Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice

X

When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu

ISO Guide - Who are your Interested Parties?

All ISO standards written to the Annex SL format mention interested parties in two areas: clauses 4 and 6. Specifically subclause 4.2 – ‘Understanding the needs and expectations of interested parties’, and subclause 6.1 – ‘Actions to address risks and opportunities’. These two areas of the standard are closely linked and many organizations implementing an ISO management system fail to align them.

The ISO standards drive you to identify your interested parties, so you can carry out risk assessments on each one, and produce a stakeholders table that lists the stakeholder, their requirement or influence, together with what you are going to do to manage that risk and who will be responsible for it.

It helps you focus on the question ‘what if?’ and it drives the culture of proactive actions. This allows you to always be in control and no nasty surprises can be sprung on you, meaning you can remain compliant with both statutory and regulatory requirements.

Cartoon group business meeting

What is an interested party?

Well, it’s the same as a ‘Stakeholder’, which is:

‘A person, group or organization that has interest or concern in an organization.’

In layman terms, it is any person or entity that can affect your organization’s outputs or has requirements that have to be met by your business.

Interested parties can affect or be affected by the organization’s actions, objectives, and policies. Interested parties can have a direct or indirect influence on your organization’s products or services, and the impact depends on the stakeholder tiers.

Example of stakeholder tiers:

  • 1st tier stakeholders – Customers; suppliers; government agencies
  • 2nd tier stakeholders – Supplier’s suppliers; customs in customer’s country
  • 3rd tier stakeholders – Other countries government agencies; political situations around your business

Interested parties can also be internal within the organization, for example your staff and board members are important interested parties.  It’s critical to identify both the internal and external interested parties and their requirements you have to satisfy, or the influence they could have over your organization.

Once you have all the information, it must be documented. This can be done in a CRM system, an excel spreadsheet or a table in a word document.  It must contain the name of the interested party, their requirement, what actions are to be implemented, who will be responsible for those actions and who will monitor the actions being taken.

The table below is an example of a ‘needs and expectations of interested parties’ table.

 

 

Actions to address risk and opportunities

Now that you have identified your interested parties you must put in place actions to be taken to ensure these requirements are met.  But you must also look to see if there are any benefits from meeting these requirements. These are the opportunities.  Not all interested parties will have opportunities attached to their requirements, however some will, not just for the management system but on the business overall.  Again, these need to be identified and documented. A similar format as the ‘needs and expectations of interested parties’ table can be used.

This table is very similar to the first table, the first two columns contain the same information.  This makes it easier to align the requirements to the risks and opportunities, and also makes it easier for an auditor to identify interested parties against their risks and opportunities.

The third column has the identified risks, these are the potential outcomes if you do not meet the requirement(s) of the interested party and, where identified, the potential opportunity in meeting them.

The final column shows the expected effectiveness of the actions taken. These were the actions identified in the first table.

Summary

Interested parties are an important part of any management system. Failing to identify their needs and requirements could be costly to your organization.  Putting in place and monitoring actions to address them will ensure you meet these needs and also identify potential opportunities that could benefit both the management system and the organization as a whole.

 


More ISO Resources

CertiKit is a provider of ISO toolkits, consultancy and internal auditing services, and has helped more than 4000 organizations worldwide with their compliance.

For more guidance on implementing the ISO standard of your choice, go to our guidance pages where you can find more specific information about each standard and more downloadable resources.

More ISO Guidance

We’ve helped more than 7000 businesses with their compliance

Testimonials

I found the toolkit templates easily map back to the standard. The introductory information for each document was helpful in preparing for our external audit.

V-Tech Solutions, Inc.
USA

View all Testimonials