International Organization for Standardization

International Accreditation Forum

Date:

5 June 2009

ISO 9001 Auditing Practices Group

Guidance on:
Scope of ISO 9001,
Scope of Quality Management System (QMS)
and the Scope of Registration/Certification
The scope of ISO 9001 is given in clause 1 Scope, and defines the scope of the standard
itself.
This should not be confused with the scope of the QMS, which is a term commonly used to
describe the organizations processes, products (and /or services), and related sites,
departments, divisions etc., to which the organization applies a formal QMS. (Note, this does
not necessarily include all the processes, products, sites, departments, or divisions etc. of
the organization).
The scope of the QMS should be based on the nature of the organization's products and
their realization processes, the result of risk assessment, commercial considerations, and
contractual, statutory and regulatory requirements.
While ISO 9001 is generic and is applicable to all organizations (regardless of their type, size
or product category), under certain circumstances, an organization may exclude complying
with some specific ISO 9001 requirements (from clause 7), while being permitted to claim
conformity to the standard. This is because it has been recognized that not all the
requirements in this clause of the standard are relevant to all organizations. ISO 9001 itself
makes allowance for such situations, through clause 1.2 Application.
Consequently, the scope of registration/certification encompasses the scope of the
QMS, as well as describing any excluded ISO 9001 requirements.
As the terms scope of the QMS and scope of registration/certification are often used
interchangeably, this can lead to confusion when a customer or end user is trying to identify
what parts of an organization have been registered/certified to ISO 9001, what product lines
or processes are covered by the QMS, or what ISO 9001 requirements have been excluded.
In order to dissipate such confusion and to enable identification of what has been
registered/certified, the scope of registration/certification should clearly define:
- the scope of the QMS (including details of the product lines and related sites, departments,
divisions etc. that are covered by it),

ISO & IAF 2009 All rights reserved

www.iaf.nu; www.iso.org/tc176/ISO9001AuditingPracticesGroup

1 of 3

- the organization's main processes for its product realisation or service delivery activities
(such as design, manufacture and delivery), for the product lines that are covered,
- any ISO 9001 requirement that has been excluded
(It should be noted that the scope of registration/certification is not the same as the
certificate that is awarded to the organization after successful demonstration of conformity
to ISO 9001. The certificate will usually include a synthesized description of the scope of
registration/certification, but not the details of the ISO 9001 requirements that have been
excluded; however, it may include a note to refer to the fact that the exclusions are detailed
in the organization's Quality Manual.)
It is essential that a scope of registration/certification be drafted by the organization prior to
applying for registration/certification. This should then be analysed by the CRB during the
Stage 1 audit, for appropriate planning of the Stage 2 audit (see the guidance on The need
for a 2-stage approach to auditing).
It is responsibility of the auditor:
- to ensure that the final statement of the scope of registration/certification is not misleading;
- to verify that this scope only refers to the processes, products, sites, departments, or
divisions etc. of the organization that were assessed during the registration/ certification
audit; and
- to verify that this scope defines any excluded requirements from ISO 9001, and that
justification for such exclusions is provided and is reasonable.
As an additional measure to combat potential confusion among customers and end users,
the scope of registration/certification should be clearly defined in the organisation's Quality
Manual and any publicly available documents (this includes, for example promotional and
marketing material).
However, promotional statements should never be included in the scope of registration/
certification itself.
ISO/TC 176/SC 2 has developed document N524 the ISO 9000 Introduction and Support
Package: Guidance on ISO 9001, Sub-clause 1.2 'Application' to provide users with
information regarding the intent of ISO 9001:2000 clause 1.2 Application, including some
typical examples of its use in practical situations. (N524 is available for free download from
www.iso.org./tc176/sc2). Additionally, the IAF has published its IAF Guidance on the
Application of ISO 9001:2000, Issue 2, which should also be referenced.

For further information on the ISO 9001 Auditing Practices Group, please refer to the paper:
Introduction to the ISO 9001 Auditing Practices Group
Feedback from users will be used by the ISO 9001 Auditing Practices Group to determine
whether additional guidance documents should be developed, or if these current ones should
be revised.
Comments on the papers or presentations can be sent to the following email address:
[email protected] .

ISO & IAF 2009 All rights reserved

www.iaf.nu; www.iso.org/tc176/ISO9001AuditingPracticesGroup

2 of 3

The other ISO 9001 Auditing Practices Group papers and presentations may be downloaded
from the web sites:

www.iaf.nu
www.iso.org/tc176/ISO9001AuditingPracticesGroup
Disclaimer
This paper has not been subject to an endorsement process by the International
Organization for Standardization (ISO), ISO Technical Committee 176, or the International
Accreditation Forum (IAF).
The information contained within it is available for educational and communication purposes.
The ISO 9001 Auditing Practices Group does not take responsibility for any errors,
omissions or other liabilities that may arise from the provision or subsequent use of such
information.

ISO & IAF 2009 All rights reserved

www.iaf.nu; www.iso.org/tc176/ISO9001AuditingPracticesGroup

3 of 3