Becoming ISO 9001 Certified

By Sandra Midea

The process of becoming ISO 9001 certified can be confusing. This is a step by step guide on the typical certification process.

1. The process starts by obtaining a copy of the ISO 9001 Standard. The standard provides guidance on the intent of the standard plus a list of the required clauses. The current version is ISO 9001:2015. It is available through www.techstreet.com and www.iso.org.

2. Read the standard, then evaluate the systems and procedures you have at your company to determine what processes need to be added. This can be conducted by your internal quality department or by a subcontractor such as Midea Group Inc. 

3. Request quotations from multiple registrars (try 3 to start) who will conduct the registration audits and certify that you meet the ISO 9001 requirements. The registrar will want to know your approximate time frame for implementation, number of locations, number of employees, and get a feeling for the complexity of your business. Choose a registrar in your country and one that can certify to the standard you are interested in. A list of registrars can be found here. http://isoupdate.com/directory-resource/registrar-listing/. A full registration cycle is 3 years, so your registrar should quote for the full 3 year cycle.

4. Put your quality system together and communicate this information throughout your workforce. The three major items which will be reviewed at each registration audit are: Results of your Internal Audit (Section 9.2), Management Review meeting with the appropriate inputs and outputs (found in Section 9.3) and tracking of Non-Conformances within your company (Section 8.7). 

5. As discussed in item 3, the registration is a 3 year cycle. The registration process begins with two registration audits called S1 and S2.  They will begin with the S1 Audit which includes a preliminary audit of your documentation, tour of your facility and review your procedures, particularly of the three items above. If your system is not ready for a full audit, they will let you know the areas that need to be addressed so you can make the needed changes. S2 is a full registration audit of your facility and typically lasts several days.

6.  If the auditor finds issues, called non-conformances, during your S2 audit, they will submit paperwork to you describing the NC and allow you to correct any issues. The time frame to correct the issue is typically 30 days, but an extension can be requested if needed. The auditor will review and approve or request further work on any open non-conformances.

7. Once all the NC's are closed, the auditor normally recommends you for certification. Final determination of certification is done by the Registrar. 

8. Although the certification cycle is 3 years, the registrar will send an auditor annually to check that your company is maintaining compliance with ISO 9001. The audit the first year is called a Surveillance 1 audit and the second year is the Surveillance 2 audit. Each audit will include review of your company's non-conformances, internal audit and management review meeting. Approximately half of your quality system will be audited each year.

9. After 3 years, your company will go through a re-registration process where the entire quality system will be audited.

This article provided basic and non-specific information of the process of becoming ISO 9001 certified. I hope you found it beneficial. If you have any questions or are interested in assistance navigating through the process of getting certified, please reach out through the Contact Link on www.mideagroup.com.

Sandra Midea, Midea Group Inc. 2019.