VZK - Quality management and quality assurance

This document outlines guidance for the management of internships to enable host organizations to consistently offer and enhance internship experiences aligned with intended learning outcomes.

This document provides guidance to organizations on how to identify, assess, resolve and monitor conflict of interest based on the principles of trust, integrity, transparency and accountability.
The guidance in this document is generic and intended to be applicable to all organizations, regardless of type, size and nature of activity and whether in the public, private or not-for-profit sectors. It distinguishes between actual, apparent and potential conflict of interest.

This document gives guidance on the application of ISO 9001:2015 in police organizations.
This document can assist a police organization to demonstrate its ability to consistently provide products and services that meet expectations of interested parties as well as applicable statutory and regulatory requirements. This document can assist a police organization in the satisfaction of interested parties.
This document does not provide definitive interpretations of ISO 9001.  
This document is applicable to police organizations of all types, sizes, maturity level service and geographic location (e.g. police stations, border crossings, correctional facilities, civil defence).

This document gives guidance on how to promote and implement gender equality and women’s empowerment. It provides guidelines for organizations to develop the capabilities to achieve a culture of gender equality and women’s empowerment. The guidelines include the framework, resources, policies, tools and good practices for contextualizing, promoting and implementing gender equality.
This document focuses on the inequality resulting from the gender specific roles assigned to women, girls, men and boys and is applicable to all types of organizations (public or private), regardless of their size, location or field of activity.
This document does not address the specific aspects of relations with labour unions or work councils, nor the country-specific regulations and compliance relating to gender diversity.

This document provides guidance for the determination and development of competencies necessary to achieve an organization's compliance management system objectives. It provides guidance for establishing the adequate level of competencies of certain internal functions and third parties.
This document is applicable to all organizations regardless of the type, size and nature of the activity, as well as whether the organization is from the public, private or non-profit sector.
This document does not add to, change or otherwise modify requirements for compliance management system or any other standards.

This document specifies requirements and provides guidance for a management system for educational organizations (EOMS) when such an organization:
a) needs to demonstrate its ability to support the acquisition and development of competence through teaching, learning or research;
b) aims to enhance satisfaction of learners, other beneficiaries and staff through the effective application of its EOMS, including processes for improvement of the system and assurance of conformity to the requirements of learners and other beneficiaries.
All requirements of this document are generic and intended to be applicable to any educational organization that uses a curriculum to support the development of competence through teaching, learning, training or research, regardless of the type, size or method of delivery.
This document can be applied to educational organizations within larger organizations whose core business is not education, such as professional training departments.
This document also provides guidance for the use of a EOMS.
This document does not apply to organizations that only produce or manufacture educational products.

This document establishes principles and an evaluation indicator framework for assessing the effectiveness of a compliance management system. This includes evaluation criteria for specified indicators. This document also provides guidance as well as suggestions on the evaluation model.
The guidance provided in this document aims to support the monitoring, measurement, analysis and evaluation of a compliance management system. It aims to support management review of the compliance management system to foster continual improvement. It does not add to, change or otherwise modify requirements for compliance management systems or any other standards.
This document is applicable to the activities for evaluating the effectiveness of the compliance management system in all organizations, regardless of the type, size and nature, including organizations from the public, private or non-profit sector.

This document provides guidance for organizations for the development, implementation and maintenance of an effective fraud control management system (FCMS). This includes fraud prevention, early detection of fraud and effective response to fraud events that have occurred or can occur in the future.
The document provides guidance for managing the risk of fraud, including:
a) internal fraud against the organization;
b) external fraud against the organization;
c) internal fraud in collaboration with business associates or other third parties;
d) external fraud in collaboration with the organization’s personnel;
e) fraud by the organization or by persons purporting to act on behalf of and in the interests of the organization.
This document is applicable to all organizations, regardless of type, size, nature of activity and whether in the public or private, profit or not-for-profit sectors. It is not intended to assist consumers in preventing, detecting or responding to what is generally termed "consumer fraud".

This document specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be stand-alone or can be integrated into an overall management system. This document addresses the following in relation to the organization's activities:
— bribery in the public, private and not-for-profit sectors;
— bribery by the organization;
— bribery by the organization's personnel acting on the organization's behalf or for its benefit;
— bribery by the organization's business associates acting on the organization's behalf or for its benefit;
— bribery of the organization;
— bribery of the organization's personnel in relation to the organization’s activities;
— bribery of the organization's business associates in relation to the organization’s activities;
— direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party).
This document is applicable only to bribery. It sets out requirements and provides guidance for a management system designed to help an organization to prevent, detect and respond to bribery and comply with anti-bribery laws and voluntary commitments applicable to its activities.
The requirements of this document are generic and are intended to be applicable to all organizations (or parts of an organization), regardless of type, size and nature of activity, and whether in the public, private or not-for-profit sectors. The extent of application of these requirements depends on the factors specified in 4.1, 4.2 and 4.5.
NOTE 1 See Clause A.2 for guidance.
NOTE 2 The measures necessary to prevent, detect and mitigate the risk of bribery by the organization can be different from the measures used to prevent, detect and respond to bribery of the organization (or its personnel or business associates acting on the organization's behalf). See A.8 for guidance.

This document gives guidance on managing risk for youth and school trips for both domestic and international travel with specific attention to minors.
This document is applicable to any organization, institution or group that provides activities, visits or trips for children and youth outside of their usual place of operation. These include, but are not limited to:
— educational institutions (schools, colleges and universities);
— children’s homes (including foster care provision);
— residential tutorial centres (summer schools and language colleges);
— community-based youth groups (scouts, guides, cadet units and youth clubs);
— faith-based groups;
— youth sports clubs;
— youth arts clubs (music, drama, painting and literature);
— adventurous activity centres (day visits and residential);
— commercial and non-commercial providers of visits abroad (offshore sailing, cultural tours, sports, community projects, adventure activities and expeditions);
— tourist attractions, tour operators and other service providers.
This document is applicable to trips of any duration, from day trips visiting local points of interest to months-long trips to other continents. These trips can be for purposes such as excursions, fieldwork, expeditions and adventurous or cultural activities undertaken for educational, research, training or recreational purposes.  
This document is applicable any sort of travel under the auspices of an organization, be it one person travelling for an internship or dozens travelling for a sporting match.
This document is applicable to the physical movement between locations, as well as to the events and activities associated with the objectives of the trip.
This document provides good practices to address typical risks arising from activities related to trips. It also includes guidance for creating an emergency response plan.
This document does not apply to groups of vulnerable adults per se. However, some aspects of the guidance can also be relevant to the management of trips for vulnerable adults.
This document does not apply to situations such as minors travelling with their families, as well as how to organize such trips.
This document does not apply to virtual travel, although some parts of it can be relevant.

This document provides guidance to governing bodies on how to approach the development and use of indicators in their governing activities.
This document is primarily written for use by governing bodies, it is also written to be of relevance to a range of other stakeholders inside and outside of the organization to help them improve the quality of the information on which they assess and make decisions regarding the organization’s governance.
It is applicable to all organizations regardless of type, size, location, structure or purpose. This document does not cover indicators of effective governance.

This document gives guidance on the selection and application of tools that can be used in a quality management system to:
a) characterize a process or a variable;
b) facilitate problem solving;
c) highlight areas for improvement;
d) improve effectiveness.

This document gives guidance regarding how organizations can establish monitoring, measurement, analysis and evaluation processes, including the development of relevant indicators for the assessment of occupational health and safety (OH&S) performance. It enables organizations to determine if intended results are being achieved, including continual improvement of OH&S performance.
This document is applicable to all organizations regardless of type, industry sector, level of risk, size or location. It can be used independently or as part of OH&S management systems, including those based on ISO 45001:2018, or other standards or guidelines.

This document gives guidelines for organizations on how to prevent or control exposure to infectious agents at the workplace and manage the risks associated with infectious diseases that:
— present a risk of severe ill health or death and can impact the health, safety and well-being of workers and other relevant interested parties;
— present a lower risk to health yet have a significant impact on the organization, its workers and other relevant interested parties.
This document is applicable to organizations of all sizes and sectors.
NOTE This document does not provide comprehensive guidance to those parts of an organization that implement mandated infection controls such as hospitals and medical or biological laboratories because there is an inherent potential for exposure to infectious diseases. Applicable legislation and guidance are provided by government, regulators and health authorities for specific infection controls for the protection of workers in such settings and for work activities on or with pathogenic microorganisms.

