Join us for a FREE training session on “Risk-based-Thinking in ISO 9001” on Oct 28, 2020 | 5:30 PM – 8:00 PM EST. Visit our News & Events page to Register!




An Overview of ISO 9001:2015

ISO 9001 is an international standard that specifies the requirements to establish, implement, maintain and continually improve a Quality Management System (QMS). Organizations implement the ISO 9001 to demonstrate their ability to consistently provide products and services that meet and exceed customer requirements. ISO 9001 is the world’s leading quality management standard and has been implemented by over one million organizations in more than 170 countries.

Any organization, regardless of its type, size, products, and services can implement ISO 9001 to meet the quality requirements of its customers and other interested parties.

What is Documented Information?

As per ISO 9000:2015 (QMS – Fundamentals and Vocabulary), the “documented information” is defined as the information required to be controlled and maintained by an organization and the medium on which it is contained. The example of documented information can be a record, specification, procedure, drawing, report, standard, etc.

The term “document” is defined as information created in order for the organization to operate e.g. procedures, instructions, specifications, guidelines, and criteria, etc. The term “record” is defined as a document that provides evidence of results achieved or activities performed e.g. evidence of training, calibration, corrective action, internal audit, traceability and management review activities, etc. A set of documented information, for example, specifications and records, is frequently called “documentation”.

In the previous version of the ISO 9001 standard, the documented information requirement was stated in terms of “Control of Documents and Control of Records” but ISO 9001:2015 uses a standardized term “documented information” to refer to both documents and records. This latest version of ISO 9001 uses the term “retain documented information” to describe a record (e.g. retain the results of corrective actions) and “maintain documented information” to describe a document (e.g. maintain the scope of QMS). The document is live information and needs to be updated as required while a record is a history of an event, activity, or action.

Clause 7.5 of ISO 9001:2015 describes the requirements of the documented information. Documented information can be in any format and media and from any source. The medium can be paper, magnetic, electronic, or optical computer disc, photograph or master sample, or combination thereof.

What is the minimum documented information required by the ISO 9001:2015?

Every organization has to produce the minimum documented information required by ISO 9001 standard to demonstrate the conformance to the ISO 9001:2015 requirements. All requirements of minimum documented information listed below might not be applicable to every organization and shall be listed as an exclusion in the scope statement e.g. if an organization is not responsible for design and development, the organization is not required to produce evidence of conformance to the Clause 8.3 of ISO 9001:2015.



How to determine the requirement for ISO 9001 Documentation?

Clause 7.5 of ISO 9001:2015 describes the requirements for documented information. To demonstrate the conformance to the requirements of ISO 9001:2015, an organization may need to produce more documents and records than the minimum required by the standard because according to Clause 7.5, the organization’s quality management system shall include:

  1. documented information required by ISO 9001 (as listed above)
  2. documented information determined by the organization as being necessary for the effectiveness of the QMS e.g. policies, procedures, Instructions, Guidelines, and relevant records other than the minimum required. It is quite common that for an effective QMS, organizations establish procedures for risk management, corrective actions, control of nonconforming output, training, production, maintenance, calibration, control of documented information, and design as applicable.

The extent of documented information for a quality management system may differ from one organization to another due to:

  • the size of the organization and its type of activities, processes, products, and services
  • the complexity of processes and their interactions
  • the competence of persons

The rule of thumb for an organization is to use a risk-based approach to determine the requirement for documented information other than the minimum documented information e.g. an organization may decide that due to lack of documented procedures and work instructions, there might be a risk to product and service conformity. The organizations also establish procedures and relevant records to establish controls to address a nonconformity.

G-Certi provides ISO registration/certification services in Canada and 50 other countries for a number of ISO Standards including but limited to ISO 9001, ISO 14001, ISO 45001, ISO 27001, and ISO 22301, etc. The auditors of G-Certi ensure that your organization is conforming to the requirements of ISO 9001. Please feel free to visit and contact one of our representatives for a complimentary pre-assessment to ensure that your organization is ready for ISO 9001 registration/certification.