ensuring the promotion of customer focus throughout the organization;

  • ensuring that the integrity of the quality management system are planned and implemented.

Important terms for assessing system suitability

In order to understand whether a quality management system will meet the criteria an auditor is assessing a system against, it is important to understand how key terms are defined by ISO 9001:2015.
 
Top Management is defined as a person or group who directs and controls an organization at the highest level. They have the power to delegate authority and provide resources within the organization.
NB: If the scope of the management system covers only part of an organization (for example, health and safety), then top management refers to those who direct and control that part of the organization.

Involvement is defined as taking part in an activity, event or situation.

Engagement is defined as involvement in and contribution to activities to achieve shared objectives.

Management is defined as coordinated activities to direct and control an organization. This can include establishing policies and objectives, and processes to achieve these objectives.

NB: when the word “management” refers to people, it should always be used with some form of qualifier to avoid confusion with the concept of “management” defined above. For example, “management shall…” is unacceptable, whereas “top management shall…” is acceptable.

Policy is defined as intentions and direction of an organization as formally expressed by its top management.

Quality policy is defined as a policy related to quality. Generally this is consistent with the overall policy of the organization, aligned with its vision and provides a framework for the setting of the quality objectives.

Examples of suitable evidence

In order to provide suitable evidence of Top Management involvement and engagement, documented information must be provided, along with actions assigned as appropriate.
 
The tables below provide an indication of actions that could be considered as objective evidence to demonstrate Top Management are undertaking effective leadership, commitment and accountability.

5.1.1 General (systems)

  • Records of the quality management system (QMS) being discussed at board meetings to demonstrate it is embedded in the organization’s business processes

  • Active involvement in the review of the organization’s QMS, at planned intervals, with minutes including detailed information of who was present, what was discussed and action points agreed

  • The use of the process approach when setting or reviewing the organization’s internal processes, including active involvement in the review of its risk and opportunities

  • The use of a robust internal audit system with associated corrective actions where applicable

  • Appropriate monitoring and measuring systems looking at discrete areas

  • Active involvement in the setting of the quality policy, rather than just signing it

  • Active involvement in the setting of the quality objectives, rather than just signing these off.

 

1. Customer focus

Appropriate documented information to demonstrate the organization has identified the applicable customer, statutory and regulatory requirements, and evidence the organization has evaluated their compliance to these. If not identified as compliant, evidence is required to demonstrate appropriate and effective corrective action has been taken.

  • Interview and discussion as to how the organisation ensure the process of enquiry through to product / service delivery solicits the appropriate criteria – including statutory / regulatory requirements and that this is followed through

  • Establishing how top management have established and mechanised the processes for reviewing and addressing risks and opportunities associated with product / service delivery

  • Establishing how top management (and the organisation as a whole) engage with customers, what information they solicit and how this is reviewed, analysed and actioned

  • Review of the resources that have been made available to support the management system and engagement with the customer

  • A review of customer feedback to determine trends and if these have been addressed.

 

5. Organizational roles, responsibilities and authorities

Adequate resourcing of the organization’s processes / activities to support its scope and strategic direction, taking into consideration the identified risks, including people, infrastructure and equipment.

  • Documented information to demonstrate that roles, responsibilities and authorities are defined (eg, job descriptions, role descriptions and role specification / requirements)

  • Evidence of communicating the importance of effective quality management and conforming to the system requirements (eg, the use of newsletters, magazines, team briefings, posters)

  • Objective evidence to demonstrate that roles, responsibilities and authorities have been assigned and communicated (eg, signed job descriptions, organization charts)

  • Evidence of supporting an effective system for employees to promote improvement to the organization’s processes (eg, the use of a robust internal audit system, suggestion schemes, awards schemes).


It is possible that not all elements will be applicable to an organization, as this is dependent on a number of factors including the size, locations and activities of the organization, the number of standards the organization is registered to and the maturity of its management system.

Further assistance in meeting ISO 9001

As the examples above demonstrate, when it comes to an audit, you can never have too much information.
 
While this is by no means an exhaustive list of examples of sufficient evidence of top management involvement in meeting ISO 9001, it should provide some indication as to the type of documents that demonstrate a commitment to meeting the standard.
 
If you are new to the ISO 9001 standard or believe you would benefit from further assistance, NQA can perform a gap analysis and support you with training for internal auditors. We also host regular webinars to address the requirements of each standard and share legal updates via InTouch, our monthly newsletter.