How to get ISO 9001 certification?
How? Get your system ready, choose a certifier, apply, be audited, get the certificate.
That’s a quick overview of ISO 9001 certification process (certification is the correct term, by the way, not ‘ISO accreditation’).
About the 9001 certification process
- Commit to get ISO 9001
A commitment and a firm decision from top management (the decision-maker/s) is essential. And the commitment must be more than verbal or just ‘paying the bills’ – it must supported by specific actions.
- Appoint an internal project manager
You need someone to oversee things internally. Getting third-party certification to ISO 9001 is a project, so treat it as one and use project management disciplines. Also, you’ll need to research to find out what is involved.
- Allocate resources
It’s going to take time and effort, so you’ll need resources. Decide whether to use a consultant, or do it yourself.
- Establish your baseline status
You must find out where you are now (the starting point or baseline) versus where you have to be for certification. You need to know what gaps you have and where by doing a gap analysis.Use the results of the gap analysis to create a plan and schedule.
- Develop the quality system
In most cases this means improving your existing system by filling in the gaps. It may mean developing some new processes, procedures, quality controls or even documents. It includes identifying your main processes (what you do and how you do it), documenting your system in a way that suits you, and making all the changes or improvements necessary to fulfill the requirements of the Standard.
This is the biggest step and the one that takes the most time & effort. Make sure you involve people throughout, and ensure they understand and use the system.
- Audit the system
You must internally audit your system (compliance and risk audit, not financial audit) to check that you are doing what the system requires – including 9001 requirements of course. Find out if actual practice matches your quality manual and procedures. And when you find weaknesses or problems, you fix them using the formal processes for this that now exist in your system.
- Choose an auditor
Select an accredited certifier or ‘registrar’. Make a formal application, pay the fee, schedule the dates of the audit.
- Have the external audit
Your certifier audits your quality system against all of the specific requirements of ISO 9001. It’s a rigorous test of your quality management system.
- Get the certificate and celebrate!
Assuming you are successful, the certifier can award you the coveted certificate.
The formal certificate will arrive a bit after your audit. The ‘look’ of it varies according to your certifier (type of logo, etc). But it commonly states the scope of your certification (what it covers), the Standard (in this case, ISO 9001) and that your company complies. Your certifier will also enter your company onto the official register of companies with certification.
You can now say you are ‘certified to ISO 9001’, ‘registered to ISO 9001’ or ‘has ISO 9001 certification’. All these terms mean the same thing.
Each certification is awarded for a 3-year period. During it, you continue to run your system, maintain it and of course improve it. Your auditor returns at scheduled intervals to check that you are doing so: these are shorter audits than the original one, but at least annual. At the end of 3 years, you have another full audit for recertification. And so it continues.