An ISO9001 certification is an ambitious project in itself, what with its requirements and necessary steps. If this is your first shot at the QMS world, you might be confused as to what exactly these steps are. Fortunately, this article explains everything, from documented information to internal audits, including some tips as to which mind-set to adopt to succeed!
Settle down and think.
The first step towards certification is to fully engage in quality management. You and your team have to believe in the positive outcomes you will get with it. Your goal will be to study how you work rather than what you produce. Think about it: this will allow you to reach new customers, who may be interested in what your organization does but who want to be assured of the quality behind. A certification is a way of increasing your sales!
Take some time to meet your team and your top management. Choose someone to manage your quality system. Break down everything you do, and try to answer these simple questions: do you have clear processes? Or procedures ? How do you work? Is the top management ready to get involved? This list is not exhaustive, but these questions will help you get running.
Build your quality management system
Once these preliminary studies are done, it’s time to tackle your documented information. This means implementing all the required documents to make your QMS work. Needless to say, this step is rather time-consuming.
You need to sort out your procedures, define a risk management system, clarify your objectives… When it comes to saving time pre-written processes and procedures are a must.
Though it may look like boring paperwork, these documents, if well-written and put to good use, are the core of your certification. They provide solid ground to build your QMS on, and will help reveal what parts of your system need to be perfected.
Assess your work
This is the part where you sit down and review what you have done so far. There are few compulsory steps in the ISO9001 standards, yet they must not be skipped, for their purpose is to evaluate your system.
The process review comes first. Its name says it all: the KPI of each process are compared to the objectives set previously. Each process manager then files a report to assess the strengths, weaknesses, threats and opportunities of its process. If you are familiar with project management, this does look like a SWOT matrix.
Next on the list: internal audits. The ISO9001 standard includes a whole chapter (9.2) focusing on how to plan, conduct and use them. An internal audit means that your organization is controlled by an auditor who will look deep into your QMS. He then files a report to highlight potential improvements or existing nonconformities.
The reports from the process review and internal audits will be used to set up a management review. Chapter 9.3 of the ISO9001 standard lists the necessary inputs and outputs and gives indications on who has to attend and on the general organization. Basically, the process managers, the person in charge of the QMS and the top management review the whole quality system and its performance.
Annual process and management reviews are compulsory to get certified. Depending on your organization, they can be set more frequently: every semester or less. The same goes for the internal audits.
Get in touch with a certification body
Last but not least, the certification audit.
At this point, your QSM is up and running, you have processed the conclusions of your internal audits and reflected upon your results in the management review. Time has come to get in touch with an auditing organization, which will provide your certification of conformity. Afnor, SGS, Veritas, BSI… some advices in the pack will help you choose and divide by 2 your audit costs. However, please be aware that this final phase may have different steps depending on which one you go for.
One or more professional auditors will audit the sites (there can be more than one place) you want to get certified. You can ask for a mock audit before the real one. It is optional, and if you are confident in your system, skip it ! It might look risky, but it will help you be more efficient.
The first certification audit is usually split in two parts. The first one focuses on your documented information, while the second analyses how your processes run. There can be up to six month between these two stages, to allow you to fix potential nonconformities.
You will get your certificate once these stages are complete, provided you have no more nonconformities.
Keep it all working!
Your work does not stop with a shining ISO9001 certificate hanging on your wall! The standard has to be renewed every year with a follow-up audit. This one is lighter than the certification audits. Every three years, you will undergo another complete certification audit to prove that your system still complies with the standard.
It is thus necessary to build a sustainable system, and to continually improve it. This whole process shows that getting certified is but a consequence of a successful QMS.
You do not have to, but it will prove that your organization is stable and works to keep on improving. You will never regret the work you put in it.
The ISO 9001 pack is here to make you save time and money.
By downloading and filling up our documents, you are sure to meet the requirements of the ISO9001 standard. Those documents have been written by quality engineers and their relevance had been proved through a dozen of external audits. Benefit from the expert documentation that will make you compliant quickly.
The users estimated they saved one year of work.
- 88 documents to make you 100% compliant
- 32 pages of instructions for use and a conformity matrix to make you understand your compliancy
- 19 pages of extra advices from experts to :
- Save more than 2000 euros by minimizing audit costs
- Get certified in 6 months
- Pass your ISO 9001 with good practices
- An email support to answer your questions