News & Commentary on ISO Management System Standards

    ISO 9001 Analysis and Evaluation: DOs and DON'Ts
    Photo of a person explaining the contents of a chart to their colleague

    Practical advice on ISO 9001:2015 Clause 9.1.3 implementation



    Table of Contents

    Purpose of ISO 9001:2015 Clause 9.1.3

    The intent in ISO 9001:2015 sub-clause 9.1.3 is for the organization to analyse and evaluate data and information from the results of monitoring and measurement. It was formulated to determine:

    • if processes, products and services meet requirements,
    • if corrections and corrective actions are needed,
    • If decisions based on risk-based thinking were satisfactory, and
    • opportunities for improvement.


    Evaluation is a new requirement in the 2015 version of the Standard. So, expect Auditors to have it on their ISO 9001 Audit Checklist.  ISO 9001 Consultants and QHSE Managers take note.

    This is the most likely source of a Major Noncompliance

    Having worked with this Standard for the past 6 years and undertaken 100s of CAB Audits, this is an area that time and again is found to be weak and often undertaken in a meaningless way. 

    Do not expect External Auditors to be anything other than conscientious in pursuit of evidence of compliance again the requirements here. 

    Just think about it for a moment. Your organization has customers whom it supplies with products and services. This is done against agreed contracts and/or specifications.  You also have objectives set for the improvement of your Quality Management System.  And I could add many more measurable features of your QMS.

    Hertzberg promoted the idea that: if you can't measure it, you can't manage it. So. it makes no sense not to diligently measure, monitor the performance on your QMS and then analyse and evaluate results. 

    And these are the results that top management require at Management Reviews of they are to have an evidence-based discussion on QMS effectiveness.

    Sources of Data for Analysis and Evaluation

    Data selected should focus on providing results to evaluate the performance and effectiveness of the quality management system and determine the need for any improvements. 

    Here are seven examples of typical data sources:

    • product: yield; conformity to specific requirements (e.g. customer, statutory, regulatory); rates of non-conformities [e.g. parts per million (ppm)]; scrap and rework; on-time delivery; fulfilment of order;
    • service performance: queuing times; an indication of resolution of customer issues; ease of access; cleanliness; housekeeping; friendliness;
    • results from the monitoring of customer perception;
    • delivery of projects to plan (e.g. budget and timing);
    • review of action items on risks and opportunities (e.g. meeting minutes);
    • on-time delivery and quality (e.g. rejects) for external providers;
    • status of quality objectives.

    Choose an ISO 9001 Course


    Documenting Output of Analysis and Evaluation

    Typically, output from analysis and evaluation is documented as:

    • trend analyses or reports,
    • balanced scorecards,
    • dashboards,

    and becomes an input to management review or meetings that consider the output.


    How to Implement Analysis and Evaluation for ISO 9001


    • Do ensure that the output from analysis and evaluation is in a suitable format. It should allow a determination to be made of whether actions are needed to improve the quality management system – this is of prime importance here.
    • Do determine the appropriate frequency for evaluating and analysing the information. Information could be analysed daily, weekly, monthly, annually depending largely on the use you will make of it.  

      For example, if you are currently experiencing daily problems with on-time deliveries, it would make no sense to evaluate performance here on a monthly basis as you need the information on a daily or weekly basis in order to take timely action, or to get timely feedback on action already initiated, in addressing the problem.
    • Do make every effort to retrieve information electronically. Avoid manual preparation of data if possible.
    • Do ensure that the methods and data quality provide useful information. These data should be representative, unbiased, complete, and accurate. Best of all, they should be capable of being used for managerial decisions.
    • Do use statistical techniques for the analysis and evaluation processes. Check-out Minitab.


    ISO 9001 Lead Auditor Certification


    • Don’t forget to evaluate the information you have decided to monitor. Analysing lots of raw data is not sufficient to meet the requirement here.  You are recommended to interpret the word ‘evaluation’ to mean converting the analysed data into a format that will facilitate decision-making and follow-up action by management or other interested parties.
    • Don’t continue to collect and evaluate information if no use is being made of it. If no decisions and/or actions arise from the evaluated information, drop that data source from your programme.  And never collect and evaluate data for the benefit of your CAB (Certification Body) alone.
    • Don’t forget that there are seven headings in this sub-clause where analysis and evaluation are required. Your CAB Auditor will be asking for evidence that you have addressed all seven – a list like this in a Standard constitutes ‘low-hanging fruit’ for an Auditor.



    ISO Sub-clause 9.1.3 is a new clause for a reason.  Too often in the past, very low-grade information was developed in QMSs. This was of little use to top management in making useful decisions about the status and future development of their QMS. 

    The expectation now is that analysed data will be evaluated so as to facilitate decisions and actions regarding the QMS being taken.  Your ISO 9001 Certification Auditor will be seeking out this linkage.


    This is part of an ongoing series of posts on the DO's and DON'T's of implementing and maintaining a QMS.  Use the 'Search' field at the top of this page to find the others.

    Reference: ISO/TS 9002:2016, Guidelines for the application of ISO 9001:2015

    New call-to-action

    Note: First published in Feb 2018; revised and updated in Apr 2021.

    Related Articles

    deGRANDSON Global is an ISO Certified Educational Organization

    In October 2021 we secured certification to three education-related ISO Standards.  We now have a university-grade management system in place conforming to the requirements of  …

    • ISO 21001, Educational Organizational Management System,
    • ISO 29993, Learning Services outside formal Education,  and
    • ISO 29994, Learning Services – additional requirements for Distance Learning.

    We have chosen ISO 21001 certification because, unlike IRCA and Exemplar badges (which in our opinion are commercially compromised), it is based on independent third-party assessment.  It is a ‘university grade’ standard in use globally by schools, colleges, and universities to demonstrate their competence.


    Written by Dr John FitzGerald

    Director & Founder of deGRANDSON Global. Spent 15 years in the manufacturing industry and 25 years training, consulting & auditing management systems
    Find me on:

    Subscribe to Email Updates

    Recent Posts