Download this checklist

ISO 9001:2015 Audit Checklist

Digitalize this paper form now

Register for free on lumiformapp.com and conduct inspections via our mobile app

  • Cut inspection time by 50%
  • Uncover more issues and solve them 4x faster
  • Select from over 4000 expert-proofed templates
Rated 4.8/5 stars on Capterra
App StorePlay Store

ISO 9001:2015 Audit Checklist

1. Context of the organization

Introduction

Complete all sections beginning directly below. This internal self-evaluation will assess the agreement of your Quality Management System with ISO 9001:2015. Don't forget to attach proof to items where needed, and to sign off and finish this evaluation in the final section.

1.1 Understanding the organization and its context

Check how these matters influence the ability to achieve the planned result of the QMS.

Check how the organization has managed external and internal issues that are relevant to its mission and strategic orientation.

Check how the organization controls and analyses information about these internal and external matters.

1.2 Understanding the Needs and Expectations of Interested Parties

Check how the business determined relevant involved parties to QMS.

Check how the company has determined the important needs and expectations of involved parties.

Check how the company has determined the impact or possible influence of the interested parties.

Check how the organization observes and reviews information about involved parties and their important requirements.

1.3 Determining the Scope of the Quality Management System

Check if the QMS scope considers the following:

The products and services of the organization.

External and internal issues.

The demands of relevant interested parties.

Check how the organization has learned how the ISO 9001:2015 standard is used within the organization.

If the organization has determined any of the demands of the ISO 9001:2015 standard not to be applicable, show how conformity of products and services are not influenced by this.

Verify the QMS scope is documented.

Verify scope states what products and services are comprised by the QMS and how it supports instances where demands cannot be applied.

1.4 Quality Management System and its Processes

Verify how opportunities for development for the QMS and its methods are determined.

Verify how the processes for the QMS were determined. Validate the inputs and outputs to the processes.

Show how the processes have been determined and how they cooperate.

Verify the criteria, methods, measurement and related performance indicators required to operate and control the processes.

Verify how resources are managed and allocated.

Verify how responsibilities and authorities are defined.

Verify how hazards and opportunities are analysed and what efforts are taken to discuss them.

Validate the sequence and cooperation of the processes.

Verify what techniques are used to control, measure and evaluate processes. Verify changes, if required, are implemented to achieve meant results.

Reviewed documented information designed to maintain the operation of its processes.

2. Leadership

2.1 Leadership and Commitment

Top management is identified.

Verify top management presents leadership and commitment by.

Taking accountability for QMS effectiveness.

Communicating the importance of effective QMS and of conforming to its demands.

Assuring the QMS is integrated into company's business processes

Promoting the value of the process approach and risk-based thinking

Assuring resources are accessible.

Assuring intended outcomes.

Engaging, directing and encouraging persons to contribute to the effectiveness of the QMS

Promoting continuous development.

Supporting other important management roles to show their leadership as it applies to their areas of responsibility.

Assuring the QMS policy and objectives are built and are agreeable with the strategic direction and context of the organization

Check how top management presents leadership and commitment with respect to customer focus by assuring that.

The hazards and opportunities that affect product and service compliance and the ability to improve customer satisfaction are determined and addressed.

Customer and applicable statutory and regulatory demands are determined, recognised and consistently met.

The focus of enhancing customer happiness is sustained.

2.2 Policy

Verify that the quality policy ...

includes a commitment to continual development of the QMS.

provides a framework for setting quality objectives.

involves a commitment to fills applicable demands.

is suitable to the purpose and context of the company and maintains its strategic direction.

Verify that the QMS Policy is sustained as documented information.

Verify QMS Policy is communicated, understood and used within the organization.

Verify QMS Policy is accessible to relevant interested parties.

2.3 Organizational Roles, Responsibilities and Authorities

Check if responsibilities and authorities for important roles are assigned and communicated within the company

Verify top management assigns responsibility and authority for..

assuring the QMS conforms to the ISO 9001:2015 standard.

assuring that methods are delivering their intended products.

reporting on the performance of the QMS and on opportunities for development, in detail to top management.

assuring the promotion of customer focus throughout the company.

assuring the integrity of the QMS is sustained when changes to the QMS are organised and implemented.

3. Planning

3.1 Actions to Address Risks and Opportunities

Examine how the internal and external issues and interested parties are regarded when planning for the QMS?

Examine how hazards and opportunities are determined and addressed so the QMS can accomplish its intended results, prevent and decrease undesired consequences and achieve continual development.

Examine how operations are planned to address hazards and opportunities.

Verify how actions are involved and implemented into the QMS processes.

