The Roles & Responsibilities list template includes a list of standard roles such as Managing Director/CEO, HR Manager, Quality Manager, Environmental and Information Security Manager. You can easily tailor these to match your organisation or add new roles.
The guidance includes how to describe the responsibilities in terms of education, experience, training, and competence requirements. Internal and External communication columns include authorities on what and how information should be communicated.
Why you need to define roles and assign responsibility and authority for your ISO Management System (MS)
Clause 5.3 Organizational roles, responsibilities, and authorities of the ISO 9001:2015 Quality Management standard requires you to ensure that the responsibilities and authorities for relevant roles are assigned, communicated, and understood.
The ISO standard requires that top management assigns responsibility and authority for
ensuring that the MS conforms to the requirements of ISO
ensuring that the processes are delivering their intended outputs
reporting on the performance of the MS and on opportunities for
ensuring the promotion of customer focus throughout the organisation
ensuring that the integrity of the MS is maintained when changes are planned and implemented.
How ISOvA QMS software helps you determine roles, responsibilities, and authorities
The Roles & Responsibilities list template includes a list of standard roles, which you can easily tailor to match your organisation.
The headings below match the columns provided in your IMS Toolbox:
The Title column includes a list of the most common organisational roles an auditor would expect to see in your MS including;
Quality, Environmental, H&S or Information Security Manager
Information Security Manager
Head of Facilities and OHS
Responsibility and Authority
This column describes the responsibilities related to the role and, when applicable, the authorities.
For example, the Quality Manager role could include:
Ensuring that the MS fulfils the requirements of ISO.
Monitoring the performance of the MS and reporting to top management.
Promoting a customer focus
This column describes the competence requirements for the role in terms of education, experience and training.
For example, the Quality, Environmental, H&S or Information Security Manager role could include:
Appropriate training and qualifications
Experience – 1 Year
List the internal interested parties that the role has the authority to communicate to.
For example, the Quality, Environmental, H&S or Information Security Manager's internal responsibility could include:
Staff understand the Quality, Environmental, H&S or Information Security Policy
Staff are aware of relevant objectives
Top management is aware of the status of the management system
List the external interested parties that the role has the authority to communicate to ensure the quality expectations are met, including:
Suppliers understand the Standards expectations of their products and services
Customer feedback, both positive and negative
Certification bodies compliance with the standard
Having determined roles, responsibilities, and authorities for your ISO MS, you can now move to the next step: