International Organization for Standardization (ISO) is a body situated at Geneva, Switzerland.
A few interesting points about the ISO standards & related certification are as follows:
- ISO only develops & publishes ISO standards and DOES NOT play any role in the certification. Therefore, a company or organization cannot be certified by ISO.
- ISO certificates can be issued by ANY ORGANIZATION as there are no guidelines specifying the authorization about who cannot conduct certification audits and issue ISO certificates.
However, ISO does recommend organizations seeking certification to choose a credible, recognized & accredited Certification Body or Conformity Assessment Body, if certification is required.
- Certification is NOT MANDATORY; Organizations can choose to implement ISO standards for business excellence and decide not to go for certification.
- Most of the published ISO Standards are for developing management system for organizations to do the business better.
- ISO Certification is a third-party endorsement that the organization has an established, implemented, documented, maintained and monitored, management system against the selected ISO standard.
Procedure:
Step 1: There is no obligation to be certified against an ISO Standard eg. ISO 9001:2015. So, a good first step is evaluating whether certification makes sense for your organization. An organization can choose to implement an ISO standard without opting for certification, to reap the benefits of BUSINESS EXCELLENCE.
Step 2: The ISO certification audit is not a financial audit. No certification is done ethically, without the implementation of the ISO standard. The implementation of an ISO standard is generally a management system which needs to be implemented effectively, like Quality Management System (ISO 9001:2015). The audit that is done by a certification body, selected by the aspiring organization, of this very ‘implemented management system’. In layman terms, the audit is done to assess the implementation of ISO standard and to determine the level of compliance to the standard.
The organization seeking ISO Certification needs to implement the ISO Standard or the management system. The organization may select and hire a consultant or a consulting organization to help them implement the ISO standard or the management system as per the requirements of the standard. No certification is done ethically, without the implementation of the ISO standard. The audit that is done by certification body is to assess the implemented ISO standard and its level of compliance to the standard.
Step 3: A few implementation tips:
Tip 1 – Define your objectives. Why do you want to implement the standard?
Tip 2 – Make sure senior management is on board. It is crucial that everyone – from the top down – is supportive of the initiative and its objectives.
Tip 3 – Identify your organization’s key processes for meeting your objectives as well as your customers’ needs. Within each of these processes, make sure you understand our customers’ requirements and can guarantee that these are met – each and every time. This will form the basis of your quality management system.
The implementation duration may vary and shall depend on the level of participation between the consultant and the organization seeking to implement the ISO standard. Let’s take a case of ISO 9001:2015. The implementation procedure may take various steps including Gap Analysis, Process Mapping, Understanding the organization and its context, Discussions & Brainstorming sessions to identify & evaluate the process control parameters, documentation, internal audits etc.
Step 4: The consultant shall close all non-conformities and should assess the effectiveness of the established management system. On successful assessment, the consultant, recommends the organization to invite the selected Certification Body (Conformity Assessment Body) for the assessment, if the organization opts for third party endorsement through certification.