Interested parties are an integral part of every organization's context. Regardless of its size or industry, every organization has individuals or groups with a legitimate interest in its activities and performance.
What does it mean when a standard refers to "interested parties"?
First of all, what is an interested party? The internationally recognized standard ISO 9000, which defines the fundamental principles and terminology of quality management, provides the following definition:
"Person or organization that may influence, be influenced by, or feel influenced by a decision or activity."
ISO 9000:2015-11 - Quality management systems - Fundamentals and vocabulary
The term originally comes from the "Guidance to Achieve Sustained Success" ISO 9004, where it specifically highlights the role and importance of certain stakeholders - the interested parties.
When is an interested party relevant?
Why ISO management system standards are so intensively interested in interested parties becomes clear in chapter 4.2 of the standards. This is because a company does not need to identify all stakeholders, but only those relevant to its management system. It also needs to understand their needs and expectations (requirements) of the management system or the company. Strictly speaking, therefore, it is not a question of the interested parties, but rather of possible impairments by the stakeholder groups. In addition to relevance, the frequency with which the company has contact with an interested party may also have some significance.
ISO 9001:2015 in Practice
More than just a checklist!
Expert insights on the standard:
- Meaning of selected requirements
- Over 150 useful audit questions
- Possible evidence, implementation examples, and key metrics
What are the most important interested parties?
The list of stakeholders is long. The most important are:
- Customers (including end users/consumers)
- Employees
- Owners, partners, shareholders
- Suppliers (external providers), business partners
- Authorities
- Competitors
- Unions
- Insurances, associations
- Banks, creditors
- Press, media
- Neighborhood
- Citizens' initiatives, etc.
But also
- Non-governmental organizations (NGOs)
- Universities
- Religious groups or churches
- Society as a whole
can have relevance, albeit a different relevance, that is certainly specific to the organization. This is when they have a (potential) impact "on the organization's ability to consistently provide products and services that meet customer needs and applicable legal and regulatory requirements" (source: ISO 9001).
How to identify relevant interested parties
ISO management system standards require your organization to understand the needs and expectations of potential stakeholders. And: that it determines those that are relevant to the management system. This is a permanent process in the company in order to be able to perceive changes. However, the standards do not specify how this is to be done.
“The company itself determines the relevance of an interested party and its expectations.”
The relevance of interested parties depends primarily on your organization's activities and the context in which it operates. For example, a chemical manufacturer with an environmental management system certified to ISO 14001 is likely to apply different criteria when evaluating interested parties - particularly with regard to neighbors and regulatory authorities - than a parcel delivery company operating a quality management system in accordance with ISO 9001. In the latter case, customers, clients, and employees are typically the primary focus.
Interested parties in ISO standards
With the changeover to the common basic structure (High Level Structure, HLS) from 2012, requirements for dealing with interested parties have gradually found their way into all major ISO management system standards. The term became widely known among users of management system standards with the major revisions of ISO 9001 and ISO 14001 in 2015.
Notes on documentation
If the general manager of a small operation doesn't need records to identify their relevant interested parties, that's believable. But if they decide to certify the management system, there is a documentation requirement. This is the case, for example, as soon as interested parties find their way into the management assessment in the form of customer feedback.
So it is not only for large companies and corporations that it makes sense to create a matrix in which the identified interested parties, their contact data, their expectations and the relevance assigned to them are entered. Management system standards require that this information be monitored and reviewed.
As a general rule, it is advisable to maintain documented information containing all relevant details. For particularly significant interested parties, this should be done in consultation with the respective stakeholders whenever appropriate. This is far from unnecessary work - the documented information will ultimately serve as an input to the management review.
Conclusion
An interested party, as defined by ISO management system standards (such as ISO 9001, ISO 14001, and ISO 27001), is any individual or organization that has a legitimate interest in an organization's activities, decisions, or outcomes - whether directly or indirectly. Of particular importance are those interested parties that have the ability to significantly influence the organization's management system. As such, they are closely linked to the context of the organization.
The standards require organizations to systematically identify these relevant interested parties and understand their needs, expectations, and requirements. They also require this information to be reviewed regularly to ensure it remains current. This forms part of the ongoing monitoring and evaluation carried out as part of the organization's context analysis.
However, the standards do not prescribe how this analysis must be performed or how the information should be documented. Instead, organizations are free to choose a method that is appropriate for their specific circumstances and objectives. In any case, addressing interested parties is far more than a formal compliance exercise - it is a key step in identifying strategically relevant influences and risks and aligning the management system accordingly. Ultimately, this helps build trust, support the achievement of organizational objectives, and strengthen long-term organizational resilience.