IndustryHub
LERNEN / NORMEN / ISO

ISO 9001

⚠ Diese Seite ist noch nicht übersetzt. Anzeige auf Englisch.
ISO 9001

Quality Management Systems

ISO 9001 is the world's most widely adopted management standard, with over 1 million certified organizations. Defines a Quality Management System (QMS) framework based on process approach, risk-based thinking, customer focus and continual improvement (PDCA).

Herausgeber
ISO
Family
Management Systems
Erstveröffentlichung
1987
Letzte Revision
2015
Nächste Revision
2025-2026 (ISO 9001:2025/26 in final stages)
Status
current
Zugang
Paid (ISO Store — ~150 CHF)

Dokumentstruktur

ISO 9001:2015

Quality management systems — Requirements

Single-part standard. 10 clauses : Scope, Normative refs, Terms, Context, Leadership, Planning, Support, Operation, Performance evaluation, Improvement. Annex SL (high-level structure) shared with ISO 14001, 45001, 27001, 50001.

ISO 9000:2015

Quality management systems — Fundamentals and vocabulary

Companion standard. Defines all the terms used in ISO 9001. The reference dictionary.

ISO 9004:2018

Quality management — Quality of an organization — Guidance to achieve sustained success

Beyond compliance : how to go from a certified QMS to a high-performing organization. Not certifiable, just guidance.

Schlüsselbegriffe

Process approach
Clause 4.4. The QMS is structured around processes, not departments. Each process has inputs, activities, outputs, measures of performance, and is owned by someone. PDCA applied to each process.
Risk-based thinking
Introduced in 2015 revision. Throughout the QMS, the organization must identify risks and opportunities affecting QMS outcomes, and take proportionate actions. NOT a full ISO 31000 risk management framework — just risk-aware decision-making.
PDCA cycle
Plan-Do-Check-Act. The continual improvement loop. Plan changes, Do them (controlled implementation), Check results vs expected, Act on findings (standardize or revise). Goes back to Deming and Shewhart.
Context of the organization
Clause 4. The QMS must consider internal/external issues, interested parties (customers, employees, regulators, suppliers, society), and scope. This 'situational' clause is the 2015 revision's biggest conceptual change.
Leadership
Clause 5. Top management is explicitly accountable for QMS effectiveness. Not just appointing a 'quality manager' anymore — it's a CEO-level commitment. Resource allocation, policy setting, customer focus, integration of QMS into business processes.
Documented information
Replaces the old 'documented procedures + records'. The required documents are reduced ; the organization decides what to document based on context. But what IS documented must be controlled (versioning, access, retention).
Annex SL / Harmonized Structure
10-clause structure now shared by ISO 9001, 14001 (environment), 45001 (OH&S), 27001 (info security), 50001 (energy), 55001 (asset mgmt). Allows integrated management systems with non-redundant documentation.

Notes & guidance

Why ISO 9001 is the standard everybody references

Over 1 million organizations are certified to ISO 9001 worldwide. It is, by orders of magnitude, the most widely adopted management standard ever created. Whether you’re a 50-person machine shop or a 200,000-employee multinational, ISO 9001 certification is often a prerequisite to even quote on tenders in industrial sectors.

The reasons :

  1. Customer-mandated : large buyers (automotive Tier-1, aerospace, oil majors, public sector) require ISO 9001 from suppliers
  2. Sector-specific extensions : IATF 16949 (automotive), AS9100 (aerospace), ISO 13485 (medical devices), TL 9000 (telecom) all build on ISO 9001
  3. Foundation for other systems : ISO 14001, 45001, 27001, 50001 share the Annex SL structure, so once you have ISO 9001, the marginal cost of additional certifications is lower
  4. Insurance / contract enabler : some insurers and financial institutions ask for it
  5. Internal discipline : even without certification pressure, the PDCA + process approach is a useful management framework

The 10 clauses, plain words

ClauseThemeWhat it asks
1-3Scope, references, definitionsFoundation
4ContextUnderstand your stakeholders, define your QMS scope
5LeadershipTop management owns QMS, sets policy, integrates with business
6PlanningAddress risks/opportunities, set objectives, plan changes
7SupportPeople (competence), resources (equipment, environment), communication, documented information
8OperationOperational planning, customer requirements, design, supplier management, production/service, control of nonconforming output
9Performance evaluationMonitoring, customer satisfaction, internal audits, management review
10ImprovementNonconformity handling, corrective actions, continual improvement

Auditors will dig into all of these during a certification audit (~3-5 days for a medium-sized organization, longer for larger ones).

The 2015 revision : risk-based and context-driven

Pre-2015 (Editions 2000 / 2008), ISO 9001 was sometimes criticized as a paperwork exercise : write procedures, follow them, archive records, pass the audit, repeat next year.

The 2015 revision shifted emphasis :

  • Less prescriptive documentation (you decide what to document)
  • More strategic thinking (context analysis, interested parties, risks/opportunities)
  • Leadership engagement explicit (no more “appoint a quality manager and forget about it”)
  • Customer focus measurable (satisfaction monitoring, beyond complaint handling)

The 2025-2026 revision is expected to deepen the strategic shift further, possibly adding explicit ESG / sustainability dimensions and tightening risk-based thinking links to ISO 31000.

The 7 quality management principles

ISO 9000:2015 enumerates 7 principles underpinning ISO 9001 :

  1. Customer focus — meet and exceed customer requirements
  2. Leadership — top management creates unity of purpose
  3. Engagement of people — competence + empowerment at all levels
  4. Process approach — manage interconnected processes as a system
  5. Improvement — sustained success requires improvement focus
  6. Evidence-based decision making — data, analysis, evaluation
  7. Relationship management — manage relationships with suppliers, partners, interested parties

These principles are not auditable as clauses, but they’re the philosophy auditors use to interpret the requirements.

Common pitfalls in industrial sectors

For a process or manufacturing facility implementing ISO 9001 :

  • Process map is too high-level (just “Manufacture”, “Maintain”, “Sell”) — auditors want process-level detail with measurable KPIs
  • Risks are listed but not addressed — a risk register that doesn’t drive action is just a document
  • Internal audits are check-box — not finding nonconformities = either perfect (rare) or weak auditors
  • Management review is performative — should drive resource decisions, not just record metrics
  • Supplier evaluation is dormant — once a supplier is on the approved list, never re-evaluated despite performance issues

The 2025-2026 revision is expected to tighten on these common failure modes.

Integration with the rest of the management portfolio

For an industrial company, the integrated management system pattern combines multiple ISO certifications under one unified governance :

  • ISO 9001 (Quality)
  • ISO 14001 (Environment)
  • ISO 45001 (Occupational Health & Safety)
  • ISO 50001 (Energy)
  • ISO 27001 (Information Security, especially if SaaS or critical infrastructure)
  • ISO 55001 (Asset Management, for asset-heavy industries)

All share the Annex SL structure (same 10 clauses, same vocabulary for context, leadership, planning, support, operation, performance, improvement). A well-designed IMS lets one set of documented information satisfy multiple standards.

Betroffene Branchen

  • Manufacturing (every sector)
  • Services (banking, consulting, IT, healthcare)
  • Construction and engineering
  • Government and public sector
  • Education and training
  • Logistics and supply chain
  • Effectively any organization with customers

Referenzen & Vertiefung