Get 4 FREE months of Conformio to implement ISO 27001

What clauses can be excluded in ISO 9001:2015?

The draft of the new version of ISO 9001 has completely removed the word “exclusions” from the text of the requirements document, and many people have wondered if this is an indication that you can no longer exclude requirements in your Quality Management System (QMS). Since the 2000 version of ISO 9001, there has been the ability to include in your QMS the justification for certain sections of the standard to be deemed inapplicable to your company or business. In many cases, this is necessary – for example, if your company does not do a particular task such as design – so you might be rightly worried that this will no longer be acceptable.

For more on how exclusions work in the current version of ISO 9001, see this blog post on What is an acceptable exclusion in Clause 7 of ISO 9001?

What does the new draft of ISO 9001:2015 say about exclusions?

The writers of the ISO 9001 standard know that there are some companies for which certain requirements will not apply, which is the reason that the ability to exclude requirements was written into the standard in the first place, and for this reason they have given an explanation in the draft international standard explaining what they have done. This explanation is included in annex A.5 titled Applicability.

ISO 9001:2015 – What clauses can be excluded?

In short, it states that the standard no longer makes specific reference to “exclusions,” but does recognize that an organization might need to review how the requirements apply to them. This may be due to the size of the organization, the management model, the activities that the organization does, or the nature of the risks and opportunities that the organization encounters. As the final word, the annex says that when a requirement can be applied within the scope of the QMS, the organization cannot just decide that it is not applicable. Further, when a requirement is determined to be not applicable, this cannot be allowed to result in failures to achieve conformity of products and services to enhance customer satisfaction.

What does this mean to you?

An easy example of a set of requirements that are often excluded are the requirements for design and development. If your organization does not do any design work, but strictly work from designs given to you by a customer, then these requirements can rightly be determined to be not applicable to your organization. This could be in the case of a machine shop that only takes the drawings and CAD programming files from customers, and uses these to machine the parts on a CNC machine. In doing so, the customer is in charge of the design and any design changes, and for the machine shop these requirements are not applicable.

On the other hand, some might try to argue that in a similar situation, where a machine shop is taking customer designs and machining the parts, that they could exclude the requirements for determination of requirements related to products and services. The argument could be that since the customer provides all the information, the machining organization does not need to determine the requirements. This view would be incorrect for two reasons.

Firstly, the ISO 9001 requirements include the assessment of the organization’s ability to meet the defined requirements, and review of the drawings and files sent would be part of this activity. Secondly, by not reviewing the documentation and files provided to ensure that all the requirements were included and adequate, you could easily fail to achieve conformity of products and services to enhance customer satisfaction. In doing so, you would fail to meet one of the main criteria for determining applicability, and would therefore need to include processes to address these requirements in your QMS.

Remember that your QMS should meet your needs

The ISO 9001 requirements are not written with the intention of causing companies to implement many useless processes, and waste time, money, and resources in doing so. The requirements are intended to be a basis for any company to create a system to ensure customer satisfaction and improvement, and as such, many companies see this as the minimum requirement for an organization.

If certain requirements are actually not applicable to your organization, then it makes sense not to include these in your QMS; however, working to see how many requirements you can exclude for the sake of reducing the number of processes will eventually cause you problems when you later find that you should have done something, and now it’s too late. Use the ISO 9001 standard as a guide, and carefully consider if you would benefit from including the processes that the standard requires. You owe it to yourself to make your QMS the most useful for your company.

For more information on changes brought about by ISO 9001:2015, check this free ISO 9001:2015 vs. ISO 9001:2008 matrix.

Advisera Mark Hammar
Mark Hammar
Mark Hammar is a Certified Manager of Quality / Organizational Excellence through the American Society for Quality and has been a Quality Professional since 1994. Mark has experience in auditing, improving processes, and writing procedures for Quality, Environmental, and Occupational Health & Safety Management Systems, and is certified as a Lead Auditor for ISO 9001, AS9100, and ISO 14001.