Compliance Conversations: Tools & Techniques to Identify Interested Parties

Posted by Craig Thornton

We have gathered compliance consultants from around the world to give some insights into the ISO requirement, Interested Parties.

In this conversation you will learn what tools and techniques are used to identify your interested parties.

Check out the video here:


Video Transcription


Are there any tools and techniques you can use to help identify your Interested Parties?


Nicholas, SRM, South Africa

Well, what we like to do to help identify interested and affected parties is, we like to hold a workshop within the organisation.

If we're consulting, we're asking (the) guys, we’ll hold a workshop with the management team, the senior management team, and any of the managers within the business, because those are the people who will have visibility on some of these interested parties.

  • HR might have visibility on some of the interested and affected parties outside of the business
  • Finance may have an understanding
  • Senior management team and the MD will understand the needs and expectations of shareholders and investors etc.

For us, it's a broad collaborative team, possibly at a managerial level, that have got different visibility on different aspects of the business that you want to involve in a workshop to help identify the needs and expectations of interested and effective parties and who those interested and effective parties are.

Another tool that we can use to help us to drive those initiatives around interested and affected parties is after we've workshopped an exercise to identify who the interested parties are and what their needs and expectations are.

You have to understand there's a very linear approach to what happens:

  • You've got to identify who the interested party is
  • What their needs and expectations are
  • You've got to identify (as per clause 6.1.4)
    • How you're going to plan actions around those particular initiatives,
    • How any of those initiatives or needs and expectations are going to become objectives.

And then it also pulls through to clause 9, where you're required to do performance evaluation on those issues or on those objectives.


Gary, QSM Group, Australia

I have found that the most effective techniques for easily identifying interested parties include a brainstorming session involving the key stakeholders of an organisation.

This is documented usually on a register by specific category of identified party.

Once this is done, consultation with the identified interested parties can provide further clarity. For example, it's typical for organisations to identify employees as an interested party, however, consultation with employees can be helpful to identify needs and expectations that were not included in the original brainstorming session.


Mark, Business Basics, Australia

First thing you do is, you do a run around.

  • Who do you deal with?
  • Who do you interact with?
  • Who do you phone?
  • Who phones you?
  • Who's in your emails, faxes?
  • Who comes knocking on the door?

These will generally tell you the different people that have an interest in your business, because you talk to them, or they talk to you.

The other ways you can do it is you can think about:

  • What do you have to comply with?
  • Who do you lose business to?
  • Who do you win business against?

By understanding all these things, that will then allow you to know who has an impact on your business?

It will also then allow you to assess who has an impact and who doesn't have so much of an impact?


Michael, Momentum Safety and Ergonomics, Australia

I think my answer here is often going to be Management Review meetings, I think they're a great chance to look at some of these higher-order functions. Use these meetings, but let's not forget our operational meetings, ask employees, is there anyone we're forgetting? You can go through the list with regards to who might be the interested parties for your management system.

But I tend to use the Management Review meetings.

Do you have to do it every time?

No, I don't think so, but it should be done often enough that you can make sure that you're not missing anyone out.

Some other areas that you might look at are things like supplier lists and CRM’s. You might even look at your compliments and complaints register to see who's making comments and having an interest in your party from that point of view. Those would be the main places that I’d be looking.


Sean, Kaizen, New Zealand

In terms of identification of interested parties, the best thing is to bring it up with the management team to discuss the impact of individual interested parties on different aspects of your organisation.

You may have suppliers having more impact on the engineering department, whereas sales would be involved with the public or your customers.

Your workers and employees might be impacted by other interested parties, so really bringing it up in management meetings or during your staff meetings.

In terms of your quality management, health and safety managers, when they look at it from a regulatory point of view, they may have different a view on it.

There are various type of interested parties that have impact on your company, one group can't identify all of them, so it's really an exercise of involving everyone.


John, Many Caps, New Zealand

A couple of things you can do,

  1. You can have a basic brainstorming session with your team and draw up a flowchart of your process:
    1. who has inputs?
    2. where do you get things from?
  2. You can do a PESTLE (Political, Economic, Sociological, Technological, Legal and Environmental) analysis.


Chris, FQM, United Kingdom

In the past working at organisations, I have used SWOT (Strengths, Weaknesses) Opportunities, Threats) analysis and also Pestle (Political, Economic, Sociological, Technological, Legal and Environmental) analysis.

This allows you to capture the different interested parties and identify the key areas within their business or your business that could have an impact on either/or.

It is important to look at this through a risk-based approach and therefore you can identify the interested parties, and what information that they would want to know from you, or information you would need to know from them.


Andrew, IRM Systems, Australia

In terms of tools or techniques for how to identify interested parties and their expectations, personally, we advocate with our customers, the best approach is to just draw on the knowledge of the management or the operational management, whether it's at your normal management meeting, would be a really good spot to identify that.

That has two benefits.

  1. We have people who have expert knowledge of our interested parties and what they expect in the room.
  2. It's also elevating that as a regular exercise we do at a management level, which if you're a compliance officer, or HSEQ officer, if it’s looked at the management level, that's where it'll get the most support throughout your management system.

  1. Use the Management meetings, staff meetings, to help identify your organisations interested parties
  2. Using a broad collaborative team across the company helps identify all the interested parties
  3. Consultation with the interested parties can provide further clarity
  4. Use a SWOT analysis or Pestle analysis

Tags: ISO, Compliance, ISO Certification, Compliance Conversations, Interested Parties