This document defines the rules applicable to the audit and certification of educational organization management systems (EOMS) conforming to the requirements given in ISO 21001 (or other sets of specified EOMS requirements). It also provides the necessary information and confidence to customers about the way certification of their suppliers has been granted.
Certification of EOMS is a third-party conformity assessment activity (as described in ISO/IEC 17000:2020, 4.5), and bodies performing this activity are third-party conformity assessment bodies.
NOTE 1 This document can be used as a criteria document for the accreditation or peer assessment of certification bodies which seek to be recognized as being competent to certify that an EOMS conforms to ISO 21001. It is also intended to be used as a criteria document by regulatory authorities and industry consortia which engage in direct recognition of certification bodies to certify that an EOMS conforms to ISO 21001. Some of its requirements could also be useful to other parties involved in the conformity assessment of such certification bodies, and in the conformity assessment of bodies that undertake to certify the compliance of EOMS with criteria additional to, or other than, those in ISO 21001.
NOTE 2 Certification of an EOMS according to ISO 21001 is a management system certification, not a product certification.
NOTE 3 ISO 21001 is a standalone management system standard, not a sector application of ISO 9001.

This document gives guidance on managing emerging risks that an organization can face. This document complements ISO 31000.  
This document is applicable to any organization, at any stage and to any activity of the organization. Its application can be customized to suit different organizations or the context of different organizations.

This document gives guidance on evaluating the establishment of governance conditions and on the application of governance principles with consideration for the ISO 37000 key aspects of practice. It sets out the concept of governance maturity and its measurement and provides a governance maturity measurement framework, associated governance maturity scale and a governance maturity model.
This document is applicable to all types and sizes of organizations no matter their location.

ISO 45001:2018 specifies requirements for an occupational health and safety (OH&S) management system, and gives guidance for its use, to enable organizations to provide safe and healthy workplaces by preventing work-related injury and ill health, as well as by proactively improving its OH&S performance.
ISO 45001:2018 is applicable to any organization that wishes to establish, implement and maintain an OH&S management system to improve occupational health and safety, eliminate hazards and minimize OH&S risks (including system deficiencies), take advantage of OH&S opportunities, and address OH&S management system nonconformities associated with its activities.
ISO 45001:2018 helps an organization to achieve the intended outcomes of its OH&S management system. Consistent with the organization's OH&S policy, the intended outcomes of an OH&S management system include:
a)    continual improvement of OH&S performance;
b)    fulfilment of legal requirements and other requirements;
c)    achievement of OH&S objectives.
ISO 45001:2018 is applicable to any organization regardless of its size, type and activities. It is applicable to the OH&S risks under the organization's control, taking into account factors such as the context in which the organization operates and the needs and expectations of its workers and other interested parties.
ISO 45001:2018 does not state specific criteria for OH&S performance, nor is it prescriptive about the design of an OH&S management system.
ISO 45001:2018 enables an organization, through its OH&S management system, to integrate other aspects of health and safety, such as worker wellness/wellbeing.
ISO 45001:2018 does not address issues such as product safety, property damage or environmental impacts, beyond the risks to workers and other relevant interested parties.
ISO 45001:2018 can be used in whole or in part to systematically improve occupational health and safety management. However, claims of conformity to this document are not acceptable unless all its requirements are incorporated into an organization's OH&S management system and fulfilled without exclusion.

This document specifies requirements for distance learning services not specified in ISO 29993.
It is applicable to any distance learning services that are addressed to learners themselves as well as to sponsors who are acquiring the services on behalf of the learners.
In cases where the distance learning services are provided by an organization that delivers other methods of learning services, this document only applies to distance learning services.

This document gives guidelines for managing psychosocial risk within an occupational health and safety (OH&S) management system based on ISO 45001. It enables organizations to prevent work-related injury and ill health of their workers and other interested parties, and to promote well-being at work.
It is applicable to organizations of all sizes and in all sectors, for the development, implementation, maintenance and continual improvement of healthy and safe workplaces.
NOTE When the term “worker” is used in this document, worker representatives, where they exist, are always implied.

This document gives guidance on the establishment, implementation, maintenance and continual improvement of an occupational health and safety (OH&S) management system that can help organizations conform to ISO 45001:2018.
NOTE 1 While the guidance in this document is consistent with the ISO 45001:2018 OH&S management system model, it is not intended to provide interpretations of the requirements in ISO 45001.
NOTE 2 The use of the term “should” in this document does not weaken any of the requirements in ISO 45001:2018 or add new requirements.
NOTE 3 For most of the clauses in this document, there are real-life cases on how different types of organizations have implemented the requirements. These are not intended to suggest the only or best way to do this, but to describe one way this was done by an organization.

