What is ISO 9001?

“What is ISO 9001?” Are you looking for a simple answer to this question?

Well, you’re not alone. This overview guide can help you learn why ISO 9001 creates benefits across your organization, help you discover what the ISO 9001 requirements are, and give the practical steps you need to take to get certified.

Your simple introduction to the basics of ISO 9001

ISO 9001 is the international standard for Quality Management Systems (QMS), published by ISO (the International Organization for Standardization). The standard was most recently updated in 2015, and is referred to as ISO 9001:2015. In order to be released and updated, ISO 9001 had to be agreed upon by a majority of member countries so that it would become an internationally recognized standard, which means it is accepted by a majority of countries worldwide.

A survey of ISO 9001 certification at the end of 2017 shows that in spite of the global recession the number of companies that have implemented an ISO9001 quality management standard still remains stable worldwide. Below are the results over the previous 6-year period.


Data taken from 2017 ISO Survey

In addition, there are other documents in the ISO 9000 family that support the ISO 9001 requirements: ISO 9000 defines the terms and principles behind ISO 9001, and ISO 9004 provides guidance on making an ISO 9001 Quality Management System more successful.

What is a Quality Management System?

The Quality Management System, which is often referred to as a QMS, is a collection of policies, processes, documented procedures and records. This collection of documentation defines the set of internal rules that will govern how your company creates and delivers your product or service to your customers. The QMS must be tailored to the needs of your company and the product or service you provide, but the ISO 9001 standard provides a set of guidelines to help make sure that you do not miss any important elements that a QMS needs to be successful.

Getting to the heart of why ISO 9001 is important

As stated above, ISO 9001:2015 is an internationally recognized standard for creating, implementing and maintaining a Quality Management System for any company. It is intended to be used by organizations of any size or industry, and can be used by any company. As an international standard, it is recognized as the basis for any company to create a system to ensure customer satisfaction and improvement, and as such, many companies demand this as the minimum requirement for an organization to be a supplier.

Because you are auditing your processes, as well as having a certification body audit them, your customers themselves do not need to audit your company. It is because of this that ISO 9001 has become a necessity for many companies to compete in the market.

In addition, your customers will be reassured that you have established a Quality Management System based on the seven quality management principles of ISO 9001. To learn more about the quality management principles behind the ISO 9001 standard, take a look at this article: Seven Quality Management Principles behind ISO9001 requirements.

In fact, ISO 9001 is such a basic and influential standard that it is used as the basis when industry groups want to add specific industry requirements, thus creating their own industry standard; this includes AS9100 for the aerospace industry, ISO 13485 for the medical devices industry and AITF 16949 for the automotive industry.

What does ISO 9001 actually look like?

The ISO 9001 structure is split into ten sections. The first three are introductory, with the last seven containing the requirements for the Quality Management System. Here is what the seven main sections are about:

Section 5: Leadership – The leadership requirements cover the need for top management to be instrumental in the implementation of the QMS. Top management needs to demonstrate commitment to the QMS by ensuring customer focus, defining and communicating the quality policy and assigning roles and responsibilities throughout the organization.

Section 6: Planning – Top management must also plan for the ongoing function of the QMS. Risks and opportunities of the QMS in the organization need to be assessed, and quality objectives for improvement need to be identified and plans made to accomplish these objectives.

Section 7: Support – The support section deals with management of all resources for the QMS, covering the necessity to control all resources, including human resources, buildings and infrastructure, the working environment, monitoring and measurement resources and organizational knowledge. The section also includes requirements around competence, awareness, communication and controlling documented information (the documents and records required for your processes).

Section 8: Operation – The operation requirements deal with all aspects of the planning and creation of the product or service. This section includes requirements on planning, product requirements review, design, controlling external providers, creating and releasing the product or service and controlling nonconforming process outputs.

Section 9: Performance evaluation – This section includes the requirements needed to make sure that you can monitor whether your QMS is functioning well. It includes monitoring and measuring your processes, assessing customer satisfaction, internal audits, and ongoing management review of the QMS.

Section 10: Improvement – This last section includes the requirements needed to make your QMS better over time. This includes the need to assess process nonconformity and taking corrective actions for processes.

These sections are based on a Plan-Do-Check-Act cycle, which uses these elements to implement change within the processes of the organization in order to drive and maintain improvements within the processes.


For more on how this works within the ISO 9001 standard, this blog article gives a more detailed explanation: Plan-Do-Check-Act in the ISO 9001 Standard.

Why is ISO 9001 a good idea for your organization?

The benefits of ISO 9001 cannot be overstated; companies large and small have used this standard to great effect, discovering and securing tremendous cost and efficiency savings. Here are just a few of these benefits:

Improve your image and credibility – When customer see that you are certified by a recognized certification body, they will understand that you have implemented a system that is focused on meeting customer requirements and improvement. This improves their trust that you will deliver what you have promised.

