Implementation, maintenance, training, and knowledge products for Information Security Management Systems (ISMS) according to the ISO 27001 standard.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
All required policies, procedures, and forms to implement an ISMS according to ISO 27001.
Train your key people about ISO 27001 requirements and provide cybersecurity awareness training to all of your employees.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance and training products for critical infrastructure organizations for the European Union’s Network and Information Systems cybersecurity directive.
All required policies, procedures, and forms to comply with the NIS 2 cybersecurity directive.
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Compliance and training products for personal data protection according to the European Union’s General Data Protection Regulation.
All required policies, procedures, and forms to comply with the EU GDPR privacy regulation.
Accredited courses for individuals and privacy professionals who want the highest-quality training and certification.
Implementation, training, and knowledge products for Quality Management Systems (QMS) according to the ISO 9001 standard.
All required policies, procedures, and forms to implement a QMS according to ISO 9001.
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for Environmental Management Systems (EMS) according to the ISO 14001 standard.
All required policies, procedures, and forms to implement an EMS according to ISO 14001.
Accredited courses for individuals and environmental professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 14001 and the EMS using Advisera’s proprietary AI-powered knowledge base.
Implementation and training products for Occupational Health & Safety Management Systems (OHSMS) according to the ISO 45001 standard.
All required policies, procedures, and forms to implement an OHSMS according to ISO 45001.
Accredited courses for individuals and health & safety professionals who want the highest-quality training and certification.
Implementation and training products for medical device Quality Management Systems (QMS) according to the ISO 13485 standard.
All required policies, procedures, and forms to implement a medical device QMS according to ISO 13485.
Accredited courses for individuals and medical device professionals who want the highest-quality training and certification.
Compliance products for the European Union’s Medical Device Regulation.
All required policies, procedures, and forms to comply with the EU MDR.
Implementation products for Information Technology Service Management Systems (ITSMS) according to the ISO 20000 standard.
All required policies, procedures, and forms to implement an ITSMS according to ISO 20000.
Implementation products for Business Continuity Management Systems (BCMS) according to the ISO 22301 standard.
All required policies, procedures, and forms to implement a BCMS according to ISO 22301.
Implementation products for testing and calibration laboratories according to the ISO 17025 standard.
All required policies, procedures, and forms to implement ISO 17025 in a laboratory.
Implementation products for automotive Quality Management Systems (QMS) according to the IATF 16949 standard.
All required policies, procedures, and forms to implement an automotive QMS according to IATF 16949.
Implementation products for aerospace Quality Management Systems (QMS) according to the AS9100 standard.
All required policies, procedures, and forms to implement an aerospace QMS according to AS9100.
Implementation, maintenance, training, and knowledge products for consultancies.
Handle multiple ISO 27001 projects by automating repetitive tasks during ISMS implementation.
All required policies, procedures, and forms to implement various standards and regulations for your clients.
Organize company-wide cybersecurity awareness program for your client’s employees and support a successful cybersecurity program.
Accredited ISO 27001, 9001, 14001, 45001, and 13485 courses for professionals who want the highest-quality training and recognized certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Find new clients, potential partners, and collaborators and meet a community of like-minded professionals locally and globally.
Implementation, maintenance, training, and knowledge products for the IT industry.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance, training, and knowledge products for essential and important organizations.
Documentation to comply with NIS 2 (cybersecurity), GDPR (privacy), ISO 27001 (cybersecurity), and ISO 22301 (business continuity).
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for manufacturing companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for transportation & distribution companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for schools, universities, and other educational organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), and GDPR (privacy).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for telecoms.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for banks, insurance companies, and other financial organizations.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for local, regional, and national government entities.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for hospitals and other health organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), NIS 2 (critical infrastructure cybersecurity) and GDPR (privacy).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the medical device industry.
Documentation to comply with MDR and ISO 13485 (medical device), ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), NIS 2 (critical infrastructure cybersecurity) and GDPR (privacy).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the aerospace industry.
Documentation to comply with AS9100 (aerospace), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the automotive industry.
Documentation to comply with IATF 16949 (automotive), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for laboratories.
Documentation to comply with ISO 17025 (testing and calibration laboratories), ISO 9001 (quality), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
Updated: December 22, 2023.
