What is ISO 9001?

ISO 9001 is the international standard for quality management. The management system lays out specific requirements that organisations adhere to so that they become and remain UKAS accredited, ISO 9001 certified. Organisations use this standard to show the quality of products and services they provide to customers. ISO 9001 is the most popular certification in the ISO 9000 series.

We support a range of businesses from a variety of sectors in becoming ISO 9001 certified including engineering, manufacturing, recruitment, IT service providers and professional services.

Becoming ISO 9001 certified helps your organisation to market its product and services. ISO Certification is a process, from preparing your company and having an internal audit to being audited by a certification body and you getting your certification. We are able to pass considerable discounts onto clients from our preferred certification partner, the British Assessment Bureau.

The amount of time it will take to become certified will depend entirely on your organisation. Here at Compliant we usually recommend three months from start to finish. We will help you to comply with ISO’s set of standards by providing a successful framework.

Untitled design 22

How to get ISO 9001 certified

Step 1: Prepare your Organisation

Learning about the requirements for the ISO 9001 standard is important so you can effectively prepare your organisation. ISO 9001 contains 10 clauses but only clauses 4 – 10 can be evaluated. Becoming familiar with all the clauses is important for your organisation. Compliant will be there to support and guide you through each of the clauses and what they mean.

ISO 9001 is applicable for every industry, whether you are in a restaurant or consultancy, it could work for you. There is a set of requirements you can comply with to become certified.

When preparing your organisation, you need to set your goals. Know the benefits you will gain by becoming ISO certified. For example we recently supported innovative, mobile surgical unit business, Enigma Medical Solutions in becoming ISO 9001 certified as one of their major goals was to get onto the NHS framework, which required ISO 9001.

Look into the operational rewards; you can use them for tangible objectives. While you are looking towards the benefits that your organisation will gain from getting certified, you also have to plan for the implementation. Rolling out a standard across an entire organisation might seem daunting but we’re here to help. One of the larger clients we supported in becoming certified; CoreHaus has successfully rolled their UKAS accredited certifications out across the expanding company.

It is worth deciding which department and products you might want to exclude first.

Defining the scope of the implementation is important since this will define which part of the organisation you would want to be certified or if you want the whole organisation to be certified. The rolling out of standard if you want your entire organisation to be certified also differs. You can start from one department and slowly roll it out or implement certification across the full organisation instantly. Having a thorough implementation plan is part of the planning process.

There are different approaches to implementing the process. Some businesses engage a professional consultant such as ourselves, others will do it on their own. We always recommend engaging a consultant as they may be able to support in identifying any organisational gaps.

We can help you in reviewing and/or fixing any gaps but it will always be up to your organisation to decide which approach you would like to take to close the gap. Self-reflection is always encouraged. Organisations should always reflect on what they think should be improved.

The person who will be responsible for implementing the standards should be duly appointed as the IMS Manager. They are the ones who are the center of the implementation process. They are the ones who will look into the achievement and gaps when it comes to implementation. Changing operational processes can be challenging for most organisations. If the company has multiple locations, it is advised that they should decentralize the task of a focal person for the implementation process.

Training focal people on ISO 9001 will be a huge help. This is also something that we can help with as we offer training packages. They will have a clear understanding of the whole process, from preparation to getting certification.

IMS Manager’s are the ones who will be implementing, monitoring, and evaluating the whole process with our guidance and support. These managers need to be fully supported by the executive team. If they are not fully supported, implementation and documentation of the whole process would seem impossible.

Step 2: Implementation

Implementing the ISO 9001 standard can be a challenge. It can create confusion and may cause management issues. Creating a procedure to make sure that conflict will not arise among team members is part of the whole implementation process. A good implementation process helps the members of the organisation adjust to the standard and improve their work, which is beneficial for everyone.

Having an efficient new procedure is important to avoid bureaucracy and it will motivate the other members to work towards the goal. Most of the fears of members of an organisation when change is being implemented is how bureaucracy could worsen. This should be avoided at all costs.

Introducing Compliant’s structured process will be a huge help. Team members will understand why there are changes, what the changes are, and how they will affect the organisation. Explaining the implementation of the new standard could be done in a trickle effect starting from the manager or could be done through departmental meetings. All these would depend on the size of the organisation.

Depending on the ISO 9001 requirement, the staff can redesign their workflow. Allowing them to have an opinion on the change that is happening in the company will make them motivated. It should be explained that they have the power to change their workflow, but it should be in compliance with the requirements of UKAS accredited ISO 9001.

We always say when team members are discussing and identifying the flow that causes delay, they can highlight and create solutions, making them part of the process. This will make them feel empowered. They can also write their work instructions, making it easy for them to follow.

Improving the management system in the workflow is important when your organisation is becoming certified. For staff, supplying the work instructions will give them a clearer understanding of why some of the activities get delayed, who is the person responsible, and how to improve it. The management team always has a different perspective on how some activities are being performed. Having staff define and write it out will give a new light to how things could be done efficiently. While these changes are happening, proper documentation is needed to record activity. Compliant provides professional recording documents.

Step 3: Documentation

Documentation is an important role. This is not just one step but should be occurring in every step. The reason for this is not just for the external auditors but also for the staff of the organisation to look into when they are working on improvements. The documentation for ISO 9001 may seem challenging but our dedicated framework and guidance will ease the process.

Each document is unique to the company. Compliant will customise templates to suit your business operations. There are mandatory documents and records required such as:

  • Scope of QMS
  • Quality Policy
  • Quality Objectives
  • Criteria for evaluation and selection of suppliers

All of which we will create and work with your organisation to populate.

Other reports needed include procedures, work instructions, forms, and process maps. These reports can be flexible when it comes to numbers and content. However, there are specific requirements for quality policy, scope, and quality objectives. While work instructions may be flexible, you need to be as detailed as possible when it comes to writing them.

Untitled design 23

Step 4: Do an internal audit

Internal auditing is necessary to check on what still needs improvement and what can be worked on. Auditing will not just evaluate your organisation’s processes but will also monitor implementation. Self-check is part of the process towards a successful external audit. This will verify the compliance of the management and staff to the ISO 9001 standard. Verification could be done through interviews, observing the process, and checking records.

Internal audits must be consistent. There should be a scheduled audit and a surprise one. The surprise audit does not mean to intimidate the staff but just to look at how the process occurs daily. Auditors should not intimidate the staff on their findings, instead, feedback should be constructive and motivating so the process can be improved. This practice should be done before and after the certification.

The audit program of the company can be outsourced, or you can form your own audit team. The audit team is responsible for the schedule, the checklists, and all the other forms that are needed for the audit. The number of auditors depends on the size of your enterprise. For some businesses, an auditor is another job they create. For others, it is just an added responsibility to quality managers.

Auditors must be familiar with ISO 9001 so it is advised that the auditors selected must be trained. Intensive knowledge of the standard and requirements for this certification is important. Auditors must know the ins and outs of this standard so they can provide feedback on the organisation on what they could maintain and what they should improve. We can form the auditing function for your business and offer ongoing support packages to help you stay compliant.

Audits do not have to be for the entire work process. It could be done by the department. Then there could be major audits done in a quarter or depending on the audit plan of the audit team. A successful internal audit can lead to successful certification. The audit is one of the most important parts of the whole process. It is the backbone of the preparation, documentation, and implementation.

The stronger the audit team or the lead audit the better the result. Which is why we always recommend implementing a consultant such as ourselves.

Step 5: Continuously improve the Quality Management System

An external audit is similar to an internal audit. While the internal audit is a continuous process, external audit is regulated by the number of days and they follow a process based on the ISO standard. Passing this standard means that your company will become ISO 9001 certified.

A full internal audit should be conducted before the external audit would be done. All the necessary reports and documentation should be prepared for the external auditor to check on the implementation process. We ensure businesses have all of the documentation required and in order. Check out our case studies for further success stories. The documents that we provide are proof of the implementation of a quality management system and compliance to ISO 9001.

The external audit is done by a third party. Our preferred partner is the British Assessment Bureau but we also have links with Alcumus.

Staff must be aware of what is happening when an audit is taking place and they have to understand that the audit is not against them but to improve the services of the organisation. Preparing your staff for an audit includes tidying up and making sure that there are no unnecessary documents around the office is important. An organised system always results in an organised office and it is important to impress the auditor with how the office looks.

Employees must be aware of the audit process so they will not feel anxious about why an auditor is visiting. They must also be aware of how to interact with auditors, and they should provide truthful information if they get interviewed or if they volunteer to provide information. There should also be a rehearsal of how questions must be answered when they are asked. These simple preparations must be done a few days before the audit.

There are 2 stages of auditing. The first stage is a review of the documents and the second stage is observing the workflow process. Most of stage 1 is done remotely. Documents are sent to the third party for review. The second stage can be done remotely or on-site. For minor issues, organisations are given feedback and are given certification. For major or severe nonconformities, organisations need to correct them first. If the process had been corrected, the assessment body is informed, and certification is issued.

Untitled design 24

Is ISO 9001 worth it?

An ISO 9001 certification is worth it. You can use it to market your products and services and to gain new customers. A certified company, especially a small enterprise, can enhance their reputation and tender for larger projects. When done right, this is a great way to leverage your company and even get you onto national frameworks. You can put that you are ISO 9001 certified on business cards, websites, flyers, and anything that has your organisation’s name on it. Compliant even supports collaborative PR about partners becoming certified, informing stakeholders, customers, staff and potential customers that they have a quality management system and are ISO 9001 certified.

Getting an ISO 9001 certification might take time. Some businesses may have to overhaul their whole management system just to comply with the standard. This has a benefit both for the management, the staff, and the customers. We have found that new companies and SMEs can easily adapt to the standard. How the certification can be achieved depends not only on the leadership of the organisation but on the cooperation of the staff.

View our full range of ISO certifications including ISO 14001, ISO 27001 and ISO 45001 or visit our website calculator for a no-obligation ISO proposal. For further information on any of the above contact Danielle at danielle.barry@compliantfm.com.