ISO 9001:2015

ISO 9001:2015 overview

ISO 9001:2015 is an international standard that establishes the criteria for a quality management system. It is the only standard in the ISO 9000 family that results in a formal certification. The standard is based on several quality management principles, including clear focus on meeting customer requirements, strong corporate governance and leadership commitment to quality objectives, process-driven approach to meeting objectives, and focus on continuous improvement. ISO 9001:2015 helps organizations improve customer satisfaction by focusing on the consistency and quality of products and services provided to customers.

Applicability

  • Azure
  • Azure Government

Services in scope

Microsoft online services in scope are shown on the Azure ISO 9001 certificate:

  • Azure (for detailed insight, see Microsoft Azure Compliance Offerings or ISO 9001 certificate)
  • Dynamics 365 (for detailed insight, see ISO 9001 certificate)
  • Microsoft 365 Defender (formerly Microsoft Threat Protection, not in scope for Azure Government)
  • Microsoft Bing for Commerce (not in scope for Azure Government)
  • Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security, MCAS)
  • Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection)
  • Microsoft Graph
  • Microsoft Intune
  • Microsoft Managed Desktop (not in scope for Azure Government)
  • Microsoft Stream
  • Microsoft Threat Experts (not in scope for Azure Government)
  • Power Apps
  • Power Automate (formerly Microsoft Flow)
  • Power BI
  • Power BI Embedded
  • Power Virtual Agents (not in scope for Azure Government)
  • Universal Print (not in scope for Azure Government)

Audit reports and certificates

You can access Azure ISO 9001 audit documents via the Service Trust Portal (STP) Audit Reports - ISO Reports section. You must login to access audit reports on the STP. For more information, see Get started with the Microsoft Service Trust Portal.

Frequently asked questions

How can I benefit from Azure ISO 9001 certification?
You can leverage Azure ISO 9001 certification for your own quality management requirements including sector-specific standards for quality management systems, such as:

  • ISO 13485 for medical devices
  • ISO 29001 for petrochemical and natural gas industries
  • ISO/IEC/IEEE 90003 for software engineering
  • ISO/TS 17582 for government electoral organizations
  • ISO/TS 16949 for automotive production and service parts organization
  • Good Clinical, Laboratory, Manufacturing practices (GxP) in life sciences, and more.

Where can I get the Azure ISO 9001 audit documentation?
For links to audit documentation, see Audit reports and certificates. You must have an existing subscription or free trial account in Azure or Azure Government to login. You can then download audit certificates, assessment reports, and other applicable documents to help you with your own regulatory requirements.

Can I use the Azure ISO 9001 compliance assurances in my organization’s certification process?
Yes. If your business is seeking certification for an implementation deployed using in-scope services, you can use the relevant Azure certifications in your compliance assessment. However, you are responsible for engaging an assessor to evaluate your implementation for compliance and for the controls and processes within your own organization.

Resources