6 steps to ISO certification

1. Choose the right standard

First of all, you need to know which of the standards will be the best fit for your organisation and help you meet your objectives and ambitions. To help you get started, we’ve summarised four key standards

• ISO 9001 focuses on meeting your customer requirements, enhancing their satisfaction and documenting the quality of your organisation’s processes. There are lots of benefits to gaining ISO 9001 certification. 62% of businesses reported qualifying for or winning more business as a result, as many tenders require ISO 9001 as a pre-qualifier. Almost three-quarters of businesses said that their internal processes were improved — so you’ll also become a more efficient organisation.

• ISO 27001 focuses on cybersecurity. Shockingly, 5 million data records are stolen each day worldwide. A data breach is expensive, not just in financial terms, but in terms of your reputation too. Gaining ISO 27001 shows that you take cybersecurity seriously and is a step towards GDPR compliance. The certification process will also give you independent insight into your current procedures and how they can be improved.

• ISO 14001 is the standard that sets a framework and criteria for an environmental management system. Certification can help your organisation improve your environmental practices, become more efficient and reduce waste — giving you the edge on competitors and improving your reputation.

• ISO 45001 is the standard to health and safety. It exists to help promote and protect the health (both physical and mental) of your employees. Improved occupational health and safety can lead to improved employee satisfaction, less sick days from work and a more efficient workforce.

2. Make the right choice of certification body

Not all certification bodies are made equal — choosing the right one is an important step towards success.

You may have been told you need an ISO certification to qualify to tender for a particular contract. It may be tempting to jump at the first organisation that promises and quick turnaround, but you really need to think about quality here.

Check out the following during your research:

• Are they United Kingdom Accreditation Service (UKAS) accredited? UKAS is the only Government recognised accreditation for organisations that provide certification, testing, and inspection of services.
• What are their online reviews like? Have past clients been happy with the service they’ve received?
• Look for added value — is there a dedicated client portal, extra resources on their website?
• What’s their social following like? Do people engage with their industry insight online?

When tendering for new contracts, UKAS accreditation is sometimes a requirement. By choosing a quality certification body, you’ll avoid any nasty surprises further down the line when your application is rejected.

3. Get stakeholders on board

By getting everyone’s buy-in from the start, the whole certification process will be more efficient. If you’re on a deadline to tender, the last thing you need is stakeholders pushing back on your efforts to get everything in place.

View certification as a partnership: consider the help and support you’ll get from your selected certification body. While UKAS accredited companies can’t provide consultancy (to stop conflict of interest), it’s important that your chosen body is responsive and supportive. A quality certification provider will be with you every step of the way.

Communication is key: keeping everyone in the loop and laying out the benefits of certification will make the process much smoother. If key people understand the business case from day one, you’ll have a much easier time when you start to implement your management system.

Training and development: A quick introductory course to ISO certification is a good starting point for decision-makers, as it’ll help to summarise and highlight key benefits of certification.

Consider rolling out training company-wide after gaining certification. An e-learning course will help your employees understand the changes that have been implemented and the benefit they bring — helping to strengthen employee engagement.

4. Stage 1 audit

The word audit might sound scary, but the stage 1 audit is straightforward. It’s simply to understand your current business processes so that recommendations can be made to improve them. You don’t need to have anything in place, it’s purely to spot opportunities so that an action plan can be put together. You’ll get a full report outlining any gaps in your current procedures and the necessary actions your organisation needs to take.

5. Developing a management system

After your stage 1 audit, you’ll need to develop a management system based on the recommendations from your auditor. A management system is a set of documents that outline your business processes and shows how you’ll meet the standard required for certification.

British Assessment Bureau offers toolkits to help you — these are templated documents you can use. You simply need to change them to reflect your own business practices. Submitting the documents is straight-forward too. Just upload them to our dedicated client area.

6. Stage 2 audit

Once you’ve submitted your documents, an auditor will conduct another visit to see if you’ve met the objectives set out in your stage 1 audit. If everything is in place, you’ll be granted certification. If not, your auditor will guide you through the necessary steps to get you on the right track. Another audit will be scheduled at a later date to make sure everything is in place.

Following certification, you’ll be audited annually to ensure continual improvements are made and the standards upheld.

ISO certification can help you win business, improve efficiency, improve your organisation’s reputation and differentiate you from your competitors. Follow these steps and you’ll soon be reaping the rewards. Read more about ISO 9001 if you are looking to start improving your business’ internal processes.