ISO 9001 for Beginners

  • Guides

If you’re new to the world of ISO 9001, it’s not the easiest of subjects to get to grips with. In response to this, we’ve created the Essential Guide to ISO 9001 – an overview of every step towards becoming an ISO 9001 certified organisation.

The world’s most recognised standard for business improvement

ISO 9001 is a standard published by the International Organisation for Standardisation (usually referred to as ISO). Whilst ISO 9001 relates to quality management, ISO are also responsible for close to 20,000 other standards relating to all aspects of our lives. Formed and reviewed through global consensus, the aim is for standards to make cross-border trading easier and to establish worldwide best practice in quality, safety and efficiency. Whether it’s related to being treated in hospital, or purchasing something with your credit card, ISO standards are often at work in our lives without us even realising.

ISO 9001 is described as a quality management standard, but for most small businesses, it’s also an effective standard for operating a business.  The standard defines the requirements to create a Quality Management System (QMS) so that organisations can create a documented plan for delivering consistency of service or product.

The standard can be traced back to the late 1980’s where it leaned heavily towards the manufacturing sector. Revisions over the years have seen it become more generic, and therefore more relevant, to many more organisations of all types and sizes. As a result, many organisations’ first experience of the standard is as a tender requirement. Particularly in supply chain tendering it is specified to filter the wheat from the chafe in an effort to ensure continuity of quality from the primary contractor down to each sub-contractor. This reduces risk to reputations and maximises consistency of delivery.

A structure to allow your organisation to thrive

If you are reading this article due to ISO 9001 being a requirement by a client, then you probably feel compelled but perhaps a little reluctant. However, it’s worth remembering that there are tangible internal benefits to implementing ISO 9001 too. Knowing that your people are all on the same page should not be underestimated (which we’ll expand upon later in the next section).

For an organisation to be in a position to grow, its leaders need to become strategic. This can only happen if management are able to work on the business, rather than constantly in the business. For smaller organisations in particular, ISO 9001 – through the creation of a Quality Management System – is the tool to help define who does what, when, why and how. This means work can be delegated confidently because the right person is doing the right job, which frees up time for the leaders to focus on key strategic issues.

RECOMMENDED READ: Is being the hero holding your business back?

ISO 9001 requires you to ensure that people are adequately trained in their roles and encourages engagement with your people in order to identify opportunities for improvement. Using the Plan, Do, Check, Act (PDCA) model, continual improvement is the bedrock of the standard. With this in place, inefficiencies should be rapidly addressed and – as has been proven in studies by Harvard Business School and Dun & Bradstreet – customers benefit because you are delivering a consistently high level of service. Moreover, if things do go wrong, you can trace the problem back and fix it, whether it’s a process problem or a person problem. It’s fair to say that any business that runs well is more productive. With ISO 9001 helping to better establish roles and responsibility, your people come away feeling more motivated and empowered. So, not only will certification to the standard help with the latest potential contract, it could be the difference between winning and retaining business into the future.

Getting staff on-board is vital for ISO 9001 to be a success

Hopefully, as you have been reading this article, the realisation has hit home that obtaining ISO 9001 isn’t as daunting as perhaps you first imagined. Whilst we would never suggest it’s easy – initial implementation will require you to re-think the way you are managing your business – it is straightforward. But as with most things in life, the more you put in, the more you will get out.It’s for that reason that engaging with your people is incredibly important, if you want to reap the benefits of the standard. Your people have to buy-in to the reasons for implementing ISO 9001 and understand the benefits to them, your customers and the organisation as a whole. Their ongoing input and participation is vital so that momentum and commitment isn’t lost; all too often we see the responsibility put on one person’s shoulders, leading to stress and disappointment.To aid in the buy-in process, as well as motivational presentations, we also offer training courses – both in-house and regional based open courses. Such training covers familiarisation with the standard and the first steps towards implementation, via internal auditor training.

You can take ownership, or use a consultant to be ISO 9001 ready

With what can be a somewhat confusing subject to start with, a Google search can sometimes add to the puzzling world of ISO 9001! Search results will reveal Certification Bodies, consultancy companies and those offering software or templates battling for Google real estate. So where do you start?

Choosing a consultant

  • Do they have relevant qualifications?
  • Do they have solid references?
  • Have they got industry experience?
  • How will fees be calculated?
  • Are they financially stable?
  • Are they insured?

The answer depends on your motivation; are you looking to become certified immediately, due to pressure from an existing or potential client? Or do you have more of a holistic viewpoint, where you want to move forward as a more efficient and profitable organisation? If timescales are tight, there are consultants that can help you get through the creation of your Quality Management System, largely removing you from the responsibility and therefore the resources required. That means you can get on with what you’ve been doing. However, the downside is that you will likely learn little from the experience and not benefit from internal improvements. But if certification gives you the short term gain of winning a contract, that’s your call.Engaging with a consultant will significantly increase the cost of the project. However, so you know what you’re walking into, an experienced ISO consultant should be able to quote a package fee, and we’re happy to put you in touch with local consultants to discuss this with you.


A larger organisation may wish to use a consultant for different reasons; to aid with achieving buy-in from your people and assisting with the inevitable internal auditing required to ensure everything is ticking over as it should be. Moreover, a good consultant will add value by bringing their experience into play to help overcome any issues or questions. Of course, there is no one forcing you to take a black or white approach. You can achieve certification quickly, and then give time to the initiative once the certificate has helped win you that vital contract. Many clients of ours have been in this very situation, and seek our help in providing training for their people immediately after certification is gained to ensure best practice filters through.

