ISO 9001 Clause 7 tells auditors how well your business supports its quality system through people, equipment, facilities, and documented information. If you are aiming for ISO 9001 certification in Australia, this is one section you need to understand clearly.
Auditors look for more than whether your team is showing up on time or your procedures are in a folder. They dig into how your business prepares staff, maintains equipment, creates and controls documents, and keeps everything traceable. They want to see evidence that your system is working in real life, every day. Each subclause in Clause 7 builds that picture.
This article breaks down what auditors focus on across the different parts of Clause 7. You will see how each section ties into key business practices and how IMS software helps you meet these expectations. Whether you manage staff, assets, or communications, there are specific checks auditors perform that you should be ready for.
7.1.1 General Resource Planning in ISO 9001
ISO 9001 Clause 7 begins with a simple question: have you planned the resources needed to meet quality objectives? Auditors expect a clear link between your resource planning and your internal audits, your approach to nonconformance, and your corrective actions.
This means you must allocate the right people, tools, and time to keep your quality system functional. For example, if you’re scheduling an internal audit, have you made sure staff are trained, documents are up to date, and equipment is available? If a nonconformance is found, do you have the resources in place to investigate it properly and apply a corrective action?
This kind of planning is one of the most crucial ISO 9001 certification requirements. The FocusIMS Planning and Communication Module helps you manage this systematically. It lets you prepare meeting agendas, assign actions, track follow-up, and ensure accountability across your team. With structured planning tools, you can be confident that each part of your system is backed by the resources it needs. When auditors review your compliance with ISO 9001 Clause 7, this level of planning shows you are meeting the standard and managing your system with intent.
7.1.2 People Requirements in ISO 9001 Clause 7
Auditors reviewing ISO 9001 Clause 7 examine whether you’ve clearly assigned competent staff to carry out critical system activities. This includes your internal auditors, the individuals responsible for document control, and those tasked with reviewing and managing nonconformances. Each role must be filled by people who have the skills, training, and authority to perform them properly.
These responsibilities support several of the six mandatory procedures of ISO 9001, specifically Internal Audit, Corrective Action, and Control of Documents. If you cannot demonstrate who is responsible, or if their competencies are unclear or undocumented, auditors will flag your system as incomplete or ineffective.
The FocusIMS Personnel Management Module addresses these requirements. It links roles to defined competencies and ensures that only qualified personnel are assigned to each area. You can track training completion, review skill gaps, and access a full training history for every employee. This gives you a live, accurate view of your workforce readiness.
You are expected to know who is doing what, why they are qualified, and how that links to your quality objectives. Without that, even the most polished documents will not pass audit scrutiny. Clear roles, maintained competence, and evidence of ISO 9001 employee training form the foundation of an effective quality management system.
7.1.3 Infrastructure Requirements for ISO 9001 Audits
Auditors reviewing infrastructure under ISO 9001 Clause 7 will examine whether your physical and digital assets support consistent quality. They check the condition and suitability of buildings, plant, equipment, and IT systems used to carry out quality-related tasks. You are expected to show evidence that these assets are maintained, accessible, and aligned with your quality objectives.
That includes having facilities that match the nature of your operations, tools that are fit for purpose, and technology that reliably supports communication, document control, and records. Gaps in maintenance, breakdowns in IT systems, or unclear responsibilities for infrastructure upkeep will raise concerns.
FocusIMS helps meet these requirements with the Asset Management and System Management Modules. The Asset Management Module allows you to allocate, track and maintain all physical assets—vehicles, tools, machinery, and equipment—with detailed service history, alerts, and utilisation reporting. This means you always know what’s in use, what needs repair, and what’s overdue.
The System Management Module supports document control and ensures access to current procedures, manuals, and compliance records. You avoid lapses that typically result from version confusion or outdated information. When combined, both modules support audit readiness and long-term operational stability.
7.1.4 ISO 9001 Work Environment Requirements
Under ISO 9001 Clause 7, auditors assess whether your work environment supports reliable and consistent process output. This goes beyond clean floors and working lights. They examine the full range of physical, psychological, and social conditions that affect how well your processes operate, from air quality and temperature to noise levels and exposure to contaminants.
You must define what environmental conditions your processes require, maintain them consistently, and monitor for any changes that could disrupt product or service quality. The work environment must be suitable for your staff and the operational processes they perform. It must not undermine safety, focus, or compliance.
Our Field Module supports this by giving your field staff the tools to report environmental conditions on-site in real time. They can complete pre-starts, note workplace hazards, submit risk assessments, and flag issues instantly. Alerts are sent to your admin team the moment a condition needs attention. That means action happens before quality is compromised.
