Avoid Listing Industries in Your ISO 9001 Certification Scope

Many organisations proudly serve multiple sectors, such as aerospace, medical, and automotive, and might be tempted to list those industries in the scope of their ISO 9001 certification. However, doing so can lead to confusion and compliance issues. ISO 9001:2015 Clause 4.3 (Determining the scope of the quality management system) makes it clear that your scope should define the boundaries of your Quality Management System (QMS) in terms of what you do – the products and services you provide, not the industries you serve. In this article, aimed at quality managers, certification consultants, and compliance decision-makers, we explain why an ISO 9001 scope should focus on your organisation’s products and services rather than specific industry sectors and highlight the risks of including industry names in the scope. We’ll also provide examples of incorrect vs. correct scope statements and conclude with recommendations for writing a clear, accurate ISO 9001 scope statement.

ISO 9001 Scope: Focus on Products and Services (Not Industries)

Your ISO 9001 scope of certification defines what parts of your business are covered by the QMS. According to ISO 9001:2015 Clause 4.3, the scope “shall state the types of products and services covered” by the QMS. This means the scope should describe what your organisation does (the goods it produces or the services it delivers), along with any relevant boundaries, such as locations or exclusions, not a list of customer industries. The intent is to capture the activities and outputs of your organisation’s processes in the scope statement, providing a clear picture of what the certified QMS encompasses.

Why not list industries? Industries served are essentially your customer base or market segments, not your internal processes or outputs. For example, if a manufacturer produces electronic components, the scope should say “Manufacture of electronic components” rather than “Manufacture of electronic components for the aerospace and automotive industries.” Including industries shifts the focus away from the actual products or services and toward marketing information about who your customers are. Certification bodies and auditors expect scope statements to be clear, factual, and directly tied to the organisation’s operations. In fact, auditors are instructed to ensure scope statements are not misleading and only refer to what the QMS covers (the processes, products, services, sites, etc., under quality management). Listing industries can be seen as extraneous or even misleading if it implies capabilities or compliance that aren’t fully demonstrated by the QMS.

It’s also worth noting that ISO 9001 is a generic standard applicable to any organization, regardless of industry. By keeping the scope focused on what you do (your products/services), you implicitly cover all sectors you might serve without naming them. This approach prevents any misunderstanding that the certification is somehow limited to or specially endorsed for certain industries. In short, the scope defines your activities and outputs, not your client’s profiles.

Risks of Including Industry Sectors in an ISO 9001 Scope

Including specific industry sectors (e.g., aerospace, medical, automotive) in your ISO 9001 scope may seem harmless or even beneficial for marketing purposes. In reality, it can introduce several risks and downsides. Below are the key risks and why you should avoid listing industries in the scope:

• Risk of Misrepresentation & Misleading Claims: An ISO 9001 certificate that lists industries could mislead customers or stakeholders about the certification’s meaning. For example, if your scope says “Providing quality inspection services for the medical and aerospace industries,” some might incorrectly assume you meet industry-specific standards or regulatory requirements for those sectors. In one real ISO 9001 certificate scope, the company listed “Industries served include … Aerospace and Defence”, which could give the impression that the QMS is tailored or certified for aerospace/defence requirements. ISO auditors caution against any scope wording that gives a false impression of certification beyond ISO 9001. Remember, ISO 9001 certification means your QMS meets ISO 9001 requirements – it does not automatically mean compliance with aerospace (AS9100), automotive (IATF 16949), medical device (ISO 13485) or other sector-specific standards. Listing those industries in the scope can blur this distinction. A scope that adheres to products/services ensures that any misrepresentation is avoided, providing clear and truthful information about what is certified.

• Increased Audit Complexity and Burden: The scope of certification drives the audit – auditors plan and sample based on what’s in scope. If you specify multiple industries, auditors may need to evaluate how your QMS processes address each of those sector contexts, which can complicate audits and increase the audit burden. Your audit team may require specialised knowledge for each industry listed, or they may scrutinise whether you have separate controls for, for example, aerospace customers versus medical customers. This can lengthen audits and introduce more questions. Conversely, a scope that describes your product or service allows auditors to focus on the effectiveness of your QMS overall rather than checking compliance in the nuances of each industry. One consulting expert notes that “when industries are not specified, the certification process can become more straightforward,” as auditors focus on the core quality management system rather than particular industry contexts. In short, naming industries can make ISO audits more complex than they need to be.

