12 Questions for Top Management about Quality

Meetings with Top Management can be daunting, especially for new auditors. To help, we’ve outlined twelve questions that we believe all auditors should know to ask Top Management, and that Top Management should know about their Quality Management System.

The final post in our three-part series gives some ideas about what an auditor should ask Top Management about their Quality Management System.

  1. Does your quality policy include the framework for setting and reviewing the quality objectives? (Clause 5.3c)
  2. Are your organisation’s quality objectives actually measureable? And do you measure them? (Clause 5.4.1)
  3. Are your quality objectives cascaded through the organisation and do they align from top to bottom? (Clause 5.4.1)
  4. Have you identified and described your organisation’s own business processes and how they interact with each other? (Clause 4.1 a&b)
  5. Has the criteria been set for what is an acceptable product or service? (Clause 7.1c)
  6. Have you established effective processes for communicating with your workforce, and for them to communicate with you? (Clause 5.5.3)
  7. Do you review the performance of your organisation at planned intervals? (Clause 5.6.1)
  8. Does this review address all of the following information; the results of audits, customer feedback, process performance, your product and service conformity, the status of corrective actions, the status of preventive actions, changes, and improvement opportunities? (Clause 5.6.2)
  9. Do actions arise from the reviews that you undertake? (Clause 5.6.3)
  10. Have you determined the necessary competence levels for your entire workforce that can affect your product or service? (Clause 6.2.2a)
  11. Do you analyse data in order to identify any trends or characteristics that may lead to a non conformance? (Clause 8.4C)
  12. Can you demonstrate how your organisation is actually improving? (Clause 8.5.1)

Answering yes to all these questions does not assure total compliance to ISO 9001 but it does pick up on some of the key aspects of a quality management system.




Can iso 9001 apply on department level like M.I.S Department in big organization? or its only applicable organization level?

Note:- Orginization is at single Physical location do not have any suboffice or do not have any branch

Khurram Shahzad

Jay Greensill

Hi Khurram,
Organisations can maintain one umbrella-style system across their entire operation, or if they’d prefer, they can maintain separate systems for each location or site, and have these certified separately, or any combination of the two. It’s a risk-based decision for the organisation, and they would need to weigh up the benefit of either maintaining a single certification or multiple. This also includes departmental levels; They would just specify the boundaries of the system in setting the scope of the certification, including the activities and processes concerned.

Leave a Reply

Your email address will not be published.

“Well structured content, fantastic presentation by Miguel and loads learnt. The ISO 27001 training is helping me understand my clients’ needs better and make useful recommendations. Moreover, this was so much fun – thanks team!”

“Overall very valuable course. Balance of theory with practical workshops was excellent. Trainers stuck to timetable very well.”

To be honest, I wasn’t really looking forward to the training and wasn’t too sure what to expect. It turned out to be quite enjoyable and a really great experience which I put down to the facilitators, Pat and Tom and the group. Both Pat and Tom shared their breadth of knowledge and experiences and were really engaging.

“Great presentation of the course, engaging facilitators and good use of group work. I found the course to be a great refresher for an audit course I did 10 years ago and now feel more motivated to go audits in a non-bow tie way!”

“Trainers’ knowledge was excellent, their knowledge made the training and learning easy.”