Guide to ISO 9001 Clause 9.1.3 Analysis and Evaluation With Examples

What Is Clause 9.1.3 in ISO 9001?

Clause 9.1.3 sits inside Section 9 of ISO 9001:2015, which covers performance evaluation. Specifically, Clause 9.1.3 is titled Analysis and Evaluation, and it requires your organisation to actually do something useful with the data you collect. Collecting data is easy. Turning it into meaningful conclusions that drive decisions is where most businesses fall short.

If you have already read our guide to ISO 9001 Clause 9 performance evaluation, you will know that Section 9 as a whole is about monitoring, measuring, analysing, and improving. Clause 9.1.3 is the analysis piece. It asks you to take the outputs from your monitoring and measurement activities and draw conclusions from them.

This clause trips up a lot of businesses during audits, not because it is complicated, but because organisations treat it as a box-ticking exercise. They collect data, produce reports, and then file them away. That is not analysis. That is data storage. This guide will walk you through exactly what the clause requires, what auditors look for, and how to build a genuine analysis and evaluation process that adds value to your business.

The Full Requirements of Clause 9.1.3

The clause requires you to analyse and evaluate appropriate data and information arising from monitoring and measurement. It then lists specific things you must be able to determine from that analysis. Let us go through each one.

Conformity of Products and Services

You need to be able to show, through your data, whether your products or services meet their specified requirements. This might come from inspection records, test results, customer acceptance data, or production quality checks. The analysis should tell you whether you are consistently meeting specifications, and if not, where the gaps are occurring.

For example, a steel fabrication business in Perth might track weld inspection pass rates across different product lines. Analysing that data over a quarter might reveal that one product type has a 12 percent failure rate on first inspection, while others sit below 2 percent. That is the kind of insight Clause 9.1.3 is designed to surface.

Degree of Customer Satisfaction

ISO 9001 requires you to monitor customer perceptions. Clause 9.1.3 requires you to actually evaluate what that data means. Collecting a Net Promoter Score or sending out a satisfaction survey is not enough on its own. You need to analyse the results and draw conclusions about trends, problem areas, and whether your actions to improve satisfaction are working.

This links directly to Clause 9.1.2, which covers customer satisfaction measurement. The analysis step is where you ask: what does this data tell us about how well we are serving our customers?

Performance and Effectiveness of the Quality Management System

This is a broad requirement. It asks you to look across your QMS as a whole and determine whether it is actually working. Are your processes achieving their intended outputs? Are quality objectives being met? Are the controls you have put in place effective?

This is where many businesses struggle because they look at individual metrics in isolation rather than stepping back and asking the bigger question: is our QMS doing what it is supposed to do?

Whether Planning Has Been Implemented Effectively

This connects back to Section 6, which covers planning. You need to be able to show that what you planned to do has actually been done, and that it produced the intended results. If you planned to reduce customer complaints by 20 percent through a new response process, your analysis should tell you whether that happened.

Effectiveness of Actions Taken to Address Risks and Opportunities

When you identified risks and opportunities in your planning phase and took action on them, did those actions work? Your data should help you answer that question. This is a critical feedback loop that connects Clause 9.1.3 back to Clause 6.1.

Performance of External Providers

If you use suppliers, subcontractors, or other external providers, your analysis should include an evaluation of how they are performing. This might include on-time delivery rates, defect rates from supplied materials, or complaints related to outsourced work.

Need for Improvements to the QMS

Finally, your analysis should feed into decisions about where improvements are needed. This is the output that connects Clause 9.1.3 to Section 10, which covers improvement. The analysis is not just a reporting exercise. It is meant to drive action.

What Auditors Actually Look For

When an auditor reviews your compliance with Clause 9.1.3, they are not just checking whether you have a report. They are asking whether your analysis is meaningful and whether it connects to decisions and actions.