• Potential Nonconformities and Compliance Gaps: Perhaps the most serious risk is that listing an industry could lead to audit nonconformities if your QMS isn’t fully meeting the expectations for that sector. By mentioning a sector, you implicitly claim your system is effective for that domain – and you’ll need to demonstrate capability in practice. If your scope says “manufacture of components for medical devices,” the auditor will expect your QMS to address relevant requirements (e.g. traceability, cleanliness, regulatory considerations for medical products). If those aren’t in place, you could receive a nonconformance for failing to meet ISO 9001 clause 4.1/4.2 (context and interested party requirements) or others related to planning and controls. ISO guidance warns against including activities or products in the scope that you cannot fully support with your QMS doing so is a recipe for findings. Similarly, listing a regulated industry (like medical or aerospace) when your QMS hasn’t accounted for those external requirements could be seen as a scope lapse. It’s safer to keep the scope generic and avoid inviting scrutiny on specific sector requirements unless you’re prepared for it.

• Unnecessary Constraints and Loss of Flexibility: Specifying industries in your scope can limit your organisation to a narrower definition than necessary, reducing flexibility. Business evolves – you may start serving a new industry or change your market focus. If your scope is locked to named sectors, expanding beyond them might require a formal scope revision or even a scope extension audit to update the certificate. For instance, a company whose scope states “design and supply of packaging for the food and beverage industry” could face hurdles when they get a client in the cosmetics industry technically, that client is outside the stated scope, potentially requiring an updated certification scope. By keeping the scope broad (product or service-focused), organisations can pivot or diversify into new markets without requiring immediate recertification or administrative updates. One ISO consultant explains that listing specific industries can limit flexibility, whereas not specifying them lets you “more easily pivot and adapt processes to new markets or sectors without needing to revise the certification scope. In addition, a narrow, industry-tied scope might even limit your market perception: potential customers in other sectors might assume you cannot serve them. A broad scope, on the other hand, signals that you are versatile and capable of meeting diverse needs, opening doors to opportunities that a narrowly defined scope might miss.

• Dilution of Quality Focus with Marketing Language: An ISO 9001 scope statement is not a marketing statement – its purpose is to document what the QMS covers formally. Listing industries often originates from a marketing desire to showcase big-name sectors, but this can distract from the real focus on quality. ISO auditors discourage the use of promotional or vague wording in scope statements, including superlatives or slogans. While naming industries isn’t exactly a slogan, it often serves a marketing purpose rather than a compliance one. It’s better to demonstrate your broad quality capabilities through a well-run QMS than by peppering the certificate with industry names. Keep the scope wording objective and centred on what the organisation does. This ensures the scope remains a useful, auditable description of the QMS boundaries rather than a promotional blurb. By avoiding extraneous details (such as industries, accolades, and best-in-class claims), you maintain an informative and concise scope that auditors and stakeholders can easily understand.

Examples of Incorrect vs. Correct Scope Statements

To further illustrate, the following are some examples of how not to word your ISO 9001 scope, along with a better, corrected version. The incorrect examples include industry-specific references, whereas the correct versions focus on the product or service provided:

• Incorrect: “Design and manufacture of electronic control systems for the aerospace and medical industries.”

• Correct: “Design and manufacture of electronic control systems.”
  (The correct version omits the industries – it covers all electronic control systems the company makes, regardless of end-use sector.)

• Incorrect: “Provision of IT support services to retail and automotive sector clients.”

• Correct: “Provision of IT support services.”
  (The correct scope states the service offered (IT support). It doesn’t matter whether clients are in retail, automotive, or any other industry.)

• Incorrect: “Manufacturing of precision fasteners for aerospace, medical, and automotive applications.”

• Correct: “Manufacturing of precision fasteners.”
  (By not mentioning specific applications, the scope covers all precision fasteners made, ensuring it remains valid as the business takes on new industry customers.)

