Having your company or product certified by the International Organization for Standardization (ISO) signals to consumers that the service you’re providing is safe, efficient, and reliable. Once you’ve put together a comprehensive Quality Management System analysis, schedule an audit with a registrar from an accredited external certifying body. The registrar will determine whether your company’s policies and procedures conform to ISO’s rigorous standards. If you successfully pass the audit, you will receive a certificate from ISO stating that you’ve satisfied the conditions for certification.

Part 1
Part 1 of 3:

Developing a Quality Management System

  1. Choose someone within your company to oversee the task of creating a Quality Management System. This is essentially a collection of documents detailing the way your company carries out its operations. Since putting together such a complex analysis will require a thorough understanding of the business’s policies and internal structure, only the most experienced employees should be considered for the job.
    • A manager, department head, or director of operations will be among the employees most qualified to create a focused Quality Management System.
    • If you’re a controlling officer for your company, you may be more comfortable taking on the responsibility yourself.
  2. During this phase, you’ll be outlining every characteristic of your business or product in writing. Your Quality Management System analysis might include details like your company’s mission statement, information on specific policies and procedures, and a list of state and federal standards you operate in accordance with.
    • Think of your Quality Management System as a comprehensive overview of what your company hopes to achieve with a particular product, service, or business model, and the exact steps they follow to achieve it.
    • If you’re seeking certification for a product, the purpose of your analysis will be to describe the product’s design and materials, your company’s system of production, and your company’s internal quality-assessment process.
    • This is the most demanding step in securing ISO certification, so take your time to make sure your documentation is meticulous.
    Advertisement
  3. Assign a qualified employee to compare the information laid out in your Quality Management System analysis against the company’s day-to-day operations. In particular, they should be looking to see that your procedures satisfy both industry regulations and company standards. If you hope to get ISO certification, it’s important that every aspect of production or service is being performed the way it’s described.
    • Instruct your internal auditor to keep an eye out for inconsistencies between your Quality Management System documentation and the way things are actually being done.
    • Name someone other than the project supervisor to the role of auditor. This will help ensure impartiality and decrease the chances of potential gaps going unnoticed.
  4. If your internal audit turns up some feature that isn’t up to snuff, your top priority will be to correct it before submitting to a formal audit. Using your auditor’s notes as a guide, identify areas where your operations don’t accomplish the goals established by your quality system. Find ways to resolve potential issues in the weeks and months moving forward. [1]
    • Meeting your targeted performance standards may require you to implement new policies, explore safer or more efficient procedures, or retrain employees.
    Advertisement
Part 2
Part 2 of 3:

Choosing a Certifying Body

  1. Seek out a licensed registrar to bring in for an external audit. Search for organizations in your region representing the specific sector your business falls under. Some registrars only deal with software engineering, for instance, while others may be qualified to guarantee quality standards for medical devices, natural gas production, and environmental management. [2]
    • The ISO organization only devises industry standards and provides accreditation to independent certifying bodies—it doesn’t actually issue certifications.
    • The ANSI-ASQ National Accreditation Board (ANAB) has compiled a directory of accredited certifying bodies for businesses applying for an external audit. [3]
    • Selecting the right registrar for your business can take a while. Begin your search while you’re still developing your Quality Management System documentation to give yourself plenty of time.
  2. Your certification will look best coming from an organization that has also proven itself to meet certain requirements. Only consider certification bodies that use the Committee on Conformity Assessment (CASCO) standard. Independent accreditation is also a sign that the body you’re dealing with has been thoroughly researched and approved. [4]
    • Accreditation is a major plus, but it’s not a necessity. A registrar may still be highly qualified even if they aren’t on a list of accredited certifiers.
  3. Once you’ve secured the services of a registrar, sit down with them to discuss the provisions of the audit process. They’ll go over the various legal rights and obligations of both parties and inform you about the organization’s liability confidentiality policies. If you’re satisfied with the terms of the agreement, sign the contract to confirm your audit date. [5]
    • Due to the need for strict international standards across the board, it may not be possible to negotiate the terms of your application contract.
    Advertisement
Part 3
Part 3 of 3:

