Interested parties: Who are they and what could be their expectations in a management system according to ISO Standards?

Most ISO standards refer to an interested party. And managers are explicitly asked to identify the interested parties and their needs and to address those needs accordingly when setting up a management system.

For example, the ISO 9001:2015 Quality Management System states in clause 4.2:

Due to their effect or potential effect on the organization’s ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, the organization shall determine:

  1. a) the interested parties that are relevant to the quality management system;
  2. b) the requirements of these interested parties that are relevant to the quality management system.

The organization shall monitor and review information about these interested parties and their relevant requirements.

Similarly, ISO 27001 Information Security Management System in clause 4.2 requires that the organization determines: 

  1. a) interested parties that are relevant to the information security management system; and
  2. b) the requirements of these interested parties relevant to information security.

That same requirement is found in the ISO 22301 Business Continuity Management System, clause 4.2.1 General:

 When establishing its BCMS, the organization shall determine

  1. a) the interested parties that are relevant to the BCMS, and
  2. b) the requirements of these interested parties (i.e. their needs and expectations whether stated, generally implied or obligatory).

 We can keep listing all the management standards and they will all require us to identify the interested parties and their needs. But what could be an interested party when it comes to a management system? Here is a list that could be considered when defining who your interested party could be.

The top of the list obviously is your customer. Customers always look for quality products or services as well as a good price and genuine support.

The second on that list would be the owners or shareholders. Their need is to ensure their business is profitable and sustainable. This means the management system should take that into account, otherwise, they may oppose the system.

The next interested party would be the employees; the people that work to generate the revenue. That group looks for a good work environment and job security. A question here would be: have we taken into account the need of the employees in our management system?

Another interested party is the health and safety executive. Most companies are required to comply with some workplace safety regulations as part of employment law. That means the government may want to make sure that safety and health are part of your concern. The management system should address all issues related to health and safety.

Then comes the consumers group. The concern of that interested party is about the products that are fit for purpose. And in other standards, such as ISO 26000 for sustainable development, you may initiate a formal survey to collect consumers’ needs and expectations while implementing that standard.

Don’t forget about your competitors. Competitors as an interested party are expecting a fair business environment. Despite the fact that business is considered a race, there are sometimes explicit rules that apply. And not everything is permitted, especially when it comes to certification against a given standard.

After that comes the supply chain. It is highly recommended to establish a mutual benefits agreement with them for continuity purposes. Meaning, the relationship here should be considered as a partnership and NOT a client-supplier with an “order giver and order receiver” relationship. So when implementing the management system a question to consider would be: have we taken into account the reality of our suppliers? How can we count on them for our operations?

Similarly, we have the sub-contractors. Even though we can consider ourselves as client or purchasers, we have to make sure that the work environment suits our sub-contractors, otherwise, the quality of their deliverable may impact our customer.

Media, NGOs and Society as a whole are interested parties. Depending on the nature of your business, you may not want to neglect the needs and expectations of this group. Media expects accurate information, whereas NGOs expect up-to-date processes in line with legislation, especially when it comes to the environment, climate change, etc. Ethical behaviour is what Society expects from a company. As such, is your management system in line with ethical behaviour?

Another interested party could be environment agencies. In a society like North America, it could be an expensive mistake to not put due care on waste management. Regulations are strictly enforced and any management system should take that seriously.

The other group relates to insurers. Conditions always apply when it comes to insurance coverage. Your management system should meet and not alter those conditions in order to get coverage with a favourable premium.

Our final interested party is called the influencers. In that group, we have trade unions and trade associations. A question would be: what affects their members, and what are they expecting from your management system. Have you considered that?

Need more detail? Let our team conduct a free gap-analysis of your business processes to help guide your implementation or fix any non-conformance before your certification audit.  Book your free gap-analysis here:  https://formatourinc.com/free-assessment/