CertFast Logo and Tagline
855.393.0240
Contact Us

ISO Audit Process

Steps to Certification

Get a Free Quote

ISO 9001:2015 Certification Process

 

If order to Certify to ISO 9001:2015, your company needs to own a copy of the ISO 9001:2015 Standard. You can purchase the standard from a number of organizations. Here are a couple:

Purchase the Standard

Tech Street or ISO.org

ISO 9001 PDF and/or Print

Process Steps

Once you have submitted your application for quote, accepted the quote, and defined your scope of certification:

We conduct an initial Certification Audit (it’s a 2 part Assessment broken down into Stages)

 

Stage 1 Audit

Reviews if you have everything for a full Quality Management System Audit, including, but not necessarily limited to:

• Completed Internal Audit Reports

• Documentation of Management Reviews

• A Quality Management System Manual or something that shows your policies and any procedures and other documentation necessary for product/service quality

• A walk-through of the facilities, including observations of infrastructure and equipment, and interviews with staff to gauge their understanding of relevant aspects of the standard, such as the quality policy and relevant objectives

• Discussions with the management representative, and other management as needed, related to key processes, related process measurements, and quality objectives

• Confirmation of information related to the scope of certification, including number of sites, number of employees, key processes, any applicable legal or statutory requirements, and the products or services provided to customers.

Auditors may identify “areas of concern” during the Stage One audit. These are things that could potentially be considered non-conformities at the Stage Two audit. If the areas of concern are severe enough, the Stage Two audit may be postponed, rescheduled, of cancelled, and an additional Stage One audit may be necessary to move forward.

    Stage 2 Audit

    Reviews that you have documented your system properly and verifies that you have a functioning ISO 9001 Quality Management System in place and that you are conforming to the standard. The reviews will include, but are not necessarily limited to:

    • Completed Internal Audit Reports

    • Management Review Minutes

    • Documented information such as quality policies, procedures, and quality manual.

    • Any documentation of customer satisfaction/complaints

    • Any non-conformances/corrective actions

    • Areas of improvement documented

    • Documented evidence/records of operational controls (examples may include quotes, customer purchase orders, sales orders, supplier purchase orders, inspection records, manufacturing/service records, etc.)

    If there are any non-conformities identified at the Stage Two audit, they must be addressed with correction, root cause, and corrective actions. A form will be provided to submit your responses to CertFast. Responses are expected to be submitted within thirty (30) calendar days from the last day of the audit. If the nonconformity is considered a minor, CertFast only needs to see your corrections and confirm that you have an acceptable corrective action plan in place. If the nonconformity is considered a major, CertFast also needs to verify that the corrective action plans have been effectively implemented and satisfactorily address the nonconformity. If CertFast is unable to verify the implementation of corrections and corrective actions for any major nonconformities within six (6) months after the last day of the Stage Two audit, we are required to conduct another Stage Two audit before we can recommend certification.

    After successful completion of the Stage 1 and Stage 2 audit, the reports, and any associated nonconformities and corrective actions (if applicable) are reviewed and confirmed by the Technical Lead. Lastly, all audit information is reviewed by a qualified certification decision-maker, and if all is acceptable, CertFast will promptly issue your certificate.

    Surveillance Audits

    Your certification is valid for 3 years. Each year, a surveillance audit is required to keep your certificate valid and ensure you remain in conformance with the standard. If there are any nonconformities identified, they must be addressed in the same manner; responses are expected to be submitted within thirty (30) calendar days from the last day of the audit, and we expect to be able to fully accept and/or close nonconformities within sixty (60) calendar days from the last day of the audit. If the nonconformity is considered a minor, CertFast only needs to see your corrections and confirm that you have an acceptable corrective action plan in place. If the nonconformity is considered a major, CertFast also needs to verify that the corrective action plans have been effectively implemented and satisfactorily address the nonconformity. If CertFast is unable to verify the implementation of corrections and corrective actions for any major nonconformities within six (6) months after the last day of the surveillance audit, it may result in suspension or withdrawal of your certification.

    Recertification Audit

    After the 3 years, you complete a recertification audit, which is similar to your initial certification audit, including addressing any identified non-conformities.  The recertification audit must be conducted in enough time to complete all audit activities, including reviewing corrective actions and making a certification decision before the certification expiration date.  This cycle repeats every 3 years to maintain your ISO 9001 certification.  Recertification audit activities may need to include a Stage One Audit in situations where there have been significant changes to the management system, the organization, or the context in which the management system is operating.

    Special Audits

    Throughout your certification, there may be changes that impact your scope of certification, which could include things like moving to a new location, adding a new facility/location, or implementing a new process or product line. If your organization undergoes any of these types of changes, please contact your CertFast representative, as the change may impact your scope of certification and require a special surveillance audit to ensure the management system remains intact following the change. Similarly, CertFast or its accreditation body, IAS, may need to conduct short-notice or unannounced visits in response to complaints or to verify the implementation of corrective actions for severe issues.