• Determine external and internal issues
• Monitor and review information about issues

• Identify the interested parties relevant to the quality management system
• Determine the requirements of interested parties
• Monitor and review information about interested parties and their requirements

• Define the scope of the QMS
• Take into account the external and internal issues
• Take into account the requirements of interested parties
• Take into account the products and services. All products and services proposed by the company without exception
• Apply any requirement of the ISO 9001 standard applicable within the scope of the QMS
• Maintain the scope of the QMS as documented information
• Include in the scope of the QMS justification for any requirements which cannot be met
• Every requirement of the ISO 9001 standard which cannot be applied in the company implies a justification

• Establish, implement, maintain and improve a process-based QMS
• Determine the needed processes and their application
• Determine process inputs and outputs
• Determine the sequence and interaction of processes
• Determine the criteria and methods to control processes
• Determine and provide the resources
• Assign process responsibilities and authorities, Consider the risks and opportunities for each process
• Evaluate processes and if necessary modify them
• Determine the improvement opportunities of processes and the QMS
• Maintain documented information on process operation
• Retain documented information on process operation

4.1

• Demonstrate accountability for effectiveness of QMS
• Establish a quality policy and quality objectives. Ensure policy and the objectives are compatible with strategic direction and context of the company
• Integrate QMS requirements in the internal process requirements 
• Raise awareness of the process approach and process approach and risk-based thinking
• Provide the necessary resources for the QMS
• Raise awareness on the importance of an effective and conforming QMS
• Ensure the achievement of intended results of the QMS
• Support the staff contribution to the effectiveness of the QMS
• Promote continual improvement
• Support the leadership of managers 
• Responsibility and authority of managers are backed at all times by top management

• Determine and meet customer, statutory and regulatory requirements
• Determine and address the potential risks and opportunities. Any risk and opportunity that may influence the conformity of products and services and customer satisfaction.
• Maintain the objective of better satisfying the customer

5.2

5.3

• Establish, implement and maintain a suitable quality policy
• Provide a framework to define and review the quality objectives
• Include meeting the applicable requirements
• Include a commitment to continuously improve the QMS

• Maintain the quality policy as documented information
• Communicate the quality policy
• Keep the quality policy available to interested parties

5.3

• Take into account risks and opportunities
• Take into account opportunities, to increase the desirable effects (positive impact)
• Take into account risks, to reduce the undesirable effects (negative impacts)
• Take into account risks and opportunities, to confirm the approach of continual improvement, (Clause 10.3)
• Plan actions to address risks and opportunities
• Define how to integrate actions in the QMS processes, (Clause 4.4)
• Plan and implement actions
• Plan and evaluate actions
• Adapt actions to risks and opportunities, considering the potential impact on the conformity of products and services

• Establish quality objectives at relevant functions, levels and processes

• Define measurable objectives
• Consider applicable requirements
• Adopt relevant objectives
• Monitor objectives
• Communicate objectives
• Update objectives

• Maintain documented information on the quality objectives

• Define plan
• Determine necessary resources 
• Plan responsibilities 
• Plan deadlines

- Plan the way to evaluate results

• Consider the purpose of the change and the possible consequences
• Consider the maintenance of the integrity of the QMS
• Consider the available resources
• Consider the assigned responsibilities and authorities

• Provide the necessary resources to achieve effectiveness in performance of QMS
• Take into account existing resources and their capabilities and constrains
• Take into account the need for the use of external providers, to provide necessary services not available inside the company

• determine and provide the persons necessary for the operation and control of its processes

• Provide and maintain the infrastructure necessary to the functioning of processes to achieve conformity of products and services.
• Example: buildings, equipment, transportation, hardware, software etc

• Provide and maintain the suitable environment necessary to the functioning of processes to achieve conformity of products and services.
• Can be defined in combination of human and physical factors such as Social, psychological, physical, as applicable to organization
• Example: Work culture, work atmosphere, temperature, ergonomics etc

• Determine the need for monitoring and measuring resources
• Provide adequate resources for monitoring & measurements (Clause 7.2)
• Maintain resources (calibrated or verified, or both, at specified intervals, or prior to use)
• Identification and fitness for use
• In order to ensure fitness for their purpose
• Retain documented information on the adequacy of inspection resources (Clause 7.5)
• Initiate actions, when measuring equipment is found to be unfit for its intended purpose

