Do I need ISO certification or is compliance sufficient?
ISO certification and ISO compliance can often be confused. It is important for you as a business owner to understand what you need as more often than not, compliance is sufficient for most purposes. Do your research to find out whether certification or compliance is the right fit for your organisation.
A lot of people don’t realise that there are two steps to certification.
The first is compliance, and the second is an external audit similar to a health check after which, if you are successful, you receive certification from the auditing body.
As you may have guessed, ISO compliance is considerably cheaper than certification and can even be done yourself internally (and therefore more cheaply still) if you have the skills, resources and time.
Certification on the other hand, is a considerable upfront and ongoing expense and is performed by an independent organisation called a “certification body”.
Few people realise that often compliance is sufficient for most purposes.
- Are you looking for certification for marketing purposes? You can have an ISO compliant system and tell the world about it without needing a certification body to audit you. Of course, if anybody asks, it makes sense to have evidence of compliance. One cost-effective option is to get a registered auditor to do a compliance assessment of your business once a year and issue you with a certificate. ICS is frequently asked to perform this service for our clients as we have a large pool of qualified and registered auditors who have the necessary credibility to perform this task.
- Is your customer requesting certification to an ISO standard? You may be surprised to find that many customers would be happy with a certificate of compliance from a registered auditor rather than a full-blown certification from an external auditing body. If this is the case, you will save a significant amount of money (both upfront and in ongoing charges) and still get all the benefits of an ISO compliant management system.
- Sometimes however it is clear that external certification is required. The clue here is that the wording of the request will refer to an independent auditing body or external certification from an approved certification body or something similar. Often government bodies and large corporations are the most inflexible in this regard.
Either way, there is nothing to be lost by asking the question. You may be surprised by the answer.
If you have any more questions on either ISO certification or ISO compliance, feel free to call us on 1300 132 745 or contact us via our website.
Should I get ISO certification?
ISO certification or compliance can be confusing to many organisations. The question about whether or not to get certification is a common one and should be justified on the return of investment you are likely to make as it can be a costly expense to establish and maintain. Here are four questions to ask yourself to help you understand whether or not certification is right for your organisation.
As a major investment of time and effort, the choice to embark on an ISO certification project, like any business decision, should really be justified on the basis of what kind of return on investment you are
likely to make.
- How likely are you to win the tender for which you are getting certification for and if you do, will the returns more than pay for the ongoing cost of certification?
- How much difference is certification going to make to your competitiveness for tenders in the future?
- How many people in your industry are already certified? If it’s none, then that may either be an opportunity or a warning. If no one is certified, maybe your customers aren’t all that interested in certification. Do your research. Ask your customers if this matters to them. Ask prospects if certification would sway them to use your services instead of that of your competitors. What sort of certification matters in your industry: quality, OHS, environmental, or another?
- And most importantly, what sort of management system is going to add the most benefit to YOUR operation in the long run. This crucial and often overlooked factor needs to be the driving force of your ISO project as it will build strong foundations for future growth and have a positive effect beyond just the next tender or contract.
If you have any more questions on ISO certification or compliance, feel free to call us on 1300 132 745 or contact us via our website.
Should I get ISO certification? (a lighthearted approach)
There are several reasons why a business owner or organisation may consider getting ISO certification or opt for compliance as an alternative. Here we take a lighthearted approach to ascertain which of these choices may benefit your organisation in the long term.
There are several reasons why business owners and organisations consider getting ISO certification.
Let’s do a questionnaire to see how you measure up and to ascertain whether certification may work for your business.
Start with 10 points.
- What is your main reason for wanting to get ISO certification?
If it’s mainly for marketing purposes = minus 3 points
- Are you a start-up business or a very small business?
For each yes = minus one point
- Is your customer, parent company or a tender requesting you to have externally or independently certified management systems?
If yes = plus three points
- Do you have someone internally who has the time and expertise to help you set up your ISO system?
If yes = plus one point
If no = minus one point
- Are you interested in the business benefits which can be gained from getting an ISO system put in place?
If yes = plus three points
If no = minus three points
- Are you very limited in time or money?
If yes = minus three points
- Do you have significant peaks of work in your business which requires all staff to drop everything and deal with those projects for weeks at a time?
If yes = minus one point
- Do you have top management commitment (of time, resources and money) to this project?
If yes = plus three points
If no = minus three points
If you still have 10 points, it is probably a good idea!
