If there is one clause in ISO 9001:2015 that separates organizations that merely hold a certificate from those that genuinely use their quality management system, it is Clause 9.1. Monitoring, measurement, analysis, and evaluation is the engine that converts raw process data into decisions — and auditors know it. After guiding more than 200 clients to certification with a 100% first-time audit pass rate, I can tell you with confidence: nonconformities in Clause 9.1 are among the most preventable, yet most common, findings in third-party audits.
This pillar guide covers everything you need to know — what the clause requires, how it is structured, common pitfalls, and exactly how to build a compliant, value-generating measurement system.
What Is ISO 9001 Clause 9.1?
Clause 9.1 sits within Section 9: Performance Evaluation of ISO 9001:2015. It is divided into three sub-clauses:
| Sub-Clause | Topic |
|---|---|
| 9.1.1 | General — What, how, when, and who monitors and measures |
| 9.1.2 | Customer satisfaction — Monitoring perceptions of customers |
| 9.1.3 | Analysis and evaluation — Turning data into actionable insight |
Together, these sub-clauses form the "Check" step of the Plan-Do-Check-Act (PDCA) cycle that underpins the entire standard. Without a functioning Clause 9.1, your corrective actions (Clause 10.2), management reviews (Clause 9.3), and continual improvement efforts (Clause 10.3) are operating in an evidence vacuum.
Why Clause 9.1 Matters More Than Most Organizations Realize
According to the ISO Survey of Management System Standard Certifications, over 1.1 million ISO 9001 certificates were active worldwide as of the most recent reporting cycle — making it the most widely adopted management system standard on the planet. Yet internal audit data consistently shows that Clause 9.1 generates a disproportionate share of major and minor nonconformities during surveillance and recertification audits.
The reason is straightforward: many organizations set up measurement processes to pass their initial certification audit, then allow those processes to become stale. Metrics stop being reviewed. Customer satisfaction surveys go unsent. Analysis that was once meaningful becomes a copy-paste exercise for management review packages. When a third-party auditor arrives and asks, "What did you do with this data?", the answer is often silence.
Organizations that treat Clause 9.1 as a living system — not a documentation exercise — consistently outperform peers on both audit outcomes and actual quality performance.
Clause 9.1.1 — General Requirements: The Four Critical Questions
ISO 9001:2015 Clause 9.1.1 requires your organization to determine:
- What needs to be monitored and measured
- The methods for monitoring, measurement, analysis, and evaluation needed to ensure valid results
- When the monitoring and measuring shall be performed
- When the results shall be analyzed and evaluated
This sounds deceptively simple. In practice, answering these four questions rigorously forces every department to confront whether it truly understands its own processes — and that is precisely the point.
What to Monitor and Measure
The standard does not prescribe a specific list of metrics — that is intentional. Instead, you must derive your measurement framework from your:
- Quality objectives (Clause 6.2)
- Process performance criteria (Clause 4.4)
- Risk and opportunity analysis (Clause 6.1)
- Customer and interested party requirements (Clauses 4.2 and 8.2)
A practical starting point is to map each quality objective to at least one leading indicator (predictive) and one lagging indicator (outcome-based). For example, a manufacturer targeting an on-time delivery objective might track production schedule adherence (leading) alongside on-time delivery rate (lagging).
Defining Valid Methods
Clause 9.1.1 specifically requires that methods produce valid results. This is a higher bar than simply collecting numbers. Valid results require:
- Calibrated or verified equipment where applicable (linked to Clause 7.1.5 on measuring resources)
- Consistent methodology — the same metric cannot mean different things in different periods
- Appropriate sampling and frequency — spot-checking a critical process once a year rarely produces valid insight
- Documented procedures that ensure repeatability regardless of who is performing the measurement
Timing: When to Measure and When to Evaluate
A frequently overlooked nuance is that the measurement cycle and the evaluation cycle are not necessarily the same. You may collect customer complaint data weekly but evaluate trends monthly. Both timings must be defined. Auditors will ask for evidence of both — and if your last evaluation predates the current audit by eighteen months, that is a finding.
