How to prepare your company for the ISO 9001 certification audit

So, you have created a Quality Management System (QMS) for your company using the requirements of ISO 9001, and you need to get ready for your certification audit. What do you need to do to prepare? How do you know you will pass? Is there anything you can do to make your chances of successfully completing the certification audit better? There is, and it is not that hard.

What needs to happen to prepare for the ISO 9001 certification audit?

The good news about preparing for the certification audit of your QMS is that the activities are already included in your Quality Management System. After implementing all of the processes and procedures required by ISO 9001, your certification body will expect you to maintain the system for a certain length of time, often six to nine months, so that you can accumulate the records necessary to show how your processes are performing.

During this time they will also expect you to perform the following actions to verify for yourself how well your processes and procedures are meeting the planned arrangements:


  • Internal Audit: Your certification body expects that you will look at every process within your QMS before they get there. This way you can make sure that the results you are getting are as you planned and expected. Now is the time to work through any deviations from the plan and address them. Why would the certification body want to audit your processes if you have not had a chance yet?
  • Management Review: Not only the auditors, but also the top management need to perform their tasks to make sure the QMS is meeting expectations. A management review of the QMS, to make sure that it is meeting requirements and re-assign resources as necessary, needs to happen before the certification body audit. The certification body doesn’t want to audit a QMS that the top management hasn’t had a chance to review yet.
  • Corrective Actions: If you find anything in your audits or management review, you need to have plans in place to investigate the root cause and find the corrective actions necessary to address that root cause. The certification body doesn’t want to find the same problem that you have already identified and did not address. If they do find a problem that you have identified and contained, and that is already being investigated in your corrective action system, they will be pleased to see that your system is already doing what it is designed to do: contain the problem and provide corrective action of the root cause. Never leave a known problem for the certification auditors to find.

For more insight into what the certification body auditors might ask during the certification audits, see this post about What questions to expect on the ISO 9001 certification audit.

What if the certification auditors find a problem?

Even though you may have tried your best, there is always a chance that the certification auditors might find a problem that you will need to fix. This is not uncommon, and in your pursuit of continual improvement it is best that you find and correct any problems in your processes – even if you do not find them yourself. Any non-conformity that is found in your QMS is intended to be investigated and addressed.

This is why you hire the certification body to audit your process, and this is why you have a procedure for investigating and correcting the root causes of audit findings: the corrective action process. Don’t think of these findings as a failure; they are only a small postponement in your progression towards ISO 9001 certification. Once they are addressed, your certification body will still issue your ISO 9001 certification.

For more information on how to address any nonconformities found in the certification audit, see this article on How to deal with nonconformities in an ISO 9001 certification audit.

Where do you go from here?

Remember: A Quality Management System is not something that is intended to be defined once, written down, and never changed. Having a QMS is the foundation for your company to maintain processes, correct problems, and continually improve the processes within your company. In short, the QMS is expected to change over time as you practice continual improvement.

It is the goal of a QMS to improve and change over time; use every opportunity you can to work towards your improvements. This is why you implemented the QMS in the first place.

To learn more about certification audit, check out this book: Preparing for ISO Certification Audit: A Plain English Guide.

Advisera Mark Hammar
Author
Mark Hammar
Mark Hammar is a Certified Manager of Quality / Organizational Excellence through the American Society for Quality and has been a Quality Professional since 1994. Mark has experience in auditing, improving processes, and writing procedures for Quality, Environmental, and Occupational Health & Safety Management Systems, and is certified as a Lead Auditor for ISO 9001, AS9100, and ISO 14001.