ISO 9001 Certification

Top management buy-in and support is fundamental to implementing a Quality Management System. Top management need to participate in the system through processes such as management review and need to demonstrate commitment to the system through customer focus and the Quality Policy; so get their commitment early and utilise their leadership to help you implement the system and ensure resources are available. This is the crucial first step that is often missed in medium or large organisations.

Ensure you understand all of your internal and external requirements of the certification and have considered these in the development of the system.

(a) Internal Requirements
Internal requirements include the organisational structure, responsibilities, relationships with clients and suppliers, existing policies, procedures and other management systems that may already be in place such as a safety or environmental management system. It also includes defining a scope for the system. The scope defines what is included and potentially excluded from the governance of the system. Will the scope include all processes at all sites and all subsidiary companies or are there valid reasons to exclude some things from the system.

(b) External Requirements

External requirements obviously includes the Quality Management Standard ISO 9001, but includes other regulatory and legislative requirements, industry requirements or other voluntary guidelines that you may subscribe to and requirements set down by your clients or government.

There is no golden rule to how to implement the system and every organisation’s requirements and circumstances will vary. But we have some key principles that may help.

(a) Engage people

The system can’t be implemented effectively in isolation from key people that will be need to be involved in the system. Help people understand what will be required of them and what impacts the system will have on the way they do things moving forward. Take their feedback on board and incorporate it into the system. This is a change management project and bringing people along with you is a key to success.
(b) Leadership
Utilise top management to help influence outcomes and set objectives. They have committed to the process so get them actively involved. You will also need a Project Manager / Consultant / Management Representative a single person responsible for seeing the project through to completion – it’s not to say they may not have other duties as well and if you are reading this it’s likely the person may be you!
(c) Fit for purpose

The system needs to be fit for purpose for your organisation. Even if you start with a readymade template or a software application, you need to adapt this so that it is specific to your business. You will not be able to achieve excellence with a generic system. Representative a single person responsible for seeing the project through to completion – it’s not to say they may not have other duties as well and if you are reading this it’s likely the person may be you!

(d) Monitor

Check your progress along the way, set milestones and monitor completion of them. Don’t wait until you think your system is bullet proof and gold plated before you have it assessed. You will need to conduct internal audits so think about when these should be done and what aspects of the system are audited. Bring in your external auditors when you think you are 50-70% there and have them provide input as to where your system has gaps or non-conformances with the standard or other requirements.

As per 3(d) don’t wait until you believe your system is bullet proof or gold plated before engaging Compass Assurance Services to certify your system. You may be disappointed to find there are still gaps or you have spent an enormous amount of energy on an aspect of the system that wasn’t required! An audit duration is calculated using processes based upon the IAF Mandatory Document 5 requirements and a consideration of your unique circumstances and business structure. The ISO 9001 certification process generally requires a stage 1 and stage 2 audit. Your auditor is selected based upon their experience within your industry, the standard and auditing and leading teams. All of our auditors are selected based upon their skills, experience and ability to communicate effectively at all levels of an organisation. We aim to provide the most local auditor where we can to help you manage costs associated with any travel and accommodation that may be required. Your auditor will work with you to set an audit program that is suitable to your business, the scope of your system and meets all external requirements.

(a) Stage 1 Audit

Our philosophy is that it is often more useful to have the auditor start engaging with your system when you believe you have 50-70% of the system in place. This is often the best time to conduct the stage 1 audit or a preliminary gap audit. The audit generally focuses on Head Office and the key system aspects including reviewing your documentation (such as your Quality Manual, Quality Policy and other procedures) against the mandatory requirements of ISO 9001 Quality Standard. Findings such as non-conformances, areas of concern and opportunities for improvement will provide valuable input into the development and implementation of the system. All findings will be communicated to you through a closing meeting and the audit report.

(b) Stage 2 Audit

This audit is where the magic happens. This is the certification audit and the outcome is a recommendation by the Lead Auditor to Compass Assurance Services on whether ISO 9001 certification should be granted or whether there is still some work required. This audit may be a day after the Stage 1 audit or up to 6 months after the Stage 1 audit, however most stage 2 audits occur 4-6 weeks after the initial audit. The duration between audits is really based upon the time required for you to adequately deal with any gaps or non-conformances identified at the first audit and the ability to schedule your required stakeholder to be available. Unlike the stage 1 audit implementation of the system is a key aspect of this audit. Our auditor will need to gather evidence of the system being used and implemented. This will involve engaging with workers at your various locations and in various roles associated with the system and the product realisation process.

If there are no non-conformances identified by the Lead Auditor at stage 2 audit then they will make a recommendation to a Compass Assurance Services Certification Manager that ISO 9001 certification be granted. If there are some non-conformances still in place after the stage 2 audit then additional evidence will need to be supplied after the audit. This is often done by a review of additional evidence off-site by the auditor but under some circumstances an additional audit or time on-site may be required. The Certification Manager will review the recommendation of the Lead Auditor as well as the supporting material such as audit reports, audit programs, any action plans and make the certification decision. The Certification Manager may revert to the Lead Auditor or you for additional clarification or information regarding some findings or they may simply agree with the Lead Auditors recommendation and issue your certificate.

You will receive your certificate and have access to both our certification mark and the JAS-ANZ accreditation symbol to include on appropriate company material. It’s a good idea to demonstrate to your clients, workers and stakeholders that you operate a business with a certified Quality Management System. You’ve done all the hard work so why not make sure you realise the full value in the investment you have made in your system. It is a good idea to check our Certification Mark Policy or discuss with us how ISO 9001 accreditation symbols or certification marks may or may not be used.

Your certification is valid for 3 years, however this doesn’t mean that we won’t be seeing you for 3 years! Your auditor will have already worked with you on a 3 year plan which will specify the frequency of surveillance audits (typically annually or every 6 months) that will be required in order for your certification to remain valid. Surveillance audits include a sample of key processes and sites to ensure the system remains compliant with ISO 9001 and that certification of the system remains appropriate.