When combined with routine reporting and corrective action tracking, this module keeps auditors confident in your control systems.
7.1.5 Monitoring and Measuring Equipment in ISO 9001
When auditors assess your QMS against ISO 9001 Clause 7, they focus on your ability to control, maintain and record data from monitoring and measuring resources. Clause 7.1.5 outlines two critical requirements that shape how your organisation is expected to treat the tools used to verify product and process conformity.
7.1.5.1 General Requirements
You must determine and provide the resources needed to ensure valid and reliable monitoring and measuring results. This is especially relevant for any tool or device that plays a role in detecting nonconforming products or processes. The accuracy of those tools must be suitable for the task.
If your equipment is not properly selected, verified, or maintained, the risk is that you fail to detect errors or deviations in your outputs. In practical terms, this can lead to nonconformances going undetected and reaching your customers. Auditors often begin by reviewing how you determine the suitability of measuring devices before they’re put into service. They may question the degree of precision required and how you ensure tools meet that specification before and during use.
This clause also expects you to ensure that all monitoring and measuring activities are carried out under controlled conditions. That includes not only the tools, but the environment in which the measurements occur. Cleanliness, temperature, and other environmental conditions must not compromise the validity of your data.
7.1.5.2 Calibration and Traceability Records
For any measurement equipment that affects product quality, calibration is not optional. You must calibrate tools against recognised standards at defined intervals or before use if there’s any risk of accuracy drift. These calibrations must be traceable. That means you need records that link the instrument’s current calibration to a recognised reference standard.
Traceability is where auditors will spend time checking that your records tell a complete and verifiable story. Every calibrated instrument must have a corresponding calibration log, and that log should contain at minimum:
- Date of last calibration
- Calibration results
- Next due date
- Identification of the person or provider responsible
- Reference to the standards used
If an instrument is found to be out of calibration, you must be able to show what was affected, what has been checked, and what action you took. In this context, traceability becomes both a compliance requirement and a risk control mechanism.
Auditors will also check whether your tools are properly identified and protected from damage or deterioration. Any lapse in storage or handling of instruments can affect measurement reliability.
Using ISO 9001 compliance software to maintain calibration schedules, issue alerts, and store calibration certificates simplifies this task. It reduces the risk of missed calibrations and provides auditors with a clear trail of evidence.
ISO 9001 Clause 7 expects that you use measuring tools and you must prove they are suitable, calibrated, traceable, and maintained. You must also record these facts in a way that is auditable, repeatable, and current. Your ongoing ability to control your monitoring and measuring equipment is a signal to auditors that your broader system is working as intended.
7.1.6 Organisational Knowledge in ISO 9001 Clause 7
Auditors reviewing ISO 9001 Clause 7 assess whether your people have access to the information they need to do their work accurately and safely. This includes knowledge of risks, controls, procedures, and expectations. They are looking for consistency—knowledge shouldn’t exist in someone’s head or be scattered across inboxes and old spreadsheets. If your team can’t locate a procedure or hazard control when asked, you’ll be flagged.
This requirement supports both preventive action and internal audits. Without structured organisational knowledge, preventive action becomes guesswork. You need documented lessons from past incidents and consistent access to procedures to avoid repeat failures. Internal audits, in turn, depend on current and accurate reference material. Auditors test whether your system enables people to learn from the past and apply that learning in real time.
FocusIMS simplifies this. The Risk Management Module captures, reviews, and links hazards, controls, and outcomes. You can trace decisions back to their sources and apply controls consistently. The System Management Module stores procedures, work instructions, and legislative updates—all version-controlled, accessible, and current.
If your ISO 9001 gap analysis reveals poor knowledge control, these modules close the gap. Organisational knowledge must live in your system, not just in someone’s memory.
ISO 9001 Clause 7.2: Competence Requirements for QMS Compliance
Auditors expect solid proof that your staff are competent to perform specific tasks. If someone handles internal audits, approves documents, or manages corrective actions, you must show that they are trained to do so. Auditors want to see that the training is relevant, current, and linked to their responsibilities.
Clause 7.2 of ISO 9001:2015 goes beyond ticking boxes. It requires you to ensure that people can actually do the work in a way that supports your quality objectives. That includes evaluating competence, providing training, and retaining evidence.
The FocusIMS Personnel Management Module supports this by linking each employee to their assigned duties. You can upload training records, assign required courses, and set reminders for refresher sessions. Use the module to tag employees qualified for internal audits, document reviews, or root cause analysis. If someone’s qualifications are out of date, you’ll see it immediately.