Here are the questions a good auditor will ask during a Stage 2 certification audit or a surveillance audit:

• What data sources are you pulling from for your analysis?
• Who is responsible for conducting the analysis and how often?
• What conclusions have you drawn from your data in the last review period?
• Can you show me how those conclusions influenced a decision or triggered an improvement?
• Is the analysis being presented to top management and informing management review?

If you cannot answer those questions with specific examples and evidence, you are likely to receive a nonconformance. The most common finding I see under Clause 9.1.3 is that organisations collect data but cannot demonstrate that it has been analysed, or they can show analysis but cannot show it led to any action or decision.

Understanding what auditors check is important. Our article on what documents ISO auditors check during an audit gives you a broader picture of what to prepare across your entire QMS.

Practical Examples of Clause 9.1.3 in Action

Theory is useful, but let us look at how this clause plays out in real businesses across different industries.

Example 1: A Commercial Cleaning Company

A commercial cleaning business with ISO 9001 certification collects the following data each month: customer satisfaction scores from site inspection sign-offs, complaint records, staff attendance and training completion rates, and re-clean requests from clients.

Under Clause 9.1.3, the quality manager analyses this data quarterly. In one quarter, the analysis reveals that re-clean requests have increased by 30 percent across three specific client sites, all serviced by the same team. Customer satisfaction scores for those sites have also dropped. The analysis concludes that there is a performance issue with that team, possibly linked to recent staff turnover and incomplete training records.

That conclusion drives a corrective action: targeted retraining for the team and a temporary increase in supervisor inspections at those sites. Three months later, the follow-up analysis shows re-clean requests have returned to baseline. That is Clause 9.1.3 working as intended.

Example 2: A Software Development Company

A software company uses ISO 9001 to manage its development and delivery processes. Data sources include sprint velocity metrics, bug counts at each testing stage, client acceptance testing outcomes, and post-release defect reports.

Quarterly analysis reveals that the number of defects found during client acceptance testing has been increasing over three consecutive quarters, even though internal testing pass rates have stayed consistent. The analysis concludes that internal testing criteria may not be aligned with client expectations. This triggers a review of test case design and a workshop with key clients to clarify acceptance criteria. The next quarter shows a significant improvement in acceptance testing outcomes.

Example 3: A Civil Construction Subcontractor

A civil construction subcontractor tracks nonconformance rates, rework hours, material waste percentages, and subcontractor delivery performance. Their Clause 9.1.3 analysis is conducted monthly and presented at a management meeting.

One analysis cycle identifies that 40 percent of nonconformances over the past six months relate to concrete pours on a specific type of project. Further investigation as part of the analysis reveals that the issue correlates with a particular external concrete supplier. The evaluation of external provider performance, as required by Clause 9.1.3, leads to a formal supplier review and ultimately a change in supplier for that product type.

How to Build a Clause 9.1.3 Process That Actually Works

Here is a practical approach to implementing Clause 9.1.3 in a way that satisfies auditors and genuinely benefits your business.

Step 1: Identify Your Data Sources

Start by listing every source of data your QMS generates. This includes customer satisfaction surveys, complaint logs, internal audit results, nonconformance records, process measurement outputs, supplier performance records, and quality objective progress reports. You do not need to analyse everything in equal depth, but you do need to identify what is relevant to the requirements of Clause 9.1.3.

Step 2: Define Who Analyses What and When

Analysis needs to be assigned to someone with the knowledge and authority to draw meaningful conclusions. Define the frequency: monthly, quarterly, or annually depending on the nature of the data. Document this in a procedure or work instruction so it is repeatable and not dependent on one person remembering to do it.

Step 3: Use Simple Analytical Tools

You do not need sophisticated software. A well-designed spreadsheet with trend charts is often enough for small to medium businesses. The goal is to identify patterns, trends, and anomalies. Tools like Pareto analysis, trend graphs, and simple statistical comparisons are perfectly adequate for most ISO 9001 contexts.

