Updated 2018 –


To some, the point of ISO 9000 (ISO 9001:2015) registration is a certificate. While important to convince customers that certain procedures are in place, a certificate can be a very expensive piece of paper if that is the only benefit realized by the organization. To others, the point of IS0 9000 is measured performance improvement for the organization, and the certificate is merely a confirmation of an effective quality management system (QMS). This results-focused view of ISO 9000 is confirmed by the growing number of companies pursuing “compliance through self-certification” instead of a formal registrar-certification of their QMS.
The framers of the new standard saw performance improvement as the central point of the standard along with RISK BASED THINKING as a core practice. The expanded top management responsibilities make clear who must lead the charge toward measurable results.

Top management shall demonstrate leadership and commitment with respect to the quality management system. (ref 5.1.1) by (among others):

• insuring the quality policy and quality objectives are established…..
• ensuring the integration of the quality management system into the organization’s business processes
• promoting the use of the process approach and risk-based thinking
• promoting improvement

The new standard standardizes knowledge gained from experience, recognizes not only risk but opportunities, delves deeper into the measurement of an organization’s success, and places more emphasis on management involvement.

Many ISO 9001 professionals believe the establishment of meaningful, measurable quality objectives toward which the entire QMS is directed is a very important part of the ISO 9001:2015 standard. For it is in the setting and achieving of business-essential objectives that a real return-on-investment (ROI) can be found. So, as top management sits down to discuss quality objectives, they must define quality for their organization and its customers. Surely the quality of products and services should be included. Certainly measures of customer satisfaction would be on the list of key objectives. These measures are termed, “Key Process Indicators” or KPIs and CORE can help the organization establish those to assess the effectiveness of the system. Some of those KPIs or drivers of a quality organization might be:

• delivery performance
• percent of total market share
• sales generated from new products
• through-put time from sale to delivery
• time to order fulfillment
• cost of rework and scrap

There are many other measures that can be incorporated into the organization’s QMS and they may be related to the establishment of “business performance targets” as well. While a (surprisingly) few measures are mandated in the ISO standard, it is left to the organization’s management to set objectives most useful to the organization and its customers.


The section entitled “Leadership and commitment” (ref. 5.1) starts with a mandate for top management:
Top management shall demonstrate leadership and commitment to the quality management system (QMS) by:
This leads to other parts of the mandate that top management is obligated: “Ensuring that the QMS achieves its intended results” (5.1.1g). While also including basic best practices of management such as: “PROMOTING the use of the process approach and risk-based thinking” (5.1.1d), “COMMUNICATING the importance of effective quality management….”(5.1.1f), “PROMOTING improvement” (5.1.1i) and DEMONSTRATE leadership and COMMITMENT to ensure that “the focus on enhancing customer satisfaction is maintained” (5.1.2).

The primary responsibility for the establishment of quality objectives cannot be delegated, though involving the rest of the organization can help ensure the objectives are realistic with a high degree of buy-in. Top management must determine performance targets for the organization as a whole, and then break them down into smaller sub-objectives that can be assigned to divisions, departments, teams or individuals, as appropriate.

In Section 6, Planning, the new standard starts by asking the organization to consider addressing risks and opportunities that might have an impact on the QMS and quality of the product. The standard mentions risk several more times indicating it is an important new aspect to consider.

In the section, “Quality objectives and planning to achieve them” (ref 6.2), the standard indicates that the quality objectives shall:

The additional objectives set are left to the judgment of management based on the organization’s size, market, product mix, complexity, etc. It is typical that the organization limit the number of objectives to those most vital to the organization’s success.


The objectives must also be measured:
The quality objectives shall be measurable and consistent with the quality policy. (ref. 6.2.1a)

This would eliminate “motherhood-and-apple-pie” statements that are mere slogans espousing a general desire for quality. By stating that objectives must be “measurable”, an objective set of data gathered, reported and analyzed should be able to clearly indicate whether or not specific objectives have been reached.

In establishing measurable objectives, many companies define the following for each:

• In establishing measurable objectives, many companies define the following for each:
• Measurement – Data to be collected to monitor actual performance.
• Baseline – Historical level of performance; establishes the starting point.
• Target – Specific performance goal for the objective.
• Target Date – Date by which the target is to be achieved.
• Owner – Person/group responsible to gather, report and analyze the measurement data.
• Reporting Frequency – Schedule for reporting, analyzing and responding to the measurement
• Review Frequency – Schedule for reviewing the objective and corresponding target for possible modification to ensure ongoing relevancy for the organization.

While this format is not specified by the ISO 9001:2015 requirements, an organization might want to consider including many of these elements in their quality objectives planning. It is also required that all quality objectives are “consistent with the quality policy” (see 6.2.1). That means there must be logical relationship between the performance targets of the organization and top management’s statement of intention that it intends to achieve quality as a result of the company’s operation. The consistency between the quality policy and quality objectives must be clear to third-party auditors as well as those more familiar with the company.


whats-the-pointIn addition to setting quality objectives, the organization (management) is responsible for planning the overall QMS.

First, the QMS must be planned (and implemented) to be sure the requirements listed in the “General Requirements” for the QMS (ref. 4.1) are met. These requirements are summarized below:

1. The QMS must be established and continually improved.
2. QMS processes must be identified (including processes outsourced by the company) and their sequence and interactions determined.
3. Criteria and methods of control must be established to be sure the QMS processes are effective (NOTE: The company’s quality objectives can meet this requirement).
4. Needed resources and information must be available to operate and monitor the QMS processes.
5. QMS processes must be monitored, measured and analyzed.
6. Actions must be taken to meet planned results (quality objectives) and continually improve QMS processes.
7. The QMS processes must meet the requirements of the ISO 9001:2015 standard.

The planning of the QMS now includes addressing risks and opportunities. This will serve to (ref 6.1.1):

a) give assurances that the QMS can achieve its intended results;
b) enhance desirable effects;
c) prevent or reduce, undesired effects;
d) achieve improvement.

These items are enhanced (ref. 6.1.2), where in the organization “shall plan”
a) how to: 1) integrate and implement the actions into its QMS processes (see 4.4); and 2) evaluate the effectiveness of these actions.

Second, the QMS must deliver results. It is expected that top management monitor the company’s performance against its stated quality objectives and take necessary actions to be sure these objectives are met. Third-party auditors will certainly be looking to see a strong pattern of meeting stated objectives.

whats-the-pointThe results of the QMS are measurable against the quality objectives and how much improvement is gained. Among new considerations in this iteration of ISO is planning for the accumulation and documentation of “Organizational Knowledge” (ref. 7.1.6). Organizational knowledge can be gained in numbers of ways, and the standard notes: “Organizational knowledge is knowledge specific to the organization, it is generally gained by experience; and this knowledge can be based on internal or external sources. Among the sources that might be used are:

• Lessons Learned meetings after projects or tasks are completed.
• Internal and external audit findings and recommendations.
• Experience of new employees.
• Industry knowledge from meetings, conferences, and other sources.

Third, the QMS planning process must respond to significant organizational changes by making necessary adjustments to policies, procedures, quality objectives, etc. Changes that could require QMS modifications might include new product lines, customers with new requirements, marked organizational growth or downsizing, acquisition or divestiture of company facilities, management reorganizations, etc.


This brief set of management “planning” requirements has huge implications for any organization seeking ISO 9001:2015 compliance or registration. Senior management must “direct the ship” by steering the organization away from high risks and toward clearly stated, consistently measured and carefully analyzed quality objectives. It is through the use of quality objectives that top management can keep the organization focused on what is most important to the company and its customers, ensuring improving results that deliver real, demonstrable quality throughout the company.