Clause 4.1 Context Of The Organisation(explained)



What is the Context of the Organization In ISO 9001?

To meet the requirements for this clause, evidence should demonstrate that your organization is reviewing both internal and external problems (context) at periodic intervals that might affect your business.

This is a management exercise that must be completed on a regular basis and should ideally also include representatives from the shop floor and even a new starter. The results of this exercise might be revealing and quite painful for some managers to accept especially if the results are linked to their area of responsibility.

Your organisation must approach this in a completely neutral, unbiased, and honest way in order for the exercise to be effective.

Questions that you should be asking yourself during this discussion might include:

  • How could the political environment affect us?
  • How might the economic environment affect us?
  • Are there any sociological issues such as strikes that might affect us?
  • Are we aware of technological issues such as cyber security threats?
  • Are there any changes to legislation such as those related to Brexit in the UK that might affect us?
  • Are there environmental issues such as storms of floods that might affect our logistics and harm the customer?

A management tool that can help to answer these questions is a PESTLE analysis.

What Is A PESTLE Analysis?

A PESTLE analysis is a management tool that is very effective at highlighting both the internal and external issues that can be affecting your organisation. The acronym PESTLE describes:

  • Political,
  • Economic,
  • Sociological,
  • Technological,
  • Legal
  • Environmental

The items listed can and will influence your organisation. The tool can be used in a range of different ways and can help guide top management to highlight the issues that might be affecting the business.

As mentioned earlier, to get the most benefit from this exercise it must be approached honestly and from a variety of perspectives. It’s wise to remember that the headings listed under a PESTLE analysis are never static, they are dynamic moving entities that can change on a daily basis. Realizing this, one can understand my recommendation to perform the exercise on a regular basis.

If you are in the habit of holding regular weekly, or monthly management meetings then I would recommend adding one of the PESTLE headings as an agenda item and rotate through the other headings during future meetings. If you hold an ‘official’ annual management review meeting then the results of the PESTLE analysis should also be discussed then.

It is a good idea to feed the output from your PESTLE analysis and use it as the input for a SWOT analysis.

How to Use A SWOT Analysis To Solve Internal & External Issues.

The acronym ‘SWOT’ stands for Strengths, Weaknesses, Opportunities, and Threats, and so a SWOT analysis is a tool for identifying and assessing how your organisation is able to deal with these issues. The ‘strengths’ and ‘weaknesses’ elements of a SWOT analysis are related to the internal aspects of who you are and what you do as a business.

A SWOT analysis is a tool that can help you identify the strengths that will enable you to fix the issues as highlighted by the PESTLE analysis for example:

1. The PESTLE analysis highlighted that you have been having issues at dealing with customer complaints.

2. Investigation revealed that a lack of awareness for training and an outdated customer complaints procedure is causing the problem.

3. Your SWOT analysis revealed that you have a very strong training department that deals with health, safety, and environmental issues but it has never been tasked to provide training in other areas of the business such as customer complaints.

4. A plan of action can now be implemented that might include:

  • A review and update of the customer complaints procedure
  • A plan for training the new procedure out to all those responsible for dealing with customer complaints.
  • A revised objective was included within the quality policy with linked targets for tracking progress.
  • New roles and responsibilities were created for maintaining progress against the targets.
  • A review of progress against the targets at monthly intervals.

The ‘opportunities’ and ‘threats’ part of a SWOT analysis are related to the external issues that can affect your business. A PESTLE analysis will also serve to highlight opportunities and threats from various environments and so the tools are a powerful combination when used together.

Your organization’s strengths are traits that allow you to operate more efficiently and effectively than your competitors.

Ask yourself:

  • What does our organization excel at?
  • What are the advantages of our company to customers against external entities, such as competitors?
  • What distinguishes our organization from its competitors?
  • Why should people do business with us?

The internal audit function should be used to highlight areas of the business that are weak and therefore need to be improved.

Consider asking:

  • What can be done to make things better?
  • What are the root causes of problems or complaints (data from root cause analysis)?
  • For the future, which competencies should be modified, strengthened, or evaluated?

Trends, conditions, or business conditions that can be exploited are examples of opportunities such as:

  • What has changed in terms of technology or markets?
  • What local and international events might be beneficial?
  • What has changed in terms of customer and society values?