Quality objectives are requirements of the ISO 9001 standard, but why? What are they, and what are they for? While the answers to these questions may be interesting, a more important question is how do you write good quality objectives so that they are beneficial to your company? In short, the quality objectives can be the best way to spotlight the key elements of the Quality Policy and find a focal point for the efforts of the people in the organization to work toward improvement. Improvement, after all, is a key reason for a company to implement a Quality Management System.
Why do you need to set quality objectives? The quality objectives are the main method used by companies to transform the goal(s) from the Quality Policy into plans for improvement. The Quality Policy is created with the customer requirements in mind; then, quality objectives are linked back to the customer requirements through the Quality Policy. So, what are the quality objectives of ISO 9001? The quality objectives take the goal(s) stated in the Quality Policy and turned these into statements for improvement against which plans can be made.
You may ask, “How do I set quality objectives for ISO 9001?” Here are some ISO 9001 quality objectives examples: If the Quality Policy of a widget manufacturer had identified a customer need for just-in-time delivery with no defects as the most important requirement, the goal from the Quality Policy might read: “To deliver widgets to our customers when they need them, with no defects, every time.”
This company might then have two Quality Objectives: the first being to address improvement of on-time delivery, and the second to address defective parts shipped to the customer. The first objective might be: “to improve on-time delivery from 90% to 95% within the next year,” and the second could be: “to reduce field escapes to the customer from 4% to 3% within the next year.” In doing so, the improvement derived from the quality objectives is directly linked to the needs of the customer.
These quality objectives would then be communicated to each level of the organization, with corresponding objectives and plans at each level to help meet the overall planned goal. If your company uses a Balanced Scorecard, this is a good format to use for this communication of quality objectives.
The objectives need to be set for the different levels of the organization right down to objectives for the product (e.g., one objective for the whole QMS, then individual objectives for the product or process that supports the overall objective). These product or process objectives are often referred to as Key Performance Indicators (or KPIs). By utilizing the KPIs that the company has identified as the important indicators that the processes are functioning well, the overall QMS objectives for improvement become much easier to measure.
How do you write good ISO 9001 quality objectives? Well, after deciding which things to monitor, measure, and improve, the important thing is to make the quality objectives effective in addressing what needs to be improved. The objectives should be designed to be S.M.A.R.T (specific, measurable, achievable, realistic, and time-based) and should have relevance at all levels of the company, meaning that each employee should understand how their job supports meeting the quality objectives. To do this, the following should be addressed:
Specific. For the best results, an objective needs to be clear and specific. Instead of saying “to improve non-conforming product,” a specific quality objective would be “to reduce non-conformances on the third widget line,” if the third widget production line is showing data as the most troublesome area for non-conforming product.
Measurable. If an objective can’t be measured, how will you know if it has been obtained? In order to make a quality objective effective, it needs to be measurable, so this means that having an objective “to reduce non-conformances on the third widget line from 15% to 5%” is much more effective than saying “to improve quality of the products on the third widget line.” You can measure the defects being made, and therefore make plans to reduce the number of defects, but a vague measure of “quality” is more ephemeral and very hard to plan improvements for.
Agreed. For an objective to be agreed it first needs to be created and approved by top-level management. Once management agrees on the objective, it needs to be communicated to each level of the organization that will be required to implement the plans to achieve the objective, and the people at these levels of the organization need to agree that the plan is achievable. Without this buy-in, they may not fully work toward the goal and the plan may be doomed to fail.
Realistic. Being realistic with an objective will make selling it within your organization easier. If you tell your employees that you want to reduce defects from 50% to 2%, they will not be able to see how this is possible, especially if the plans around the objective do not support the improvement. It is better to set realistic goals and overachieve than it is to set unrealistic goals and always fall short of the expectation.
Time-based. To be truly effective, an objective needs to have a time associated with it. Saying “reduce non-conformances on the third widget line from 15% to 5% in the next year” allows for better planning, since a plan needs to have dates in order to be tracked properly. Again, having the time associated will allow you to monitor how close you expect to be in achieving your goals.
The biggest change in the requirements for quality objectives in the ISO 9001 2015 revision was clause 6.2.2, planning to achieve quality objectives. In many ways, these additional requirements are something that you should already have in place at your organization. If you have been using quality objectives to drive important improvement activities, then making plans to have this happen only makes sense, and if you have integrated an Environmental Management System (EMS) you will also know that planning to achieve environmental objectives has been in place since the release of ISO 14001:2004.
