• Andrew Thornhill

How to identify needs and expectations of interested parties (clause 4.2)

In this blog you will learn how to identify the needs and expectations of interested parties as per Clause 4.2 of the ISO standards.



So, What is an interested party?

If you look carefully at the different ISO management system standards, they give a fairly broad definition to what they mean by an “interested party”. They talk about an individual or an organisation, who is or perceives themselves to be affected by your quality, safety, food safety or environmental management system.


It is a very broad definition, but does have a proviso that limits those boundaries a little bit that says, “they have made their interest in your management system known to your organisation”.


There is another area that also brings the foundries back in, which we are going to look at in regards to a food safety management system (ISO 22001). This boundary would state "the needs and expectations of interested parties, as they are affected by your food safety management system".


This means that it is not covering every expectation the interested party might have - it is only as the expectation relates to the food, safety or quality management system.

Explanation of the needs and expectations of interested parties:

In this example, we are coming back to the same register used in last weeks video blog (Risk Opportunity and Objective Register) - which you can download from our resources page.


Head to Resources > Resources Referred to on YouTube > Risk Opportunity and Objective Register


Using the same column as the context of the organisation (4.1), you can also outline the needs and expectations of interested parties.


Interested parties may include (but is not limited to):

  • staff

  • regulators

  • suppliers

  • community

  • employees

Under that column, you can dot point what their needs and expectations are, and what they expect from your safety performance or our safety system for example.


This clause does not mandate you spend years doing a very detailed survey of all of these interested parties. As an organisation, perhaps as a management team too, you can broadly identify what those expectations are.


Example using 'staff'

They have a reasonable expectation that as an organisation you would provide a safe workplace.


You can then identify how that might be a risk or opportunity in order to get a safety performance we are trying to achieve.


Clearly that’s an opportunity to get staff on board and aware of the system. So build the right culture and they’re likely to be aware of what they are expected to do and buy into that.


The standard then says we need to take action on those risks and opportunities which we have incorporated in this register as well.

One thing I must highlight is that ISO says you can identify the needs and expectations of your stakeholders and under 4.1- internal and external issues.


If we have identified 10 internal issues, 8 external issues and then a range of expectations from interested parties, the standard doesn’t mandate that you have to deem all of them a risk or opportunity.


Therefore, do further planning on all of them in your system, that is going to be too much to handle.


ISO expects that where you deem that an internal issue, external issue or an expectation from an interested party is a risk or opportunity, that we need to do further planning on it and then it does become mandatory to do that further action planning on it.


All I’m trying to highlight is that not every single issue or every single expectation has to become a risk or opportunity.



  • LinkedIn Social Icon
  • YouTube

© IRM Systems 2019