If not, seriously consider waiting a couple of years or going for DIY compliance gradually over the coming months or couple of years.
If you have any more questions on certification or compliance, feel free to call us on 1300 132 745 or contact us via our website.
How does the certification process work?
While the certification process may appear complicated at first, it is basically a set of 10 steps starting with a gap assessment and ending with a triennial or recertification audit every three years. Knowing the process in its entirety will help plan for both budgetary and time constraints which may impact your organisation’s certification.
How does the certification process work?
Very few organisations know much about how ISO certification works before they decide that they need to become ISO certified – but it’s really not complicated once it is explained to you.
Step 1: Gap assessment
The first recommended step is normally some kind of gap assessment to determine your current level of compliance. What this means is that a consultant or auditor can look at your business system; ask you questions; review documents and determine how well what you are doing fits with the requirements of the ISO standard that you have chosen to be assessed against. You will then get a report describing all the areas where you comply as well as those where you don’t.
**Insider Tip!**: If you get a consultant to do this gap assessment (as opposed to a certification body auditor), you can request an action plan which describes exactly step-by-step what you would need to do to be ready to get certification. A certification body is not permitted to consult as this would be a conflict or interest they can only point out gaps.
Step 2: Establishing the system
Once Step 1 is complete, the next step is to finalise everything you need to do in order to meet the requirements. In the case of many organisations this requires some significant changes in the way they operate. The most common of these are adhering to a system of continuous improvement; management reviewing the system on a regular basis; creation of a system for dealing with and preventing problems; and several compulsory procedures and documents which unfortunately cannot be avoided. You may or may not choose to get a consultant to help you with this part – the extent to which you do this will determine the cost and speed associated with your organisation becoming compliant.
Step 3: Pre-certification audit
Once you feel the system has been successfully implemented, a pre-assessment or pre-certification audit has to be conducted by a certification body. The certification body assesses your organisationâ€™s documented and implemented system to ensure adequacy and produces a report.
**Did you know?**: The pre-certification audit was instituted because so many companies were going for certification without being necessarily prepared. Nowadays the pre-certification audit is short and gives the company a quick answer on whether they are ready and what remains to be done without having to pay for a full certification audit.
Step 4: Follow up actions
Out of the pre-certification audit will usually come some improvement suggestions or areas of concern which need to be addressed prior to going for the final audit. This is an appropriate place to get some advice or assistance from a consultant if you choose to do so.
Step 5: Certification audit
Once you believe you have addressed these findings in full, you can then request the certification body to come back for the final audit, the certification audit.
**Insider Tip!**: There is generally a six-month timeframe limit between the pre certification audit and the certification audit. If you go over the six-month timeline, you will need to do the pre-certification audit again, so it’s worth being prepared before you go for the pre-certification audit so you don’t have much to finalise.
Step 6: More follow up actions
If your system has been set up properly, especially if you have used a consultant, you should not expect any major non-conformances.
**Did you know?**: A non-conformance simply means an area of your system which does not comply with the standard.
A major non-conformance is a problem that must be fixed immediately if you are to achieve certification. You usually get 30 days unless it’s a high risk matter.
A minor non-conformance means that this is a less serious problem and you will be given more time to fix it.
An opportunity for improvement is exactly that. Auditors can suggest that you consider an opportunity in between one audit and the next. You can take it or leave it once you have considered its merits and documented your decision.
In general a certification audit is nothing to be afraid of. However, many companies do still find reassurance in having a consultant present, particularly at the first and second audit.. This allows you adequate time to get used to the language of the ISO auditor and understand how to translate what you have developed to the auditor in a way that they can see how it complies.
Step 7: Certificate issued
Once you have successfully passed the certification audit, you will be issued with your certificate which will have the logo of the certification body you have chosen.
**Did you know?** : There are as many different logos as there are certification bodies (i.e. over 35 in Australia) so when you choose your certification body you are choosing their logo as well. Once certified, this logo can then be displayed on your letterhead and other promotional materials in order to effectively market your ISO certification.
**Insider Tip!**: You are not obliged to stay with a particular certification body or a particular auditor if you are not happy. Customers are becoming increasingly discerning in this regard and certification bodies are being forced to become more customer-focussed in order to retain customer loyalty in an increasingly competitive marketplace.
