Auditing of Design activities in ISO 9001 Scopes

This Bulletin is to highlight the UKAS Accreditation body’s position with regard to the exclusion of design from ISO 9001 scopes.

The previous version of ISO 9001 specifically permitted the “exclusion” of clauses in certain

sections including Design, if they were not related to the client’s Quality Management

System (QMS) scope. ISO 9001: 2015 does not include this provision, instead of allowing

specific exclusions it uses a more inclusive approach to scoping within clause 4.3, which

states that: –

“The organization shall determine the boundaries and applicability of the quality

management system to establish its scope.”

and that: –

“The organization shall apply all the requirements of this International Standard if they are

applicable within the determined scope of its quality management system.”

The standard does, however, still refer to design but in a specific way, clause 8.3.1 states

that “The organization shall establish, implement and maintain a design and development

process that is appropriate to ensure the subsequent provision of products and services.”.

This reference to the design of products and services is an important one. Often in the past design has been considered to refer only to product design and exclusions were claimed on this basis, however in many instances, organisations did in fact carry-out design of processes and services. With this change of emphasis on design within an organisation’s Quality Management System, a claim that an organisation is not involved in design in any way is now less likely.

Therefore, certification body auditors should be mindful when considering the boundaries of

a client’s QMS, taking account the design of their processes and services as well as

products, so as to ensure that the organisation’s activities relating to such design are fully


“The need for design and development comes from an organization’s context and the

application of risk based thinking. Auditors may also review that an organization has

considered the following sources:

• customer requirements

• the organization’s strategic intent;

• market intelligence and research;

• service reports;

• customer feedback;

• new or changed statutory and regulatory requirements;

• process changes;

• new technology;

• suppliers.

Auditors should evaluate whether the organization has in place, and performs, activities for

the review of such needs. Auditors should review how the decision to proceed with design

and development is taken, i.e. have risks and opportunities, including cost implications, been

considered and have all relevant interested parties (internal or external) been consulted.”

Generally, the design and development process consists of the stages shown in Figure 1 below. Each stage has specific deliverables that cover both the commercial and technical aspects of design and development of a product or service. In some cases, organisations might be able to justify the exclusion of certain sub-clauses or individual requirements from their QMS, without necessarily excluding the entire clause. For an organisation with a long established and well validated product/service design, for example, the organisation might only need to ensure that design changes are managed in accordance with the requirements of clause 8.3.


Get In Touch

Scroll to Top