Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice

X

When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu
Home Blog Creating an ISO9001 Quality Policy

Creating an ISO9001 Quality Policy

 

When implementing a quality management system (QMS) that complies with ISO9001, one of the items that must be available as “documented information” (that is, written down) is the quality policy. This is a document that is pretty central to your QMS and your organization is unlikely to get certified if you don’t have one. But what is a quality policy, why is it important and what should it contain?

Documents with ISO9001 Quality Policy on front, on blue background/

What is a Quality Policy?

Put simply, it’s a document that sets out top management’s intention and direction with regard to how quality will be achieved within the organization. It’s a required document in ISO9001 and must be made widely available to all interested parties, often by including it on a website. Quality policies can vary in length; some organizations prefer a brief summary covering the main points, whereas others like to expand its scope to set out more detail of how the concept of quality is embedded in all aspects of its operations.

Why is a Quality Policy important?

Producing and communicating the quality policy has the effect of demonstrating the organization’s commitment to doing things correctly, including meeting customer needs, managing risk and opportunity, leading and engaging with its employees and interested parties, and always pushing for improvement. The quality policy is often used as the headline document that declares the organization’s good intentions to the world and sets the direction for everything below it. As such, it’s important to spend some time to get it right and ensure that it has top management’s full support.

What must the Quality Policy contain?

Before we get into what a quality policy could include, there are a few requirements that the ISO9001 standard insists it must meet, and these are given in Clause 5.2.1 establishing the quality policy. First, it should make sense in terms of the overall context and strategic direction of the organization. So if the company is rapidly expanding internationally, the quality policy shouldn’t refer only to the main country of operation, or if a product company is going big on services, this should be reflected in the way the policy is written, and the areas it covers.

Second, the quality policy should describe how quality objectives are set within the QMS. Objectives are defined measures of what is intended to be achieved. This could include who sets them, when and in what areas.

Lastly, commitments by top management to satisfying applicable requirements and to continual improvement of the QMS must be made, and these can be simple policy statements to that effect.

What else could be included?

Once you’ve stated the required elements of the policy, it’s really up to you what else you include. It’s worth keeping in mind the points of view of your various interested parties – what would they like to see in the policy that would please and reassure them about buying from, working for, or dealing with your organization?

This thought process often leads to additional statements in areas such as the following:

  • The desire to achieve customer satisfaction
  • Minimisation of risks within the business
  • Being a great place to work
  • Communicating effectively with interested parties
  • Complying with legislative, contractual and regulatory requirements
  • Establishing a culture of quality within the organization
  • Leadership and training for employees to understand their role in the delivery of quality products and services
  • Providing adequate resources for the quality management system
  • How internal audits and management reviews will help to monitor the QMS

An indication of how amendments to the policy are made and controlled is often a good idea too. Once written and approved, it is common to have the quality policy signed by the person at the top of the organization, such as the CEO, to emphasise leadership and commitment to quality.

Final thoughts

As well as being a requirement of the ISO9001 standard, the quality policy is an opportunity for the top management of the organization to set the stage for their QMS and send a message to customers, employees and suppliers alike that they mean business. Everyone likes to deal with an organization that really wants to improve, and the quality policy should represent a manifesto for the future. The challenge after it has been published is to genuinely live up to the promises it makes, and make quality a priority.

 

Written by CertiKit’s CEO, Ken Holmes CISSP, CIPP/E. Ken is the primary author of CertiKit’s toolkit range and has helped to implement, operate and audit ISO certifications over a varied 30-year career in the Information Technology industry.  Published in June 2023 and updated in August 2024. 

More ISO9001 Resources

CertiKit is a provider of ISO toolkits, Consultancy and Internal Auditing services, and has helped more than 7000 organizations worldwide with their compliance.

For more guidance on implementing the ISO9001:2015 standard, we’ve put together a list of our best free resources including sample documents, blogs and downloadable documents.

Free ISO9001 Resources

We’ve helped more than 7000 businesses with their compliance

Testimonials

Each document is not an island, they all interconnect which is something I've struggled with when using other template packs. Well written and generally happy with the structure of the docs. Really appreciate the excel tools.

PikesPlace
USA

View all Testimonials

Cookie Control

CertiKit uses cookies to improve your user experience. Some are essential for our website to work, but for others you have a choice over which ones you’re happy for us to use.

Please set the controls below to enable or disable the types of cookies shown.

Nice to have cookies
What are these?

Advertising Cookies
What are these?

Cookie Policy