The ISO 9001 Certification Audit is the final step before companies receive ISO 9001 certification. An external auditor from outside your organization will assess the quality management system (QMS) you have implemented with relevant documentation to see if you have met all of the ISO 9001 requirements.
Based on their findings, the auditor will either grant your organization certification or ask for corrective actions before you can be certified. Is your company ready to be audited for ISO 9001? To ensure that you have the best chances of earning ISO 9001 accreditation, here are some tips to prepare.
What follows is our ultimate guide for your ISO Certification Audit. It is geared towards ISO 9001, but can also be applied to ISO 14001, 45001, 27001 etc. You won't find a more detailed certification audit guide anywhere. It's a long read - but includes all the steps necessary and everything you need to know about how to perform the certification audit.
Contents
- What is an ISO 9001 Certification Audit?
- Preparing For An Internal Audit
- How to Choose Internal Auditors
- Creating a Well-Designed Internal Auditing System
- What Is The Internal Audit Process?
- Preparing for the Official ISO 9001 Certification Audit
- The Third-Party Auditor
- Certification Audit Process
- Tips to Pass Your External ISO 9001 Certification Audit
- What is you Fail? Reapplying for ISO 9001 Certification
- You've Passed! Maintaining Your ISO 9001 Certification
- QMS Internal Audit Documentation Package [Template download]
- QMS Control of Internal Audits Procedure [Template download]
- QMS Internal Audit Checklist [Template download]
Internal audits are a form of inspection where your organization assesses its quality management system to see if it is ISO 9001 compliant. Internal audits often take place during QMS implementation as well as even after certification.
The best way to be prepared for your external ISO 9001 audit is to have practice runs with your internal audits. Every organization seeking ISO 9001 certification should have routine audits with someone within the company to track their quality management system implementation progress and to see if there are any corrective actions needed to meet the certification requirements.
An internal audit will be able to uncover any flaws in your quality management system and identify any factors that need improvement before your external ISO 9001 review for certification.
Our Internal Audit Templates are proven to work.
Internal audits are usually performed by an employee (or employees) within your company. However, internal audits can also be done by subcontractors. Note that the internal auditors you choose will need to be trained in the most recent ISO 9001 standard before performing routine audits; the process of training can start as soon as you beginning quality management system implementation so they can aid in the transition.
You will need to pick enough internal auditors to cover each department and area of your organization. Depending on the size of the organization, you can have from one to four auditors chosen for each area. You will need enough auditors to ensure that they don’t end up auditing their own departments.
A rule of thumb is this: 10% of your total employees should be auditors. So, if you have one hundred employees in your company, at least ten of them should be auditors.
When you are picking your auditors, choose employees that are excellent communicators, and have a knack for finding issues and problem-solving. It also doesn’t hurt if they have strong interpersonal skills. Some smaller companies opt to make their ISO 9001 lead (or person in charge of implementing ISO 9001 requirements) their internal auditor because they are already well-versed in ISO 9001.
To be best prepared for the certification audit, you’ll need to rely heavily on your internal auditing system. However, if your auditing system isn’t up to par, your organization won’t be set up for success like it should be. Here are some tips to follow to create a phenomenal and effective auditing system:
During an internal audit, a member (or members) of your organization will be tasked with comparing your QMS to ISO 9001 standards.
They will begin by explaining how the auditing process will work before starting their audit. They will also answer any questions auditees may have in addition to compliance problems they are already aware of that they would like to address.
Following this opening meeting, the auditors will begin their audit. If the auditors find that there is a problem not within the scope of the inspection (or not relevant to the ISO 9001 standards they are testing the area against), they may still evaluate it to see what risks may come with not addressing it. If there is a chance the problem could affect your ISO 9001 certification eligibility, they may ask for corrective action to be taken.
Our Internal Audit Templates are proven to work.
Other problems with noncompliance with ISO 9001 that your auditors will find will be addressed with auditees as well as generated in the documentation they create. The documents usually take the form of a checklist or table that provides the following information:
When preparing for the external ISO 9001 certification audit, the focus should be in setting up an effective quality management system. When your organization is ISO 9001 certified, it means that you’ve successfully implemented a quality management system according to ISO 9001 standards, and have demonstrated that to an external auditor.