In general, it is important to remember that certification is a service and you are the customer. If you are not happy with the certification body or the auditor’s behaviour, you are fully entitled to complain and to change providers. However, I would caution against changing several times from provider to provider. Once you have found a certification body you respect and have gotten good value from, build a relationship with them as many offer other services apart from certification.
It is also important to realise that the odd non-conformance or a suggestion for improvement is not a reason to jump ship. Audits and even non-conformances can be tremendous opportunities to learn and improve. Auditors have huge experience on which to draw from. You will get the most value out of your certification, if you use auditor visits to come up with as many ideas for best practice as possible.
Step 8: Keep it up
Many companies don’t realise that there is a significant investment of time and effort required on an ongoing basis once you have achieved certification.
Between audits you will be expected to maintain the habits that you have implemented such as management reviews, internal audits, dealing with customer complaints and non-conformances in a formal way and so on.
Many companies ask a consultant to help them out with internal audits as this requires the highest level of knowledge and skill of any of the requirements. Having said that, it is quite possible to conduct internal audits using your staff as long as they are appropriately trained.
**Insider Tip!**: It is always best to maintain most of the system yourself, as using an outside consultant to keep your system ticking over almost guarantees that it will not be as well integrated into your business as you would hope. If the system is set up well from the start, (i.e. based firmly on the foundation of what you are already doing well), then there should not be a huge number of new processes or habits to be implemented.
At ICS, we believe that there is no need to dramatically change what a business is doing, but rather we simply tweak and improve upon the systems that are already established and working well. This way we enable companies to achieve compliance with a minimum amount of change, disruption and ongoing effort.
Step 9: Maintenance/surveillance audit
At the end of six or twelve months you will need to undergo a surveillance or maintenance audit. The frequency of audits is determined by the certification body based on the level of risk and the level of compliance.
If you are a high risk food manufacturer for example, you can expect audits every six months. If you are an office based professional services organisation, every twelve months is generally the norm. Sometimes a consultant can assist you to question the frequency that the certification body has assigned to the audit if you feel it is excessive.
During the maintenance audit process, the external auditor will visit your organisation and undertake some sample audits of different areas of your system to ensure that it is still ticking over. If they find that you have allowed areas of the system to lapse, then you will receive non-conformances. As described above, you will get time to fix these depending on how serious they are considered to be.
**Insider Tip!**: On occasion we come across external auditors who get a bit carried away in issuing non-conformances. As a consultant, we are sometimes put in a position of advocating on a client’s behalf when the client believes that a non-conformance has been issued unfairly. It is most important that the auditor can explain to you exactly where it says in the standard that you must do what he or she is requesting. If they cannot do so, or if you are unsure or not happy, you have every right to question what they have said to you, and follow up with the certification body if you are still not satisfied.
Step 10: Recertification/triennial audit
Every three years you will need to go through a recertification audit. This is similar to the initial certification audit where the external auditor goes through your system with a fine tooth comb, basically checking the health of every area and doing some in-depth audits in all the critical areas of your business. The recertification audit always takes longer than the surveillance audit. Then once you have gone through that successfully, your certification is approved for another three years and you’re issued another certificate.
If you would like any more information advice about ISO certification or any other related matter feel free to give us a call on 1300 132 745 or contact us via our website.
How close am I to getting ISO certification?
A gap assessment done by a qualified consultant can take the guesswork out of ISO certification and compliance. For a minimal fee you can have a clear idea about how compliant your business is to meet ISO standards. There are a number of gap assessments available, so do your homework and choose the one to best suit your organisation and circumstances.
It is a relatively simple process to find out how close your company already is to being ISO compliant and ready for your external audit.
It is obviously important to know the answer to this question because either way, this will be a key input into your decision of whether or not to go ahead with becoming ISO compliant or getting ISO certification.
On one hand, many clients are pleasantly surprised to find that they already have many of the requirements in place. Where this is the case, it is almost always advisable to have a full gap assessment done by a qualified consultant with a step-by-step action plan so that you can quickly and easily fill the gaps (with or without the consultants help).
On the other hand, you may find that you are nowhere near being ISO compliant since your current policies and procedures are not the ones required by the ISO standards. You are then in a position to assess the cost of getting the system set up from scratch and to determine whether it is worth the time and effort.
Unless you know that you have virtually nothing in place, it is almost always worth getting some kind of gap assessment done by a qualified consultant.
