The ISO 9001:2015 standard has a very specific quality policy requirement. Item 5.2 of this standard sets forth mandates for what needs to be contained in this document, starting with structure, roles and responsibilities, in addition to defining how it should be communicated within an organization. It is important to underscore here that when I say document, this is because the policy needs to be kept as documented information. If you still have questions about this term, see this post for an explanation on this expression in relation to the standard.

The quality policy is probably the most important step in implementing an effective QMS. This is a documented and publicly available statement, indicating the organization’s commitment and intentions to assure customer satisfaction.

How is a quality policy established?

The quality policy needs to contain a commitment to fulfill all company and stakeholder requirements in order to continually improve your company’s results. Before creating the policy, it is important to verify the organization’s context and certain processes and to clearly define what the quality policy aims to achieve, to be sure that it supports the company’s strategic direction.

The document’s description should show a commitment from management, be suited to the organization’s purpose, and provide a reference system to establish objectives.

It is through the policy that all of the stakeholders, such as customers, suppliers, employees and shareholders, among others, will be made aware of how the company thinks about and practices quality day-to-day.

The policy is frequently consulted during quality audits and is tested in order to guarantee that objectives, targets and critical analysis itself are consistent with the policy as it is stated. That is why it is extremely important that your text be clear and not contain excessively formal and confusing statements that are hard to demonstrate, measure or attain.

When drafting this document, it is important to keep in mind your company’s strategies and specificities. Copying templates and examples from the internet may not reflect the organization’s strategic direction and objectives, causing problems for your management system while also surely resulting in nonconformities in your audits.

Quality policy and continual improvement

The policy should be defined so as to achieve continual improvement. In other words, the organization needs to revise it whenever necessary to guarantee that any changes to context, stakeholders or requirements are reflected in the quality policy.

Quality policy and top management

Top management is responsible for establishing, implementing and maintaining the quality policy. In addition, this leader or these leaders should guarantee that responsibilities and authorities for pertinent roles are assigned, communicated and understood within the organization.

This means that top management should be completely involved in every policy stage: creation, revisions and disclosures. While it is not mandatory, it is normal for an organization to demonstrate its managers’ commitment by having upper management sign a policy approval.

Communicating the quality policy

All employees must be aware of the quality policy and the organization needs to ensure that the requirements it contains are understood, implemented and maintained. The manner in which the policy is made public can vary depending on the place. Below are some examples of methods I have seen companies use when disclosing and raising awareness about the policy:

  • Banner at the establishment’s entrance;
  • Description on employee ID badges;
  • Description on the wallpaper of company cell phones and computers;
  • Controlled copies distributed in locations with heavy employee traffic;
  • Description on the company’s website;


It is important to hold continual training to explain to every level of the organization how each policy requirement is measured and controlled within your company and perform sporadic assessments of how this knowledge is seeded among your employees. If your company has a factory, one valuable tip is to not focus solely on production operations staff, since my own experience has shown that administrative employees are often unable to clearly explain the policy to an auditor.

Also keep in mind that this needs to be communicated to everyone working for and on behalf of your organization, such as subcontractors, temp workers and remote workers. Each of them needs to be aware of their jobs and responsibilities in relation to the policy.

Want to find out more about this topic? Find a detailed eBook on ISO 9001:2015 below:


Camilla Christino


Camilla Christino

Business Analyst at SoftExpert, completed a Bachelor's in Food Engineering at Instituto Mauá de Tecnologia. She has solid experience in the quality area in the food industries with a focus on monitoring and adapting internal and external auditing processes, documentation of the quality management system (ISO 9001, FSSC 22000, ISO / IEC 17025), Quality Control, Regulatory Affairs, GMP, HACCP and Food Chemical Codex (FCC). She is also certified as a leading auditor in the ISO 9001: 2015.

You might also like:

Get free content in your inbox!

Subscribe to our Newsletter and get content about corporate management's best practices produced by specialists.

By clicking the button below, you confirm that you have read and accept our Privacy Policy.

Please, fill out the form to download

Required field
Required field
Required field
Please enter a valid phone number
Required field

By clicking the button below, you confirm that you have read and accept our Privacy Policy