Clause 9.1.2 — Customer Satisfaction: The Pulse of Your QMS
Customer satisfaction is the only metric explicitly required by name in ISO 9001:2015. Clause 9.1.2 mandates that your organization monitor customers' perceptions of the degree to which their needs and expectations have been met.
Note the word "perceptions." The standard is not satisfied by internal quality data alone. You must actively seek the customer's view, not assume it from defect rates or return data.
Acceptable Methods for Measuring Customer Satisfaction
ISO 9001:2015 Clause 9.1.2 provides a non-exhaustive list of methods, including:
| Method | Best Suited For |
|---|---|
| Customer surveys (NPS, CSAT, CES) | Broad customer bases, transactional relationships |
| Focused group discussions | Complex B2B relationships, product development feedback |
| Analysis of customer complaints | All organizations — mandatory, not optional |
| Review of warranty claims | Manufacturing and product-focused organizations |
| Dealer/agent reports | Organizations with indirect sales channels |
| Compliments and kudos tracking | Service industries |
Expert insight: Many organizations default to an annual satisfaction survey and check the box. I recommend a tiered approach — a lightweight transactional survey after each major delivery or project, supplemented by a deeper annual relationship survey. This produces far richer data and demonstrates genuine commitment to customer-centricity during audits.
Common Nonconformity: No Evidence of Evaluation
Collecting survey data without analyzing and acting on it is not compliant. Clause 9.1.2 requires monitoring and the use of that information to evaluate performance. If your Net Promoter Score dropped from 62 to 41 between cycles and your management review package shows no discussion of root cause or corrective action, an auditor will flag this.
Clause 9.1.3 — Analysis and Evaluation: Where Data Becomes Decisions
This sub-clause is the analytical heart of Section 9. It specifies that your organization shall analyze and evaluate data and information arising from monitoring and measurement. The results of that analysis must be used to evaluate:
- a) Conformity of products and services
- b) The degree of customer satisfaction
- c) Performance and effectiveness of the QMS
- d) Whether planning was implemented effectively
- e) Effectiveness of actions taken to address risks and opportunities
- f) Performance of external providers (suppliers)
- g) The need for improvements to the QMS
That is seven distinct areas. A compliant Clause 9.1.3 implementation has a traceable line from raw data to insight to decision for each of these areas — even if some are addressed only at the management review level.
Building an Analysis and Evaluation Framework
Here is a proven framework I use with clients at Certify Consulting:
Step 1 — Consolidate your data sources. Identify every measurement input defined in 9.1.1 and 9.1.2. Document where this data lives (ERP, spreadsheet, CRM, manual log).
Step 2 — Assign ownership. Every metric needs a single accountable owner — not a department, a person.
Step 3 — Define the evaluation cadence. Not every metric needs monthly review. Use a tiered review schedule: operational metrics weekly/monthly, strategic metrics quarterly, QMS-wide evaluation at management review.
Step 4 — Define decision thresholds. What does "bad" look like? If a metric crosses a defined threshold, what action is triggered? This transforms analysis from passive reporting into active management.
Step 5 — Link to outputs. Every analysis cycle should produce a documented output — even if that output is "no action required, trend is acceptable." This is your audit evidence.
Documented Information Requirements for Clause 9.1
ISO 9001:2015 Clause 9.1 requires organizations to retain documented information as evidence of the results of monitoring, measurement, analysis, and evaluation. This is one of the specific "retain" requirements (records) in the standard.
What this means in practice:
- Records of measurement results (e.g., process performance dashboards, customer survey results)
- Records of analysis outputs (e.g., trend analysis reports, Pareto charts)
- Evidence that results were reviewed and acted upon (e.g., management review minutes, corrective action records)
You do not need elaborate software. A well-maintained spreadsheet with version control, timestamps, and review sign-offs can fully satisfy these requirements.
