Content library
Products, services and customer focus
Top management commitment to customer focus

Other tasks from the same security theme

Task name
Priority
Status
Theme
Policy
Other requirements
Documentation of products and services
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Documentation of products and services
1. Task description

Organisation must maintain a list of products / services delivered for customers. Product / service owners are designated and responsible for completing the related documentation and possible other quality actions directly related to the product / service.

Product / service documentation must include at least:

  • Needed infrastructure to deliver the product / service (e.g. buildings, equipment, ICT...)
  • Defined quality requirements for an acceptable product / service
  • Main quality-related product / service communication (e.g. updates, contracts, complaints, feedback)
Documentation of stakeholders relevant for the QMS
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Documentation of stakeholders relevant for the QMS
1. Task description

Some of organization's stakeholders can have an effect on the organization’s ability to consistently provide high quality products and services.

The organization needs to identify:

  • the stakeholders relevant to the quality management system
  • the quality requirements set by these stakeholders (when relevant)

The organization reviews stakeholder information and related requirements regularly.

Design and development processes for products and services
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
3
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Design and development processes for products and services
1. Task description

The organization has established, implemented and maintains a design and development process that is appropriate for delivering its products and services. The nature, duration and complexity of the design and development activities need to be taken to account when defining the needed detail of the process.

The design and development process has a clearly defined owner and other related authorities.

The sequence of the design and development process includes at least:

  • the definition phase for results to be achieved
  • the required process stages, including applicable design and development reviews
  • the required verification and validation activities (to confirm resulting products / services meet requirements)
  • the internal and external resources needed

To control the design and development process, the following controls should be considered:

  • the need to control interfaces between persons involved
  • the need for involvement of customers and users
  • the level of control expected by customers and other relevant interested parties
  • the requirements for subsequent provision of products and services
  • defining needed documented information to demonstrate that process has been followed
Customer satisfaction processes for products and services
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Customer satisfaction processes for products and services
1. Task description

Organization has clearly defined the ways for gathering customer feedback relating to products and services, including customer complaints.

Organization has also defined plans for contingency actions (e.g. for disgruntled customers) for relevant situations.

Top management commitment to customer focus
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Top management commitment to customer focus
1. Task description

Organization's top management demonstrates leadership and commitment to customer focus by ensuring that:

  • customer and applicable other requirements are determined, understood and consistently met
  • risks and opportunities that can affect conformity of products and services are determined and addressed
  • focus on enhancing customer satisfaction is maintained
Defining and monitoring product and service acceptance criteria
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Defining and monitoring product and service acceptance criteria
1. Task description

The organization has defined which checks need to be implemented to verify that product / service requirements have been met. The release of products / services to the customer doesn't happen until the planned checks have been satisfactorily completed, unless separately approved.

Checks can also include delivery-related acceptance criteria e.g. for product training or other onboarding.

The organization shall retain documented information on the release and acceptance of its products / services. The documented information shall include:

  • evidence of conformity with the acceptance criteria
  • traceability to the person(s) authorizing releases
Identification and documentation of major product / service related changes
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
2
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Identification and documentation of major product / service related changes
1. Task description

The organization shall review and control changes for products and services or their provision, to the extent necessary to ensure continuing conformity with requirements.

The organization shall retain documented information describing the results of the review of changes, the person(s) authorizing the change, and any necessary actions arising from the review.

Identifying and filling post-delivery activities
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Identifying and filling post-delivery activities
1. Task description

The organization needs to identify and fill also the post-delivery requirements associated with its products / services. These can include include warranty-related actions, contractual obligations (e.g. support or maintenance services) and supplementary services such as recycling or final disposal.

To identify the extent of required post-delivery activities, the organization needs to consider:

  • the nature, use and intended lifetime of its products / services
  • legal requirements
  • potential undesired consequences related to its products and services
  • customer requirements
  • customer feedback
Pre-commitment review process of product / service requirements
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Pre-commitment review process of product / service requirements
1. Task description

To ensure the organization can deliver high quality products, it needs to define a process for reviewing product / service requirements thoroughly before committing to supply the related product / service.

The review needs to include at least:

  • reviewing requirements specified by the customer (incl. delivery and post-delivery requirements)
  • reviewing requirements not stated by the customer, but necessary for the specified or intended use
  • reviewing internal requirements
  • reviewing legal requirements applicable to related product / service
  • reviewing new contract or order requirements (and resolving conflicts with earlier ones, when necessary)

The organization confirms customer’s requirements before acceptance, when the customer does not provide a documented statement of their requirements.

N.b.! For example in internet sales, when orders are recurring with similar contents, reviewing each order can be impractical, but the reviews can be focused on related product information (e.g. product catalogues).

Design and development output requirements and verification
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Design and development output requirements and verification
1. Task description

The organization has defined a process for monitoring design and development outputs. The organization also retains documented information of all design and development outputs.

This process ensures that outputs at least:

  • meet the requirements
  • are adequate for the subsequent processes for the provision of products and services
  • include or reference monitoring and measuring requirements (as appropriate) and acceptance criteria
  • specify the characteristics of the products and services that are essential for their intended purpose and their safe and proper provision
Design and development requirements and inputs
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Design and development requirements and inputs
1. Task description

The organization has determined the requirements for products and services to be designed and developed.

To define the requirements, the organization should consider at least:

  • functional and performance requirements
  • information derived from previous similar design and development activities
  • legal requirements
  • standards or codes of practice that the organization has committed to implement
  • potential consequences of failure due to the nature of the products and services

Any conflicting design and development inputs shall be resolved.

The organization shall retain documented information on design and development inputs.

Defining controlled conditions for product / service provision
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
3
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Defining controlled conditions for product / service provision
1. Task description

The organization's product / service provisioning needs to happen under controlled conditions. To ensure this, the organization has defined what controlled conditions mean in their operations.

To define controlled conditions, the organization should consider:

  • clearly documented product / service definitions and results to be achieved
  • the availability of suitable monitoring and measuring resources
  • the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met
  • the use of suitable infrastructure and environment for the operation of processes
  • the appointment of competent persons, including any required qualification
  • the validation of the ability to achieve planned results
  • the implementation of actions to prevent human error
  • the implementation of release, delivery and post-delivery activities

The organization shall preserve the outputs during production and service provision, to the extent necessary to ensure conformity to requirements.

Identification and traceability of products and services
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Quality and processes
Products, services and customer focus
2
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Identification and traceability of products and services
1. Task description

The organization has defined suitable means to identify outputs when it is necessary to ensure the conformity of products and services. This may involve assigning unique identifiers, such as serial numbers, batch codes, or physical labels, to products or batches.

The organization needs to also identify the status of outputs with respect to monitoring and measurement requirements throughout production and service provision.

When traceability is a requirement, the organization also needs to define controls for the unique identification of outputs, and shall retain the documented information necessary to enable traceability.

Universal cyber compliance language model: Comply with confidence and least effort

In Cyberday, all frameworks’ requirements are mapped into universal tasks, so you achieve multi-framework compliance effortlessly.

Security frameworks tend to share the common core. All frameworks cover basic topics like risk management, backup, malware, personnel awareness or access management in their respective sections.
Cyberday’s universal cyber security language technology creates you a single security plan and ensures you implement the common parts of frameworks just once. You focus on implementing your plan, we automate the compliance part - for current and upcoming frameworks.
Start your free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
No items found.