Check how the company assesses the effectiveness of the actions.

Check how actions are taken to address hazards and opportunities defined as being appropriate to the potential influence on the conformity of goods and services.

3.2 Quality Objectives and Planning to Achieve them

Verify quality objectives are built at important functions, levels and processes.

Verify that the quality objectives are..

measurable.

communicated.

taking into account applicable requirements.

relevant to the conformity of products and services and to the enhancement of customer satisfaction.

monitored.

consistent with the quality policy.

updated as appropriate.

Verify objectives are written down.

Verify how the company determines what will be done, with what supplies, when completed and how the results will be assessed for quality purposes.

3.3 Planning of Changes

Check how QMS changes are planned regularly.

Verify how responsibility and authority are allocated and reallocated.

Verify how the company considers the integrity of the QMS.

Verify how resources are made accessible.

Verify how the company presents the purpose and potential results of changes.

4. Support

4.1 Resources

Verify how resources are determined for the business.

Show how the capacities and constraints on internal resources are granted.

Show how demands from external providers are considered.

Verify how the company provides people required to consistently meet customers, applicable statutory and regulatory demands for the QMS including the important processes.

Verify how the company determines, provides and sustains the infrastructure for the operation of methods to achieve products and services conformity.

Verify how the company determines, provides and sustains the environment for the operation of processes to achieve products and service conformity.

Verify how resources are determined to ensure valid and reliable controlling and measuring results.

Verify how the company assures that the provided resources are suitable for the specific type of observing and measurement projects being offered and that they are kept to ensure remained fitness of purpose.

Verify documented information that confers proof of fitness for the purpose of controlling and measurement resources.

Show how measurement instruments are validated or calibrated at specific intervals against national or international standards. If there are no standards, show documented information which is handled as the basis for calibration or verification.

Show how measurement devices are identified.

Show how measurement instruments are safeguarded from improvements, damage and deterioration.

Verify how the company determines the validity of previous measurements if you find an instrument to be broken during verification or calibration. Document any actions taken.

Verify how the company determines the required knowledge for the operation of methods and achieves compliance of products and services.

Verify how knowledge is sustained and made accessible to the extent required.

Check how the organization determines current knowledge and how it receives additional knowledge when addressing changing needs and trends.

4.2 Competence

Show how you discover the required competence of people doing their job under your control that influences quality performance.

Show how you determine proficiency on the basis of relevant education, training or experience.

Show how you take actions to obtain necessary competence, where suitable, and how you estimate the effectiveness of those actions.

Verify documented information as confirmation of competence where relevant.

4.3 Awareness

Test if people are doing business under the organization's control are aware of the following:

the relevant quality objectives.

their contribution to the effectiveness of the QMS, including the advantages of developed performance.

the quality policy.

the implications of not conforming with the QMS demands.

4.4 Communication

Verify what, when, with whom and how to communicate

4.5 Documented Information

Establish documented information that confirms the effectiveness of the QMS.

Show that your documented information includes appropriate identification, format (language, software version, graphics, ...) and media (paper as well as electronics, ...).

Show how the documented information is reviewed and accepted for appropriateness.

Check if documented information of external origin is classified, as appropriate, and regulated.

Show how you monitor documented information and make it accessible and suitable for use. Explain how you defend your documented information.

Establish documented information demanded by the ISO 9001:2015 standard.

Show how the company controls the distribution, admittance, retrieval, control, warehouse, preservation, intelligibility, control of changes, retention and disposal of documented information.

5. Operation

5.1 Operational Planning and Control

Verify how the company has planned, performed and controlled methods needed to satisfy the demands of products and services.

Verify how the demands for products and services are defined.

Verify how criteria for methods and acceptance for products and services are defined.

Explain how resources are defined.

Check how process control is implemented.

Show documented information that shows methods have been carried out as intended and can prove the conformity of products and services.

Determine how the output from the planning method is fitting for operations.

Determine how planned changes are monitored. Verify how unintended changes are reviewed and what actions are taken to mitigate any adverse effects, as required.

Verify how outsourced methods are controlled.

5.2 Determination of requirements for products and services

Verify methods performed for communicating with customers on information relating to products, services, handling, enquiries, order handling, customer views, contracts, perceptions and complaints or treatment of customer property and specific demands for probability actions.

Verify method to determine the demands for products and services to be given to potential customers and how the method is verified, implemented and sustained.

Verify how output and service demands including statutory and regulatory obligations are defined. Verify that the company has the ability to meet the specified demands and substantiate any claims for its outputs.

Verify how the company reviews...

... lawful and regulatory demands applicable to the outcomes.

... other contract or order demands.

