Excel Partnership ISO consulting, Quality management training and ISO consultant services delivers full ISO compliant training for environmental, health and safety and risk assessment training to ISO 9001, ISO 14001, TL 9000 ISO/TS, 16949 ISO/IEC 17025, ISO 13485 and ISO/IEC 27001.

ISO consulting, Quality management training, ISO consultant - Excel Partnership UK


The ISO Certification Process

A Guide to Achieving ISO Certification

This guide provides a general step by step methodical approach taking you through the certification process. However, some of these steps may be performed in conjunction with others and not necessarily in the order outlined here. The approach you take to reach your goals will depend on the culture of your organisation, resources available and individual preferences to ways of working.

Step 1.
Management Decision

In order for you to gain your management's commitment, they will want to know what it is you're aiming to achieve, understand what's involved, what benefits are to be gained (particularly to the bottom line) and cost implications.

Training courses providing an introduction to/overview of the standard will give a good foundation of the requirements of the standard and the implications of it to your business. An Implementation training course will provide you with a way forward and get you on the road to planning the project.

For advice and information on training requirements at this stage and appropriate introduction and implementation courses, please contact our training team on +44 (0) 333 123 9001 or email [email protected]

Step 2.
Gap Analysis

Performing a gap analysis early on enables you to compare existing systems within the organisation to the requirements of the applicable management system standard. You may already have some form of quality, health & safety or environmental management processes in place and these will need to be incorporated into your higher level management system. Identifying the gaps in the systems/processes that are currently operating will help to identify resources needed in terms of man-power, training, communication and information technology. The gap analysis will also be useful in prioritising work when developing the project plan.

Step 3.
Project Plan

Agree your goals and project outcomes with the Management Team. Identify realistic timings for the project, e.g. start and completion dates and dates for key steps along the way. If one of the project outcomes is to become Certified, you may want to make initial contact with Certification Bodies and draw up a short list to present to Management for a decision, as well as gaining an idea of certification costs. Management will also be expecting a broader idea of overall project costs and what return on investment might be.

Communicate the project plan to Management and the wider corporate community. Ensure that everyone is aware of what it is you're aiming to achieve, how this will work in practice, the overall benefits to the company and individuals alike, and the importance of everyone's role and involvement in the process. An in-house awareness course could help you achieve this with the knowledge being passed along to teams by those who have attended such training.

Step 4.
Training & Awareness

Identify the core team who will be involved in the process of implementation and ensure they have the right experience and training for the roles. You will be appointing a Project Leader, Management Representative, Team Members and Internal Auditors. One person may take on a number of different roles, depending on the resources available. Provision of Internal Auditor or Lead Auditor training may be necessary to achieve your goals and such training can be delivered in-house or via a public programme, depending on the number of people requiring training. An introduction to the standard may also be a useful way to communicate the benefits of certification, and the process involved, to the wider staff community. Maintaining records of all training undertaken is a key requirement of management system standards.

For advice and information on training requirements at this stage and appropriate auditor training courses, please contact our training team on +44 (0) 333 123 9001 or email [email protected]

Step 5.

Documenting your management system involves describing the processes that operate within each department of your organisation, such as design, production, purchasing, quality control, marketing, finance, transport, storage, etc. and defining how these processes comply with the requirements of the standard being implemented. The documented system can be in electronic form or hard-copy and will likely consist of procedures, documents, records and standard forms relevant to the day to day operations of your business.

Step 6.

Implementation of the management system involves putting the documented system into practice, assessing the different processes to ensure 1) they are meeting business needs and 2) they are not creating undue bureaucracy. You may hold your first Management Meeting to review procedures and information, reports and results from monitoring and measuring activities and agree any improvements or changes deemed necessary at this time.

Step 7.
Internal Audits

Conducting an internal audit of your management system is a key activity which helps you to assess the conformity of your system to the requirements of the relevant ISO standard, giving staff an idea as to what to expect from an external audit and the project team confidence in what has been implemented thus far. Auditing your management system also enables you to evaluate its effectiveness and identify areas for improvement.

When considering the appointment of your Internal Audit team, ensure that:

  • The Internal Auditors are appropriately trained (Internal Auditor Training Courses)
  • The Internal Auditors are independent of the process or system being audited
  • Resources are sufficient to cover all areas of the business, i.e. Internal Auditors are not auditing their own departments.

A sequence of internal audits will demonstrate that your organisation complies with the requirements of the ISO standard and demonstrates that you've had the opportunity to identify and implement corrective actions for improvement.

Step 8.
Stage 1 Certification

If your organisation has decided to seek 3rd party certification, you will need to select an Accredited Certification Body to conduct an objective and independent assessment of your management system. Whichever certification body you choose, if they are UKAS Accredited (or equivalent), this means they have been independently verified as being competent to conduct 3rd party assessments.

Before the first Stage 1 external audit, ensure that everyone in the organisation is aware of when the audit is taking place, what may be expected of them and the purpose of the audit. Ensure the Management Team are available and check the facility for anything that may be out of place, e.g. an uncontrolled document on a notice board, an uncalibrated piece of measuring equipment, an unidentified part on a shelf.

The purpose of the Stage 1 audit performed by the certification body is generally to check that what you say you do meets the requirements of the applicable standard. Through interviews with members of the Project Team and Management Team, the assessor will determine how well you understand the requirements of the standard, the scope of your management system, key processes and any regulatory and compliance criteria that relate to your business and operations. They will review your documented management system and review the records of your internal audits and management reviews, at the end of which you will receive a report outlining any areas of concern to be addressed prior to the Stage 2 audit.

Step 9.
Stage 2 Certification

The purpose of the Stage 2 audit is to evaluate the implementation of your management system to ensure it conforms to the requirements of the standard and gauge its overall effectiveness. Staff at varying levels of the organisation will be interviewed to check understanding throughout the business and the effectiveness of the management system in all operations and activities will be assessed. The Management Team will be presented with an audit report at the end of the assessment, detailing the results and opportunities for improvement. Any non-conformities will be identified and discussed and follow-up actions agreed.

Once your certification body has awarded your certification, ensure you communicate and celebrate this success with all employees as well as your customers.

Step 10.
Continuous Improvement

Make the most of your management system by keeping it 'alive'. If a management system is not kept active, a company may run the risk of it becoming a lead weight around its neck and all the work and investment becomes lost. For a management system to be fully effective, a programme of continuous review and improvement is necessary in order for the organisation to achieve real bottom line results.

  • Implement the corrective actions identified in the Stage 2 audit and monitor their effectiveness
  • Continue with a programme of internal audits
  • Further training and continuous professional development, such as Auditor Mentoring, for the internal audit team may be required
  • Surveillance audits conducted by Certification Body
  • Explore advanced business tools to support the management system to help improve internal processes and business systems (e.g. Problem Solving, FMEA, Risk Management)
  • Explore advanced quality principles such as Six Sigma which may enhance your business position and commitment to your customers

For advice and information on business improvement training, auditor mentoring or consultancy, please contact our training team on +44 (0)333 123 9001 or email [email protected]