What the QMPs Are and Where They Come From
ISO 9000:2015 (the vocabulary and fundamentals standard that accompanies ISO 9001) defines seven Quality Management Principles (QMPs). These principles represent the distilled consensus of decades of quality management practice — both industrial and service. They are not requirements in the audit sense; an auditor cannot write a finding that the organization violates Principle 2. Rather, the principles are the philosophical foundation that explains why the normative requirements exist and how they should be interpreted.
An ISO 9001 auditor assesses whether the QMS demonstrates alignment with the principles. A QMS that meets all Clause 4–10 requirements literally but violates the principles is technically compliant but is likely to fail the audit on broader quality culture and effectiveness grounds.
Principle 1: Customer Focus
The first principle is that an organization achieving sustained success focuses on meeting customer needs and expectations — present and future. This principle explains why Clause 8.2 (Customer Focus) requires the organization to determine customer requirements, communicate them, and confirm that the organization understands them before design or production begins.
Customer focus is often misunderstood as customer service. In the QMS context, it means the organization's processes and controls are designed to ensure that products and services consistently meet what customers need — not what the organization prefers to produce. A common failure is QMSs that focus intensively on internal process metrics (e.g., on-time delivery, defect rates) but do not measure whether customers are actually satisfied.
In the Indonesian context, customer focus intersects with government procurement quality requirements (LKPP). Organizations supplying to government must understand government quality expectations — not just technical specifications — and ensure processes consistently deliver to those expectations.
Principle 2: Leadership
ISO 9001:2015 shifted from the 2008 version's "Management Representative" model to one requiring active top management engagement. Genuine leadership means that the organization's most senior management actively leads, sponsors, and governs the QMS. This is one of the principles most commonly violated in practice.
What does genuine leadership look like? The quality policy is not a generic statement filed in a procedure manual; it is a directive that shapes resource allocation and decision-making. Management reviews are not rubber-stamp meetings; they are governance sessions where the most senior leadership discusses QMS performance, reviews audit findings, and makes decisions about improvement. When the organization identifies a major nonconformity, top management is personally engaged in understanding and correcting the root cause.
| Leadership Indicator | Genuine Commitment | Nominal Commitment |
|---|---|---|
| Quality policy | Sets measurable direction; reviewed annually with strategic context | Generic statements; unchanged for years |
| Management review | Active governance decision-making; leader-led; drives resource decisions | Rubber-stamping reports; delegated to QA; no decisions made |
| Resource allocation | QMS resources approved and monitored; QMS staff trained and empowered | QMS underfunded; QA staff overloaded; no training budget |
| Nonconformity response | Personal engagement on major failures; investigation and root cause owned by leadership | Delegated entirely to QA; leadership not engaged |
| Process improvement | Leadership-sponsored improvement initiatives; resources allocated to high-value improvements | Improvements pursued only when auditors require them |
Principle 3: Engagement of People
The organization achieves sustained success because its people at all levels understand the importance of quality and are engaged in fulfilling the organization's quality objectives. This principle explains why Clause 7.2 requires demonstrated competence — not just training records — and why Clause 8.1 requires awareness of quality policy.
The gap between training records and genuine competence is where many QMSs fail on this principle. An organization may have perfect training records documenting that every operator attended a three-hour course, but if operators cannot apply that training in their actual work, competence is not demonstrated. Similarly, awareness of quality policy requires that staff understand how their work contributes to quality — not simply that they have read a statement.
Creating genuine quality engagement in the Indonesian organizational context presents cultural challenges. Organizations with hierarchical structures and limited psychological safety may find that staff do not surface quality issues for fear of blame. Building a quality culture where issues are surfaced early requires explicit leadership commitment to non-blame investigation and improvement.
Principle 4: Process Approach
Sustained organizational success is achieved by managing and controlling interrelated processes as a system. This principle is ISO 9001:2015's most distinctive methodological contribution and reflects a shift from functional management (where each department owns its activities) to process management (where cross-functional processes are owned and measured).
The process approach means that instead of managing through departments, the organization identifies end-to-end processes (e.g., "Order to Cash," "Design to Release," "Supplier Quality") and assigns each a process owner. The process owner is accountable for defining the process, documenting it, training people to execute it, monitoring its performance, and improving it. This is a significant cultural change for organizations that have historically operated through functional silos.
The turtle diagram is the preferred tool for documenting processes in a way that ISO auditors recognize. The turtle diagram captures the inputs, outputs, process steps, people and competence required, resources and infrastructure, procedures and controls, and key performance indicators for each process.
Principle 5: Improvement
An organization achieving sustained success is focused on continual improvement. This principle explains why Clauses 10.2 and 10.3 require corrective action (responding to nonconformities) and continual improvement initiatives. But it goes deeper than the requirements: it speaks to a mindset where the organization views every failure as a learning opportunity and pursues improvement as an ongoing discipline.
Principle 6: Evidence-Based Decisions
Decisions based on the analysis and evaluation of data and information are more likely to produce desired results. This principle requires the organization to collect KPI data on QMS performance, analyze that data, and use the results to make actual decisions about the QMS — including management review decisions about resource allocation and improvement priorities.
Principle 7: Relationship Management
The organization achieves sustained success by managing relationships with relevant interested parties — especially suppliers. This principle explains why Clause 8.4 requires supplier evaluation, selection, and ongoing performance monitoring. A supplier is not approved once and then forgotten; supplier performance is monitored continuously and used to inform re-qualification and improvement decisions.
| Principle | Core Mechanism | ISO 9001 Clause | Common Failure Mode |
|---|---|---|---|
| Improvement | Nonconformity → root cause → corrective action → verification | 10.2, 10.3 | Fixing symptoms, not causes; no improvement culture |
| Evidence-Based Decisions | Data collection → analysis → management review → decisions | 9.1, 9.3 | KPIs collected but not used; decisions made without data |
| Relationship Management | Supplier evaluation, performance monitoring, communication | 8.4 | Supplier approval done once; performance never reviewed |
Applying the Principles in Indonesian Organizations
The organizational culture challenges to implementing each principle genuinely in the Indonesian context are significant. Organizations with hierarchical decision-making structures may struggle with the process approach, which requires shared accountability across departments. Organizations where leaders are not accustomed to evidence-based decision-making may find that KPI data is collected but not used. Organizations with limited psychological safety may find that staff do not surface quality issues.
The common gap between documented QMS and actual quality culture is often largest around the principles. An organization may have perfect documentation of processes, controls, and procedures but demonstrate no real customer focus, no genuine leadership engagement, and no improvement culture. The audit will reveal this when the auditor interviews staff, observes processes, and examines records of management decisions.
| KEY IDEA | The Seven Quality Management Principles are not a checklist to satisfy — they are the lens through which ISO 9001 auditors assess whether your QMS is genuine or superficial. A QMS that has all the right documents but demonstrates no customer focus, no leadership engagement, and no improvement culture will generate major audit findings even if every documented requirement is technically met. |
| IMPORTANT | Principle 4 (Process Approach) is often the hardest to implement genuinely in Indonesian organizations that have historically operated through functional silos. The process approach requires cross-functional process ownership, which means quality accountability crosses departmental boundaries. This is a cultural change, not just a documentation exercise. |
| BITLION INSIGHT | In Bitlion GRC's experience implementing QMSs across Indonesian organizations, Principle 6 (Evidence-Based Decision Making) is the principle most commonly misapplied. Organizations collect KPI data but do not use it to make actual decisions at management review. Transforming management review from a compliance formality into a genuine governance session that changes resource allocation and quality objectives is the single biggest value unlock from ISO 9001. |