Any corrective action taken even before the internal audit takes place will help improve the chances of success during the review.
Create a plan with a time-line that represents any actions that are still needed to take place in order to be compliant. In-between internal audits, implement these actions, so they have enough time to integrate into your quality management system before the next internal audit. That way, by the time you have your next inspection, your auditor(s) will be able to tell you whether or not those actions are sufficient or if there’s anything new that needs addressing.
You will have about two to three months to prepare for your certification audit, so make sure you take advantage of what you can learn from your internal audits until then. Treat your internal audits as if they were the real thing.
This goes along with taking the audit seriously. Treat each employee and section fairly as if it were your own department.
While your employees don’t necessarily have to memorize the ISO 9001 standards, they should at least know enough to understand what the expectations are and what will be audited in relation to those expectations.
Just like the external ISO 9001 audit, make sure your employees are always prepared before an internal review. Make sure that everyone is on the same page about what will happen during the check and the information/documentation they need to know.
Since your internal audits are essentially practice runs for the official external audit, it is the perfect opportunity to make sure the quality management system you have planned for your organization is correctly implemented, and that any new processes are being followed accordingly.
It is also a good time to assess whether or not your QMS is working effectively. Internal audits provide an opportunity for businesses to adjust their system if there is a flaw or portion that is not ISO 9001 compliant.
During the internal audit, make sure you follow safety procedures in addition to all other procedures that should be followed throughout the departments within the organization.
Make sure your employees are honest with the auditors. The point of the internal audits is to help the organization as a whole improve well before the certification audit takes place. Improvements can’t happen if your employees are not completely transparent about how their department runs.
Our Internal Audit Templates are proven to work.
The external audit process will work similarly to your internal audits; the only difference will be who will be performing the audit. In order to achieve certification, you will need to demonstrate your ISO 9001 compliance to an external or third-party auditor.
The third-party auditor (or auditor team) will be assigned to your organization by an ISO 9001 registrar (also referred to as a Certification Body or CB), an independent entity who also issues the ISO 9001 certificate once approved by the auditor.
The external audit can take place after you have completed a successful internal audit and have at least two to three months of documentation and records from your ISO 9001 procedures.
The official auditing process takes place in three steps: the opening meeting, the auditing process, and the closing meeting.
When the external auditor(s) arrives, the management team and the auditor will first meet to go over any management review meeting notes and your organization’s quality objectives.
During the meeting, the auditor(s) will also discuss their role and the auditing schedule. The auditing process may take up to a week, depending on the size of the organization.
After the opening meeting, the auditor(s) go over your quality management system processes using their audit schedule as a guide. (Note that some process reviews may take more or less time than scheduled.)
The auditor(s) will visit a few or all of your departments to check if the ISO 9001 requirements noted in your documentation is implemented and being followed by staff. The auditor(s) will interview staff members, asking questions, and taking note of what they discover; depending on the findings, auditors may make a note for further evaluation.
This will be when most of the auditing process takes place; during this step, you and your team will gain insight into what you are doing well and what could use improvements for better compliance.
If the auditor(s) find any problems in compliance with ISO 9001, they will bring those concerns up for you to take corrective action before receiving ISO 9001 accreditation. Some auditors may offer recommendations based on those findings. All this and more will be in an audit results report for senior management and employees to review.
However, if the auditor(s) do not find any major issues with your QMS, you will be awarded an ISO 9001 certificate following the audit.
Having a successful ISO 9001 system requires on-going maintenance and takes a while to implement. It is most certainly not a one-time, one-hour ordeal.
Create a schedule that outlines how you plan to implement your new ISO 9001 system. What requirements should be met in a month’s time? In a year’s time? Create a time-line with milestones to make sure you stay on track. The last thing you want your organization to do is to rush to meet the ISO 9001 requirements weeks before your official certification audit.
Our Internal Audit Templates are proven to work.
