ISO Glossary of Terms

A

Accreditation

Formal recognition by an authoritative body of a certification body's, laboratory's, or inspection body's competence to perform specific tasks.

Example: SAC (Saudi Accreditation Center) grants accreditation to certification bodies.

Audit

A systematic and independent process for obtaining evidence and evaluating it to verify compliance with standards.

Example: Quarterly internal audit to verify quality procedure implementation.

Auditee

The organization or department being audited.

Example: The production department is the auditee for this week's audit.

Auditor

A qualified person who conducts audits according to specific standards.

Example: An IRCA-certified Lead Auditor for ISO 9001.

C

CAPA

Corrective and Preventive Action - A system for identifying and addressing causes of nonconformity to prevent recurrence (corrective) or occurrence (preventive).

Example: Opening a CAPA after discovering a recurring production defect.

Certification

A statement by an independent body that an organization's management system meets the requirements of a specific standard.

Example: The company obtained ISO 9001:2015 certification.

Certification Body

An independent organization authorized to issue certificates of conformity to standards.

Example: A SAC-accredited certification body issuing ISO certificates.

Clause

A specific section or paragraph in a standard text containing certain requirements.

Example: Clause 7.2 of ISO 9001 addresses competence.

Competence

The ability to apply knowledge and skills to achieve intended results.

Example: Annual employee competence assessment and training documentation.

Conformity

Fulfillment of specified requirements in the standard or system.

Example: The product conforms to approved quality specifications.

Context of Organization

Understanding the internal and external environment affecting the organization's ability to achieve its objectives.

Example: SWOT analysis as part of understanding context.

Continual Improvement

Recurring activity to enhance performance and achieve better results.

Example: PDCA cycle for continuous production process improvement.

Control

Procedures and mechanisms to manage processes and ensure desired outcomes.

Example: Temperature control for food storage.

Corrective Action

Action to eliminate the cause of a nonconformity and prevent recurrence.

Example: Retraining workers after discovering a recurring error.

CCP

Critical Control Point - A step in a process where control can be applied to prevent or eliminate a food safety hazard.

Example: Cooking at a specific temperature as a CCP.

D

Document

Recorded information that defines policies, procedures, and instructions.

Example: Quality manual, work procedures, operating instructions.

Documented Information

Information required to be controlled and maintained (includes documents and records).

Example: Training records, audit reports, work procedures.

E

Effectiveness

The extent to which planned activities achieve desired results.

Example: Measuring training effectiveness through post-training performance assessment.

Environmental Aspect

An element of an organization's activities that interacts or can interact with the environment.

Example: Factory emissions, water consumption, waste.

External Provider

An external entity that provides products or services to the organization.

Example: Raw material suppliers, maintenance service providers.

H

Hazard

A potential source of harm (to health, safety, environment, or product quality).

Example: Toxic chemical, unguarded machinery.

HACCP

Hazard Analysis and Critical Control Points - A preventive system for identifying and controlling food safety hazards.

Example: Implementing HACCP in a food manufacturing plant.

I

Interested Parties

Persons or organizations that can affect, be affected by, or perceive themselves to be affected by a decision or activity.

Example: Customers, employees, suppliers, regulatory authorities.

Internal Audit

An audit conducted by the organization on itself to verify management system effectiveness.

Example: Annual internal audit program covering all departments.

ISMS

Information Security Management System - A framework of policies and procedures for managing information security risks.

Example: Implementing ISMS according to ISO 27001.

L

Leadership

Top management commitment and involvement in the management system.

Example: CEO signs and periodically reviews the quality policy.

M

Management Review

Periodic meeting by top management to evaluate management system performance and make improvement decisions.

Example: Quarterly management review meeting.

Monitoring

Continuous or periodic determination of the status of a system, process, or activity.

Example: Hourly refrigerator temperature monitoring.

N

NCR

Nonconformity Report - A document recording a nonconformity and tracking its resolution.

Example: NCR for a product not meeting quality specifications.

Nonconformity

Non-fulfillment of a specified requirement in the standard or system.

Example: Failure to document training as required by procedure.

O

Objective

A specific, measurable result that the organization seeks to achieve.

Example: Reduce customer complaints by 20% during the year.

Operational Control

Control of processes to ensure desired outcomes are achieved.

Example: Standard Operating Procedures (SOPs) for each process.

P

PDCA

Plan-Do-Check-Act - The continuous improvement cycle: plan, implement, verify results, take improvement action.

Example: Applying PDCA to solve a recurring quality problem.

Policy

A formal statement by top management defining the organization's intentions and commitments.

Example: Quality policy signed by the CEO.

Preventive Action

Action to prevent the occurrence of a potential nonconformity.

Example: Preventive equipment maintenance before failures occur.

Procedure

A specified way to carry out an activity or process.

Example: Procedure for receiving and inspecting raw materials.

Process

A set of interrelated activities that transform inputs into outputs.

Example: Production process, procurement process, recruitment process.

Process Approach

Managing activities as interrelated processes to achieve consistent results.

Example: Process map showing interactions between departments.

Q

QMS

Quality Management System - A set of policies, procedures, and processes for achieving quality objectives.

Example: A certified quality management system per ISO 9001.

R

Record

Documented information evidencing results achieved or activities performed.

Example: Training records, audit reports, calibration certificates.

Risk

The effect of uncertainty on objectives (can be positive or negative).

Example: Supply delay risks, equipment failure risks.

Risk Assessment

The process of identifying, analyzing, and evaluating risks.

Example: Risk matrix to determine priorities.

Risk-Based Thinking

Considering risks and opportunities in planning and decision-making.

Example: Identifying risks in each process and establishing controls.

S

Scope

The boundaries and applicability of the management system (sites, activities, products).

Example: Certificate scope: Design and manufacture of plastic products.

Stakeholder

A person or entity with an interest in the organization's performance.

Example: Shareholders, customers, employees, community.

Standard

A document specifying requirements, specifications, or guidelines.

Example: ISO 9001:2015 is a quality management system standard.

Surveillance Audit

Periodic audit (usually annual) to verify continued conformity.

Example: Annual surveillance audit by the certification body.

T

Top Management

The person or group directing and controlling the organization at the highest level.

Example: CEO and executive directors.

Traceability

The ability to trace the history, application, or location of what is under consideration.

Example: Product traceability from raw materials to end customer.

V

Validation

Confirmation through evidence that requirements for a specific intended use have been fulfilled.

Example: Validating that a sterilization process is effective.

Verification

Confirmation through evidence that specified requirements have been fulfilled.

Example: Inspecting a product to confirm it meets specifications.

A