Take the ISO 9001 course exam and get the ISO 14001 or ISO 13485 course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Applicable ISO 9001 clauses for implementation in a software company

  Quote
Guest
Guest user Created:   Aug 27, 2021 Last commented:   Aug 27, 2021

Applicable ISO 9001 clauses for implementation in a software company

I am working with a company who develops no hardware, only ML based software. What are the mandatory clauses of ISO 9001 that apply to them if they need to go for a certification? No manufacturing, no plants, only software. What is the best approach for them?

0 1

Assign topic to the user

ISO 9001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 9001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Carlos Pereira da Cruz Aug 27, 2021

If they decide to go for ISO 9001 certification only clauses from section 8 can be candidates for classification as non-applicable. ISO 9001:2015 is a generic standard applicable to all kinds of organizations. The company:

  • Has clients and consumers – clause 8.2 is applicable.
  • Develops software - clause 8.3 is applicable.
  • Buys resources - clause 8.4 is applicable.
  • Software must be manufactured, lines of code have to be written and tested, bugs must be removed - clauses 8.5, 8.6, and 8.7 are applicable.
     

Inside 8.5 typical candidates for non-applicability are:

  • Subclause 8.5.3 – does the company works with confidential information provided by the client? Does the company install the software at the client’s premises? If a new version of software originates problems for the client, does the company is liable? If yes to one of these questions the clause is applicable.
  • Subclause 8.5.4 – preservation seems not applicable at first sight but then look into the “NOTE”. You can find there the word “transmission”. What is that about? It is about how information is transmitted and protected, preventing risks of loss, tampering, and protection of information which may include property of the customer and supplier. There are examples of this information transmitted electronically such as electronic payments, mail, electronic files, computer files, information available on websites, etc.
  • Subclauses 8.5.5 and 8.5.6 – include after-sales support and new versions

It seems that all clauses are applicable. 

While considering the use of ISO 9001 for software development activities, consider this support ISO/IEC/IEEE 90003:2018 - Software engineering — Guidelines for the application of ISO 9001:2015 to computer software - https://www.iso.org/standard/74348.html

For more information about exclusion, the right ISO wording is applicability, consider the following:

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Aug 27, 2021

Aug 27, 2021

Suggested Topics