Step 4: Draw Explicit Conclusions

This is the step most businesses skip. After reviewing the data, write down what it tells you. Not just the numbers, but the meaning behind them. Is performance improving or declining? Is a particular process underperforming? Is a supplier causing problems? Are your quality objectives on track? These conclusions are what Clause 9.1.3 is really asking for.

Step 5: Connect Analysis to Action

Your conclusions should feed into one of several outputs: a corrective action, an improvement initiative, a management review agenda item, or a decision to maintain the current approach because performance is satisfactory. If your analysis never leads to any action or decision, it is not serving its purpose.

Step 6: Feed Into Management Review

Clause 9.3 requires management review to consider the results of analysis and evaluation. Make sure your Clause 9.1.3 outputs are formally presented at management review. This creates the documented link that auditors look for between your data, your conclusions, and your leadership decisions.

Common Mistakes to Avoid

Having audited and consulted on ISO 9001 implementations for many years, these are the mistakes I see most often with Clause 9.1.3.

• Collecting data but not analysing it. Reports sitting in a folder with no conclusions drawn from them will not satisfy this clause.
• Analysing data but not documenting conclusions. Verbal discussions in meetings do not leave the evidence trail auditors need to see.
• Treating each data source in isolation. Clause 9.1.3 asks you to look across your QMS. Connecting the dots between different data sources often reveals insights that individual metrics miss.
• Only doing analysis before audits. If your analysis records only appear in the month before your surveillance audit, an experienced auditor will notice. Analysis should be a regular, ongoing activity.
• Confusing data collection with analysis. A dashboard showing your current complaint count is monitoring. Identifying that complaints have increased 15 percent quarter on quarter and tracing that to a specific product line is analysis.

If you want to understand how your overall management system health connects to this kind of ongoing evaluation, our article on how to check if your ISO management system is actually working covers this in practical detail.

Documented Information Requirements

ISO 9001 does not explicitly require a specific documented procedure for Clause 9.1.3, but you do need to be able to provide evidence that analysis and evaluation has taken place. In practice, this means retaining records of your analysis outputs, the conclusions drawn, and the actions or decisions that resulted.

Acceptable forms of evidence include analysis reports, management meeting minutes that reference data conclusions, quality objective review documents, corrective action records triggered by analysis findings, and management review records that incorporate analysis outputs.

The ISO 9001:2015 standard itself does not prescribe a format, which gives you flexibility. Use whatever format works for your business, as long as the evidence is clear, retained, and retrievable during an audit.

How Clause 9.1.3 Connects to the Rest of Your QMS

Clause 9.1.3 does not exist in isolation. It is a central hub that connects to multiple other clauses in the standard.

It draws inputs from Clause 9.1.1 (monitoring and measurement of processes), Clause 9.1.2 (customer satisfaction), and Clause 8.4 (control of externally provided processes). It feeds outputs into Clause 9.3 (management review) and Clause 10.1 (improvement). It also connects back to Clause 6.1 (risks and opportunities) by evaluating whether your risk actions have been effective.

Understanding these connections helps you build a QMS that functions as an integrated system rather than a collection of disconnected procedures. Our auditor's guide to integrated management systems explains how these connections work across multiple standards if you are managing more than one certification.

Getting Expert Help With Your QMS

If you are working through the requirements of Clause 9.1.3 and finding it difficult to build a process that genuinely works for your business, you are not alone. Many organisations benefit from working with an experienced ISO consultant who can look at your existing data sources and help you design an analysis process that satisfies auditors and actually drives improvement.

CertBetter connects businesses with verified ISO consultants and accredited certification bodies across Australia and globally. You submit one form, and you receive up to three competing quotes from vetted providers. It is completely free for businesses, and it takes the guesswork out of finding someone who genuinely understands quality management systems. Whether you are preparing for your first certification audit or trying to fix gaps identified in a surveillance audit, getting the right expert on board makes a significant difference.