This document specifies requirements for language-learning services. These include any language-learning services that are addressed to language learners themselves as well as to interested parties who are acquiring the services for the benefit of learners. The key features of any such service are that the goals of learning are defined and evaluated, and that it involves interaction with the learner. The instruction may be delivered face-to-face, be mediated by technology or be a blend of both.
In cases where the language-learning services are provided by an organization that delivers products (goods and services) or other learning services in addition to language-learning services, this document only applies to language-learning services.

This document specifies processes that can be used to govern, manage and implement organizational change management (OCM) for organizations, projects or smaller activities. It comprises generic process descriptions that describe the OCM processes. Supporting diagrams describing the processes are also provided.
This document is applicable, but not limited, to change sponsors, change agents, change team members and project managers, particularly those responsible for governing, managing and implementing organizational change.

This document gives guidance on planning, designing, developing, implementing, maintaining and improving an effective and efficient business-to-consumer electronic commerce transaction (B2C ECT) system within an organization.
It is applicable to any organization engaged in, or planning to be engaged in, a B2C ECT, regardless of size, type and activity. The focus of this document is on organizations that directly offer and provide products and services to consumers.
This document aims to enable organizations to set up a fair, effective, efficient, transparent and secure B2C ECT system, in order to enhance consumers’ confidence in B2C ECTs and increase the satisfaction of consumers. It is aimed at B2C ECTs concerning consumers as a sub-set of customers.
The guidance given in this document can complement an organization’s quality management system.

This document gives guidance on the evaluation, development and improvement of organizational quality culture to help an organization to achieve sustained success. This document takes into account the fundamental concepts and quality management principles, with specific focus on people engagement and leadership.
The recommendations in this document are generic and are intended to be applicable to any organization, regardless of its size, industry, location, maturity or the products and services it provides.
NOTE This document provides example tools for the evaluation of organizational quality culture by self-assessment to determine quality culture maturity and potential for improvement

This document gives guidelines for establishing, implementing and maintaining an effective whistleblowing management system based on the principles of trust, impartiality and protection in the following four steps:
a) receiving reports of wrongdoing;
b) assessing reports of wrongdoing;
c) addressing reports of wrongdoing;
d) concluding whistleblowing cases.
The guidelines of this document are generic and intended to be applicable to all organizations, regardless of type, size, nature of activity, and whether in the public, private or not-for profit sectors.
The extent of application of these guidelines depends on the factors specified in 4.1, 4.2 and 4.3. The whistleblowing management system can be stand-alone or can be used as part of an overall management system.

This document gives guidance on the governance of organizations. It provides principles and key aspects of practices to guide governing bodies and governing groups on how to meet their responsibilities so that the organizations they govern can fulfil their purpose. It is also intended for stakeholders involved in, or impacted by, the organization and its governance.
It is applicable to all organizations regardless of type, size, location, structure or purpose.

This document gives guidelines for the selection of appropriate statistical techniques that can be useful
to an organization, irrespective of size or complexity, in developing, implementing, maintaining and
improving a quality management system in conformity with ISO 9001:2015.
This document does not provide guidance on how to use the statistical techniques.

This document gives guidelines for realizing financial and economic benefits by applying a top-down structured approach to achieving financial and economic benefits. The structured approach uses the quality management principles and quality management system described in the ISO 9000 family of management system standards to:
a) monitor and manage trends in key performance metrics;
b) take improvement action based on the observed metrics.
This document is directed specifically to the top management of an organization.
This document is applicable to any organization, whether from the public, private or not-for-profit sector, regardless of its business model, revenue, number of employees, diversity of product and service offerings, organizational culture, complexity of processes, place or number of locations.
This document complements ISO 9001:2015 and ISO 9004:2018 for performance improvements and provides examples of achievable benefits from the application of concepts in those standards. This document identifies associated practical management methods and tools to assist in realizing the benefits.

This document specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining and improving an effective compliance management system within an organization.
This document is applicable to all types of organizations regardless of the type, size and nature of the activity, as well as whether the organization is from the public, private or non-profit sector.
All requirements specified in this document that refer to a governing body apply to top management in cases where an organization does not have a governing body as a separate function.

This document gives guidance for the development and maintenance of the documented information necessary to support an effective quality management system, tailored to the specific needs of the organization.
This document can also be used to support other management systems, e.g. environmental or occupational health and safety management systems.