You should also regularly review training needs as job roles change. Add a monthly check to your calendar using FocusIMS alerts. That keeps you ready for audit reviews and avoids last-minute scrambles.
For more detailed guidance, see How To Run Really Effective ISO 9001 Employee Training.
ISO 9001 Clause 7.3: Awareness and Staff Responsibilities
Under ISO 9001 Clause 7, your staff must understand how their actions affect product quality and compliance. This includes recognising the risks of using incorrect procedures. If a task is done the wrong way, your customers feel it. So do your auditors.
Every person working for your business—full-time or contracted—must know the quality policy, why it exists, and how following it supports your business. They also need to know what happens when it is ignored. The consequences are real. Mistakes cost time, money, and trust.
The updated ISO standard puts this accountability on leadership. Managers and supervisors must communicate clearly and record proof that these conversations took place. It’s not enough to hand over a policy during onboarding. You need regular reminders, discussions, and updates. Auditors look for this evidence.
Use the FocusIMS Planning and Communication Module to schedule team briefings and track attendance. Log meeting minutes that explain how you’ve reinforced the policy. Store these against employee records in the Personnel Management Module.
You are responsible for making sure people know what they do, why it matters, and what happens if they get it wrong.
ISO 9001 Clause 7.4: Internal and External Communication in QMS
ISO 9001 Clause 7 requires that you establish clear lines of communication across your business. Clause 7.4, titled “Communication,” focuses on how this must happen internally and externally in relation to your QMS. You must define what needs to be communicated, who receives the information, when it should be shared, and how it is delivered.
Auditors want to see that you have documented communication paths for audit findings, updates to procedures, and nonconformance reports. They show whether people know what’s changing, why it matters, and what action is needed.
This clause exists to prevent confusion. You can’t maintain quality if your people don’t know what’s going on. You can’t meet IMS Standards if your external contractors are operating with outdated instructions.
Use tools like the FocusIMS Planning and Communication module to record internal announcements, track document reviews, and manage communication logs. It helps prove that messages were sent, received, and understood.
You are responsible for making sure your messages land with the right people. Communication in the QMS is what keeps everything working together.
ISO 9001 Clause 7.5: Documented Information Requirements
Clause 7.5 of ISO 9001 outlines how your business must manage the documents and records that support your quality system. Auditors expect your documented information to be complete, up to date, and controlled in a way that ensures consistency and accountability.
7.5.1 Managing Required ISO 9001 Documents and Records
You must maintain documented procedures for several critical areas. These include control of documents, control of records, internal audit, nonconforming product, and corrective and preventive actions. Each procedure must be clearly defined, consistently applied, and readily accessible.
If an auditor asks how you manage nonconforming outputs or track corrective actions, your documentation must provide the answer without ambiguity. Your system should show that these procedures are more than formalities; they must reflect your daily operations.
7.5.2 Creating and Updating Documents in ISO 9001
Document creation is not a one-time task. Every document must go through a defined review and approval process before it becomes part of your quality system. Formatting needs to be clear and consistent. Each version must be identified and traceable, which means version control is not optional. If a document changes, your team must know which version applies.
Auditors often check this trail. They want to see that changes are justified, approved, and implemented with intention. This supports the credibility of your documentation and ensures outdated or inconsistent information does not undermine your procedure .
7.5.3 Document and Record Control for ISO 9001 Compliance
Records are evidence that your system is working. They must be accurate, secure, and accessible when needed. You must retain them for as long as required by your own policies or applicable legislation. This includes audit records, training records, inspection results, and action logs.
You are responsible for ensuring these records are traceable and protected from unauthorised changes. If a record is missing or unclear, auditors may question whether you completed the activity. Your record control system must support both operational integrity and external verification.
These requirements are not optional or open to interpretation. They are specific and enforced. Meeting ISO 9001 document control requirements is essential if you want to pass an external audit or maintain certification. ISO 9001 Clause 7 expects you to treat documented information as a living part of your management system, not just stored away and forgotten.
Takeaway Message
Clause 7 of ISO 9001:2015, titled “Support,” covers the resources your business needs to establish, implement, maintain and continually improve its quality management system (QMS). It defines the minimum requirements ISO believes are essential to support any functioning QMS. These include People, Infrastructure, Environment for the operation of processes, Monitoring and Measuring Resources, Organisational Knowledge, Competence, Awareness, Communication and Documented Information.
Complying with Clause 7 helps ensure your systems are well-supported, consistent, and audit-ready. You improve how your business manages knowledge, skills and resources, building a reliable structure that strengthens quality, reduces risk and supports your growth over the long term.
