Defining internal and external issues per AS9100 – ISO 9001 (SWOT/PEST)

4.7/5 - (19 votes)

With the latest revision of ISO 9001 in 2015 and AS9100 in 2018, there has been a strong emphasis to understand and define the context of the organization in the Quality Management System (QMS) which encompass interested parties as well as internal & external issues and scope of the QMS.

This article will support you define the internal and external issues related to your organization as part of your QMS and the way to record this information, the prioritization, and actions taken to address related risks.

First of all, internal and external issues are mentioned in section 4.1 of the AS9100 which specifies that the organization shall determine external and internal issues that are relevant to its purpose and its strategic direction. The keyword here is “relevant” which means that once the analysis is done, prioritization is required to focus on the most important items. It is crucial to remember during audits that you are allowed to NOT tackle certain items as long as you can demonstrate the rationale behind this decision.

The standard also mentions that external context can include issues arising from the legal, technological, competitive, market, cultural, social, and economic environments, whether international, national, regional, or local. The internal context can include issues related to values, culture, knowledge, and performance of the organization. These notes are interesting in the sense that while the standard does not force the use of any specific tool it does hint towards the PEST tool (or its derivatives such as PESTEL).

As in many standards, there is no specific tool mentioned to address those requirements. Most organizations would capture this analysis as documented information that can be referenced in the quality manual.


There are different ways and methods to grasp internal and external issues but first of all, it is important to mention that the analysis should focus on issues that may impact the quality of products or services provided by the organization. This will prevent the working group from going too far in the analysis or losing focus.

To ease this activity, we recommend a combination of SWOT and PESTEL.

While SWOT is a known tool, auditors are picky about the internal factors (strengths and weaknesses) being mixed with external ones (opportunities and threats). Those two categories shall be well populated otherwise it will give the impression that the tool is not well understood :

      • Internal factors: the strengths and weaknesses internal to the organization
      • External factors: the opportunities and threats presented by the environment external to the organization

For external factors, the PESTEL tool can be used as it gives an overview of the different macro-environmental factors to be taken into consideration. Practically, the working group may review one by one every PESTEL category and define what could be considered as an opportunity or threat.

    • Political factors relate to how the government intervenes in the economy. Specifically, political factors have areas including tax policy, labor law, environmental law, trade restrictions, tariffs, and political stability.
    • Economic factors include economic growth, exchange rates, inflation rate, and interest rates. These factors greatly affect how businesses operate and make decisions.
    • Social factors include the cultural aspects and health consciousness, population growth rate, age distribution, career attitudes, and emphasis on safety. High trends in social factors affect the demand for a company’s products and how that company operates.
    • Technological factors include technological aspects like R&D activity, automation, technology incentives, and the rate of technological change. These can determine barriers to entry, minimum efficient production level, and influence the outsourcing decisions. Furthermore, technological shifts would affect costs, quality, and lead to innovation.
    • Legal factors include discrimination law, consumer law, antitrust law, employment law, and health and safety law. These factors can affect how a company operates, its costs, and the demand for its products.
    • Environmental factors include ecological and environmental aspects such as weather, climate, and climate change, which may especially affect industries such as tourism, farming, and insurance. Furthermore, growing awareness of the potential impacts of climate change is affecting how companies operate and the products they offer, both creating new markets and diminishing or destroying existing ones.

For internal factors, the working group can cover the values, culture, knowledge, and performance of the organization.


Having introduced SWOT, PESTEL, and details about internal & external issues, it is worth mentioning that the working group in charge of grasping internal & external issues shall remain pragmatic and rely on common sense. Actually, the AS9100 or ISO9001 asks no more than formalizing what has been considered for several decades as tribal knowledge of the organization.

To illustrate my purpose, for a company like Coca Cola, one of the strengths is having the world largest distribution network (virtually any point in the world) and one of the threats is new sugar-related regulation while an opportunity is the increasing customer demand for healthy drinks. These are well known information that ISO 9001 is asking to formalize into a structured documented information.

These tools will then help you formalizing existing information known to everyone, to the board of directors or eventually known so far only by the CEO.


Once the SWOT analysis is conducted, it is very important to not stop here. The standard asks to record the actions taken/to take to address risks and opportunities from this analysis.

I usually recommend that the working group selects the few most relevant items and work on them during the year than trying to cover everything. For example, I have seen companies that decide to focus on improving their internal systems and technologies and not prioritizing benchmark activities to address the threat of “Aggressive competition”. The auditor will have no issue with that if this in-line with the strategic direction of the company and it is providing the expected output.

link with self-awareness

To conclude this post, I would like to make the link between understanding the organizational context and the process of developing self-awareness for individuals. If you read the below benefits from such an individual process, I hope you can recognize the benefits for an organization to have a similar approach:

      • Deliberately become the person you want to be
      • Act consciously instead of reacting to people or events
      • Create self-esteem, confidence, and self-worth
      • Be authentic and make active choices
      • Having a greater depth of experience and enjoyment of life
      • Understand oneself and exercise self-care and compassion
      • Reduce internal conflict and perform assertively
      • Identify and come to peace with who you are and who you are not

how to record this information?

As mentioned, this information can be incorporated directly in the quality manual or preferably as a separate appendix (do not forget to have this appendix official in your QMS and the document number reflected as a reference in the quality manual). Below are internal & external issues templates that you can download:

    • Free Template with all columns and one example per SWOT category. This template is complying with AS9100 Rev D and ISO 9001:2015 requirements.
    • Premium Template with a list of most common internal & external issues and a table to capture the actions to address risks and opportunities. The template can be further customized to fit your organization’s QMS. Download the premium version on Sellfy.


For further resources related to AS9100 Rev D or ISO9001:2015 implementation, refer to the below posts:

Defining internal and external issues per AS9100 – ISO 9001 (SWOT/PEST)

Defining interested parties per AS9100 – ISO 9001

Document Control Procedure per AS9100 – ISO 9001

Management Review Procedure per AS9100 – ISO 9001

4 thoughts on “Defining internal and external issues per AS9100 – ISO 9001 (SWOT/PEST)

Leave a Reply

Your email address will not be published. Required fields are marked *