ISO 26000:2010 provides guidance to all types of organizations, regardless of their size or location, on:
       concepts, terms and definitions related to social responsibility;
       the background, trends and characteristics of social responsibility;
       principles and practices relating to social responsibility;
       the core subjects and issues of social responsibility;
       integrating, implementing and promoting socially responsible behaviour throughout the organization and, through its policies and practices, within its sphere of influence;
       identifying and engaging with stakeholders; and
       communicating commitments, performance and other information related to social responsibility.
ISO 26000:2010 is intended to assist organizations in contributing to sustainable development. It is intended to encourage them to go beyond legal compliance, recognizing that compliance with law is a fundamental duty of any organization and an essential part of their social responsibility. It is intended to promote common understanding in the field of social responsibility, and to complement other instruments and initiatives for social responsibility, not to replace them.
In applying ISO 26000:2010, it is advisable that an organization take into consideration societal, environmental, legal, cultural, political and organizational diversity, as well as differences in economic conditions, while being consistent with international norms of behaviour.
ISO 26000:2010 is not a management system standard. It is not intended or appropriate for certification purposes or regulatory or contractual use. Any offer to certify, or claims to be certified, to ISO 26000 would be a misrepresentation of the intent and purpose and a misuse of ISO 26000:2010. As ISO 26000:2010 does not contain requirements, any such certification would not be a demonstration of conformity with ISO 26000:2010.
ISO 26000:2010 is intended to provide organizations with guidance concerning social responsibility and can be used as part of public policy activities. However, for the purposes of the Marrakech Agreement establishing the World Trade Organization (WTO), it is not intended to be interpreted as an “international standard”, “guideline” or “recommendation”, nor is it intended to provide a basis for any presumption or finding that a measure is consistent with WTO obligations. Further, it is not intended to provide a basis for legal actions, complaints, defences or other claims in any international, domestic or other proceeding, nor is it intended to be cited as evidence of the evolution of customary international law.
ISO 26000:2010 is not intended to prevent the development of national standards that are more specific, more demanding, or of a different type.

This document gives guidelines for engaging people in an organization's quality management system and on enhancing their involvement and competence within it.
This document is applicable to any organization, regardless of its size, type or activity.

This document gives guidelines for an organization to establish, implement, maintain and improve systems for competence management and people development to positively affect outcomes related to the conformity of products and services and the needs and expectations of relevant interested parties.
This document is applicable to all organizations regardless of their type or size. It does not add to, change or otherwise modify requirements for the ISO 9000 family or any other standards.

This International Standard specifies requirements for a quality management system when an organization:
a) needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, and
b) aims to enhance customer satisfaction through the effective application of the system, including processes for improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.
All the requirements of this International Standard are generic and are intended to be applicable to any organization, regardless of its type or size, or the products and services it provides.
NOTE 1 In this International Standard, the terms "product" or "service" only apply to products and services intended for, or required by, a customer.
NOTE 2 Statutory and regulatory requirements can be expressed as legal requirements.
This document gives guidelines for local governments on understanding and implementing a quality management system that meets the requirements of ISO 9001:2015, in order to meet the needs and expectations of their customers/citizens and all other relevant interested parties by consistently providing them with products and services.
It promotes implementing a quality management system in a responsible and accountable manner, through the application of ISO 9001 on a comprehensive basis. These guidelines do not add, change or modify the requirements of ISO 9001.
It is applicable to all local government processes at all levels (i.e. strategical, tactical-managerial and operational) in order to constitute a comprehensive quality management system that focuses on the local government achieving its objectives. The comprehensive character of this system is essential to ensure that all the areas of the local government have a specified level of reliability (i.e. effectiveness of the processes).
Annex A, as a starting point for users of this document, gives a diagnostic methodology for local governments to evaluate the scope and maturity of their processes and products and services. Annex B gives the processes necessary to provide reliable products and services to customers/citizens.

ISO 20700:2017 provides guidelines for the effective delivery of management consultancy services.

This document specifies requirements for establishing, implementing, maintaining and improving an energy management system (EnMS). The intended outcome is to enable an organization to follow a systematic approach in achieving continual improvement of energy performance and the EnMS.
This document:
a)    is applicable to any organization regardless of its type, size, complexity, geographical location, organizational culture or the products and services it provides;
b)    is applicable to activities affecting energy performance that are managed and controlled by the organization;
c)    is applicable irrespective of the quantity, use, or types of energy consumed;
d)    requires demonstration of continual energy performance improvement, but does not define levels of energy performance improvement to be achieved;
e)    can be used independently, or be aligned or integrated with other management systems.
Annex A provides guidance for the use of this document. Annex B provides a comparison of this edition with the previous edition.

