QMS Certification Blog

How to audit the needs and expectations of stakeholders in ISO 9001:2015

With the version of ISO 9001:2015, it became essential to audit the needs and expectations of stakeholders. This is because the standard now emphasizes how much these agents relate to the company and, thus, impact the QMS and its decisions.

 If we understand that the famous Annex SL will make the base structure a standard in all ISO standards, knowing how to audit these requirements becomes fundamental not only in 9001, but in ALL ISO standards.

However, even though some time has passed since the review, many professionals still have difficulty auditing these aspects (requirement 4.2 of ISO 9001:2015). This happens because they are not standardized in all companies and can undergo drastic changes from one context to another (even in companies of the same segment).

By the end of this text, we are sure that you will know how to evaluate these items in companies. Furthermore, even if the article is not focused on other standards, if you understand well what is written here, you will be able to audit these factors in any other standard (with the necessary adaptations, of course).


Understanding Stakeholders (ISO 9001:2015)

First of all, you will need to know the stakeholders of the audited company. 9001 does not make it mandatory to keep stakeholders documented, but this is a fairly common practice. So, you can ask if there is documentation about this and follow the list that the company presents to you.

If there are no documents, the investigation will have to be through questions. You will ask a few people who the interested parties are and get these referrals.

Remember that in both cases it is necessary to validate that what was raised corresponds to the reality of the organization. Just as it is possible that some listed party is not in the company’s documents, it can also happen that some listed agent ceases to be an interested party (rare, but it happens).


Raising needs and expectations (requirements)

There is not much secret, and the lifting process can follow the same line as the previous aspect.

You can request documented information if the organization has it or, if not possible, you can raise the requirements by asking people what each stakeholder needs.

For example, if you’ve identified that Customers is a stakeholder (which is extremely common), then: What are the customers’ requirements (needs and expectations)? If Suppliers are interested parties (also quite common), then: What are the needs and expectations of suppliers?

You should do this to all interested parties raised, preferably by interviewing them.


How does the company monitor all this?

Now you need to understand how the company monitors its stakeholders and is meeting their needs and expectations. In the words of the standard: you need to monitor these aspects.

Therefore, your job is to identify the company’s monitoring capabilities. In other words, how is each of the items surveyed so far monitored?

There are hundreds, maybe thousands, of ways to do this and the company needs to provide you with this information. Then ask in what ways the company monitors each requirement.

For example, suppose that an interested party is the customers (as we said before) and that their needs and expectations are present in the signed contract. The company may choose to conduct a Customer Satisfaction Survey to monitor this stakeholder and their requirements. So, “Satisfaction Survey” is the item you need to evaluate.


Example of stakeholder survey, needs and expectations and monitoring items

By the end of this first step, you will have a more complete picture of the company’s context. For teaching purposes, I created a table with all the information described above, from a fictitious company. It would be something like this:

Identifying company consistency and non-compliances

We can say that everything that has been done so far is a “preparation”, as its fundamental job is to check that all this information is coherent and passes through stakeholders, requirements and monitoring.

When evaluating, for example, the stakeholder “Customers”, we need to understand if the satisfaction survey applied is sufficient to analyze whether the contract requirements are being met. In equal measure, we need to understand if they are really demonstrating the needs and expectations of customers and thus formalizing the requirements of that stakeholder.

If, for example, you identify customer complaints that demonstrate that they expected a different delivery, this is a “non-compliance” that shows their needs and expectations were not raised correctly.

QMS Certification

QMS Certification

QMS is an accredited third party certification body, it is currently present in 33 countries and focuses on the certification of management systems. QMS America is managed by the US office and has consistently grown in market recognition by technical level, customer satisfaction and competitive pricing.

Join the newsletter!

Subscribe to get latest content by email.

Compliance in the Third Sector Understand Its Importance

Compliance in the Third Sector Understand Its Importance

The third sector is a sphere of economic activity that encompasses non-governmental organizations (NGOs), associations, foundations, and other entities that operate for social, environmental, cultural, or community development purposes, but which are often used for fraudulent activities, hence the relevance of compliance in the third sector.

Become an ISO Certification Auditor

Become an ISO Certification Auditor

Everything you need to know about becoming an ISO certification auditor (ISO 9001, 14001, 45001, and other standards) and achieving professional success!

Scroll to Top