The Check Phase of PDCA
The Plan-Do-Check-Act (PDCA) cycle is the structure of ISO 9001. Clauses 4-6 are the Plan phase. Clauses 7-8 are the Do phase. Clause 9 is the Check phase. Clause 10 is the Act phase. Clause 9 closes the Plan-Do loop and opens the Act loop by measuring whether the QMS is working as designed. Without effective performance evaluation in Clause 9, the QMS cannot improve; it becomes a static system disconnected from reality.
Clause 9 has three instruments for performance evaluation. Clause 9.1 requires monitoring, measurement, and analysis of QMS and process performance. Clause 9.2 requires internal audits of the QMS. Clause 9.3 requires management review of QMS effectiveness. Together, these three mechanisms provide feedback that drives improvement actions in Clause 10.
Clause 9.1: Monitoring, Measurement, Analysis and Evaluation
Clause 9.1 requires that the organization determines what to monitor and measure, how to monitor and measure, and when analysis and evaluation will occur. The organization must evaluate QMS performance and effectiveness, and determine what information to communicate and to whom.
The connection to Clause 6.2 (quality objectives) is direct. Whatever quality objectives the organization established must be monitored and measured to determine whether they are being achieved. If an objective is not measured, auditors will conclude it is not a serious organizational commitment.
| Performance Dimension | Measurement Approach | Frequency | Reporting Vehicle |
|---|---|---|---|
| Customer satisfaction | Customer satisfaction survey, complaint rate analysis, NPS measurement, retention rate | Quarterly | Management review presentation |
| Product/service conformity | Acceptance rate by product, defect rate, rework rate, first-pass yield | Monthly | Process performance dashboard, management review |
| Delivery performance | On-time delivery rate, lead time compliance, schedule adherence | Monthly | Operations dashboard, customer scorecard |
| Supplier performance | On-time delivery from suppliers, defect rate from suppliers, responsiveness | Monthly | Supplier scorecard, management review |
| QMS effectiveness | Quality objective achievement rate, corrective action closure rate, audit findings trends | Quarterly | Management review, quality dashboard |
| Process capability | Statistical control data, process capability indices where critical | Monthly | Process performance reports, SPC charts |
| Resource adequacy | Training completion rates, competence verification completion, equipment calibration status | Quarterly | Management review, HR reports |
Clause 9.1.2: Customer Satisfaction
Clause 9.1.2 explicitly requires monitoring customer perception of the organization's performance. This is distinct from quality metrics (defect rates, delivery performance) — it is about how customers perceive whether their needs are being met. The organization must determine what information to collect about customer satisfaction, the methods to collect it (typically surveys, interviews, or focus groups), the frequency of collection, and how to analyze and report the results.
The most common customer satisfaction measurement is a survey, either conducted internally or by a third party. The survey should measure satisfaction with product/service quality, responsiveness, delivery reliability, value for money, and any other dimensions relevant to the customer relationship. Net Promoter Score (NPS), customer satisfaction score (CSAT), and customer effort score (CES) are common metrics used in customer satisfaction measurement.
The critical requirement is that customer satisfaction data is actually reviewed and acted upon. If the survey is conducted but the results are not presented at management review or do not drive any improvements, the monitoring does not satisfy Clause 9.1.2.
Clause 9.2: Internal Audit
Internal audit is the systematic, independent examination of the QMS to determine whether it conforms to planned arrangements and whether it is effectively implemented and maintained. Clause 9.2 requires a planned internal audit program covering all QMS processes and Clause 8 operational requirements at planned intervals. The audit program must be documented, with defined audit criteria and scope.
Auditors must be competent and impartial — they cannot audit the processes for which they are responsible. Internal auditors should be trained to ISO 19011 competence requirements. When audit findings are identified, they must be communicated to relevant management, and corrective actions must be taken for nonconformities found.
| Audit Program Element | Requirement | Best Practice |
|---|---|---|
| Coverage | All QMS processes, Clause 8 operational requirements, at planned intervals | Risk-based scheduling: critical processes annually, lower-risk processes every 18-24 months |
| Auditor competence | Auditors competent and impartial; cannot audit own work | Trained internal auditors to ISO 19011 competence; rotate auditor assignments annually |
| Audit criteria and scope | Documented audit criteria and scope for each audit | Audit checklists developed from QMS procedures and compliance requirements |
| Audit frequency | Based on status and importance of processes | Risk-based approach: high-risk quarterly, medium-risk semi-annually, low-risk annually |
| Findings classification | Nonconformities and opportunities for improvement reported | Major NC, Minor NC, Observation, Opportunity for Improvement hierarchy |
| Corrective action | Corrective actions required for nonconformities | Root cause analysis; action addresses root cause, not just symptom |
| Records and follow-up | Audit records retained; nonconformity follow-up tracked to closure | Audit database with finding trends; effectiveness verification of corrective actions |
| Management communication | Audit results reported to responsible management and top management | Audit summary presented at management review; trend analysis included |
Clause 9.3: Management Review
Top management must review the QMS at planned intervals (typically quarterly or semi-annually) to ensure its continued suitability, adequacy, and effectiveness. The management review must include specific mandatory inputs: review of changes in external and internal issues, status of quality objectives and their achievement, process performance and product/service conformity status, effectiveness of corrective actions taken, internal audit results and any findings, supplier performance, customer feedback and complaints, and consideration of risks and opportunities.
The management review must produce outputs: opportunities for improvement in QMS processes, product/service delivery, or effectiveness; decisions on whether to make changes to the QMS; decisions on resource allocation; and decisions on whether to expand or reduce the scope of the QMS.
| Management Review Input | Minimum Content | Common Gap |
|---|---|---|
| QMS performance and trends | All quality objectives with trend data showing whether target is met; process KPI trends | One-time data point without trend analysis; no connection to business objectives |
| Customer satisfaction | Survey results with trend, complaint analysis, customer feedback, retention rates | Only complaint volume reported; no satisfaction survey; no trend analysis |
| Process performance | All major process KPIs with target comparison, trend analysis, nonconforming output data | Data listed without analysis of why performance is above/below target |
| Audit findings | All internal audit nonconformities, opportunities, trend analysis, root cause themes | Individual findings listed; no systemic analysis; unclear whether findings are addressed |
| Risk and opportunity review | Risk register with assessment of whether mitigation actions are effective | Not reviewed at management review; risks identified but not monitored |
| Resource adequacy | Assessment of whether resources are adequate for QMS objectives | Resource questions raised but not resolved; no documented management decision |
| Regulatory/external changes | Summary of regulatory changes, market changes, competitive changes affecting QMS | Changes discussed but no analysis of QMS implications; no actions identified |
| Improvement opportunities | Specific opportunities identified from audit, customer feedback, data analysis | Generic improvement aspirations without specific, actionable opportunities |
Making Management Review Effective
There is a critical difference between a compliance management review (checking the box to satisfy audit requirements) and a governance management review (actually using QMS data to make business decisions). A compliance review goes through the mandatory inputs, produces mandatory outputs, and generates a record. A governance review actually influences how the business is run.
To make management review effective: prepare data packages in advance so executives can pre-read before the meeting; keep the meeting focused on decisions, not just data reporting; have people present who can answer questions and make decisions; build time into the meeting for discussion and debate; document decisions and action items with owners and target dates; and most importantly, actually implement the decisions made.
Analysis and Evaluation: Turning Data into Insight
Clause 9.1.3 specifically requires that the organization conducts analysis and evaluation of monitoring and measurement data. This means more than just collecting data — it means analyzing what the data tells you about QMS performance. Methods for analysis include trend analysis (is performance improving or declining?), statistical process control (is the process in control?), benchmarking (how does our performance compare to industry standards or customer expectations?), and root cause analysis (why is performance not meeting target?).
| KEY IDEA | Customer satisfaction measurement (Clause 9.1.2) is not optional and cannot be replaced by monitoring complaint volumes. The standard requires monitoring how customers perceive the organization's performance. Complaints identify dissatisfied customers, but they miss satisfied customers who are quietly evaluating alternatives. A proactive satisfaction survey program is required for compliance and for getting accurate feedback about whether you are meeting customer needs. |
| IMPORTANT | The management review record is one of the most scrutinized documents in a certification audit. The record must evidence that mandatory inputs were reviewed, that the review produced specific outputs (improvements opportunities, resource decisions, QMS changes, risk actions), and that the decisions made were actually implemented. A management review with no action items is a red flag to auditors — it suggests the review is a compliance exercise, not a governance mechanism. |
| BITLION INSIGHT | Internal audit is the most commonly underinvested QMS activity in Indonesian organizations. Audits get cancelled due to operational pressure, are conducted by people who are not adequately trained, or result in findings that are never acted upon. A disciplined internal audit calendar with trained auditors, conducted according to ISO 19011 principles, that directly feeds findings into management review and corrective action process, is the difference between a living QMS and a certification exercise. Invest in auditor training and make audit scheduling non-negotiable. |