The ISO certification scope is the official description of the activities, products, processes, and services that are part of a certified Management System. In this way, it represents the boundary of the organization’s activities within the standard, and it is exactly this text that appears on the ISO certificate. This fact alone highlights the importance of this element.
In addition, the scope must be public and accessible information. Therefore, it is essential that it is clear, coherent, and faithfully represents what the company actually does. Ambiguities, excessive irrelevant details, or vague terms can lead to misinterpretations by customers, suppliers, and even auditors. Ultimately, this may even result in nonconformities.
That is why, in today’s article, we will explain how to draft your ISO certification scope step by step, covering key details and what should be avoided. With that said, let’s get into the content!
What Information Should a Good ISO Certification Scope Include?
There are some standard elements that help make the scope clearer and more coherent. This allows us to build a useful scope that meets the standard’s requirements and is solid for interested parties. A good scope should include:
The type of product or service offered: be direct, specific, and descriptive, such as:
E-commerce;
Metalworking company manufacturing automotive parts;
Consulting services;
Waste treatment;
Etc.
The main processes involved: the ISO certification scope must reflect how the company operates. Consider aspects such as:
Design;
Manufacturing;
Sales;
Storage;
Delivery;
Treatment;
Sorting;
Among other elements that help define the extent of the management system and certification.
The extent of the activities: this includes what the company does—and also what it does not do. Being clear here helps avoid incorrect assumptions about areas that are not part of the management system.
Using Process Mapping to Your Advantage
Before writing the scope, it is essential to have a solid understanding of the production process and how the company operates. Mapping processes is fundamental, as you will need information such as:
Inputs to the certified process;
Core operational processes;
Support processes;
Outputs of the certified process.
With processes well mapped, it becomes easier to identify what should actually be included in the scope—and what should not. For example: “Manufacturing and storage of parts for the automotive market.” This is direct, clear, and fully aligned with the organization’s processes. Let’s go a bit deeper.
A Complete Example of a Well-Defined ISO Certification Scope
Let’s analyze a complete scope to understand how it was written and why it meets the requirements of a good description:
“Storage, treatment, and final disposal of hazardous industrial solid waste, using Class I industrial landfill technology, and sorting of electronic waste.”
Notice that it is clear and direct, leaving no room for doubt or misinterpretation. Let’s break down why it works:
It clearly identifies the processes: storage, treatment, and final disposal—there is no doubt, for example, about sales activities;
It specifies the type of waste: hazardous industrial solid waste—there is no implication of household or residential waste;
It defines the method used: Class I industrial landfill—clearly establishing the treatment process;
It clearly adds a complementary activity: sorting of electronic waste.
In this ISO certification scope, there is no room for doubts, controversies, or confusion about what the company does—and it also clearly indicates what it does not do.
What to Avoid When Writing Your ISO Certification Scope
Several factors can weaken or compromise your scope, leading to nonconformities, confusion among customers and interested parties, and difficulties in applying the standard. The most common (and risky) mistakes to avoid include:
Being vague or overly simplistic: terms such as “General construction” or “Service provision” say nothing about what the organization actually does;
Using promotional language: the scope is not marketing—it is descriptive. Avoid phrases like “Top-quality products” or “Best service on the market”;
Mentioning standards not included in the certification: if the company is certifying ISO 9001, do not include references such as “Compliant with ABNT XYZ” or other unrelated standards;
Repeating commercial information: company name, address, and legal details already appear on the certificate and do not belong in the scope;
Grammatical errors: basic but essential—always review the text.
The Importance of a Well-Defined Scope
A well-constructed ISO certification scope prevents misunderstandings, eliminates doubts, and strengthens organizational credibility. It clearly shows what the company does and defines the limits of certification.
This ensures transparency for all interested parties, internal and external. Dedicating time and attention to this step is an investment in clarity for your Management System—making it understandable and identifiable for everyone who interacts with it.
Moreover, a clear scope makes auditors’ work easier and significantly reduces the risk of misinterpretation during the certification process. When the description is precise, auditors can quickly understand what is—and what is not—within the scope of the Management System, making audits more objective, efficient, and aligned with the organization’s reality.
Finally, a clear scope also serves as a strategic reference. It helps the company visualize its operational boundaries, understand which processes truly make up the system, and identify areas that may evolve or be included in future certifications. In other words, the scope is not just a text required by ISO—it is a true organizational map that reinforces identity, focus, and direction.
