The auditor points to an operator on your line and asks: prove to me that he's qualified for the job. You have a few minutes, not a few days. This is exactly what chapter 7.2 of the standard ISO 9001:2015 requires: not that your employees are competent (you know that), but that you can demonstrate this at any time, with proof in hand. Visit skills matrix is the tool that makes this demonstration possible by centralizing the data that the standard requires you to keep.
What does ISO 9001 require in terms of skills?
The four obligations of chapter 7.2
Chapter 7.2 of ISO 9001:2015 concerns anyone whose work has an impact on the performance and effectiveness of the quality management system (QMS). The scope goes far beyond production operators: quality managers, maintenance technicians, logistics personnel and middle management are also concerned.
The standard sets out four requirements.
The first is to determine the skills required for each job that has an impact on the conformity of your products or services, process by process: what know-how, what qualifications, what authorizations?.
The next step is to ensure that the people in charge are effectively competent with regard to their initial training, experience or additional training.
When gaps appear between the skills required and those available, the standard calls for take action to fill them, whether through training, mentoring, recruitment or reassignment, and to assess whether these actions have worked.
The last obligation, and often the most tricky: keep documented information that prove all this.
It's on this last point that audits most often get stuck, because it's not enough for your employees to be competent: you need to be able to demonstrate this at any time, with proof in hand.
What the standard means by «documented information»
The term «documented information» has replaced the former concepts of «documents» and «records» since the 2015 version. In terms of skills, it covers everything that attests that a person has the qualifications required for his or her position: copies of diplomas, training certificates, records of professional interviews, signed tutoring sheets, clearance certificates or job evaluation results.
ISO 9001 does not prescribe any particular format. A paper binder, an Excel file or a dedicated software program are all acceptable, as long as these proofs remain in the same format. accessible, traceable and up-to-date. The auditor needs to be able to consult them without delay, and you need to be able to demonstrate that they are regularly updated. So it's not a question of knowing what to document, but of structuring it in such a way that it can be retrieved in a matter of minutes.
How does the skills matrix meet these requirements?
Mapping skills requirements by process
The approach that works best is to start from your QMS processes, rather than listing skills in the abstract. For each process (production, quality control, maintenance, logistics), identify the activities that have a direct impact on product or service conformity, then deduce the skills required. The result is a map aligned with what the standard actually expects.
Your multi-skills grid should also include regulatory approvals specific to your sector. In aeronautics (EN 9100, NADCAP), automotive (IATF 16949) or pharmaceuticals, certain activities require formal authorizations that go beyond acquired competence: they certify that an operator is officially authorized to intervene in a given process. The matrix must distinguish between these two dimensions, as an auditor will not confuse them.
Measure gaps and plan skills upgrades
Once the required skills have been mapped, the matrix makes visible the gaps between what is expected and what is available in your teams. These gaps feed directly into your training plan, your mentoring programs and your recruitment decisions, and above all they document the logic behind each action, which the auditor will be looking to verify.
The ISO 9004 standard also recommends integrating a forward-looking dimension: anticipating the skills that will be needed tomorrow, based on the evolution of your processes and markets. A matrix that only reflects what exists at a given moment quickly loses its value. Regularly updated, it also serves to anticipate needs before a gap becomes an audit finding.
What the auditor really checks during an ISO 9001 audit
Many QHSE managers prepare for their audit by focusing on documentation. This is necessary, but the auditor, guided by the principles of the’ISO 19011, He not only checks that documents exist, but also that they are consistent with what actually happens on the shop floor.
In concrete terms, he selects one or more critical positions and proceeds through the entire chain. He starts with the job description to check that the required skills are described, then moves on to the matrix to confirm that the person in question possesses them, and asks for the corresponding proof: training certificate, assessment, signed tutoring form. If the operator has been trained in-house, the auditor will look for evidence of tutoring and validation of the skills acquired. It is this end-to-end consistency that he tests, from identified need to retained proof.
The most frequent non-conformities
The chapters relating to resources and skills are among the most frequently encountered in ISO 9001 audits. Organizational knowledge management (chapter 7.1.6, closely related to 7.2) alone accounts for 30 % of non-conformities and sensitive points identified during certification audits.
The most common discrepancies are similar from one site to another: proof of training is missing or obsolete for a critical position because the binder has not been updated after a change of assignment; a matrix that does not cover all QMS processes and leaves blind spots; clearances that have expired without anyone noticing due to the lack of an alert system; or a discrepancy between the skills described in the job description and those actually assessed.
The problem is rarely a lack of will, but a lack of tools: when data is scattered between filing cabinets, files and mailboxes, no one can guarantee that it's up to date.
Why is Excel no longer enough for ISO 9001 compliance?
An Excel file can be used as a skills matrix, but it shows its weaknesses as soon as it comes to meeting the traceability requirements of ISO 9001: no reliable history of modifications, no automatic alerts when a clearance expires, risk of error during manual updates and impossibility of producing proof in real time in front of an auditor. When you're managing dozens of operators on several production lines, the spreadsheet becomes a risk factor rather than a compliance tool.
Visit Excel's limits for skills management are well documented. A dedicated digital tool like Mercateam, solves these irritants point by point: each skill is traced with its history, expiry dates of authorizations trigger automatic retraining alerts, and proof of training is stored directly in the system. When a quality audit, You can access all your data in just a few clicks, instead of having to rummage through scattered folders.
Compliance on the day of the audit is only part of the story. The same data is also useful for the rest of the year, starting with the management review.
How do skills data feed into the management review?
Chapter 9.3 of ISO 9001 requires the management review to assess the adequacy of resources, and the data from your skills matrix are direct inputs into this: coverage rate of critical skills, number of gaps identified, training carried out versus planned, authorizations due to expire in the next few months.
All too often, the matrix remains confined to a passive compliance role: a document that you pull out for the audit and then put away. Manufacturers who go further use it as an operational dashboard. They track the evolution of skills over time, identify at-risk positions and anticipate training needs before a deviation becomes a non-compliance. This is the approach adopted by industrial sites that have digitized their skills management with Mercateam.
