Font size: +
5 minutes reading time (988 words)

ISO9001 & Processes, Procedures & Work Instructions

One of the questions I get asked a lot about ISO9001:2015 is what they heck is the difference between a Process, a procedure and Work Instructions (sometimes also called Standard Operating Procedures). It's surprising how much gnashing of teeth, squabbling among teams and dents in office walls this issue causes, so here is you nice and simple breakdown of what these things are.

The Hierarchy Approach 

Firstly, it is important to remember that there is a hierarchy to the documentation and that helps the understanding of the documentation and think about each level down getting more detailed than the previous level.

Most of the time you will see the hierarchy looking like the pyramid shown here.

It's helpful but I think still causes confusion for a great many people, for a start where are the processes?... and there are the Work Instructions & Sop's at the bottom so what gives.

However I find it simper for people to look at it another way

The Step Flow Approach

If we look at it more of a structured or stepped flow outline then it starts to make a bit more sense in the approach

From this, I find it easier for people to see what the 3 levels of documented information do. Remember that we are no longer using the phrase Standard Operating Procedure and calling everything at the 3rd level a Work Instruction. (note that while the back of an envelop could be technically classed as any of the 3 of these levels it's probably best you stop using them!)


Think about your processes as the very top summary level and the word summary is important, you don't need or want loads of detail here, your process document shouldn't really run past a page or two and I have seen them done purely as flow charts!

These documents should define the process in broad terms, they should have objectives of the process that you should be able to measure, they should include the inputs & outputs expected, the resources needed and the key activities. Doing a SIPOC type approach is really good here. 

Process Example 


This is the uniform method for tells you how to perform a process, so this is the way that your company does X, so use them where ever you have an operation that must follow a definite process every single time. It's a popular misconception that you need a procedure for everything you do. You don't, if it really doesn't matter how you do something just that it's done then you are perfectly fine jumping directly to some work instructions on what to do.

A procedure then again shouldn't be a novel, it should have enough information to explain how you run your organisation, how you control things and what the checks are and of course ensure that you meet the requirements of ISO9001:2015. You should be able to achieve this within a few pages which should include things like the purpose of the procedure, who is responsible for what, any definitions of things that are 'company speak' a breakdown of any tools that are needed and then, of course, some instructions for what to do. You then round it out with some links to any forms or records that you should be using for the process and any related documented information that are linked to the process.

Remember to comply you need to be able to individually identify the procedure and show that it's controlled, it's entirely up to you have you do this within the standard but it does give you some good suggestions.

Work Instructions

As indicated in the step flow diagram these are the details of exactly what to do to achieve the tasks you have indicated you want to do in the process and previously in the procedure (if you decided to make one) So, for instance, there may well be a Work instruction on how to what steps you need to take to Obtain costs form a subcontractor and another for how to assess those costs in a fair and reasonable manner. Because these are subsets of procedures it's not uncommon to see a little replication in terms of scope, resource requirements, tools or information etc that the person actually doing the work should get. Sometimes these work instructions can run to many pages but as a hint, I would typically look to create a flowchart of the work and document in step by steps alongside the flowchart to ensure that it's clear.

So you may end up with a structure something like this for your process for purchasing where an output was to verify capabilities prior to awarding the contract.


So to recap, a Process (level 1 document) is about transformational activities that you do within your organisation that fall within the scope of yoru ISO9001:2015 Quality Management System,  Procedures are level 2 documents that you would create for setting up a uniform process for achieving what you have set up in your processes and work instructions are the level 3 documents that you create that tell you in detail how to do each of the elements of the procedures or processes if you have decided not to include a procedure step.

Get In Touch

If you need any support in developing or improving your ISO or Quality Systems we'd love to hear from you, just click here to make an appointment and find out how we can help you Make Things, Better

You can also call John on 0211649739 to set up a meeting 

Virtual Quality Management


Virtual Quality Management Support - Virtual Quality Management

Our Virtual Quality Management Support is designed to help your company achieve improved results plus meet the requirements of ISO but at a fraction of the cost. To Do this, we have partnered with the outstanding team at Mango and use their cloud based QHSE Management system to be able to deliver the best compliance support service available. Find out more about it here.


© Many Caps Consulting | All Rights Reserved

ISO9001 and The Design & Development Clauses – Par...
ISO9001 and The Requirements for Products and Serv...

Related Posts



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 06 July 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to