The Clause 9.1 / Clause 9.3 Connection: Feeding the Management Review
One of the most important structural relationships in ISO 9001:2015 is the pipeline between Clause 9.1 and Clause 9.3 (Management Review). The standard is explicit: management review inputs shall include the results of monitoring and measurement (Clause 9.3.2 c).
This means your Clause 9.1 system is not just a compliance exercise — it is the primary information supply for your organization's highest-level quality decision-making. A weak Clause 9.1 system directly degrades the quality of strategic decisions made at the top management level.
The most effective QMS implementations treat the Clause 9.1 data package as a living dashboard that feeds directly into each management review — not a separate report prepared the week before the audit.
Integrating Clause 9.1 with ISO 9001 Clause 6.1 (Risk-Based Thinking)
Measurement is not only retrospective. Clause 9.1 should be explicitly connected to your risk and opportunity register from Clause 6.1. Each significant risk you identified during planning should have a corresponding monitoring metric — so you can detect early if a risk is materializing before it becomes a nonconformity or customer complaint.
For example: - Risk identified: Key supplier dependency creates delivery risk - Monitoring metric: Supplier on-time delivery rate, tracked monthly - Threshold: Below 95% triggers supplier corrective action request
This connection transforms Clause 9.1 from a backward-looking reporting function into a forward-looking early warning system. That is the difference between a QMS that prevents problems and one that documents them after the fact.
Common Clause 9.1 Nonconformities — And How to Avoid Them
Based on my experience auditing and consulting across industries, here are the most frequently cited Clause 9.1 findings:
| Nonconformity | Root Cause | Prevention Strategy |
|---|---|---|
| Customer satisfaction not measured | No formal process defined | Define method, frequency, and owner in QMS procedure |
| Metrics collected but never analyzed | No defined evaluation cadence | Schedule formal analysis reviews; document outputs |
| Quality objectives not linked to measurement | Objectives set in isolation | Map each objective to at least one KPI |
| Supplier performance not evaluated | Clause 9.1.3(f) overlooked | Include supplier scorecards in analysis cycle |
| Analysis outputs not feeding management review | Siloed functions | Build formal data handoff between process owners and management review owner |
| No documented evidence of analysis | "We review it verbally" | Require documented output for every evaluation cycle |
How to Build a Clause 9.1-Compliant Measurement System: A Practical Checklist
Use this checklist to assess and strengthen your current Clause 9.1 implementation:
Clause 9.1.1 — General
- [ ] All monitored/measured parameters are defined in a measurement plan or procedure
- [ ] Each metric has a defined method, frequency, owner, and evaluation timing
- [ ] Measurement methods are validated for consistency and reliability
- [ ] Calibration requirements are identified and linked to Clause 7.1.5 where applicable
- [ ] Documented evidence of measurement results is retained
Clause 9.1.2 — Customer Satisfaction
- [ ] At least one formal customer satisfaction measurement method is defined and in use
- [ ] Customer satisfaction data is collected at defined intervals
- [ ] Analysis of customer satisfaction is documented
- [ ] Actions taken based on customer satisfaction trends are traceable
Clause 9.1.3 — Analysis and Evaluation
- [ ] All seven evaluation areas from Clause 9.1.3 are addressed
- [ ] Analysis outputs are documented and retained
- [ ] Results feed directly into management review inputs (Clause 9.3.2)
- [ ] Threshold-based decision rules are defined for key metrics
- [ ] Supplier performance data is included in analysis cycle
Clause 9.1 Across Industries: Sector-Specific Considerations
While ISO 9001 is industry-agnostic, Clause 9.1 implementation looks different across sectors:
Manufacturing: Heavy reliance on Statistical Process Control (SPC), first-pass yield, scrap rates, and OEE. Calibration linkage to Clause 7.1.5 is critical.
Healthcare / Medical Devices: Customer satisfaction monitoring often includes patient outcome data or complaint trends. Regulatory bodies (FDA, EMA) may impose additional monitoring requirements.