Threats can be external or internal, and they are defined as anything that has the potential to negatively impact business or operations. External dangers could include the economy, new legislation, or even a new market competitor. A talent or staff shortfall within your organization could be a potential internal danger.

Consider the following scenario:

  • What are the potential stumbling blocks to continued operation?
  • Is there a chance that the company will face competition?
  • Who could be the new challenger?
  • Are there any staffing, product, service, or technology changes that could jeopardize our operations or business?

Examples of Organizational Issues in Context

  • External: international, national, regional, and local cultural, social, political, regulatory, financial, economic, natural, and competitive issues
  • Internal: operations, goods, services, strategic direction, and capabilities of the organization in terms of your knowledge base and personnel competencies and training.

You’ll need to figure out and comprehend the numerous internal and external challenges that are common in your organization and can have beneficial or negative consequences.

Internal and External Issues: How to Document Them

I recommend documenting any external and internal issues relevant to your organization’s operational purpose and strategic direction using a Context & Interested Parties Matrix document. Try to remember that the intended result for ISO 9001 should always be focused on preventing problems from affecting the customer. In the world of ISO 9001, the customer really is king.

You should describe the processes used by your organization to identify internal and external issues and make reference to all objective evidence, including examples of these issues, to assess whether your organization has a high-level, conceptual understanding of its internal and external issues that affect it, either positively or negatively, its ability to achieve the intended outcomes.

The Role of Leadership Relating To The Context of An Organisation

Top management needs to be leading the key exercises of PESTLE and SWOT analysis as the results will affect the strategic direction of the business. The headings under PESTLE are very important, so much so that responsibility should not be delegated down to middle management roles. Being able to demonstrate that you are performing both a PESTLE and SWOT analysis to an external 3rd party auditor will be music to their ears. Of course, you should also be able to demonstrate that you are acting upon the outputs from these exercises to enact continuous improvements.

How to Review and Track The Context Of Your Organisation

ISO 9001:2015 does not contain a requirement for you to document both your internal and external issues. However consider this, when a 3rd party auditor ask how you identify, evaluate and track progress on dealing with your internal and external issues, what will your answer be?

Being able to produce the results of the PESTLE and SWOT analysis will be very good evidence against this. Capturing your internal and external issues on a form that also contains timelines, progress against targets and responsibilities is something that I would encourage you to do.

The audit of clause 4.1 against the requirements for establishing the context of the organisation would normally involve an interview with top management. The type of evidence an auditor might want to pursue during this interview could include:

  • Plans for the strategic direction of the business
  • An analysis of internal issues, conducted using a SWOT analysis.
  • An analysis of external issues, conducted using a PESTLE analysis.
  • Progress against targets related to SWOT and PESTLE analysis
  • Action plans and goals for the continual improvement
  • The inclusion of issues related to the organisational context during management review meetings
  • Meetings’ minutes from management review
  • Diagrams such as Ishikawa fishbone and mind mapping etc.
  • How the organizational context relates to the quality policy

In Summary

To be compliant, evidence that your organization is reviewing all relevant internal and external issues at regular intervals should be obtained. Thinking about the context solely in terms of compliance to the standard would be a mistake. Regularly reviewing and discussing your organisation’s context is something that is key to making your business profitable and avoiding the pitfalls and dangers BEFORE they occur. It is always best to be proactive when considering threats to your organisation rather than reactive.

ISO 14001:2015

The requirements remain the same

Iso 45001

The requirements remain the same.

For Auditors

  • Ask top management how they have determined the context of the organisation
  • Investigate if top management is aware of their internal/external issues
  • Investigate if internal/external issues are discussed at management review
  • Investigate if risks and opportunities from internal/external issues are part of the continual improvement process


Other questions that I will answer in further articles:

  • What is context of organization in ISO 45001?
  • What is an example of a context?
  • How do you audit the context of an organisation?
  • Why do we need to establish a context in our organization?
  • How do you write a context?

References: www.iso.org

ISO 9000:2015

ISO 9002:2015

Please be kind, share and create a link back to this article.


(c) All content is copyrighted to ISO Training UK – All rights reserved 2022.

You cannot copy content of this page