4.2 Understanding the Needs and Expectations of Interested Parties [ISO 9001]

What Are The Needs And Expectations Of Interested Parties For ISO 9001?

Interested Parties are those stakeholders who receive your products or services, who may be impacted by them, or those parties who may otherwise have a significant interest in your organization.


Similar to context review, cross functional input is vital, as certain functions will identify with particular stakeholders, for example procurement with suppliers, and sales with customers.

A workshop approach should be encouraged which can be undertaken independent to, or in conjunction with the context review workshop.

Once stakeholders and their requirements are identified, the next step is to consider which stakeholder requirements generate legal and compliance obligations for ISO standards. Legal requirements should be identified before other requirements.

You should also determine whether these groups’ requirements are reviewed and updated as changes in their requirements occur, or when changes to your organization’s QMS are planned in order to meet the requirements of ISO.

Who are your interested parties?

1. Identify your Interested Parties

Ensure that your organization has properly identified its interested parties, and subsequently determined if any of their needs and expectations to be adopted as a compliance obligation.

Ensure that this process is revisited periodically because the requirements of relevant interested parties may change over time.

Although not specifically required for ISO standards, objective evidence could be a list or matrix of the interested parties, their corresponding needs and expectations, and indication of which of these accepted as compliance obligations might include:

  • All relevant legal requirements
  • All requirements imposed by upper levels in the organization (for example corporate requirements)
  • All relevant requirements of relevant interested parties that the organization decides to comply with, whether contractually (customers) or voluntarily (environmental or safety commitments)

In order to determine the relevance of an interested party or its requirements, your organization needs to answer: ‘does this interested party, or their requirements, affect the organization’s ability to achieve the intended outcomes of its QMS?’

If the answer is yes, the interested parties’ requirements should be captured.

2. Capture Interested Parties’ Requirements

There are many ways to capture this information, your approach might include:

  • Information summarized as part of inputs to risk and opportunity registers
  • Recorded in a simple spreadsheet
  • Logged and maintained in a database
  • Captured and recorded through key meetings
  • Requirements for products
  • Gap analysis or internal audit output by Internal Auditors

Departmental Managers should identify and list the needs and expectations of any interested parties in relation with their department that may have potential impact on the achievement of your organization’s objectives and policy, the conformity of our products, services and management system.

Also, you should map out and understand the expectations of parties that are relevant and how you plan to deal with their requirements through the management system.

This information should be retained as a strategy or tactical planning document to underpin your organization’s policies and to provide a road map to achieve future goals.

3. Managing the Needs and Expectations of Interested Parties

Based on a scoring output, consider and implement handling approaches to manage and comply with the needs and expectations of our interested parties.

The output should be reviewed by Top Management for acceptance and incorporation into the QMS via addition to the scope, or incorporation into customer requirements, operational activities, process controls, hazard and aspect registers, risk and opportunity registers, and legal and compliance registers.

We suggest your rank the interested parties requirements according to their degree of Priority and their Relevance (e.g. 1 low, 5 high) to current objectives, policies and conformity of products and services as relevant to your QMS.

4. Communication with Stakeholders

Communicating with stakeholders - particularly in relation to legal and compliance obligations is vital. Communication with stakeholders should be based on performance data generated by your QMS, which will require robust monitoring and measurement to ensure that the data is reliable.

You should ensure that a monitoring and measurement process is included in the internal audit programme (which leads to corrective action) so your organization can assure itself that the checking processes are validated and that the data it is communicating is accurate.

In Summary

‘Understanding the Needs and Expectations of Interested Parties’ is a new requirement for ISO certification. You should allow additional time to prepare for each audit in order to establish a suitable understanding of the relevant interests of relevant interested parties that impact the QMS.

If this differs from the perception, you should be prepared to challenge this.

Look for evidence that the organization has undergone a process to initially identify examples of interested parties and then to identify any of their requirements of interested parties that are relevant to your organization’s quality management system.

You should also determine whether these groups’ requirements are reviewed and updated as changes in their requirements occur (continual improvement), or when changes to your organization’s QMS are planned.

Related Information You Might Find Useful

Next ISO 9001 Clause

Each ISO 9001 Clause Explained

Updated: 26th February 2022
Author: Richard Keen

Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard