Step 1 – Roles & Responsibilities
The Roles & Responsibilities list template includes a list of standard roles such as Managing Director/CEO, HR Manager, Quality Manager, Environmental and Information Security Manager. You can easily tailor these to match your organisation or add new roles.
The guidance includes how to describe the responsibilities in terms of education, experience, training, and competence requirements. Internal and External communication columns include authorities on what and how information should be communicated.
Why you need to define roles and assign responsibility and authority for your ISO Management System (MS)
Clause 5.3 Organizational roles, responsibilities, and authorities of the ISO 9001:2015 Quality Management standard requires you to ensure that the responsibilities and authorities for relevant roles are assigned, communicated, and understood.
The ISO standard requires that top management assigns responsibility and authority for:
- Ensuring that the MS conforms to the requirements of ISO
- Ensuring that the processes are delivering their intended outputs
- Reporting on the performance of the MS and on opportunities for
Improvement
- Ensuring the promotion of customer focus throughout the organisation
- Ensuring that the integrity of the MS is maintained when changes are planned and implemented.
How the ISOvA software does 80% of the work for you
The three videos below show how the ISOvA software makes your life easier by handling 80% of the work involved in defining roles and responsibilities for your ISO Management System.
ISO 9001
ISO 14001
ISO 27001
The headings below are included within the ISOvA software template:
Title
The Title column includes a list of the most common organisational roles an auditor would expect to see in your MS including;
- Managing Director/CEO
- Quality, Environmental, H&S or Information Security Manager
- HR Manager
- Leadership Team
- Office Manager
- All staff
- IT Manager
- Information Security Manager
- Head of Facilities and OHS
Responsibility and Authority
This column describes the responsibilities related to the role and, when applicable, the authorities.
For example, the Quality Manager role could include:
- Ensuring that the MS fulfils the requirements of ISO.
- Monitoring the performance of the MS and reporting to top management.
- Promoting a customer focus
Competence Requirements
This column describes the competence requirements for the role in terms of education, experience and training.
For example, the Quality, Environmental, H&S or Information Security Manager role could include:
- Appropriate education
- Appropriate training and qualifications
- Experience – 1 Year
Internal Communications
List the internal interested parties that the role has the authority to communicate to.
For example, the Quality, Environmental, H&S or Information Security Manager's internal responsibility could include:
- Staff understand the Quality, Environmental, H&S or Information Security Policy
- Staff are aware of relevant objectives
- Top management is aware of the status of the management system
External Communications
List the external interested parties that the role has the authority to communicate to ensure the quality expectations are met, including:
- Suppliers understand the Standards expectations of their products and services
- Customer feedback, both positive and negative
- Certification bodies compliance with the standard
Next Step…
Having determined roles, responsibilities, and authorities for your ISO MS, you can now move to the next step:
Step Implementation Guides:
1: Roles & Responsibilities
2: Aims and objectives
3: Controls
4: SWOT Analysis
5: Interested Parties
6: Legal Register
7: Processes & Procedures
8: Key Performance Indicators
9: Risks & Opportunities
10: Audit Programme
If you would like a demo of the ISOvA (Risk Compliance Software and) Integrated Management System (IMS) software fill out our form below:
