Certification Cycle Explained



A significant reason ISO’s management standards are so highly regarded is that to claim ongoing certification, an organisation must be audited on a continuous basis to ensure they are still meeting the requirements of their chosen standard. This independent verification gives clients and other stakeholders the reassurance that the organisation really does ‘walk the talk’.

After achieving certification, an organisation is granted certification for a three year period, subject to ongoing reassessment from their chosen Certification Body. Now read on to find out how it could work for you.

Gaining initial certification

The first step towards achieving your certification is the Stage 1 Audit. This assessment reviews your current management system arrangements and verifies how close you are to meeting your chosen standard’s requirements. The outcome is a plan of action to enable readiness for the Stage 2 conformity audit. Many organisations find that they already have a number of required processes in place; they just need better documentation and communication of what processes are mandatory and who has responsibility for what.

Once you are confident that everything is in place, the Stage 2 Audit is arranged to verify your conformity to your chosen standard. Assuming all goes to plan, your auditor will confirm that you are to be recommended for certification. Their recommendation will then be reviewed as part of an exacting approvals process, prior to certification being granted.

Surveillance Audits

ISO management standards focus on continuous improvement, and this is something that is looked for in Surveillance Audits. You must be reassessed at least annually, although depending on the size and complexity of your organisation, you may need to be visited more frequently.

Successful Surveillance Audits are a result of the continued buy-in from your management and staff, together with effective Internal Audits and management reviews to ensure everyone is singing from the same hymn sheet.

The Surveillance Audit is not required to be as comprehensive as the Stage 2 Audit, and its duration will be influenced by the scope and complexity of your management system and the results of any previous audits. Two-years of Surveillance Audits are then followed by the Re-certification Audit.

The Re-certification Audit

The final part of the Certification Cycle is the more comprehensive Re-certification Audit at the conclusion of the third surveillance year. Based on this visit, there will be a recommendation made on certification renewal (for another 3 year cycle), together with any adjustment required to the ongoing surveillance plan; based on observed trends throughout your certification cycle.

Our Approach

We recognise that ISO standards can often appear a little daunting, especially to newcomers. This is why our Stage 1 Audits comprise of a ‘Gap Analysis’ so that you come away knowing exactly what is needed in order to achieve conformity to your chosen standard. You will also be armed with generic templates and have unlimited access to your auditor – a service that means that the majority of our clients achieve certification within 10-12 weeks.

We also reward client loyalty, which is why we won’t charge you extra for the Re-Certification Audit, even though it is more comprehensive than a Surveillance Audit. At no extra charge, we also assist our clients with the promotion of their certification through template press releases and case studies.

ISO 9001 is ISO’s most popular standard, being implemented by more than one million companies in over 175 countries.

Free Introduction to GDPR course






start course