At ICS we have three levels of gap assessment:
- The mini gap assessment for clients who are relatively sure that they have very little in place and just want a general idea of their compliance and how much system development will cost
- A standard gap assessment which assesses businesses against all the clauses of the standard and indicates where there are gaps
- The premium gap assessment, a very valuable tool for the DIY client, which details a step-by-step action plan to take the business from where they currently are to reaching ISO compliance
Our mini gap assessment takes approximately 30 minutes and, for a very minimal cost, can give you a clear idea about how compliant your business is to meet ISO standards. For a free no obligation chat about how close your business is to being ISO compliant, call us now on 1300 132 745 or contact us at our website.
How long will the certification process take?
While the timeframe can vary for each organisation and their individual circumstances, in general you need to allow at least 3 to 6 months, giving your organisation a chance to benefit from the systems you have created. On top of that you will need to maintain at least 2 to 3 months of records to show the maturity of your system to meet the audit requirements. Again this timeframe is dependent on whether you engage a consultant or plan to take the DIY route.
The answer is, it depends. However, if you are seeking external certification, you should note that auditors look for 2 to 3 months of records as evidence of the maturity of your business system. Therefore, as a bare minimum, once your system is set up (which takes several weeks), you need to add at least two months onto that timeframe and preferably more to comfortably meet the audit requirements.
In general, we advise small businesses to set aside 3 to 6 months in order to give themselves the chance to really benefit from the process of setting up a business system which they will then carry with them through years of future growth. By investing time, money and effort to create a system which adds value to your business, you will more than reap the rewards of the money and time invested.
If you attempt to rush the process, or take shortcuts to meet the tender requirements, you may end up creating a rod for your own back which then has to be carried and maintained and is ultimately a drain on time and money instead of being the support that you envisaged.
Finally, if you intend to set an ISO system up yourself, you should set aside half a day a week for 6-12 months for your chosen person to work on the system. More if you are setting up multiple standards. If you engage a consultant, you should allow half a day a week for the first 3 months for your chosen person to work with the consultant and then some time to work the system and create records, which become evidence that the system is live and integrated into the organisation.
If you would like any more information on this or other ISO related subjects, please give us a call on 1300 132 745 or contact us via our website for free, no obligation assistance.
How much does certification cost?
The cost of certification will depend on a number of circumstances, including whether or not the system can be set up internally or requires the help of a third party consultant. The price can also be affected by the size of your company, level of risk, staff involvement and the current system already in place. There is also the additional expense of engaging a third-party certification body to conduct an audit. While these can add up considerably, there are ways to reduce the overall cost using the variety of options available to you.
In working out the total cost of certification, you need to factor in the cost of 1) setting up the management system plus 2) the cost of getting it externally certified.
Setting up an ISO compliant management system:
Setting up an ISO compliant management system can be done internally or with a consultant. The price for a consultant to set up a single ISO compliant system (e.g. quality) from scratch can vary between AUD$7,000 and $20,000 – although a range from $10,000 to $15,000 is more common. Apart from provider variations, the price can also be affected by:
- The size of your company/number of sites
- The level of risk
- The level of existing compliant system
- What level of involvement you want to have in setting up the system, the more you are involved, generally the cheaper it becomes
It is worth noting here that while setting up a single system is a significant investment, each subsequent integrated system will cost a fraction of that price. So using our previous example, if you started with a quality system for $10,000 and added OHS and environmental, the 2 additional systems should each cost around $5,000 each; you would essentially get 3 integrated systems for the price of 2 single systems.
However, actually getting certified is a different question entirely as you need to engage a third-party certification body to conduct the audit which is a separate cost.
There are over 35 certification bodies in Australia and they range considerably in cost. You can expect certification to a single standard to cost a minimum of $4000 to $5000 in the first year and up to $3,500 every other year. These prices vary but it is important to note that it is an ongoing investment. Every three years there is a triennial audit which is usually about twice as long as the yearly audits with a higher cost involved.
At ICS, we offer the best choice certification body service in which, for a very modest cost, we help you identify a number of suitable certification bodies for your particular industry and needs. We are able to organise quote applications, vet auditors and negotiate on your behalf.
If you would like more information on this or any other ISO related matter, feel free to call us on 1300 132 745 or contact us via our website.
How much will setting up an ISO compliant management system cost?
Setting up an entire management system for an organisation is a project which requires a significant investment of both time and money. However there are varying budget options available ranging from the low budget through to the high budget option which will determine the overall system cost. Choose from one of three options depending on your time, level of interest, skill and budget.
