Every business should be dedicated to providing quality services and products for its customers and clients. One of the ways a company can guarantee this is by getting ISO 9001 certified. However, the road to getting certified can be long, confusing, and sometimes difficult for some companies. For example, not many people even know the ISO 9001 certification requirements.
What are the ISO 9001 certification requirements? There are five requirements to achieve ISO 9001 certification:
These requirements in the ISO 9001 standard are all part of a series of clauses that define and explain what is expected of companies to meet this international standard of quality management systems (QMS).
According to the American Society for Quality, a quality management system (QMS), is a “formalized system that documents processes, procedures, and responsibilities for achieving quality policies and objectives.” A QMS will allow a company to meet customer needs and continually improve its effectiveness and efficiency.
A quality management system should help an organization recognize and then address their needs, in addition to their customers’ needs. All quality management systems have similar elements which help achieve this goal:
ISO 9001 is defined as “the international standard that specifies requirements for a quality management system (QMS).” (Source: American Society for Quality) It is one of the most implemented quality management systems for processes in the world.
The ISO 9001 standard was first introduced in 1987 by the International Organization for Standardization (ISO), an agency that is made up of a collection of national standards organizations from over 160 countries.
Although the first version of the ISO 9001 standard dates back to the 1980s, it has seen a few revisions since its inception, the latest being in 2015. For this reason, you may often see the updated ISO 9001 standard referred to as ISO 9001: 2015. Many of these new updates include:
ISO 9001 also follows a “plan-do-check-act” methodology and uses a process-oriented approach to recording and reviewing a company’s structures, responsibilities, and procedures to achieve and improve quality management. It involves following these necessary steps:
The ISO 9001 standard, since its formation, has been built on the idea of seven quality principles:
In order to be certified, companies must follow these requirements. Those who do demonstrate that they can provide quality products and services that meet their customers’ needs and regulatory requirements, and continually improve their systems and processes to deliver these products and services consistently.
Any organization today can benefit from ISO 9001 certification, regardless of their size or the industry they are in. In fact, millions of organizations across 160 different countries have adapted to use the ISO 9001 standard to improve quality management systems.
Although achieving ISO 9001 certification can be a long, sometimes complicated, process for companies, the benefits that come from it is well worth the effort. Many companies don’t realize that they actually need an ISO 9001 certification in order to be successful. The following are some reasons why you should aim for ISO 9001 accreditation.
In addition, with higher quality systems and processes as well as products, you will surpass your existing customers’ expectations; this means happier customers and fewer complaints. If you do have the occasional complaint, you will be better equipped to resolve it with an effective ISO 9001 system in place.
Also, if you’ve adopted an ISO 9001 system, you will always know what your customers want and need (even unstated needs), and will be able to provide it with your products.
Some of your customers may require that you are ISO 9001 certified before they consider doing business with you. Having an ISO 9001 certification shows customers that your company is dedicated to providing them quality care and service.
Once you have ISO 9001 certification, you are free to advertise it to potential new customers for the chance to earn their business, and as a result, more revenue.
The result of adopting an ISO 9001 system in your company is an improved quality across the entire organization, from processes to your products. Your customers will immediately notice the difference.
ISO 9001 requires that your company is able to identify and communicate your systems and processes in the form of business metrics—or data—to better manage and control such systems.
Business metrics can help you understand and evaluate how your company is performing concerning your QMS objectives.
Your customers are better off when you are able to provide quality services and products consistently. To do this, you need to increase your control over your processes, and there’s no better way to do it than by understanding your systems first.
Previously mentioned was how your customers would see the difference when you implement an ISO 9001 system, but they’re not the only ones who’ll notice. In fact, your employees will be the very first to see a significant, positive change in your company and professional culture. As a result, your employees will be happier and will perform much better than ever before.
In addition to that, an ISO 9001 system will also help your employees learn how to do their jobs better and more efficiently, from setting objectives and streamlining procedures, to providing feedback on whether they can meet those objectives based on their performance.
An ISO 9001 system will require that your company stays focused on providing consistent quality to your employees and customers alike. To do this, different types of audits—such as internal, registration, and self-process audits—will need to happen to monitor your progress to make sure you’re moving in the right direction.
Routine audits—such as every quarter—will provide the feedback you need to ensure you’re not straying from quality standards, and that your company is remaining in line with its goals and mission.
Every business looking for a profit wants to cut down on overhead and other costs; an ISO 9001 system will help with that. As your company’s operations and processes begin to improve over time, you will be able to hit your company’s objectives easier, faster, and more consistently. With consistency, it won’t be much longer until you start to see tangible results.
For one, you’ll decrease the amount of process waste you used to produce with a higher quality, more efficient system. As a result, you’ll make more money on the products you are able to turn around—all while eliminating costs for scraps.
Finally, since ISO 9001 is a worldwide standard through the International Organization for Standardization (ISO), your company will be among a select group of over one million organizations in the world with this prestigious certification!
This section of the ISO 9001 standard mentions the general requirements needed to implement a quality management system.
It lists a few essential documents and records you will need to show your compliance under the new QMS:
Leaders in the organization will need to have the following:
Management will be required to provide resources to their employees across multiple departments to understand, implement, and maintain ISO requirements:
This section of the ISO 9001 is the only area where organizations can choose to opt-out of some of the requirements mentioned. For example, companies that do not provide design work or services can disregard the section outlining design requirements.
The remaining requirements that must be fulfilled by companies seeking ISO 9001 certification are related to planning for products and/or services:
This final section of the ISO 9001 outlines the tools needed to understand how effective your QMS is and whether or not it builds a foundation for continual improvement.
Leaders will also need to provide documentation and analysis reports about how to control non-conforming products and services, and any corrective and preventive actions required.
To become certified, organizations must first follow steps to begin implementing the ISO 9001 QMS. Once the QMS has been integrated into your systems and processes, a Certification Body (also referred as a CB or Registrar) will need to be invited to audit your company’s performance based on the most recent version of ISO 9001 (in this case ISO 9001:2015).
If your company passes this audit, then the Registrar will issue you a certificate that acknowledges your official ISO 9001 status. The certificate is valid for three years; the organization will need to be re-certified at the end of these three years in order to maintain its ISO 9001 certification.
If your organization is interested in getting started with ISO 9001 certification, it is best to follow the following steps to ensure a smooth transition into the new QMS—and your best chances of achieving official accreditation.
The first step in getting ready to integrate ISO 9001 into your company is to set your goals and objectives. How do you want to set up your ISO 9001 system? Create a plan and list what you wish your QMS to do to help improve existing systems and processes. Also, consider the timeline you want to follow: do you want to integrate ISO 9001 over the course of the next five months or five years?
How do you want to approach getting certified? There are four different methods you could pursue:
Carefully assess your company’s needs to see which approach is right for you. Every organization is different and will need to take different approaches to ISO 9001 certification.
The most popular approach by far is to implement ISO 9001 in-house. Whether or not youi choose to purchase an ISO Template is up to you. These Templates are relatively inexpensive, and ideal if you do not have to have any type of prior experience, however, if you may feel you have a good enough grasp on the materials to be able to do it all yourself. By all means, go for it!
Who will be your ISO 9001 Management Representative? You will need to assign someone within your organization’s top management team to help drive the movement towards ISO 9001 certification. The ideal person would be anyone who is a Quality Manager, but anyone from senior management that has the ability to change operating systems and processes can be eligible.
If you have multiple locations, assign a local Management Representative for each site, with a corporate Representative to oversee and lead them.
You will need to set up training programs for your employees in order for process changes to start taking place. Start by providing information about the new ISO 9001 system to the following groups:
Although a detailed plan would be ideal for making sure your organization can develop and implement an ISO 9001 system successfully, a basic plan with just the steps for implementation and a timeline is an excellent place to start.