... demands necessary for customer's defined or intended use, where known.

... customer demands for delivery and post-delivery.

Show that the review is carried previous to the organization's engagement to supply products and services to the buyer.

Verify documented information of improved reviews and how those changes are communicated to important personnel.

Verify how the company confirms customer demands where the customer doesn't implement a documented statement.

Verify documented information of reviews outlining new or changed demands to outcomes.

Confirm how the organization resolves disagreements in the contract or order demands from those earlier defined.

5.3 Design and development of products and services

Document how the design and development process is built, implemented and kept.

5.3.1 Design and Development Planning

In determining the steps and control for design and development, establish that the organization considers...

... the type, duration and complexity of the work.

... the demands that specify precise process stages including relevant reviews.

... necessary verification and validation.

... responsibilities and authorities.

... how interfaces are regulated between people and parties.

... the need for engagement of buyer and user groups.

Establish documented information that proves design and development demands have been met.

5.3.2 Design and Development Inputs

In determining requirements required for the type of products and services being produced and developed, the organization shall consider...

... functional and performance demands.

... information obtained from prior similar design and improvement activities.

... statutory and regulatory demands.

... standard or codes of work that the company has committed to achieve.

... potential results of failure due to the nature of the outcomes.

Confirm that the inputs are whole and unambiguous.

Establish documented information on design and improvement inputs are retained.

5.3.3 Design and Development Controls

Confirm the organization applies controls to the design and improvement process to assure that...

... the outcomes to be achieved are defined.

... reviews are conducted to assess the ability of the effects of design and development to meet demands.

... verification actions are conducted to assure that the resulting products and services meet the demands for the detailed application or dedicated use.

... validation actions are conducted to assure that the resulting outcomes meet the demands of the particularised application or intended application.

... any significant actions are taken on problems arranged during the reviews, or confirmation and validation activities.

Establish documented information of these activities is retained.

5.3.4 Design and Development Outputs

Verify the company assures the design and improvement outputs...

... are sufficient for the subsequent methods for the provision of products and services.

... meet the input demands.

... specify the features of the products and services that are crucial for their intended purpose and their safe and proper provision.

... include or reference observing and measuring demands, as appropriate, and approval criteria.

Establish documented information on design and improvement outputs are maintained.

5.3.5 Design and Development Changes

Establish the company identifies, reviews and checks changes made throughout, or subsequent to, the design and improvement of products and services, to the extent required to assure that there is no negative influence on conformity to demands.

Verify documented information on design and improvement changes, the result of reviews, the permission of changes and the actions taken to limit adverse consequences are retained.

5.4 Control of Externally Provided Processes, Products and Services

Verify how the company ensures externally implemented processes, results and services conform to specified necessities.

Verify controls applied to externally provided methods, products and services when products and services are designed for incorporation into the company's own outcomes, products and services are provided straight to the customer or a process, or part of a method is provided by an external provider as a consequence of a decision by the company.

Verify the effectiveness of the controls used by the external provider.

Verify how the company determines and applies guidelines for the evaluation, selection, controlling of administration and re-evaluation of external providers.

Check how the company determines charges applied to the external requirement of methods, products and services.

Verify how the company considers the possible impact of the external provided methods, products and services on its ability to meet buyer and applicable legal and regulatory demands.

Verify how the company determines the verification, or other actions, needed to ensure the externally provided methods, products and services meet demands.

Establish documented information on activities and actions resulting from the assessments.

Verify the company communicates to external providers its demands for...

... the approval of product and services; methods, processes and tools; and the announcement of products and services.

... verification or validation activities that the company, or its customer, plans to perform at the external providers' assumptions.

... competence, including any needed modification of persons.

... the methods, products and services to be implemented.

... the external providers' cooperations with the company.

... control of the external providers' performance to be used by the company.

5.5 Production and service provision

5.5.1 Control of Production and Service Provision

Verify the company has documented information that describes the characteristics of the products to be created, the services to be implemented or the activities to be performed and the outcomes to be achieved.

Verify the effectiveness of suitable infrastructure and environment for the operation of processes.

Verify the implementation of controlling and measuring activities at proper stages to verify that criteria for control of methods or outputs, and acceptance standards for products and services, have been met.

Verify the selection of competent persons, including any needed qualification.

Verify the validation, and periodic revalidation, of the capacity to achieve intended results of the processes for outcomes provision, where the resulting output cannot be confirmed by subsequent controlling or measurement.

Verify the implementation of activities to prevent human error (i.e. visual locations, checklist, emergency stops, document control, ...)

Verify the availability and application of suitable controlling and measuring resources.

Verify the implementation of publicity, delivery and post-delivery activities.

5.5.2 Identification and Traceability

Verify how the business catalogues outputs from the process to assure conformity.

How does the company identify the status of process outputs?

Verify how the company controls the unique identification of method outputs when traceability is needed. Verify documented information of traceability, where needed.

5.5.3 Property Belonging to Customers or External Providers

What care is provided to buyers' or external providers' property?

Check how the company identifies, verifies, protects and safeguards buyers' or external providers' property which is presented for use or association into the company's products or services.

Verify preserved documented information for a property that is damaged or otherwise found to be inappropriate for use.

5.5.4 Preservation

Verify how the company guarantees the preservation of the method outputs to ensure conformity to demands.

5.5.5 Post-delivery Activities

Verify the company considers the following to meet post-delivery actions:

- customer feedback/critics

- potential undesired consequences connected with its products and services

- legal and regulatory requirements

- nature, use and expected lifetime of its ouputs

- customer requirements demands

5.5.6 Control of Changes

Verify preserved documented information describing the results of the examination of changes, the person(s) approving the change and any required actions arising from the investigation.

Verify how the company reviews and controls change for manufacturing or service provision.

5.6 Release of products and services

Verify at proper stages product and service demands have been met.

Verify retained documented information that presents proof of conformity with approval criteria and traceability to person(s) commissioning the release.

Verify outputs are not released to the customer until the intended organisations have been satisfactorily fulfilled, unless differently approved by an appropriate authority and, as applicable, by the buyer.

5.7 Control of Non-Conforming Outputs

Confirm that outputs that do not correspond to demands are identified and controlled.

Verify proper action is taken for nonconforming products and services (also include after delivery of a product or during/after the provision of services)

Informing the customer

Obtaining permission for approval under concession

Correction

Separation, containment, return or suspension of the provision of outputs

Verify conformity to the necessities when nonconforming products are corrected.

Verify retained documented information that defines the nonconformity, actions taken and any concessions obtained and identifies the authority choosing the action in regard of the nonconformity.

6. Performance evaluation

6.1 Monitoring, Measurement, Analysis and Evaluation

Verify the company has determined what needs to be controlled and measured, the processes to be used, when it will be performed, analyzed and assessed.

Verify the company evaluates the performance and effectiveness of its QMS.

Review retained properly documented information

Verify the company controls customers' perceptions of the order to which their needs and expectations have been met.

Verify the company analyzes and assesses the following:

- the need for developments the the QMS.

- conformity of products and services.

- the performance and effectiveness of the QMS.

- if plans are effectively.

- the performance of external providers.

- the degree of customer happiness.

- the effectiveness of actions taken to address risks and opportunities.

6.2 Internal Audit

Verify company has established, implemented, and sustains an internal audit program.

Verify proper correction and corrective actions are taken without delay

Verify the value of the process, changes influencing the company and the results of previous reviews are considered

Verify audit standards and scope are created for each audit

Review retained documented information

Auditors are objective and impartial

Audit results reported to the management department

Establish inspections are conducted at planned intervals

6.3 Management Review

Verify management reports QMS at planned intervals

Check if inputs to management report includes:

- status of actions from earlier management reports

- effectiveness of actions taken to address hazards and opportunities

- the extent to which quality goals have been met

- process appearance and conformity of products and services

- the performance of external providers

- nonconformities and corrective actions

- controling and measurement results

- changes in external and internal matters related to the QMS

- audit results

- sufficiency of resources

- opportunities for improvement

Check if outputs to management review involves:

- resource needs

- opportunities for development

- any requirement for changes to the QMS

Check retained documented information.

7. Improvement

7.1 General

Verify the company determines and selects opportunities for growth to improve products and services, corrects, prevents or decreases undesired effects and increases the appearance and effectiveness of the QMS.

7.2 Nonconformity and Corrective Action

Verify how the company assesses the need for action to eliminate the root(s) of the nonconformity, in order that it does not return or occur elsewhere.

Verify how the company achieves the necessary actions.

Verify retained documented information that provides proof of the nature of the nonconformity and any consequent actions taken and the results of any healing actions

Verify how the company reacts to nonconformity, including complaints, by assessing how it takes action to control and correct it and how it deals with the results.

Verify the company updates risks and opportunities determined during planning, if necessary.

Verify how the organization decides the effectiveness of operations taken.

Verify any changes made to the QMS, if required.

7.3 Continual Improvement

Verify how the company constantly improves. Does it reflect the results of analysis and evaluation and the products and services from management review to discover if there are needs or opportunities that shall be discussed as part of continual development?

Sign Off

Sign Off

Full name and signature of the auditor: