Organisations are required by ISO 9001:2015 to ensure the adequacy of requirements before communicating to the external provider.
The following requirements must be communicated:
Note that required communication with the provider specifically references how the provider will interact with the organisation, how their performance will be monitored and controlled and the competency (not just qualification) of personnel.
Evidence that communications have been verified for adequacy prior to communication and that all required elements are covered, may be requested in an audit trail as discussed in article 8.4.1, through the examination of documented review activities, enquiries, purchase orders and other communications. IE emails / meeting minutes.
The clarifications /specific references noted in the comments above may be targeted for compliance verification including the additional requirement that organisations must communicate to external providers any competency requirements that apply to their personnel. (See also notes under articles 7.2 Competence.)
This article is the property of David Barker Consulting © and is free for you to use. If you wish to reproduce elsewhere, please be so kind as to ask permission first and credit me as your source. If you need any further assistance, feel free to use my contacts page to get in touch and let me know how I can help!
David Barker CQP MCQI