Certification to the ISO 9001 standard involves the following phases.
- Training/Familiarization with ISO 9001
- Gap analysis of the QMS
- QMS development / updation
- ISO 9001/QMS awareness programs for employees
- Deployment of QMS
- Internal Audits
- Management Review
- First stage audit
- Certification audit
Key members from the organization are at first trained on ISO 9001. Then, these members with the help of an ISO 9001 consultant perform a gap analysis of the organizationâ€™s existing practices/systems (Quality Management system) versus the requirements of ISO 9001. These gaps are then plugged in the respective procedures and systems. If incase, the organization is starting from zero, i.e. it does not have any baseline procedures/practices/systems in place, then the new Quality Management System is developed based on ISO 9001. In such cases, the Quality policy is developed and signed off by the top management of the organization. Also, the Quality manual is written in which is the scope of the organization towards the certification is mentioned.
In the next step, awareness programs are conducted for the employees on the ISO 9001 standard and the organizationâ€™s QMS. This is followed deployment of the defined procedures, which is typically supported by members of the Quality department. After the deployment, a pool of trained internal auditors is developed through internal or external training. The first round of internal audit is conducted across the departments/functions, as per the audit plan.Â These are followed by tracking / follow up towards closure of the Non conformances raised during the internal audits.
After the internal audits, all the required inputs are collected for conducting the first Management Review Meeting. The results of the internal audits are one of the key inputs for the Management review meeting. Post the Management review meeting, the results of the review is circulated to all departments for necessary action.
Now, the organization is ready for the first stage of the certification audit i.e. the external audit. In the first stage, the certification body verifies the readiness of the organization towards the final certification audit. The QMS documentation is verified to confirm that it meets the requirements of ISO 9001. Also, the auditor familiarizes himself with the nature and scope of activities of the organization, its boundaries, customers, organizational structure and way of working.Â The auditor communicates the potential issues that might hinder the final certification through the first stage audit report.Â The locations and departments to be audited and the related logistics are also finalized at this stage.
The final certification audit is conducted as per the plan made during first stage audit. The certification body verifies conformance to the clauses of ISO 9001 in the context of the organization. Based on the results of the audit, the certification body recommends for the ISO 9001 certification of the organization. Typically, the certification is valid for 3 years and surveillance audits are conducted once a year to ensure continuation of conformity. Most organizations take the help of an ISO 9001 consultant in taking them along the entire certification process.