4.2 Understanding the Needs and Expectations of Interested Parties

ISO Navigator Pro

ISO Navigator Pro™ is a free tool that provides practical, expert guidance for businesses wishing to interpret the fundamentals of ISO 9000:2015 to help understand, and better implement the requirements of ISO 9001:2015, ISO 14001:2015 and OHSAS 18001:2007. The ISO Navigator Pro™ database divides the requirements into four sequential stages; Plan, Do, Check and Act.

If you're looking for quality manual templates, audit checklists or integrated management system documents for ISO 9001:2015, ISO 14001:2015 and OHSAS 18001:2007, please click here.

Plan

Step 1 - Plan: Define, build, operate and improve your Environmental, Health & Safety or Quality Management System (EHQMS). Your mangement system should define your organization’s goals and intended outcomes, determine internal and external issues, identify stakeholders and their requirements, and define the management system’s scope.

Understanding the needs and expectations of interested parties

Understanding the Needs and Expectations of Interested Parties’ is a new requirement. You should allow time to develop an understanding of your business's internal and external stakeholder interests. Such interests are those that might impact upon your management system's ability to deliver its intended results, or those that might influence your business's strategic direction. This information should be gathered, reviewed and regularly monitored through formal channels, such as management review meetings.

In order to determine the relevance of an interested party or its requirements, your organization needs to answer: ‘does this interested party, or their requirements, affect our organization’s ability to achieve the intended outcomes of its management system?’ If the answer is 'yes', then the interested parties’ requirements should be captured and considered when planning your management system. There are many ways to capture this information, your approach could include:

  1. Information summarised as an input to the quality risk and opportunity registers;
  2. Information summarised as an input to the identification of environmental aspect and impact registers;
  3. Information summarised as an input to the identification of health & safety hazard and risk registers;
  4. Recorded in a simple spreadsheets with version control;
  5. Logged and maintained in a database to allow tracking and reporting;
  6. Captured, recorded, and disseminated through key meetings.

Try using brainstorming techniques to identify relevant external and internal interested parties, e.g. customers, partners, end users, external providers, owners, shareholders, employees, trade unions, government agencies, regulatory authorities, local community.

Similar to the context review discussed previously in Clause 4.1, cross functional input is vital, as certain functions will identify with particular stakeholders, for example procurement with suppliers, and sales with customers. A workshop approach should be encouraged which can be undertaken independent to, or in conjunction with the context review workshop.

Once stakeholders and their requirements are identified, the next step is to consider which stakeholder requirements generate compliance obligations. Legal requirements should be identified before other requirements. This process of adopting requirements will allow you to focus and coordinate on what’s important.

Make reference to all objective evidence, including examples of interested parties and any resulting compliance obligations. Look for evidence that your organization has undergone a process to initially identify these groups, and then to identify any of their requirements that are relevant to your organization’s QMS.

You should also determine whether these groups’ requirements are reviewed and updated as changes in their requirements occur, or when changes to your organization’s QMS are planned. Ensure that your organization has properly identified its interested parties, and subsequently determined if any of their needs and expectations to be adopted as a compliance obligation. Ensure that this process is revisited periodically because the relevant requirements of relevant interested parties may change over time.

Although not specifically required, objective evidence could be a list or matrix of the interested parties, their corresponding needs and expectations, and indication of which of these accepted as compliance obligations. Compliance obligations might include:

  1. All relevant legal requirements;
  2. All requirements imposed by upper levels in the organization (for example corporate requirements);
  3. All relevant requirements of relevant interested parties that the organization decides to comply with, whether contractually (customers) or voluntarily (environmental or safety commitments).

Communicating with stakeholders, particularly in relation to compliance obligations is vital. Communication with stakeholders should be based on performance data generated by your organization’s EHQMS, which will require robust monitoring and measurement to ensure that the data is reliable. You should ensure that the monitoring and measurement processes are included in the internal audit programme so your organization can assure itself that the checking processes and validated and that the data it is communicating is accurate. It is important to remember that Clause 4.2 'Understanding the needs and Expectations of Interested Parties' interacts with the following clauses:

  1. Clause 4.3 - 'When determining the scope, the organization shall consider requirements of relevant interested parties referred to in 4.2';
  2. Clause 5.2.2 - 'The quality, environmental or health & safety policies are available to relevant interested parties, as appropriate';
  3. Clause 6.1.1 - 'When planning QMS, the organization shall consider the requirements referred to in 4.2, and determine risks and opportunities that need to be addressed';
  4. Clause 8.3.2 - 'In determining the stages and controls for design and development, the organization shall consider the level of control expected for the design and development process by customers and other relevant interested parties';
  5. Clause 9.3.2 - 'Management reviews are planned and carried out considering information on QMS performance and effectiveness, including trends in customer satisfaction and feedback from relevant interested parties'.

Internal stakeholders could include:

Types of Internal interested parties: Possible needs and expectations: How to capture key issues:
Employees and contractors Shared culture, attitudes and job security Employee meetings, consultation and feedback
Clients and customers Competitive pricing, reliability and value Client/customer reviews and relationship management/customer feedback
Suppliers Beneficial supplier-client relationships Supplier reviews and relationship management
Unions and worker representatives Representation and cooperation Consultation and feedback on employment and safety issues
 

External stakeholders could include:

Types of External interested parties: Possible needs and expectations: How to capture key issues:
Regulators Compliance and reporting Critical product specification issues and conformity
Shareholders Profitability and growth Consultation and engagement exercises to identify concerns
Neighbours and communities Social responsibility and engagement Consultation and engagement exercises to identify environmental concerns
Local Authorities and Government Consultation and information Engagement with planning and development issues
 

The relevant requirements of interested parties must be available as inputs into the management system planning process, as potential risks and opportunities (Clause 6.1). There is no requirement to retain documented information, but the following types of documentation would help to evidence this:

  1. Minutes of meetings (from meetings from each group of interested party);
  2. Requirement spreadsheets and databases (CRM & ERM type applications);
  3. External communications and documentation;
  4. Quality manual;
  5. Flow down and capture of requirements relevant to the QMS defined in contracts, orders, statements of work, terms of business etc;
  6. Records of meetings where interested parties and their requirements are routinely discussed and monitored.
  7. Stakeholder mapping to determine importance;
  8. Records of surveys, networking, face-to-face meetings, association membership, attending conferences, lobbying, participation in benchmarking.

Demonstrating compliance

Look for evidence that your organization has undergone a process to initially identify these groups, and then to identify any of their requirements that are relevant to your organization’s management system. You should also determine whether these groups’ requirements are reviewed and updated as changes in their requirements occur, or when changes to your organization’s management system are planned.

Management system templates

Our range of ISO 9001 quality manual templates and integrated manual templates offer an easy way to assess, document and communicate information about your organization's interested parties to ensure that, where relevant, their needs and expectations (requirements) are captured and deployed.

More

4.1 Understanding Context
4.3 Determining Scope
4.4 Management System Processes
 

Free internal audit checklists

Check out our free internal audit checklists. The audit checklist is just one of the many tools which are available from the auditor’s toolbox that help ensure your audits address the necessary requirements.

Client list

Over 8,000 companies and globally recognized brands have relied on our templates to provide a path to improve, collaborate, and to enhance their operations to achieve certification, please see our client list for more information.