Today’s blog is going to take a deeper dive into clause 4.2 of the ISO standards – 4.2 Understanding the needs and expectations of interested parties (aka stakeholders – why the change in terminology we aren’t sure but perhaps being interested in a party has more appeal than holding a steak!). Note: a sample/template Interested Parties Register is available by clicking 4.2 Interested Parties Register.
This clause has solidified its place in the ISO standards and is featured in (but is not limited to) the following standards:
- ISO 9001:2015 Quality Management Systems
- ISO 45001:2018 Occupational Health and Safety Management Systems (although the clause is listed as Understanding the needs and expectations of workers and other interested parties – putting workers first),
- ISO 14001:2015 Environmental Management Systems,
- ISO 55001 Asset Management (although the clause is listed as Understanding the needs and expectations of stakeholders),
- ISO 50001 Energy Management Systems,
- ISO 27001:2013 Information Security Management Systems
It is interesting that this clause is featured so prominently, at the beginning of the standards right in between 4.1 Organisational Context and 4.3 Scope. No doubt the assumption is that in order to develop the management system to satisfy all parties and fulfill all requirements, an organisation must first determine who those parties are, and define their needs and expectations. Once this has been done, the outcome of the management system must appropriately fulfill the needs and expectations as documented.
What does clause 4.2 Understanding the needs and expectations of interested parties require?
Across all of the standards listed above the very first requirement under 4.2a is to determine the interested parties that are relevant to the management system – the people, companies, organisations, authorities, and groups that interface with the organisation. Pretty straight forward – who are they? This information is usually gathered through cross-functional brainstorming, with actual interested parties varying based on the context of the organization and the scope of activities.
Typically the interested parties include:
- Certification Bodies
- Shareholders / Owners
- Suppliers and Subcontractors
- Government agencies
- Emergency Services
- Members of Public
- Utilities and Service Providers
- any other person or organization interested in the organisation
Now that you have a list of the interested parties applicable to the organisation, you are in a position to define clause 4.2b the relevant needs and expectations (requirements) of these interested parties. This could be achieved internally through brainstorming, or you could consider obtaining external input to more accurately identify the Voice of Interested Party (VoIP) / Voice of Customer (VoC) through surveys or interviews.
Next to each interested party clearly define what their requirements are – what are their needs (what must we do for them?) and what are their expectations (what are they expecting of us?).
Following this, we recommend reviewing the needs and expectations as documented to determine which of these is currently, or could become a legal requirement. This requirement is not consistent through the ISO standards above however it does feature in most and follows best practice. Many of the standards above also include specific requirements related to the context of the standard ie ISO 55001 Asset Management requires the identification of stakeholder requirements to record information relevant to asset management. These requirements must also be addressed when developing your Interested Parties Register.
Once the Interested Parties Register has been developed, you may like to use the information as an input when developing SMARTER Quality Objectives – defining what performance targets and results are necessary to deliver to meet the needs and expectations of relevant interested parties.
The Interested Parties Register should also be taken into consideration during the development of the Strategic Plan and risk management framework, with risks of not meeting the needs and expectations and include in the Quality Risk Register (along with controls – mitigation strategies etc) if applicable.
Set and forget?
Definitely not- clause 4.2 Understanding the needs and expectations of interested parties requires the information related to interested parties is monitored and reviewed, with an implication that they will be maintained and current. Based on this we recommend a review of interested parties as a standing agenda item at Management Review Meetings. Additionally, interested parties could also be reviewed as part of 6.3 Planning of Changes to ensure changes do not have an adverse effect on existing interested parties, or introduce new interested parties as a result of the changes.
How Streamline can help
Streamline ISO Consultants can design, develop and implement a certification-ready Quality Management System from the ground up to meet ISO 9001 requirements. If you already have an existing management system in place we will help you integrate ISO 9001:2015 into your current management system (eg ISO 45001 Safety or ISO 14001 Environmental) to form an Integrated Management System (IMS).
Our trained and experienced ISO Consultants have a 100% track record achieving certification for our clients and we guarantee your ISO 9001:2015 quality management system will get certified by a JAS-ANZ accredited Certification Body.
Contact Us Today
If you’d like more information, or to request a Quick Quote please use the form to the right and one of our consultants will contact you within one business day. Alternatively, you are welcome to contact us directly by phone or by emailing [email protected]
About the Author – Scott Bishop