Guide · Reference

ISO 9001 requirements & checklist

ISO 9001:2015 puts its requirements in clauses 4 to 10 (clauses 1–3 are just scope, references and definitions). Here's each one in plain English — what it asks for, what to document, and what an auditor will want to see.

ClauseWhat it requiresWhat an auditor looks for
4. ContextUnderstand your business, its interested parties, and set the scope of your QMS and its processes.A defined scope, and evidence you've thought about who and what affects your quality.
5. LeadershipTop management commitment, a quality policy, and clear roles and responsibilities.A signed policy, and leaders who can talk about the system — not just a document.
6. PlanningAddress risks and opportunities, and set measurable quality objectives with plans to achieve them.A risk register and objectives with targets, owners and progress.
7. SupportResources, competence and training, awareness, communication, and control of documented information.A training/competence matrix, document control, and current controlled documents.
8. OperationPlan and control how you deliver your product or service, including requirements, design, suppliers and nonconforming output.Procedures matching how you actually work, and supplier evaluation records.
9. Performance evaluationMonitor and measure, run internal audits, and hold management reviews.Monitoring data, a completed internal audit, and management review minutes.
10. ImprovementHandle nonconformities, take corrective action, and continually improve.Corrective actions tracked from root cause to verified effectiveness.

The documents and records you'll need

ISO 9001:2015 is deliberately light on mandated documents — it asks for a scope, a quality policy and quality objectives, plus "documented information" your processes need and records that prove the system works. In practice that means procedures for your key processes and records such as competence evidence, monitoring results, internal audit results, management review outputs, and nonconformity and corrective-action records. It does not hand you a fixed list of procedures, which is why generic template packs so often miss the mark for your business.

The whole checklist, generated for you

Rather than working clause by clause with a blank template, BigTick asks about your business and generates the policies, procedures and registers that satisfy clauses 4–10 — mapped to the relevant clauses, written around your work, and ready to review. Then it runs the internal audit and mock audit that check you against this very list.

How to use this as a readiness check

Go clause by clause and ask two questions: do we have the documented information this clause needs? and can we show it working with records? The gaps between "documented" and "done" are exactly what an internal audit — and then a certification auditor — will find. Close them before Stage 2.

Tick every clause without the spreadsheet

Start a free trial and get a clause-mapped ISO 9001 system built for your business, plus the internal audit and mock audit to prove you're ready.

Start a free trial

Frequently asked questions

What are the main requirements of ISO 9001?

They sit in clauses 4 to 10: context, leadership, planning (including risk), support, operation, performance evaluation, and improvement. Clauses 1–3 (scope, references, terms) are not audited.

What documents does ISO 9001 require?

A scope, quality policy and objectives, plus the documented information your processes need and records that prove the system works — competence evidence, monitoring and internal-audit results, management review outputs, and corrective-action records. There's no fixed list of mandatory procedures.

Is a quality manual still required?

ISO 9001:2015 removed the mandatory quality manual, but you still need documented information to support your processes. Many businesses keep a manual-style overview anyway because it's useful and auditors find it helpful.

Related guides

A plain-English summary of ISO 9001:2015 requirements, not a substitute for the standard itself or certification advice.