• Determine the necessary knowledge to control the processes and the conformity of products and services
• Acquire, maintain and make organizational knowledge available to maintain the performance of the QMS
• Take into account the need for additional knowledge
• When needs and trends have changed

• Determine the necessary competence
• Identify people who have an influence on the performance & effectiveness of QMS
• Ensure the competence, based on appropriate training or experience
• Undertake activities to acquire the necessary competence and evaluate the effectiveness of these activities
• Retain documented information on staff competence (Clause 7.5)

• Ensure the staff is aware of the quality policy
• Including people who carry out work under the company's control.(Clause 5.2
• Ensure the staff is aware of the quality objectives
• (Clause 6.2
• Ensure the staff is aware of its contribution
• In order to improve the performance of the QMS
• Ensure the staff is aware of negative impacts
• If QMS requirements are not met

• Determine the internal and external communications. 
• Define methodology for internal and external communications
• Define with whom to communicate Communication
• Define responsibility for internal and external communications

Documented information

• Determine documented information required by the ISO 9001 standard
• Determine documented information necessary for the effectiveness of QMS

• Create, identify and describe the documented information
• Choose the format and the media of the documented information
• Review and approve the adequacy of the documented information

• Management of availability of the documented information
• Management of distribution, access and use of the documented information 
• Management of storage of the documented information
• Management of changes of the documented information
• Management of retention time and the removal of the documented information
• Management of documented information of external origin
• Protect the documented information

Operation

• Plan and determine the requirements for the products and services
• Establish the criteria for control of process
• Determine necessary resources
• Plan and Control the processes
• Determine, maintain and retain the documented information on process control
• Determine, maintain and retain the documented information on product and service conformity
• Control planned and unplanned changes
• Analyze the consequences of unplanned changes, actions to limit the effects
• Control the outsourced processes

• Provide information to customers, related to products and services
• Control communication with customers related to contracts, orders, changes and consultations
• Control communication with customers regarding the perception, opinions, complaints and recommendations. 
• Control communication with customers regarding their property.
• Establish communication with customers regarding specific requirements for contingency actions

• Determine the requirements for the products and services
• Develop specific activities for products and services, to determine statutory and regulatory requirements
• Define internal requirements, Related to processes, products and services.
• Determine the feasibility to meet customer requirements
• Determine process to respond to claims, in a relevant way (with facts)

• Determine ability to meet the requirements for products and Services
• Review explicit customer requirements, Before order acceptance, including delivery and post-delivery activities requirements
• Review implicit customer requirements, Before order acceptance (unformulated requirements but necessary for specified use or use intended by the customer)
• Review internal requirements identified by organization
• Review statutory and regulatory requirements applicable to the products and services
• Review gaps, Between requirements of an order (or contract) and those previously expressed
• Resolve gaps, Before order acceptance and commitment to provide products and services
• Confirm requirements before accepting an order, when requirements are not documented
• Retain the documented information on the results of the reviews of requirements, (Clause 7.5)
• Retain the documented information on any new or changed requirement for the products and services, (Clause 7.5)

• Communicate changes to relevant persons, After changing requirements in the documented information

• Establish, implement and maintain a process of design and development

• Plan the design and development stages

• Consider the specificity of design and development activities
• Consider the process requirements and applicable reviews
• Consider the verification and validation activities
• Consider the necessary responsibilities and authorities
• Consider the needs of internal and external resources
• Consider the relations between persons participating in the design and development
• Consider the need for involvement of customers and users
• Consider the requirements for subsequent products and services
• Consider the level of control expected by interested parties
• Consider the documented information meeting design and development requirements. (Clause 8.3.3, 8.3.5 and 8.3.6)

• Determine essential requirements, regarding specific types of products and services from design and development
• Determine functional requirements, Consider also the performance requirements
• Consider the information from similar activities
• Consider the statutory and regulatory requirements
• Consider the corporate culture, internal rules of art
• Consider the potential consequences of product and service failure

• Check that the inputs are complete and unambiguous, In order to realize suitable design and development process
• Resolve potential conflicts between inputs, In order to obtain complete and unambiguous inputs
• Retain the documented information on design and development inputs, (Clause 7.5)