Professional Services / Consulting: Metrics tend to be output-based (project delivery on time/budget, client renewal rates, complaint rates). Customer satisfaction surveys are the primary voice-of-customer mechanism.
Construction and Engineering: Project-based KPIs (punch list closure rates, inspection pass rates, rework costs) combined with subcontractor performance data satisfy the external provider requirement of 9.1.3(f).
What Auditors Actually Look for in Clause 9.1
Third-party auditors approaching Clause 9.1 will typically:
- Ask to see your measurement plan — they want to confirm it is comprehensive, not cherry-picked
- Trace a metric end-to-end — from raw data collection through analysis to a management decision
- Look for gaps in the seven evaluation areas of Clause 9.1.3 — particularly supplier performance and risk/opportunity action effectiveness
- Request your most recent customer satisfaction data and ask what you did with it
- Check the management review package to confirm Clause 9.1 outputs are present as inputs
The single most effective preparation step is to conduct an internal audit that traces three or four metrics through the entire pipeline — collection, analysis, evaluation, and decision — and document the evidence chain. If you can walk an auditor through that chain confidently, you will sail through Clause 9.1.
For guidance on structuring your internal audit process, see our resource on ISO 9001 internal audit best practices.
Frequently Asked Questions About ISO 9001 Clause 9.1
Does ISO 9001 specify which KPIs an organization must measure?
No. ISO 9001:2015 is deliberately non-prescriptive about which specific key performance indicators you must use. The standard requires that you determine what needs to be monitored and measured based on your quality objectives, process risks, and customer requirements. This flexibility is by design — a hospital and a precision manufacturer have fundamentally different meaningful metrics.
How often must customer satisfaction be measured under Clause 9.1.2?
The standard does not specify a mandatory frequency. You must define a frequency appropriate for your business model and customer relationship structure. At minimum, most certification bodies expect at least annual measurement. High-volume transactional businesses should measure more frequently to ensure the data remains actionable.
What is the difference between monitoring and measurement in ISO 9001?
ISO 9001:2015 distinguishes between the two: monitoring involves observing, supervising, or critically watching over time (not necessarily quantifying), while measurement involves determining a value against a defined scale. Both are required, and both may apply to the same process — for example, you might monitor customer complaint trends over time while measuring complaint resolution time in days.
Can we use customer complaints as our sole customer satisfaction method?
While analyzing complaints is explicitly listed as an acceptable method in Clause 9.1.2, relying on it exclusively is high risk. Complaints are inherently lagging indicators and represent only customers who chose to formally report dissatisfaction. Most certification bodies and experienced auditors expect at least one proactive satisfaction measurement method alongside complaint analysis.
What documented information is required for Clause 9.1?
ISO 9001:2015 Clause 9.1.1 specifically requires organizations to retain documented information as evidence of monitoring, measurement, analysis, and evaluation results. This means records — not just procedures — must exist. The format is flexible; what matters is that results are captured, dated, attributable to a review owner, and retrievable during an audit.
Final Thoughts: Make Clause 9.1 Work For You
Clause 9.1 is not a compliance burden — it is the feedback loop that makes every other part of your QMS intelligent. When built correctly, it tells you whether your quality objectives are being achieved, whether your customers are satisfied, whether your suppliers are performing, and whether your risk mitigation strategies are actually working.
The organizations I work with through Certify Consulting that treat Clause 9.1 as a strategic asset — not a checkbox — consistently report that their QMS becomes genuinely useful to management. They make faster decisions, respond to problems earlier, and pass audits with confidence.
If you are preparing for initial certification, surveillance, or recertification and want expert guidance tailored to your industry and organization size, explore our ISO 9001 certification consulting services or reach out directly at certify.consulting.
Last updated: 2026-04-11
Jared Clark
Principal Consultant, Certify Consulting
Jared Clark is the founder of Certify Consulting, helping organizations achieve and maintain compliance with international standards and regulatory requirements.