In each of the correct statements above, the scope clearly identifies the core product or service without tying it to particular industries. These statements are concise and aligned with ISO 9001 requirements – they tell what the company does (design and manufacture X, provide Y service, etc.), which is exactly what an ISO 9001 scope should do The incorrect statements, on the other hand, unnecessarily restrict the scope to certain markets and could mislead readers about the certification’s applicability. They would also need to be updated if the company expanded into other industries. By crafting the scope with the correct examples, an organisation avoids those pitfalls.

(Note: It’s acceptable to include certain clarifying details in a scope when relevant – such as locations, a general category of products, or notable exclusions. Ensure that these details pertain to your organisation’s activities. For instance, “Manufacturing of precision fasteners at the ABC Facility, with design and development excluded” is a valid scope statement. It provides a clear boundary (location) and notes a non-applicable requirement (design) with justification, all without mentioning specific industries.)

 Recommendations: Writing a Clear ISO 9001 Scope Statement

An accurate scope statement is the foundation of a successful ISO 9001 certification – it sets the stage for audits and tells customers what is covered by your certified QMS. The key takeaway is to keep the scope focused on what your organisation does, not who it serves. Here are some recommendations and best practices for writing a clear and accurate ISO 9001 scope:

• Describe What You Do (Products/Services): Write your scope to clearly describe the products and/or services your organisation provides. For example, “Design and production of [product type]” or “Provision of [service type]”. This aligns with Clause 4.3’s requirement to state the types of products and services covered. It clearly states to anyone reading the certificate exactly what activities fall under the QMS.

• Do Not Enumerate Industries or Customers: Avoid listing specific industry sectors, client types, or brand names in the scope of the project. The scope is not a marketing list – it’s a technical definition of coverage. Phrases like “for the automotive industry” or “serving the medical sector” are unnecessary and potentially limiting. Keeping these out will prevent misinterpretation and keep your scope flexible for the future.

• Keep It Concise and Fact-Based: A good scope statement is brief but comprehensive enough to cover your main activities. Stick to factual descriptions and avoid any promotional language or superlatives (e.g. “leading provider of…”, “best-in-class…”). Such marketing phrasing is discouraged in scope statements. Aim for clarity and objectivity. For most companies, one or two sentences (often under ~20 words) can suffice to cover the essential scope.

• Include Relevant Boundaries (Locations, Exclusions): If your certification only covers certain sites or divisions, or if some products/services are outside the QMS, you should mention that. For example, “… at the XYZ facility” if only one plant is certified, or “design and development excluded” if Clause 8.3 is not applicable (with a brief justification). Clause 4.3 allows exclusions of requirements that don’t apply, but these must be justified in the scope. Ensure that any such details are clearly stated so that the scope isn’t misleading about what is included.

• Ensure the Scope Matches What the QMS Can Demonstrate: Before finalising the scope wording, double-check that your QMS covers everything you plan to state. If you mention a product or service, you should be actively using it and have controls in place for its use. Don’t stretch the scope to sound impressive – never include products/services (or any detail) that you can’t fully support or prove during an audit. The scope should be an honest reflection of your operational reality.

• Review and Update When Necessary: Treat the scope as live documented information – if your business changes (e.g. you add a significant new product line or cease a service), revisit the scope statement during your management review or certification maintenance. However, avoid frequent changes by using general terms where possible (e.g. say “consumer electronics assembly” instead of listing each gadget type). This way, minor expansions in your offerings or markets won’t immediately make the scope outdated. Update the scope only for substantive changes to your business or QMS boundaries in consultation with your certification body.

By following these guidelines, you can write a clear, accurate ISO 9001 scope statement that satisfies the standard’s requirements and avoids the pitfalls of over-specificity. The scope is ultimately about defining what your certified quality management system covers – keep that front and centre. In summary, focus on your products and services, steer clear of listing industries, and be truthful and precise. This will not only keep you in line with ISO 9001 Clause 4.3, but also save you from misrepresentation risks, audit headaches, and unnecessary constraints down the road. A well-crafted scope ensures that your ISO 9001 certification remains a strong and straightforward testament to your organization’s commitment to quality.