Certification shows the world that you can be trusted

Anyone can say they run a customer-focused and highly efficient business, but it’s another thing to prove it. Achieving certification through a Certification Body demonstrates that you have been independently assessed by a third party; confirming that you meet all the requirements of ISO 9001. As with any supplier, the Certification Body you choose should be a good fit for your organisation and priorities. This may be from demonstrating knowledge of your industry, to being able to meet your timescales. We endeavour to make our customers’ experience both straightforward and hassle-free. For example, we always quote a fixed fee and there are no hidden extras for things like annual registration or travel, which others may bury in the small print.

Similarly and unusually, we won’t try to tie you into a long term contract either.  We work hard on delivering the best service possible and ultimately feel whether you choose us moving forward should be based on wanting to, not having to!

Once you’ve made your choice of Certification Body, the first step is an initial visit to establish where you are now, and what you will need to do in order to be compliant to ISO 9001’s requirements. Many organisations fear they will have nothing, but many processes do exist – even if it’s currently in people’s heads – they may just need some tweaking in order to help build a robust ISO 9001 compliant Quality Management System. Whilst your Quality Management System maintains a record of your key documentation processes, it’s the doing of these processes that really counts!

CASE STUDIES: See how our clients have succeeded!

To ensure you are doing what you say you do, internal audits are a requirement to undertake. Once you’re confident everything is in place, you can then arrange your formal conformity assessment.

Buyer beware

The financial industry has the FCA and holiday companies have ABTA but, unfortunately, the certification industry isn’t so well regulated. As a result, there is no protection for those who mistakenly choose the wrong path.  It’s therefore critically important to make the right choice before signing on the dotted line. In Europe there is a defined path for Certification Bodies (often referred to as conformity assessment bodies) to demonstrate their competence and credibility. This is via accreditation from the respective National Accreditation Body. In the UK, this role is performed by the United Kingdom Accreditation Service (UKAS).

However, unlike regulators – like the FCA – this is not mandated and is not a requirement in law. UKAS is licensed by Government to perform its role and is overseen by the Department for Business Innovation and Skills (BIS).  Below is a statement of Government policy from the their website:

Where to get accreditation in the UK

The UK government expects UK based conformity assessment bodies to be compliant with European legislation and seek accreditation from UKAS (United Kingdom Accreditation Service) the body appointed by BIS to be the UK’s national accreditation body.BIS encourages and recommends UK businesses, government and local authorities requiring third party conformity assessment services to source such services, where they exist, from conformity assessment bodies accredited by a national accreditation body.” – Source:, 29 Jan 2015

The popularity of ISO 9001 in the UK – it’s the world’s 5th largest adopter of the standard – has been driven by many government contracts requiring certification to the standard as an eligibility requirement during the procurement process. This huge incentive for businesses to obtain ISO 9001 certification in order to qualify for work has led to Certification Bodies which are not UKAS accredited issuing certificates. This practice is not illegal but it does muddy the water and can lead to such certificates being rejected.

Most unaccredited Certification Bodies can be identified by offering low-cost deals and certification within a short space of time. It’s certainly a ‘buyer beware’ issue and, like most things, you get what you pay for. Sadly, there are thousands of organisations in the UK that are one tender away from discovering that their certificate will be rejected. As an example, procurement departments across multiple industries (both public and private sectors) use a Publicly Available Specification called PAS 91. This document was created to ensure consistency in the requirements set for would-be suppliers. In it, UKAS accredited certification is the only form recognised. As an added benefit, those with accredited certification will also find lengthy questions within Pre-Qualification Questionnaires (PQQs) can be skipped.

LEARN THE IMPORTANCE OF UKAS: Not all ISO certificates are equal

In the UK, the Government expects Certification Bodies to seek UKAS accreditation. The accreditation process (handled under the ISO 17021 standard) is used to verify the Certification Body’s competence and also its impartiality. The process involves a rigorous head office review of management, policies and procedures. Certification Bodies must also pass a test of their competence via Witnessed Assessments undertaken by UKAS; where their auditors shadow ours to make sure we perform to the levels expected. Once accredited, everything is re-checked after 6-months and annually thereafter. To demonstrate how important ‘competence’ is, UKAS accreditation filters down to industry levels. For example, whether it’s a construction company, a warehouse distribution centre or a cleaning business, we can only be accredited to work in these areas once we have been signed off as competent to audit them. The benefit to you – the client – is that your auditor has demonstrated that they understand your business and the challenges involved in achieving ISO 9001 certification.

Lastly, as with any provider, you should also look at capability, resources, customer reviews, contract terms and ongoing costs before committing; it should be no different when it comes to selecting a Certification Body. You can also check if they are UKAS accredited by checking on their website.

If you’re ready to begin your journey towards ISO 9001 certification, you can call our award winning team free on 0800 404 7007 for more advice. Alternatively, drop us an email via our online form.

profile image of Derrick Ross
Written by Derrick Ross

QMS Scheme Manager - International Register of Certificated Auditors (IRCA) Lead Auditor providing support to national Assessor team for Quality Management System and Senior Lead Assessor/Auditor, providing third-party certification to businesses in a variety of sectors. Including ISO 9001, ISO 14001, OHSAS 18001 and ISO 27001.