Applying for Certification

  1. Pre-assessment is not a required step in the certification process. However, a preliminary review will give the certification body a chance to pinpoint any obvious errors or omissions in your documentation. Clearing up these issues before the formal audit will help you focus your quality system and improve your chances of successfully meeting ISO certification standards.
    • If you opt to go through with a pre-assessment, you’ll need to provide your chosen certification body with a complete, up-to-date copy of your Quality Management System paperwork.
    • Be aware that the pre-assessment period may add 2-4 weeks to the certification process.
  2. On the opening date of your inspection, your registrar will sit down with key company personnel to introduce themselves and briefly discuss the proceedings. They’ll then turn their attention to inspecting your company’s operations and making sure they adhere to the standards detailed in your Quality Management System. Be prepared to offer your assistance any way you can.
    • You or your employees may be separately interviewed or called upon to explain details of policies and procedures that are central to your operations. [6]
    • The actual audit is an ongoing process that may take anywhere from days to weeks. The exact length will depend on the complexity of your Quality Management System and the size and organizational structure of your company.
  3. Following the audit, the certifying body will send out a detailed audit report by mail. The report will summarize the registrar’s findings throughout the audit and bring to your attention any areas where your company’s practices don’t match the standards listed in your Quality Management System (referred to as “non conformities.”) The registrar may cite two different types of issues—Minor Non-conformities and Major Nonconformities.
    • Make sure your project supervisor, internal auditor, and all other key employees are present when you go over the findings of your audit report.
  4. This is a brief document explaining the nature of the issue and articulating the measures needed to correct it. It's primary purpose is to demonstrate to the certifying body that you understand how an oversight fails to live up to ISO standards. Most Minor Nonconformities can be cleared up without the need for additional inspections, and won’t hold up your certification. [7]
    • Minor Nonconformities refer to small procedural errors or instances where policy and practice don’t quite line up, but don’t ultimately impact that quality of your product or service.
  5. These citations point to glaring discrepancies in the way your business model is conceived and executed. Coming back from a Major Nonconformity most often involves a series of follow-up inspections, along with the costs associated with fixing the problem from within. Your company or product will not be approved for certification until all Major Nonconformity citations have been reexamined and cleared by the registrar. [8]
    • Major Nonconformities could also leave you subject to fines or similar penalties if they are discovered to be in violation of the law.
    • If your audit report comes back with more than one Major Nonconformity highlighted, you may need to reconsider the content of your Quality Management System to determine whether it's feasible in its current form.
  6. If the registrar is satisfied with their findings, they’ll report back to the certifying body with a recommendation that your company be awarded certification. You’ll then be sent your official certificate. The document will display your level of certification and the exact set of standards you were found to be in compliance with, along with an official stamp from the certifying body.
    • It may take 2-3 weeks for your certificate to arrive after you’ve gotten word of approval from the certifying body.
    • Your business will also be added to a register of companies with ISO certification, which can be viewed by consumers as well as other businesses.
    Advertisement

Expert Q&A

Ask a Question

      Advertisement

      Tips

      • You don’t have to get certified with ISO in order for your company or product to be a success—it’s simply a useful way for consumers to recognize businesses whose practices are consistent with international standards drawn up for their own benefit.
      • When labeling a product, service, or procedure after receiving your ISO certification, be sure to include the numerical designation of the specific standard used. Instead of simply writing, “ISO Certified,” for example, you would write “ISO 9001 Certified.”
      • Make sure you read up on the exact duration and conditions of your certification to see what you need to do to maintain it down the line.
      Advertisement

      About this article

      Thanks to all authors for creating a page that has been read 29,414 times.

      Did this article help you?

      Advertisement