10 Steps to ISO Certification



Achieving certification to standards such as ISO 9001 or ISO 14001 can seem daunting. To help those new to the implementation process, in this article we’ve covered things step-by-step, detailing what is required from you, as well as your chosen Certification Body.

Step One: Make the Right Choice

The first step for any organisation is making sure that the standard you’ve chosen is the right fit for your organisation, right now. It’s worth noting that in order to become certified, you must have been operating for at least 3 months. This is so you, at least, have some processes in place that can be assessed.

We recommend engaging with any industry or professional associations that you may be actively involved in, to see how ISO certification has worked for other members. You could also speak to certified clients or suppliers, as well as using Government resources such as Business Link for a wealth of information on ISO standards.

Step Two: Reviewing the Standard

Buying a copy of the standard can be useful, but isn’t necessarily required. In truth, the jargon involved may even put you off! This is why the International Organization for Standardization (ISO) have developed a couple of handbooks which breakdown the ISO 9001 and ISO 14001 standards to make them more accessible.

Step Three: Communicating the Goal

Implementing an ISO management system needs to be an organisation-wide target developed by senior management. Ongoing effort will be needed to ensure good habits are maintained throughout the process, so a ‘champion’ will be needed, or a dedicated team if you work in a larger organisation. This person or team will also need to be responsible for developing the actual management system.

Gaining buy-in is one of the biggest challenges whilst on the route to achieving certification. We have published numerous articles focusing on the benefits of all of the main standards which can help communicate why exactly your organisation is taking these steps.

Step Four: Establish Training Requirements

If you are completely new to the world of ISO standards, then a training course can be beneficial to give confidence and genuine skills to help in the implementation process. Even if you are fairly experienced, a refresher course ensures you will get the most out of the standard.

We currently run external and in-house courses on the most popular management standards, ISO 9001 and ISO 14001.

ISO Training Courses

Step Five: Using a Consultant

We cannot provide consultancy services as it would affect our impartiality. It is however acceptable to independently source a consultant to help you along the process. They can help advise on an implementation strategy, and a good consultant should increase the value of the process.

The use of a consultant doesn’t remove your responsibility for establishing and implementing your ISO management system. Therefore, it is in your own interest that you and your management are actively involved with the consultant throughout. Beware of any ‘ready made’ management systems which may not suit your organisation.

Step Six: Select a Certification Body

It’s important to know exactly what you’re signing up to when agreeing to proceed with a Certification Body. The popular ISO management standards are based on a 3 year cycle. Some Certification Bodies will expect you to sign up to a minimum 3 year contract to suit. Whilst only an annual visit is required, there are some who will insist seeing you more frequently. It’s important you clarify this when obtaining quotes and check for other hidden costs such as ‘registration’ and travel fees.

Step Seven: Developing a Management System

The ISO management standards are designed to be generic, applicable to organisations of all sizes and industry sectors. Whilst the standards provide a framework for good management practice, specifying things that need to be included, they do not tell you how to do them. Consequently, there is considerable freedom in meeting the requirements of the standards.

The fundamental part of achieving certification to an ISO standard is forming a Management System; a Quality Management System (QMS) for ISO 9001 and an Environmental Management System (EMS) for ISO 14001. The Management System is formed of processes for management activities, provision of resources, production realisation, measurement, analysis and improvement.

Step Eight: The Stage 1 Audit

The process starts with what’s known as a ‘Stage 1 Audit’. This is when an auditor reviews your existing systems and provides you with a gap analysis report which will identify the actions required to meet the standard. This can be used as a helpful action plan, so don’t worry if you think you’re under prepared. Many organisations find they already have a number of required processes in place. They just need better documentation and communication of what processes are mandatory and who has responsibility for what.

Step Nine: The Stage 2 Audit

Once your organisation is ready and has filled the gaps highlighted in the Stage 1 report, an auditor will visit you again to carry out what’s known as the ‘Stage 2 Audit’. This will reveal the effectiveness of your management system and whether it meets all the requirements of the specific ISO standard you wish to be certified to (e.g. ISO 9001 and/or ISO 14001). If you are fully compliant, you will be recommended for certification. The auditor’s report will then be checked via an approvals process and if no anomalies are identified, certification is officially awarded.

Step Ten: Maintaining your Management System

The maintenance of your management system is where the hard work really starts. Continued buy-in from everyone is important for implementation to succeed, and for you to gain the true benefit of becoming certified.

In-house communication and training should be carried out regularly to ensure ongoing awareness and engagement with staff. More formally, internal audits should also be carried out to ensure the requirements of the standard are continually met. A management review should then be held to set out corrective actions as required.

Why the British Assessment Bureau?

The British Assessment Bureau is a leading UK Certification Body with a 99% client recommendation rating. Our straightforward approach to ISO certification includes our Fixed Fee quotations, which show you exactly what you will be paying, upfront. To make things easier, we also separate our fees into interest free staged payments, and crucially, you are not tied into a long-term contract.


For more information, call our award-winning team of ISO experts, free of charge, on 0800 404 7007.

Free Introduction to ISO 9001 course






start course