Your employees and management should also be prepared for the audit. Make sure they are up-to-date on the following quality management system features:
Your team should be very familiar with relevant documentation to their role and area, but it's also important that your documentation is accurate in the first place. First, you should have the following documents on-hand:
Before your audit, also review your documentation to make sure it is:
You should also make sure any obsolete or outdated documents are removed and no longer in use.
Our Internal Audit Templates are proven to work.
All procedures that your organization has implemented under ISO 9001 standards (whether they are documented or not) should be followed. Make sure your employees are aware of any updated quality management system procedures that apply to their role and department and that they are following the new systems accordingly.
It’s also important that you check that critical processes are being performed the correct way (and the same way) by all employees.
Take steps to resolve recurring problems as soon as they appear during internal audits. By starting early, you can find quick, foolproof solutions to the flaws in your quality management system.
If an auditor finds a problem during your official auditing process, they allow you enough time to repair those issues, and if you are able to resolve those conflicts, then you can still be certified.
However, if the auditor uncovers a problem that you have seen often, and don’t have a solution for yet, you could lose your chance at certification. For that reason, it is important that you have addressed any findings from your internal audits before your certification audit. Also make sure that for corrective actions that have been executed that you have verified them for effectiveness, and have documentation that supports that.
Regular internal audits allow you to see any concerns regarding ISO 9001 requirements. By assessing your company routinely, you can correct anything that needs fixing long before your official certification audit.
In addition, internal audits will allow management and employees to be more prepared for the real deal, especially the interview process.
Just like your internal audits, it's important to be positive and professional. Make sure you make a good impression with the auditor--treat them professionally and with respect.
Remember that the external auditor isn’t your enemy—they’re trying to help you and your organization uncover any weaknesses so that you can take corrective actions needed to ensure a high-quality standard for your employees, your company, and ultimately, your customers.
A good management review assesses the quality management system you have established for your organization at least once a year. Senior managers should review the following:
Routine management reviews should be documented according to ISO 9001 requirements. Each review should be followed by an actionable plan that is meant to resolve any concerns identified during the meeting. Such concerns should be resolved before the next internal audit so suggested changes have enough time to be implemented.
The auditor who visits your facility will want to see documentation or records that have tracked your progress during the implementation of your ISO 9001 system. They will be looking for evidence that shows that you have been following your plan and meeting objectives. Note that it is perfectly okay to change future goals if the business environment has changed since you have set the objectives; for example, perhaps the economic climate has fluctuated so you may increase or decrease your sales goals.
The ISO 9001 certification audit is very important: to your organization, your employees, and your customers. Make sure you put your best foot forward!
It can be difficult for an audit to take place in an unorganized or dirty workplace. Ensure that all of your company’s workplace areas are clean and organized. This includes any offices, desks, warehouses, or floors. Make sure any form of paperwork or documentation is organized and easy to access.
It helps if managers perform an initial inspection to make sure everything is where it should be and neat prior to the official audit.
In the event that you are not able to be certified due to a significant issue found by the auditor with compliance, you will need to address those problems based on the auditor’s recommendations in their auditing report. Some of the most common major problems found in quality management systems include:
Make sure you perform at least one or two more internal audits before you attempt your official certification audit again to ensure that action plans have been executed and have demonstrated their effectiveness.
Our Internal Audit Templates are proven to work.
Your first external ISO 9001 audit will certainly not be your last; certification only lasts for three years. After the three-year period, you will need to have another external audit performed in order to renew your certification.
If you have successfully maintained your quality management system and have been keeping up with internal audits to make sure your organization is still meeting ISO 9001 standards, then the routine external audit should go without a hitch. Also, if your company has implemented an effective QMS, then improvements will automatically come about, therefore increasing your chances of maintaining certification for much longer.
The entire process of implementing a quality management system in your organization according to ISO 9001 standards is well worth the time and money, and while the ISO 9001 external audit may seem intimidating because it determines your certification status, your company will be able to learn a lot more about your organization and its strengths and weaknesses.
