News & Commentary on ISO Management System Standards

    ISO 9001 Analysis and Evaluation - DOs and DON'Ts
    ISO 9001 Analysis and Evaluation - DOs and DON'Ts
    Photo of a person explaining the contents of a chart to their colleague

    Practical advice on implementing ISO 9001:2015 Clause 9.1.3

    This article will consider a sub-clause in ISO 9001 Part 9, Performance Evaluation, of the Quality Standard, namely, 9.1.3, Analysis & Evaluation.

    NOTE: While the exact wording may differ from Standard to Standard, the advice given here also applies to ISO 14001, ISO 27001, ISO 45001, and other standards that have the same HLS structure as ISO 9001.

    Table of Contents

    Purpose of ISO 9001:2015 Clause 9.1.3

    The intent of ISO 9001:2015 sub-clause 9.1.3 is for the organization to analyze and evaluate data and information from monitoring and measurement results.  It was formulated to determine:

    • If processes, products, and services meet requirements,
    • If corrections and corrective actions are needed,
    • If decisions based on risk-based thinking were satisfactory, and
    • Opportunities for improvement.


    Evaluation is a new requirement in the 2015 version of the Standard.  So, expect Auditors to have it on their ISO 9001 Audit Checklist.  ISO 9001 Consultants and QHSE Managers take note.

    This is the most likely source of a Major Noncompliance

    Having worked with this Standard for the past nine years and undertaken 100s of CAB audits, I can say that this area is often found to be weak and often undertaken in a meaningless way. 

    Do not expect External Auditors to be anything other than conscientious in pursuing evidence of compliance with the requirements here. 

    Just think about it for a moment.  Your organization has customers whom it supplies with products and services.  This is done against agreed contracts and/or specifications.  You also have objectives set for the improvement of your Quality Management System.  I could also add many more measurable features to your QMS.

    Hertzberg promoted the idea that if you can't measure it, you can't manage it.  So, it makes no sense not to diligently measure and monitor the performance of your QMS or subsequently analyze and evaluate results. 

    Top management requires these results at Management Reviews if they are to have an evidence-based discussion on QMS effectiveness.

    Sources of Data for Analysis and Evaluation

    The data selected should focus on providing results to evaluate the performance and effectiveness of the quality management system and determine the need for any improvements. 

    Here are seven examples of typical data sources:

    • Product: yield; conformity to specific requirements (e.g., customer, statutory, regulatory); rates of non-conformities [e.g., parts per million (ppm)]; scrap and rework; on-time delivery; fulfillment of an order;
    • Service performance: queuing times; an indication of resolution of customer issues; ease of access; cleanliness; housekeeping; friendliness;
    • Results from the monitoring of customer perception;
    • Delivery of projects to plan (e.g., budget and timing);
    • Review of action items on risks and opportunities (e.g., meeting minutes);
    • On-time delivery and quality (e.g., rejects) for external providers;
    • Status of quality objectives.


    New call-to-action

    Documenting Output of Analysis and Evaluation

    Typically, output from analysis and evaluation is documented as follows:

    • Trend analyses or reports,
    • Balanced scorecards and
    • Dashboards,

    And becomes an input to management reviews or meetings that consider the output.

    How to Implement Analysis and Evaluation for ISO 9001


    • Do ensure that the output from analysis and evaluation is in a suitable format.  It should allow a determination of whether actions are needed to improve the quality management system – this is of prime importance here.
    • Do determine the appropriate frequency for evaluating and analyzing the information.  Information could be analyzed daily, weekly, monthly, or annually, depending mainly on the use you will make of it.  

      For example, if you are currently experiencing daily problems with on-time deliveries, it would make no sense to evaluate performance here on a monthly basis as you need the information on a daily or weekly basis to take timely action or to get timely feedback on action already initiated, in addressing the problem.
    • Do make every effort to retrieve information electronically.  Avoid manual preparation of data if possible.
    • Do ensure that the methods and data quality provide useful information.  These data should be representative, unbiased, complete, and accurate.  Best of all, they should be capable of being used for managerial decisions.
    • Do use statistical techniques for the analysis and evaluation processes.  Check-out Minitab.


    ISO 9001 Lead Implementer CTA Button


    • Don't forget to evaluate the information you have decided to monitor.  Analyzing a lot of raw data is insufficient to meet the requirements.  You are recommended to interpret the word 'valuation' to mean converting the analyzed data into a format that will facilitate decision-making and follow-up action by management or other interested parties.
    • Don't continue to collect and evaluate information if no use is being made of it.  If no decisions and/or actions arise from the evaluated information, drop that data source from your program.  And never collect and evaluate data to benefit your CAB (Certification Body) alone.
    • Don't forget that this sub-clause has seven headings where analysis and evaluation are required.  Your CAB Auditor will be asking for evidence that you have addressed all seven – a list like this in a Standard constitutes "low-hanging fruit’' for an Auditor.


    ISO Sub-clause 9.1.3 is a new clause for a reason.  Too often in the past, very low-grade information was developed in QMSs. This was of little use to top management in making useful decisions about the status and future development of their QMS. 

    The expectation is that analyzed data will be evaluated to facilitate decisions and actions regarding the QMS.  Your ISO 9001 Certification Auditor will be seeking out this linkage.


    1. This is part of an ongoing series of posts on the DOs and DON'Ts of implementing and maintaining a QMS.  Use the "search'' field at the top of this page to find the others.
    2. Reference: ISO/TS 9002:2016, Guidelines for the application of ISO 9001:2015

    Getting your ISO 9001 Consultants Diploma

    Related Articles

    deGRANDSON Global is an ISO Certified Educational Organization

    In October 2021, we secured certification to three education-related ISO Standards.  We now have a university-grade management system in place conforming to the requirements of…

    • ISO 21001, Educational Organizational Management System,
    • ISO 29993, Learning Services outside formal Education,  and
    • ISO 29994, Learning Services – additional requirements for Distance Learning.

    We have chosen ISO 21001 certification because, unlike IRCA and Exemplar badges (which, in our opinion, are commercially compromised), it is based on independent third-party assessment.  It is a "university grade’' standard globally by schools, colleges, and universities to demonstrate competence.

    We offer Certified Courses for ISO 9001, ISO 13485, ISO 14001, ISO 17025, ISO 27001, ISO 45001, Data Protection and Risk Management.


    Written by Dr John FitzGerald

    Director & Founder of deGRANDSON Global. Spent 15 years in the manufacturing industry and 25 years training, consulting & auditing management systems
    Find me on:

    Subscribe to Email Updates

    Recent Posts