You may ask why an organization would set a target for improvement, and then not plan any actions to achieve that target. While this may seem illogical, many companies in the past have had the same quality objectives for many years without achieving their targets, and this is often due to the lack of a realistic plan. For this reason, the ISO standard now includes requirements to identify a plan to achieve your quality objectives.
So, what do the requirements say about planning to achieve quality objectives? As with any plan, there are five things that you need to determine to make the plan happen:
This action plan can be captured in any way that the company sees fit, from using a simple table that captures all the information to a planning and tracking tool such as Microsoft Project. Whichever method you choose to ensure your plan is implemented is fine, as long as you make a plan and carry it out, rather than just hoping things will improve to meet the objectives.
One of the concepts that have been brought into the 2015 revision of ISO 9001 is that the Quality Management System (QMS) of a company needs to include an understanding of, and alignment with, the strategic direction of the company. This comes up four times in the ISO 9001:2015 requirements in relation to understanding the organization’s context, ensuring the Quality Policy and quality objectives are compatible with the strategic direction, verifying that the Quality Policy supports the strategic direction, and confirming that the management review checks that the QMS is in alignment with the strategic direction.
This may seem like an unnecessary question, but do you know the strategic direction of your company? If so, does everyone who is creating the quality objectives know the strategic direction? How have you recorded the strategic direction so that it can be understood and used? It may come as a surprise that many companies have not fully thought through their strategic direction, much less recorded it in such a way that it can be used. So, what is a strategic direction, anyway?
“Strategic direction” refers to the actions you are taking to achieve the goals of your organizational strategy. Some companies use a “vision statement” or “mission statement” to define where the company wants to be, but in short, this statement is a way for the company to set the direction that the company wants to go, and define what it wants to be in the future. Your strategic direction includes the plans and actions you have put in place to work toward this vision of the future for your company.
Whole articles could be written on using vision statements and mission statements, as well as implementing company strategies, but it is clear that having a statement is only the first step in your strategic direction. How do the quality objectives work with your company strategy to move your company in its strategic direction?
So, if your strategic direction is your set of plans and actions that you are putting in place to achieve your overall vision, why would you not use your quality objectives as one of the ways that you implement your strategic direction within your company? Because your quality objectives are intended to be target statements that are used for continual improvement, and will have plans created to achieve them, they are inherently designed to be compatible with the improvements you need to make to achieve your overall company vision.
An ISO 9001 quality objective example of how this might work would be as follows:
You would then have a plan in place to reduce calibration errors and make this quality objective happen, and in so doing, your work toward meeting your quality objective will also be work on your strategic direction toward your company vision of helping widget manufacturers with your calibration services. Your quality improvements, driven by your quality objectives, are aligned with your strategic direction to meet your overall company vision.
If you are one of the companies that have not yet worried about defining and recording your company vision and strategic direction, now is the time to do so. As you are implementing ISO 9001:2015, having an overall mission or vision for your company is critical for a successful implementation of the new QMS requirements. Without having an overall vision, you will have problems demonstrating that your Quality Policy, quality objectives, and management review are aligned with your strategic direction.
In fact, starting from defining your vision may be one more way to ensure that your QMS is providing the best return on your investment, as it will help you to focus all of the elements of your QMS so that you get the best continual improvement that your company can get. This may even help you to find new ways to improve the satisfaction of your customers and grow your business, which should be why you want to implement ISO 9001 in the first place.
The next step required when implementing the quality objectives is to make sure they are not only communicated to the relevant individuals, but that each individual understands his own involvement. If the objective is to “reduce non-conformances on the third widget line from 15% to 5% in the next year,” then the employees working on the third widget line need to understand not only what the objective says, but how it will be measured, what plans are in place to make it happen, and how they will impact the plans to move it forward. Improvement is not accomplished by having secret plans in the background, but by having the people responsible for the process involved in improving how they work. This will not only improve the process, but employee morale and empowerment as well.
It is important to add that setting quality objectives, and implementing them with a plan, will be of no use if you don’t make sure that what you have done actually works. If your quality objective was to improve on-time delivery, did this actually happen by performing the steps in your plan, or not?
This is why monitoring the quality objectives, both through ensuring each step of the plan is completed and tracking that the Key Performance Indicator aligned with the quality objectives is improving, is a critical final step to ensure that quality objectives provide a benefit for your organization.
Click here to see a free preview of an ISO 9001 Documentation Toolkit that enables you to set the objectives, and implement the whole QMS.