1.4 The Process Approach and the PDCA Cycle
Key Takeaways
- Clause 4.4 requires organizations to define each process's inputs, outputs, sequence, interactions, resources, responsibilities, risks, and evaluation methods
- SIPOC and turtle diagrams are practical tools for visualizing and audit-planning a single process
- PDCA (Plan-Do-Check-Act) maps directly onto ISO 9001's clause sequence: Plan=4-6, Do=7-8, Check=9, Act=10
- A process audit follows a single process horizontally across departments (the audit trail) rather than visiting departments in isolation
- Internalizing the PDCA map turns clauses 4-10 into one coherent story rather than an arbitrary list of sub-clauses
The Process Approach and the PDCA Cycle
Quick answer: The process approach requires an organization to manage its activities as a system of interrelated processes rather than isolated departmental silos, and PDCA (Plan-Do-Check-Act) is the operating logic layered on top of that system. ISO 9001's own clause sequence — 4/5/6 (Plan), 7/8 (Do), 9 (Check), 10 (Act) — is itself organized around PDCA, which is why an auditor who understands PDCA can navigate the whole standard rather than memorizing clauses as an unrelated list.
What the Process Approach Requires
Clause 4.4 requires an organization to determine the processes needed for its QMS, and for each one, to determine:
- The required inputs and expected outputs
- The sequence and interaction of the processes
- The criteria and methods (including monitoring, measurements, and related performance indicators) needed to ensure effective operation and control
- The resources needed and their availability
- The assignment of responsibilities and authorities
- Risks and opportunities associated with the process
- How the process will be evaluated and any changes needed to achieve intended results, and how the process will be improved
This is a deliberate shift away from thinking about a QMS as a set of departments (sales, engineering, production, quality) that each own a procedure. Instead, the organization is asked to see itself as a network of processes whose outputs feed one another's inputs — a customer order is an input to design, design output is an input to production planning, and so on, crossing department boundaries the whole way.
Tools for Visualizing a Process: SIPOC and the Turtle Diagram
Two simple tools help both organizations and auditors think in process terms:
- SIPOC (Suppliers → Inputs → Process → Outputs → Customers) maps a process end-to-end, showing where its inputs originate and where its outputs go, including the internal or external "customer" of each process.
- The turtle diagram breaks a single process down into six questions, often drawn as a turtle's body, head, tail, and four legs:
- With what? — equipment and infrastructure used
- With whom? — people and their competence
- How? — methods and procedures followed
- Inputs — what enters the process
- Outputs — what the process delivers, and its results/KPIs
- How measured? — the performance indicators applied
A turtle diagram is a practical audit-planning tool: before auditing a process, an auditor can sketch (or ask the process owner to walk through) each "leg" to build a picture of what objective evidence to expect and where.
The PDCA Cycle
Plan-Do-Check-Act (sometimes called the Deming cycle) is a four-stage, continuously repeating model for managing and improving processes:
| Stage | Meaning | ISO 9001 clauses it maps to |
|---|---|---|
| Plan | Establish objectives and the processes/resources needed to deliver results in line with customer requirements and organizational policies | Clauses 4 (Context), 5 (Leadership), 6 (Planning) |
| Do | Implement what was planned | Clauses 7 (Support), 8 (Operation) |
| Check | Monitor and measure processes, and products/services, against policies, objectives, and requirements, and report results | Clause 9 (Performance evaluation) |
| Act | Take actions to improve performance, as necessary | Clause 10 (Improvement) |
This is not a coincidence of numbering — ISO 9001's clause sequence was deliberately structured so that reading it clauses 4 through 10 in order is walking through one full PDCA cycle. This matters enormously for both studying and auditing: once you internalize "4, 5, 6 = Plan; 7, 8 = Do; 9 = Check; 10 = Act," you have a mental map for the entire standard, and you can reason about where a scenario belongs even if you have not memorized the exact sub-clause number.
Auditing a Process End-to-End
Because processes cross department boundaries, an effective audit does not simply visit "the quality department" and stop. A process audit follows a single process — for example, order-to-delivery — through every function that touches it: sales (receiving and reviewing the order, clause 8.2), planning and production (clause 8.5), quality checks before release (clause 8.6), and delivery. This horizontal path is often called following the audit trail, and it is far more revealing of real QMS effectiveness than a series of siloed departmental interviews, because it exposes the handoffs — the exact points where one process's output becomes another's input, and where nonconformities most often hide.
Why This Section Sits Before the Clause-by-Clause Chapters
Chapters 2 through 5 of this guide walk through ISO 9001's clauses 4–10 in the same PDCA sequence introduced here. Holding the PDCA map in mind while reading those chapters turns a long list of sub-clauses into a coherent story: Plan the system, Do the work, Check the results, Act on what you learn — and repeat.
Which pair correctly matches PDCA stages to the ISO 9001:2015 clauses that primarily deliver them?
An auditor wants to trace a customer order from initial receipt through production planning, manufacture, release, and delivery, crossing several departments in a single continuous path. What is this technique called?