Improve customer satisfaction – One of the key principles of the ISO 9001 QMS is the focus on improving customer satisfaction by identifying and meeting customer requirements and needs. By improving satisfaction, you improve repeat customer business.

Fully integrated processes – By using the process approach of ISO 9001, you not only look at the individual processes in your organization, but also at the interactions of those processes. By doing this, you can more easily find areas for improvement and resource savings within your organization.

Use evidence-based decision making – Ensuring that you are making decisions based on good evidence is a key to the success of an ISO 9001 QMS. By ensuring that your decisions are based on good evidence, you can better target resources to the best effect to correct problems and improve your organizational efficiency and effectiveness.

Create a culture of continual improvement – With continual improvement as the main output of the QMS, you can attain ever-increasing gains in savings of time, money and other resources. By making this the culture of your company, you can focus your workforce on improving the processes they are directly responsible for.

Engage your people – Who better than the people working within a process to help find the best solutions for improving that process? By focusing your workforce on not only managing, but also improving the processes, they will be more engaged in the outcome of the organization.

What are the practical steps to becoming ISO 9001 certified?

What is ISO 9001 certification? There are two types of certification: certification of a company’s Quality Management System against the ISO 9001 requirements, and certification of individuals to be able to audit against the ISO 9001 requirements. This section discussed the steps for a company to implement an ISO 9001 Quality Management System and have it certified.

IISO 9001 certification for your company involves implementing a QMS based on the ISO 9001 requirements, then hiring a recognized certification body to audit and approve your QMS as meeting the requirements of the ISO 9001 standard.

Starting with management support and identifying the customer requirements for the QMS, you will need to start with defining your quality policy and quality objectives, which together define the overall scope and implementation of the Quality Management System. Along with these, you will need to create the mandatory and additional processes and procedures necessary for your organization to properly create and deliver your product or service. There are six mandatory documents that need to be included, and others to be added as the company finds them necessary. For a good explanation on this, take a look at this white paper on List of Mandatory Documentation Required by ISO 9001:2015.

This creation of documents can be done internally by your company, or you can get help through hiring a consultant or purchasing standard documentation. To see samples of documentation, visit this free ISO 9001 downloads page.

Once all of the processes and procedures are in place, you will need to operate the QMS for a period of time. By doing this, you will be able to collect the records necessary to go to the next steps: to audit and review your system and get certified.

Mandatory steps to finish implementation and get your company certified

After finishing all your documentation and implementing it, your organization also needs to perform these steps to ensure a successful certification:

Internal audit – The internal audit is in place for you to check your QMS processes. The goal is to ensure that records are in place to confirm compliance of the processes and to find problems and weaknesses that would otherwise stay hidden.

Management review – A formal review by your management to evaluate the relevant facts about the management system processes in order to make appropriate decisions and assign resources.

Corrective actions – Following the internal audit and management review, you need to correct the root cause of any identified problems and document how they were resolved.

The company certification process is divided into two stages:

Stage One (documentation review) – The auditors from your chosen certification body will check to ensure your documentation meets the requirements of ISO 9001.

Stage Two (main audit) – Here, the certification body auditors will check whether your actual activities are compliant with both ISO 9001 and your own documentation by reviewing documents, records and company practices.

What ISO 9001 training and certification is available if you’re an individual?

Training in the concepts of ISO 9001 is available, and there are a range of course options for individuals to choose from. Only the first of these can lead to certification for the individual to be able to audit for a certification body, but the others are very useful for those who will be using these skills within their own company:

ISO 9001 Lead Auditor Course – This is a four- to five-day training course focused on understanding the ISO 9001 QMS standard and being able to use it for auditing management systems against these requirements. The course includes a test at the end to verify knowledge and competence, and it is only with an accredited course that an individual can become approved to audit for a certification body.

ISO 9001 Internal Auditor Course – This is commonly a two- or three-day course that is based on the lead auditor course above, but does not include the test for competence, so this is most useful for someone beginning to do internal audits within a company.

ISO 9001 Awareness and Implementation Course – Several courses are offered that provide knowledge of ISO 9001 and how to implement it. These can be one- or two-day courses, and can even include online e-learning sessions as a method of teaching the material. These courses are good for those who need an overview on the ISO 9001 standard, or those who will be involved in the implementation within a company, and many are more economical than investing in the lead auditor course for those involved at this level.

There are a number of accredited training organizations around the world where you can gain individual qualifications in ISO 9001.

To learn more about ISO 9001 implementation, please visit our ISO 9001 Free download page. You’ll find a host of helpful resources.


Iciar Gallo
ISO 9001 Expert

Have any question about any step?

Talk with our consultants for free

Download our free white paper, “What is ISO 9001: How can the latest 2015 revision help your business succeed?”
Download now

Free ISO 9001 Gap Analysis Tool

An ISO 9001 tool, like our free gap analysis tool, can help you see how much of ISO 9001 you have implemented so far – whether you are just getting
started, or nearing the end of your journey.




  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.