The answer is, that it depends on your individual set of circumstances.
Common sense will tell you that setting up an entire management system for a business is a project which requires a significant investment of either time or money and setting up an ISO compliant system is exactly that.
It is possible to achieve ISO compliance with a minimum of expenditure. However, as with many things, the way to save money is to DIY – and that means even more time and effort is required. The overall cost will depend on the level of internal expertise and how easy it is to free up personnel to work on the project. You, as the business owner will generally be able to decide which is the best route to take.
A good indicator that DIY is a sensible approach is that you already have a capable and experienced person who can champion the project internally and who can be freed up at least one half a day a week for 6-12 months without significantly impacting on the core business.
Lowest budget option:
If you’re really on a budget, it is probably tempting to go online and purchase a template. However in most cases, this is not something we would recommend. Templates, by their very nature, are generic and cannot possibly hope to cover every potential business model or industry type. What they do attempt to do is contain as many variables as possible within a compliant documented system which will pass the audit. Unfortunately, this often means that they are highly over documented, contain much information which is not relevant or necessary to your business, and will be lacking the key elements particularly around product, service delivery and control that are unique to your business.
So while the upfront cost is minimal, unless you have experienced people within your organisation who know the requirements of the ISO standards very well, it may be a difficult and time-consuming task determining how to customise the template to suit your business and knowing which parts are compulsory and which can be discarded.
In almost all cases, templates are not designed with business growth and efficiency in mind, but are structured purely around compliance to the standard. For this very reason, many template systems sit gathering dust until a few weeks before the audit when everyone rushes about and attempts to remember what they were supposed to have done to meet the requirements. It doesn’t have to be this way.
If you are hell-bent on using a template, there are a couple of templates which we can recommend (with caution!). It will still require much work from your perspective as well as the time to understand what is required and to customise the template to fit your business. Be prepared that setting up the system yourself, with all the inevitable stops and starts when other priorities derail the project temporarily, will probably take up to 12 months to complete.
Mid budget option:
The next tier would be to invest in a comprehensive gap assessment of your system including a full action plan of how to close out any gaps. Armed with this, and assuming you have capable people on site, (especially if you have anyone who has prior experience of setting up ISO systems), you can work through the action plan at relatively little cost and have a compliance audit done once the system is complete.
It is probably also advisable to have a couple of short visits from a qualified consultant throughout the project to ensure that you are on the right track. This will prevent expensive mistakes and rework. Be prepared for the fact that this option will probably take up to 12 months to complete. Getting consultant help at this level could be expected to cost between $2000 and $4000.
Time poor/ higher budget:
For those who have neither the time nor the interest to put into DIY or customising templates, the next budgetary level is to get a consultant to set up your system for you. There is an up front expense associated with this, however, you have the reassurance of knowing that the resulting system will pass the audit and you minimise the amount of time and effort your internal people need to spend.
If you choose a consultant who specialises in lean, document-light systems which are built on the way you already do business and what is working well, you may not need to make very many significant changes to what you are doing. Just tweak it here and there to bring your processes into compliance. Productivity is not affected to nearly the same degree and in general, the project is completed in a fraction of the time it would take to do it yourself. You still need to devote about half a day a week to complete the tasks set by the consultant but the project is generally completed within 3-6 months, depending on how much involvement your staff are able to have and how promptly they complete the tasks such as making decisions on business priorities and policies. You can expect the consultant only single system to cost anything from $7,500 to $15,000 depending on the size of the organisation and the level of risk.
On another note, if you are intending on becoming compliant to more than one standard, it is MUCH more cost effective to implement a system which covers 2 or 3 standards at once. All the ISO standards have considerable overlap with each other, and so setting up 2 standards is generally only half as much again as a single system, if you integrate them together. Don’t let anyone tell you that you need separate systems – this is both costly and inefficient.
So there you have it; 3 tiers depending on your time, level of interest and skill and budget.
ICS are committed to supporting small businesses who are attempting to get ISO compliant or certified or just want to improve their business processes in order to grow.
If you need any more information, don’t hesitate to give us a call on 1300 132 745 or contact us via our website.
Why can’t I do it myself (DIY)?
You most certainly can take the DIY route if you choose to do so. It is perfectly possible and in some cases more desirable, to set up your own business management system should you have the right criteria in place. If you are looking to DIY, then you should seek professional advice at the start by way of a gap assessment to ensure you are on the right track. We also recommend that you have someone do a health check of your completed system before attempting the pre-certification audit.
You can do it yourself! It is perfectly possible and often desirable to set up your own business management system or quality system.
The main point here is to know whether or not setting up the system yourself is the best idea for your circumstances.
If you have the following criteria in place, then it might just be a possibility.
- An experienced person internally who has set up an ISO system before and can be removed from their role for up to half a day per week, without significantly affecting the productivity of the business.
- Alternatively, if the business owner is sufficiently interested in learning about the ISO system – whether it be quality, environmental, or OHS – and has the time outside their regular business hours to pursue their interest (or do a course), then this is also a viable possibility.
- There is no urgent requirement to reach certification in a short timeframe; a DIY effort can take between 6 and 12 months to complete.
- Your business does not regularly undergo dramatic and long-term peaks of work which necessitate all hands on deck for weeks at a time that may result in complete loss of momentum for the ISO management system project.
If you are going to DIY, I would strongly suggest that unless you are an experienced ISO system developer, then you should look to seek professional advice at the start to ensure you are on the right track.
For example, you could get a consultant to do a brief gap assessment of your current system and to provide guidelines as to what needs to be done to reach compliance. This is a small investment of funds which will give you the reassurance that you are not missing any crucial elements or understanding. ICS has three levels of gap assessment from the mini gap assessment through to the detailed gap assessment with step by step action plans.
It is also advisable to connect with a trusted person or organisation that you can call or email if you get stuck, need resources or require assistance. ICS, for example, provides free phone and email support to all consulting clients as well as adhoc paid consulting by phone and email for DIY clients.
Lastly, it is always advisable to have someone do a health check of your completed system before attempting the pre-certification audit. The reason for this is that if you do not pass the precertification audit the first time, you need to do it again. Each time you do it, you incur considerable expense, therefore it is better to pay less money and have your system fully checked – perhaps by way of some internal audits or a compliance assessment done by a consultant. That way you can be sure you are ready for the pre-certification audit before you go ahead and do your final certification audit and get your certification.
ICS is here to help you if you wish to DIY your ISO system. Feel free to give us a call on 1300 132 745 or contact us at our website for a free, no obligation chat about how you can save time and money doing your own ISO business system.
Do I only have to do ISO certification once?
When it comes to ISO certification and compliance, there is definitely more than meets the eye. The short answer is no as ISO certification involves ongoing maintenance as well as external input by way of maintenance audits on at least an annual basis. There are also triennial or recertification audits which need to occur. Continuous improvement is essential in getting the best value out of an ISO system.
Setting up an ISO system is not rocket science, but neither does it come naturally to a lot of people. Once you, as a business owner, have gone to the effort and expense of creating such a system (whether with or without professional assistance), it is only natural to want to return to what you do best – running your own business.
However, what is often not explained fully at the outset, is that to reach compliance is one thing but to maintain it is another thing altogether.
There are various activities and practices which have to be continued throughout the entire process and records need to be kept in order to remain compliant and eligible for the renewal of certification when the time comes. Similarly, a practice of continuous improvement is essential in getting the best value out of an ISO system.
So while you actually don’t have to go through the process of setting up the system more than once, you are required to maintain the system by keeping up regular activities such as internal audits, management reviews and continuous improvement.
These can all be done yourself if you have the resources and the knowledge required, or you can engage a consultant to do at least some of these for you. The most common use of a consultant is for the internal audit process. These internal audits can range from as little as 1 to 12 days a year depending on the size of your organisation and the level of risk, how many standards you are certified to and how much internal resource is available.
Once you are certified, you need to be audited by the external certification body at least every year in order to maintain your certification. These are called maintenance audits. This means that samples are taken from various areas of the system as part of an internal health check to verify that everything is going according to plan.
Every three years thereafter you need to be recertified. This is called a triennial or recertification audit. This is an in-depth audit which generally takes about twice as long as the maintenance audit and is designed to assess whether the entire system is sound and can be recertified for another three years.
So, the short answer is no; ISO certification is by no means a once off exercise. It requires ongoing and habitual maintenance as well as external input on at least an annual basis in order to maintain certification.
If you would like more information or advice on ISO certification, or need help in deciding whether this option is suitable for your business or even required (there are sometimes ways around it!), you can either contact us via our website or give us a call on 1300 132 745.
