The Quality Policy is the foundation for your QMS (Quality Management System) and its processes. It derives from PDCA (Plan, Do, Check, Act), risk-based thinking, and opportunities for improvement. It provides the framework for your QMS quality objectives. It should be concise and easy for the whole organization to understand.
The Quality Policy has to be compatible with the context of the organization. It shall be established (Plan), implemented (Do) and maintained (Check, Act). It shall be maintained as documented information. The documented Quality Policy must have a commitment to satisfy applicable requirements, and must include a commitment to continual improvement of the QMS. The Quality Policy has to be available (including to interested parties), communicated, understood, applied and within the organization. Everyone in the organization must be aware of the Quality Policy.
The word shall in the standard (ISO9001;2015) is a must requirement. Auditors look for the where the documented Quality Policy is available, how it applies with the organization, and what means to the employee. There are several steps in achieving ISO certification. The Quality Policy is one of the requirements that must be fulfilled within the organization.
Examples of Quality Policy: