The six required procedures of ISO 9001
ISO 9001:2008 requires "documented procedures" for the following six activities:
- Control of documents (4.2.3)
- Control of records (4.2.4)
- Internal audit (8.2.2)
- Control of nonconforming product (8.3)
- Corrective action (8.5.2)
- Preventive action (8.5.3)
Of course, these documented procedures will have to be controlled according to the first procedure listed (Control of Documents).
Any more is up to you. You must determine what further documentation is required in your company for your Quality Management System to function effectively.
ISO 9001 also specifies required records.
ISO 9001:2015 does not require any documented procedures, and there are only three pieces of required documented information that must be "maintained":
- the scope of the quality system
- your quality policy
- your quality objectives
As far as procedures go, the standard now states:
"The organization shall maintain documented information to the extent necessary to support the operation of processes"
So it's up to you work out what is needed and how you want to document it.
On the other hand, there is still plenty of documented information that must be "retained" (i.e. records).