Many organizations find it useful to conduct a gap analysis in order to determine if they are already meeting any ISO 9001 requirements. If you find that your company already meets some of these requirements, you can spend more time concentrating on anything else left to implement.
You will need the following documents in order to fulfill this requirement for ISO 9001 certification:
When you’re creating the necessary documents for your organization, make sure that they are both specific to your company and fitting. A good ISO 9001 template to follow for creating documentation will integrate the following:
You can create as many procedures, work instructions, and forms as you feel is suitable for the QMS you are trying to implement. However, you have the flexibility to deviate from the standard of the ISO 9001 here by combining or splitting up the clauses most relevant to your business.
This is a crucial time for your organization; during this step of the process, you will be introducing new requirements from your ISO 9001 documentation to anyone affected, such as your employees and managers. You will need to help them adjust to the new ISO 9001 system by offering information about the new processes, and how such processes will benefit them.
Many organizations find that it is easiest to start with document control. Explain the new requirements of the ISO 9001 to your team either in a meeting or sent memo. Alternatively, you can also have department heads explain the new system to their respective teams.
As you begin to implement the new ISO 9001 QMS, most of your employees will have to adjust how they work in order to fulfill some of its requirements. The ISO 9001 also asks for improvements in work instructions and processes.
According to the ISO 9001 standard, you only need to have work instructions if they can add value to the business. Value can be added either by outlining the steps of a process not typically performed, detailing common processes, standardizing processes, or describing processes in a way that new staff can understand.
If you do decide to create or update work instructions, it is best to have that role assigned to someone who actually performs the work. Ask them to think about the best way they can do their work, and then document what the main steps would be. Documentation could be in the form of flowcharts, pictures, text, and even videos—anything that makes the information easy to understand and clear.
If you introduce new or updated processes to your team, make sure you have employees begin incorporating them into their work instructions.
Audits are essentially inspections where your company assesses itself to see if it is following all of the ISO 9001 requirements. These internal audits should not only take place while implementing the new QMS but also routinely after becoming ISO 9001 certified.
Audits are usually performed by an employee within your own organization who has ISO 9001 auditing training. Many small businesses usually have the ISO 9001 lead they chose to conduct audits. In this case, the lead would audit the entire company with the exception of their own work, while a second employee would audit the lead’s function. You could also use a subcontractor for an internal audit.
Other companies will train several internal auditors to aid in cross-training and spreading best practices to meet the ISO 9001 requirements. In fact, some organizations will begin training new ISO 9001 auditors even before beginning implementation so that they can assist in the transition.
Any auditor should verify that your organization does in fact meet the requirements of the latest ISO 9001 as they are described from your procedures and work instructions.
To achieve certification you will need to have an independent ISO 9001 auditor visit your company and perform the certification audit. This process can begin as soon as you have completed a successful internal audit and gathered approximately two months of records from your ISO 9001 procedures.
The ISO 9001 registrar will be the independent entity who sends an auditor and issues the ISO 9001 certificate. Make sure when you’re choosing a certification organization that they are officially accredited by a national certification body.
The official ISO 9001 certification audit will be quite similar to your internal audits. The independent auditor or team will visit some or all of your departments and randomly verify that the ISO 9001 requirements documented in your procedures and work instructions are being implemented and actively followed by both management and employees.
Unless the auditor(s) find significant problems with your new QMS in relation to ISO 9001 standards, you will then receive an ISO 9001 certificate after the site visit. If there are problems, you will have the chance to resolve them before a certificate is issued.
Achieving ISO 9001 certification is never a one-time event; you will need to continue performing internal audits regularly (monthly or quarterly) in addition to registrar site audits once or twice a year to verify that your business is continuing to comply to the ISO 9001 standard and is in fact improving. (If you implemented your new QMS correctly, then it will continually improve on its own as long as you stick to it.)
Although it seems like a complicated process, with a dedicated team and enough drive you can achieve ISO 9001 certification. And why pass up on an opportunity to improve your company and its products? It will make your customers happy, and your employees too!
Written: 29th July 2019
Author: Richard Keen
Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard