Context of the Organization... and "Interested Parties"

While poorly described in ISO 9001:2015 & AS 9100:2016, the “Context of the Organization”… and “Interested Parties” actually involve cultural relativism. Cultural relativism is the idea that a person's beliefs, values, and practices should be understood based on that person's own culture, rather than be judged against the criteria of another.

This means that interpretation of the requirements of ISO 9001:2015 & AS 9100:2016 changes when crossing cultural boundaries. And since culture is most often rooted in socio-political beliefs, economy, laws, regulations, etc., interpretation of the requirements of ISO 9001:2015 & AS 9100:2016 are often “nation dependent”. (See Re-writing ISO 9001:2015... through Interpretation)

ISO 9001:2015, sec. 4.1, Notes 2 & 3 help explain the influence of cultural relativism.

ISO 9001:2015, sec. 4.1
NOTE 2 Understanding the external context can be facilitated by considering issues arising from legal, technological, competitive, market, cultural, social and economic environments, whether international, national, regional or local.
NOTE 3 Understanding the internal context can be facilitated by considering issues related to values, culture, knowledge and performance of the organization.

The Organization and its Context

The most common way to address this requirement is through the use of a SWOT analysis. A SWOT Analysis provides management with “talking points” to discuss the “external and internal issues that are relevant to” the organization's purpose and its strategic direction and that affect its ability to achieve the intended result(s) of its quality management system.

The image below provides a general template for how to structure a SWOT to clearly differentiate between external and internal issues. This format also includes the concept of positive risks (opportunities) and negative risks (actual risks). To argue the semantics of these two terms is pointless. I suggest simply including these terms to demonstrate how your SWOT includes “risk-based thinking”.

A completed SWOT analysis should be either included or referenced in your “Management Review Meeting Minutes” to satisfy ISO 9001 / AS9100, sec. 9.3.2, “Management review inputs”, which states:

The management review shall be planned and carried out taking into consideration:
b) changes in external and internal issues that are relevant to the quality management system;

The Needs and Expectations of Interested Parties

As discussed above, when reading ISO 9001:2015 & AS 9100:2016, sec. 4.2 “Understanding the needs and expectations of interested parties”, the interpretation varies depending upon whether the country is communist, socialist (i.e., closed or restricted economies) or a free society with a free market economy.

In China, where more than a third of all ISO 9001:2015 certifications have been issued, the “Context of the Organization” and its relationship with “Interested Parties / Stakeholders” has a very different meaning than in the USA!

Fortunately, ISO 9001:2015, sec. 4.2b, effectively re-defines an “interested party” through limiting them to a “party” invoking quality-related requirements, as shown below:

4.2 Understanding the Needs and Expectations of Interested Parties
Due to their effect or potential effect on the organization’s ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, the organization shall determine:
a. the interested parties that are relevant to the quality management system;
b. the requirements of these interested parties that are relevant to the quality management system.
The organization shall monitor and review information about these interested parties and their relevant requirements.

ISO 9001:2015, Annex A.3 further clarifies this limitation stating:

There is no requirement in this International Standard for the organization to consider interested parties where it has decided that those parties are not relevant to its quality management system. It is for the organization to decide if a particular requirement of a relevant interested party is relevant to its quality management system.

Consequently, ISO 9001:2015, Annex A.3 makes this “requirement” extremely simple for an organization to comply with… because it empowers the organization to decide which requirements from an “interested party” are applicable to its quality management system.

Some U.S. companies have identified their own employees and/or suppliers as “interested parties”! But do those employees and/or suppliers actually invoke any “quality-related requirements” on the business? While the answer is generally no, as per ISO 9001:2015, Annex A.3, the final determination is left to the organization.

Similarly, some U.S. companies have identified OSHA (Occupational Safety & Health Administration) and/or the EPA (Environmental Protection Agency) as “interested parties”. While OSHA (Occupational Safety & Health Administration) imposes “safety-related” regulations, and the EPA (Environmental Protection Agency) imposes “environmental-related” regulations, neither of these government agencies impose “quality-related” requirements.

Some auditors reference the definition (along with the “Example” immediately below the definition; which was added by TC 176 to the definition provided in “ISO/IEC Directives, Part 1, Consolidated ISO Supplement - Procedures specific to ISO” (Fifth edition, 2014), Annex SL) without reading SO 9001:2015 & AS 9100:2016, sec. 4.2 & Annex A.3.

ISO 9000:2015, sec. 3.2.3:
interested party / stakeholder
person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity

EXAMPLE Customers, owners, people in an organization, providers, bankers, regulators, unions, partners or society that can include competitors or opposing pressure groups.

The only quality-related “interested parties” I see listed in the above examples are those I've bolded.

An example of valid “Interested Parties” for a company visiting ports (e.g., performing inspections of, or transferring goods to/from, barges, vessels, shore tanks, etc.) might include:

Interested Party Requirement(s)
Customers Defined on a “case-by-case” basis in documented “nominations” received via e-mail, “contracts” and/or “Purchase Orders”.
Transportation Security Administration (TSA) Defined in the "Maritime Transportation Security Act of 2002" (PUBLIC LAW 107–295—NOV. 25, 2002). The primary applicable, relevant requirement is for Inspectors to possess a “Transportation Worker Identification Credential”, also known as TWIC® card, in order to gain entry to port facilities.
Port Facilities Some Ports communicate their “Rules” via e-mail. Other Ports communicate their rules on an “as-needed” or “case-by-case” basis.
Vessel owners/captains Vessel rules/requirements are typically communicated verbally by the vessel crew on a “case-by-case” basis.
Barge owners/captains Barge rules/requirements are communicated by the fleet. Each fleet has different rules - that are typically communicated “as-needed”.
Certification Body (CB) Defined in the specific CB's “Rules of Registration”.

Additional AS 9100:2016 (Rev. D) Requirement

Unlike ISO 9001:2015 (which does not require a document identifying “interested parties”), AS 9100:2016 (Rev. D) requires “the organization” to document a “general description” of the interested parties.

AS 9100:2016, sec. 4.4.2 states:
The organization shall establish and maintain documented information that includes:
− a general description of relevant interested parties (see 4.2 a);

This requirement is typically interpreted as the “general description” consisting of the identity of the “interested party” and their requirements (Ref. AS 9100:2016, sec. 4.2).

An example of “Interested Parties” for a defense contractor might include:

Interested Party Requirement(s)
Customers Defined on a “case-by-case” basis in documented “contracts” and/or “Purchase Orders”.
U.S. Department of State Defined in the “International Traffic in Arms Regulations” (22 CFR Subchapter M, Parts 120-130), when applicable.
U.S. Department of Defense Defined in the “Federal Acquisition Regulations” (FARs) & “Defense Federal Acquisition Regulations” (DFARs), when incorporated into U.S. government solicitations and contracts by reference.
U.S. Dept. of Commerce, Bureau of Industry and Security (BIS) 15 CFR, Subtitle B, Chapter VII, Subchapter C, “Export Administration Regulations” (EAR), when applicable AND/OR
The Defense Priorities and Allocations System (DPAS) regulation (15 CFR Part 700), when applicable.
U.S. Department of Transportation (DOT) 49 CFR Subtitle B, Chapter I, subchapters A-C, parts 100 thru 185 & 49 CFR Subtitle B, Chapters II thru XII, as applicable.
Note: IATA (International Air Transport Association) is an industry trade organization providing information for the international transportation of dangerous goods by air. The IATA “Dangerous Goods Regulations” (DGR) is NOT an official regulatory document but may be referenced for guidance.
Certification Body (CB) Defined in the specific CB's “Rules of Registration”.

Ignoring ISO 9001:2015, Annex A.3, some AS91xx auditors demand the addition of other interested parties. One of the most common is the “owners”. Their logic is that the owners communicate their quality-related requirements through the “Quality Policy”. While this is much like claiming that wood is an interested party to the tree, it's easier to add “Owners” as an interested party rather than argue the point.