Internal Auditing & Gap Analysis
- ISO Internal Audit Explained
- How to Conduct an ISO 9001 Internal Audit
- Internal Audit Procedure & Template [ISO 9001]
- Internal Audit Checklist - Everything You Need To Know
- Internal Audit Checklists, Procedures, Action Trackers & Programmes
- ISO 14001 Environmental Internal Audit
- Internal Audit Templates [ISO 9001, 14001, 45001]
- Internal Audit Template - How Can it Help Me?
- ISO 9001 Certification Audit ~ The Ultimate Guide
- How to do a Gap Analysis - The Definitive Guide [ISO 9001]
- ISO Gap Analysis Templates [ISO 9001, 14001, 45001]
Updated: 21st March 2023
Author: Richard Keen
Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard
Don’t Try to Manage It All Alone!
Our ISO Auditors and Quality Manager Trainers have been in this industry for years, and since 2002 we’ve been providing thousands of small businesses and large corporations with the tools they need to get certified.
Instead of trying to create everything you need to follow this process from scratch, use ours. We have procedures, templates, checklists, process maps, forms and gap analysis tools to help your internal audits without missing a single input or output.
Before you invest all the hours reinventing the wheel, before you spend countless dollars outsourcing the task — try our templates.
| Standard | |||
QMS Internal Audit Documentation Package Everything you need to perform an internal audit for ISO 9001:2015. Procedures - view sample Checklist - view sample Charts
Reports & Forms
Process Maps
Plus:
The documents are used together as a cohesive system or available seperately below. |
ISO 9001:2015 |
$149 USD | add to cart |
QMS Control of Internal Audits Procedure - view sample The purpose of the Internal Audit Procedure is to define your organization’s process for undertaking QMS audits, process audits, and supplier and legislation audits in order to assess the effectiveness of the application of the quality management system and its compliance to ISO 9001:2015. This procedure also defines the responsibilities for planning and conducting audits, reporting results and retaining associated records. Includes:
|
ISO 9001:2015 |
$19 USD | add to cart |
QMS Internal Audit Checklist v2 - view sample Use this audit checklist to determine the extent to which your quality management system conforms to ISO 9001 requirements by determining whether those requirements have been effectively implemented and maintained. This template will help you to assess the state of your existing management system and identify process weakness to allow a targeted approach to prioritizing corrective action. Master Internal Audit Checklist - view sample This audit checklist comprises tables of the certifiable (‘shall’) requirements, from Section 4.0 to Section 10.0 of ISO 9001:2015, each required is phrased as a question.
The answers will automatically populate and update the Audit Results Summary and charts. Audit Results Summary
Process Audit Template Requires the auditor review the inputs, risks, controls, activities, equipment, materials, personnel, and methods of measurement for each process. Question Guidance Guidance and suggestions for each audit question - view sample |
ISO 9001:2015 |
$79 USD | add to cart |
QMS Internal Audit Checklist v1 - view sample This is the 'Master Internal Audit Checklist' (see above) in MS Word format.
|
ISO 9001:2015 |
$39 USD | add to cart |
Pay by Credit Card, Debit Card, PayPal or Apple Pay.
|
Please read our Money Back Guarantee. |
Bought by Small Businesses and Large Corporations our templates have been sold online and CD since 2002.
Used by:
The Templates are used by first-timers following our step-by-step, clause-by-clause guidance documents; and experienced Quality Managers wishing to streamline and improve their existing documentation.
The application of our templates is scalable and generic; regardless of the size and type of organization. The elements that form the quality management system are the same.
1. Our customizable templates save you time and money by offering a streamlined process to create your quality documentation
2. They’ve got everything you need in one simple template
3. Proven to work our templates have helped thousands of businesses big and small achieve certification
4. Documents use styles to make reformatting and rebranding a breeze
5. Our templates are generalizable for any industry or sector. The application of our templates is scalable and generic; regardless of the size and type of organization.
| About Us | Contact Us |  |
Endeavour Technical Limited © 2002 - 2023 |
|
71–75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom |
|
Registered in England No. 07175526 |
|
| [email protected] | |
Telephone: 0845 054 2886 (UK only) |
|
| Terms | Privacy | |
