ISO 22458 Clause 9

Clause 9 covers monitoring, evaluation and continual improvement of the inclusive service through customer satisfaction, aggregated data, complaints and staff feedback.

ISO 22458 Clause 9 - Monitoring, Evaluation and Improvement

Clause 9 closes the loop on the standard. The strategy, design, resources, identification and response only deliver lasting outcomes if the organisation can see whether they are working, evaluate the findings, and act on them. Clause 9 is short - three sub-clauses - but it is the engine that keeps the management system improving rather than drifting.

Monitoring - ISO 22458 Clause 9.1

Clause 9.1 requires systems that capture four kinds of information about the effectiveness of the inclusive service.

Customer satisfaction - feedback from a representative sample of consumers, including those in vulnerable situations, on services received and any additional assistance offered.
Aggregated data from customer records - anonymised datasets giving an overall picture of customer vulnerabilities, difficulties experienced, response options used and outcomes achieved.
Consumer complaints - operating an effective and accessible complaint handling system that captures the nature of the complaint, the root cause and the outcome.
Staff feedback - proactively seeking feedback from frontline staff on how well systems, processes and procedures help them identify and support consumers in vulnerable situations.

All four are required. A system that monitors only complaints will miss the consumers who walked away without complaining. A system that monitors only customer satisfaction will miss the structural issues frontline staff can see every day. The four together give a balanced picture - the consumer voice, the data trends, the complaint signal and the staff insight.

The aggregated data piece is where the customer records design from Clause 7.5 pays off. Records built with comparable data fields can be aggregated into anonymised datasets that show trends over time - which response options work, which categories of vulnerability are most common, which service touchpoints generate most issues. Records designed without that in mind end up as free text that no one can usefully aggregate.

Evaluation - ISO 22458 Clause 9.2

Monitoring data only matters if it is reviewed and acted on. Clause 9.2 requires systems for analysing and reviewing the findings from the monitoring activities to identify systemic, recurring and single-incident problems and trends related to consumer vulnerability, aspects of the inclusive service where performance is below target, significant instances of non-compliance, areas needing improvement, and the appropriate decisions and actions for those improvements.

In practice this is the management review cycle. The Vulnerable Consumer Representative pulls the monitoring outputs together, top management reviews them and decides on actions, and the actions are tracked through to completion. The F-Q103 Consumer Vulnerability Monitoring form provides the structured input for that review.

Continual Improvement - ISO 22458 Clause 9.3

Clause 9.3 sets out six things the organisation does to keep improving outcomes for consumers in vulnerable situations:

Value customer and staff feedback and learn from experience.
Encourage creativity and innovation in developing and improving services and response options.
Take preventive and corrective action to eliminate the underlying causes of harm.
Foster a consumer-focused approach to improving outcomes.
Engage proactively and continuously with relevant stakeholders so that legislative obligations and evolving consumer needs feed into design and delivery.
Recognise and apply examples of outstanding performance and best practice.

The stakeholder engagement piece is worth pausing on. The standard expects ongoing external engagement with consumers who have lived experience of vulnerability, consumer organisations, professional associations, regulators and other organisations committed to inclusive service. This is the same engagement loop that informed Clause 5.3 on understanding consumer vulnerability - it is not a one-off exercise during implementation.

For Clause 9 I look for evidence of the four monitoring inputs and a clear thread from monitoring through evaluation to action. Customer satisfaction surveys without sampling that includes vulnerable consumers are a finding. Complaints data that is captured but never analysed for vulnerability themes is a finding. Staff feedback channels that exist on paper but show no evidence of use are a finding.

The stronger management systems use the same set of monitoring outputs at every management review and track actions across reviews. That continuity is what tells me the system is actually being used to drive improvement rather than ticked off in advance of the audit. Where I see fresh actions arising from each review and old ones being closed off, the system is doing its job.

The thing to remember about Clause 9 is that it is mostly about asking the right questions and then doing something about the answers.

If your customer satisfaction surveys do not get responses from people who struggled with the service, you are missing the people you most need to hear from.

None of this is rocket science. It is checking what is going on, having an honest look at what it tells you, and changing what needs changing.

Practical Compliance Guidance

Where IMS1 is in use, Clause 9 is reflected through Section 5.1 (Customer Satisfaction) and the management review process where vulnerability monitoring outputs are reviewed alongside the other management system outputs. The PP-1-17 procedure references the monitoring forms used to generate those inputs.

The alphaZ documents below cover the monitoring forms, training materials and audit checklists that support Clause 9.

alphaZ document	How to use it
ISO 22458 Toolkit	Full document set for an ISO 22458 inclusive service management system, including the monitoring forms and audit checklists.
PP-1-17 Vulnerable Consumer Procedure	Internal procedure that sets out the monitoring and continual improvement arrangements and references the supporting forms.
F-Q103 Consumer Vulnerability Monitoring	Form for capturing the monitoring inputs - customer satisfaction, aggregated case data, complaints themes and staff feedback - that feed evaluation.
F-Q102 Vulnerable Consumer Report	Individual case form whose aggregated outputs feed the monitoring data on response options used and outcomes achieved.
F-CV1 Focus CV Committee	Committee meeting form for reviewing monitoring outputs, agreeing improvement actions and tracking them.
ISO 22458 Requirements Checklists	Audit checklists for internal audit of the management system against each clause of the standard, used as part of the evaluation cycle.

Note - all the above files can be downloaded with an alphaZ subscription.

Frequently Asked Questions

How often should monitoring data be reviewed?

The standard does not set a frequency, but quarterly review of the four monitoring inputs by the Vulnerable Consumer Representative, with annual review at management review level, works well for most organisations. The cadence should match the volume of data and the rate of change in the service.

Do customer satisfaction surveys have to specifically target vulnerable consumers?

Clause 9.1.a requires feedback from a representative sample including those in vulnerable situations. That can be achieved by including questions in standard surveys that capture the nature of any difficulties, by sampling specifically from records flagged as vulnerable, or by partnering with consumer organisations to gather feedback. The point is that the views of consumers in vulnerable situations are reflected in the data, not lost in the average.

What does aggregated data look like in practice?

It is anonymised data drawn from customer records that shows patterns across the customer base. Examples include the distribution of vulnerability categories, the most common difficulties experienced, which response options are used most often, and the outcomes achieved. The point is to see trends rather than individual cases, and to feed those trends back into service improvement.

Is internal audit required for ISO 22458?

Internal audit is not specifically named in Clause 9, but the requirement to identify significant instances of non-compliance and areas needing improvement makes audit the practical mechanism. The Requirements Checklists provide a structured audit input for each clause and feed the evaluation activity in Clause 9.2.

UK Legislation

The following UK legislation is directly relevant to ISO 22458 Clause 9. Organisations outside the UK should identify the equivalent legislation applicable in their jurisdiction.

Further Resources