This document gives guidelines for an organization to plan, design, develop, operate, maintain and improve an effective and efficient dispute-resolution process for complaints that have not been resolved by the organization.  
This document is applicable to:
— complaints relating to the organization's products and services, the complaints-handling process or dispute-resolution process;
— resolution of disputes arising from domestic or cross-border business activities, including those arising from electronic commerce.
This document is intended for use by any organization regardless of its type or size, or the products and services it provides, and deals with:
— guidance on determining when and how organizations can participate in dispute resolution;
— guidance on the selection of providers and use of their services;
— top management involvement in, and commitment to, dispute resolution and deployment of adequate resources within the organization;
— the essentials for fair, suitable, transparent and accessible dispute resolution;
— guidance on management of an organization's participation in dispute resolution;
— monitoring, evaluating and improving the dispute-resolution process.
This document is particularly aimed at dispute resolution between an organization and
— individuals purchasing or using products and services for personal or household purposes, or
— small businesses.
This document does not apply to the resolution of other types of disputes, such as employment disputes. It does not apply to complaints handling within an organization.

This document gives guidelines for planning, designing, developing, implementing, maintaining and improving customer satisfaction codes of conduct.  
This document is applicable to product- and service-related codes containing promises made to customers by an organization concerning its behaviour. Such promises and related provisions are aimed at enhanced customer satisfaction. Annex A provides simplified examples of components of codes for different organizations.
NOTE Throughout this document, the terms "product" and "service" refer to the outputs of an organization that are intended for, or required by, a customer.
This document is intended for use by any organization regardless of its type or size, or the products and services it provides, including organizations that design customer satisfaction codes of conduct for use by other organizations. Annex C gives guidance specifically for small businesses.
This document is aimed at customer satisfaction codes of conduct concerning individual customers purchasing or using goods, property or services for personal or household purposes, although it is applicable to all customer satisfaction codes of conduct.
This document does not prescribe the substantive content of customer satisfaction codes of conduct, nor does it address other types of codes of conduct, such as those that relate to the interaction between an organization and its personnel, or between an organization and its suppliers.

This document provides guidance on auditing management systems, including the principles of auditing, managing an audit programme and conducting management system audits, as well as guidance on the evaluation of competence of individuals involved in the audit process. These activities include the individual(s) managing the audit programme, auditors and audit teams.
It is applicable to all organizations that need to plan and conduct internal or external audits of management systems or manage an audit programme.
The application of this document to other types of audits is possible, provided that special consideration is given to the specific competence needed.

This document gives guidelines for defining and implementing processes to monitor and measure customer satisfaction.
This document is intended for use by any organization regardless of its type or size, or the products and services it provides. The focus of this document is on customers external to the organization.
NOTE Throughout this document, the terms "product" and "service" refer to the outputs of an organization that are intended for, or required by, a customer.

This document gives guidelines for the process of complaints handling related to products and services within an organization, including planning, design, development, operation, maintenance and improvement. The complaints-handling process described is suitable for use as one of the processes of an overall quality management system.
NOTE Throughout this document, the terms "product" and "service" refer to the outputs of an organization that are intended for, or required by, a customer.
This document is intended for use by any organization regardless of its type or size, or the products and services it provides. It is also intended for use by organizations in all sectors. Annex B provides guidance specifically for small businesses.
This document addresses the following aspects of complaints handling:
a) enhancing customer satisfaction by creating a customer-focused environment that is open to feedback (including complaints), resolving any complaints received, and enhancing the organization's ability to improve its products and services, including customer service;
b) top management involvement and commitment through adequate acquisition and deployment of resources, including personnel training;
c) recognizing and addressing the needs and expectations of complainants;
d) providing complainants with an open, effective and easy-to-use complaints process;
e) analysing and evaluating complaints in order to improve the quality of products and services, including customer service;
f) auditing of the complaints-handling process;
g) reviewing the effectiveness and efficiency of the complaints-handling process.
This document does not apply to disputes referred for resolution outside the organization or for employment-related disputes.

This document gives guidelines for establishing, reviewing, accepting, applying and revising quality plans.
This document is applicable to quality plans for any intended output, whether a process, product, service, project or contract, and any type or size of organization.
It is applicable whether or not the organization has a management system in conformity with ISO 9001.
This document provides guidance and does not specify requirements.
It is focused primarily on the provision of outputs and is not a guide to the planning of quality management system development.
NOTE To avoid undue repetition of "process, product, service, project or contract", this document uses the term "specific case".