02 September 2013

Identifying ISO 9001 Mandatory Procedures

A procedure is a list of specific instructions or rules about the way certain things will be done.    Both ISO 9001 and ISO 27001 require certain procedures to be documented and the documentation of many others is deemed to be optional but may be practically essential as proof of compliance for audit purposes.  In the language of the Standards, certain  procedures “shall” rather than “should” be documented.

The mandatory procedures  for ISO 9001 which I have now identified are similarly listed in most of my sources. They comprise :

MP 1 Document Control

MP2 Control of Records

MP3 Internal Auditing

MP4 Control of Non-conformance

MP5 Corrective Action

MP6 Preventive Action

For the moment these are text dumps in my draft manual.  My primary focus here is covering off the minimum documentation requirement .

I make one small voluntary addition here.  It seems prudent to me to run regular internal checks on our data destruction equipment to verify it is destroying data in the way it should.  So I have also added a procedure for this under Verification of Purchased Product clause of ISO 9001.  I am not sure if it should necessarily go under this heading but I plan to include it as a procedure wherever it should be placed.

Based on historical diary entries 

Leave a Reply