• Define clearly the expected results, Regarding processes, products and services
• Conduct reviews as planned , Regarding processes, products and services
• Check that outputs meet input requirements, (Clause 8.3.5)
• Validate products and services , To ensure that the specified application requirements or those for the intended use are satisfied
• Take actions in response to identified problems, during reviews, verifications and validations
• Ensure that the documented information is retained (Clause 7.5, 8.3.3, 8.3.5 and 8.3.6)

• Ensure that outputs meet input requirements, (Clause 8.3.3)
• Ensure that outputs are in line with the subsequent processes, processes regarding the products and services
• Ensure that outputs include monitoring and measuring requirements, including acceptance criteria is defined
• Ensure that outputs are suitable for their intended use, proper use or planned by the customer in complete safety
• Retain the documented information on outputs, (Clause 7.5 )

• Identify, review and control the changes made to inputs and outputs, ensure that the changes have no impact on meeting the requirements
• Retain the documented information on changes (Clause 7.5)
• Retain the documented information on results of reviews (Clause 7.5 
• Retain the  documented information on who authorized the changes (Clause 7.5) 
• Retain the documented information on actions, in order to prevent negative impacts. (Clause 7.5)

• Ensure that the outputs of external providers meet specified requirements
• Apply the requirements for the control of products and services provided by external providers
• When the products and services are integrated internally, apply the requirements for the control of products and services
• When the products and services are provided directly to customers by external providers on behalf of the company, apply the requirements for the control of process done by external providers
• determine and apply criteria for the evaluation, selection, monitoring of performance, and re-evaluation of external providers
• Retain the documented information on the results of the evaluation and monitoring(Clause 7.5)

• Determine & apply the level of control of external providers on meeting the requirements
• Ensure that the processes of external providers are controlled
• Define how to control the external provider and its process outputs
• Consider the potential impact of the outputs of the external provider
• Consider the control of the external provider, and effectiveness of this control
• Define how to control the outputs of externally provided processes
• Verification and other activities necessary to ensure that the provision of external providers does not affect the conformity of products and services delivered to the customer

• Verify the adequacy of the requirements, prior to communication to the external provider
• Communicate the requirements to the external provider,

• regarding the processes, products and services to provide
• regarding the approval of products and services
• regarding the approval of methods, processes and equipment
• regarding the approval of the release of products and services
• regarding the competence (including required qualifications)
• regarding the relations between the external provider and the company
• regarding the control and monitoring of the external provider's performance
• regarding the verification or validation activities that the organization or its customer intends to realize at the external provider's premises

• Apply controlled conditions of production and service provision including delivery and post-delivery activities
• Maintain documented information of specifications of products and services and the expected activities (Clause 7.5)
• Save the documented information of results to be achieved (Clause 7.5)
• Include in the controlled conditions

• the inspection resources (Clause 7.1.5)
• the inspection activities, to verify that the appropriate stages of the processes' outputs meet the criteria
• Include in the controlled conditions adequate infrastructure and environment (Clauses 7.1.3 et 7.1.4
• the staff competence,
• the necessary qualification, (Clause 7.2
• the validation of the ability of a process to achieve the expected results, when the outputs cannot be checked ,
• the actions to prevent human error
• the activities of release, delivery and post-delivery (Clause 8.6 and paragraph 8.5.5

• Use appropriate means to control the unique identification of process outputs, to ensure the conformity of products and services when needed
• Inspect processes throughout the production and service provision
• Control the traceability of process outputs, When traceability is a requirement, the unique identification is used
• Retain the documented information on traceability

• Exercise care with property owned by customer or external provider
• Identify, check, protect, monitor and safeguard customer or external provider property
• Notify the customer or external provider when his property has been damaged or lost and maintain the documented information on the situation

• Preserve the process outputs throughout production and service provision activities, Ensure: identification, packaging, handling, storage, transport, protection

• Meet the requirements for post-delivery activities

• Consider statutory and regulatory requirements
• Consider negative impacts related to products and services
• Consider the nature, the intended use and lifetime of products and services
• consider the requirements of interested parties
• Consider customer feedback

• Review and control unplanned changes
• Retain the documented information on unplanned changes