How to define your scope 

By Caroline Chamberland, M.Sc., MBA 

The scope (or scope of application) of a management system is a fundamental requirement of ISO standards such as ISO 9001, ISO 14001, and ISO 45001. It is clearly documented and made available to interested parties. But how can it be defined appropriately to meet regulatory requirements while accurately reflecting the reality of the organization? 

What is the purpose of the scope? 

The scope allows you to: 

  • Delimit the management system : It specifies the activities, products, or services covered by the system. For example, a manufacturing company producing two product lines may choose to include only one in its quality management system. 
  • Determine the applicability of standard requirements Some clauses may not apply. This is often the case with clause 8.3 (design and development) of ISO 9001, which is often excluded by companies that manufacture according to their customers’ plans. These exclusions must be clearly indicated in the scope. 

What criteria are used to define it? 

  1. Activities, products, and services 
    This allows interested parties to understand what the organization does, at which sites, and in which areas it is competent. 
  1. Internal and external issues 
    The analysis of strengths, weaknesses, risks, and opportunities (e.g., PESTEL method) influences the scope. A company anticipating expansion may include a future service in its scope. 
  1. The Requirements of Relevant Interested Parties 
    If customers require product design, this activity will need to be integrated into the system. Legal and regulatory obligations must also be taken into account. 
  1. Organizational Units and Physical Limits 
    It is essential to specify the sites and units covered. A multi-site or multi-activity company may choose to include only certain entities or functions. 

What are the risks of an ill-defined scope? 

  • Operational confusion : If certain products or services are excluded but the processes are similar, employees may not know which system to apply. 
  • Problèmes de certification : Deux entités juridiques distinctes nécessitent deux certificats, même si elles opèrent comme une seule entreprise. 
  • Incorrect inclusion of external activities A company sharing a building with another company should not include the latter’s activities in its scope, even if they share certain resources such as electricity. 

Harmonization of management systems 

If you are certified to multiple standards (ISO 9001, ISO 14001, ISO 45001), it is a good idea to harmonize your scopes. This simplifies management, reduces redundancies, and promotes a consistent approach based on the PDCA cycle (Plan – Do – Check – Act). 

Do you have questions about defining your scope? 
Contact us for personalized support.