The puppy analogy and the key to success in getting ISO certification.
Would you believe us if we told you that new puppies and ISO certification projects have a lot in common? Both projects require research and considerable expense while at the same time creating disruption as well as an adjustment and settling in period. There is also the ongoing expense and discipline which needs to be taken into consideration. Failure to commit to either project will waste both money and time and fail to reap any rewards which might have arisen from the completed project.
Even if you haven’t experienced it firsthand, you may have heard a story regarding a friend’s experience in purchasing a new puppy. Surprisingly, new puppies and ISO certification projects have a lot in common!
Anyone who has gone to buy a puppy will tell you that it is worth doing some research to find the most appropriate breed and personality of dog.
In our case we needed a puppy that didn’t need a lot of space; who was on the small side; who didn’t shed hair and who was good around children. Everybody’s situation is unique and without this research, you may end up with a completely inappropriate dog for your situation.
New puppy owners will also tell you that there is considerable expense involved – often more than was originally realised – it all adds up.
When the puppy first arrives there is disruption and adjustment; you have to commit to spending time on walks and training. But it doesn’t stop there.
There is the ongoing expense of feeding, grooming and medical expenses.
There is the ongoing discipline of training and walks as you try to fit the new activities into your busy schedule.
Have I put you off the puppy idea yet?
None of this would be worth it, of course, if there were no benefits. If the main reason you got a puppy was to impress your friends or because a friend told you it was the latest craze, you would soon lose your initial enthusiasm. You might even get close to a nervous breakdown when your puppy destroys your garden or chews your best shoes (and yes I am speaking from personal experience!).
However, with a little preparation and knowledge, it doesn’t have to be this way. If you choose well, do your research and commit to treating the puppy well, it will eventually grow into a loyal and mature friend and companion and can even serve as a guard dog or an exercise buddy.
If you don’t invest the time and effort, you can end up with a miserable dog that requires exercise, is unhealthy and ultimately unruly as a result. In fact, in some sad cases these puppies simply get neglected or even dumped. All that money, time, and potential benefit is then wasted.
Believe it or not, the same principles apply to ISO certification!
- You need to put in some research to come up with a good solution and (if you are going to use a consultant and a certification body) a good provider to your business.
- You need to commit the time, resources and effort only then will you reap the reward of a system which continuously improves your business.
- That cared for system will become a bit like a guard dog to alert you to possible risks, a support for your staff and a foundation for future growth.
- On the other hand, if you don’t commit or fail to prepare, you may be overwhelmed by how much work is required and by how much the ISO certification project has gotten out of hand.
If you have any more questions on this topic, feel free to ring us for a chat on 1300 132 745 or contact us via our website for free, no obligation advice or information.
Where can I get ongoing support?
ICS are able to offer you complete and ongoing support throughout the entire compliance or certification process. We are committed to providing assistance and answering any questions you may have at any time during the process. We are also happy to provide you with free ISO systems advice; contact us for more details.
ICS is here to help you through the entire compliance or certification process. We recognise that you need more than just a bunch of documents to get you through an audit and at no point in time will we disappear to let you fend for yourself.
This level of service, while common practice, is simply not good enough. When we are engaged by a client, we commit to providing ongoing support from that point onwards. This support can include answering questions about the certification body, assisting with ideas for resources, providing industry updates and much more.
We are also continually coming up with new ideas for ways to add value and to provide additional products and services which may be of assistance to our clients.
You don’t even need to be a client of ICS to make use of our services as we are the number one source of free ISO systems advice in Australia.
If you would like a free, no obligation chat or some advice about ISO or a business improvement related matter, call us on 1300 132 745. Alternatively you can contact us via our website with any questions or concerns you may have.
What is the best way to become an ISO consultant?
While knowledge of ISO systems is useful from an employee perspective, unfortunately it is not a sufficient building block on which to base a career as an ISO consultant. You will need to undertake a training course in your field of choice followed up with sufficient work experience as an auditor or consultant in order to be taken seriously by clients or consulting companies. Consider your options carefully and pay attention to growth areas in your particular field of interest.
In order to be successful as an International Standards Organisation (ISO) consultant, it is important to have the correct qualifications. Experience with maintaining an ISO system as an employee is useful but unfortunately is not sufficient enough for a career as an ISO consultant.
There are various courses you can undertake which are suitable depending on your level of current experience and your intended goal.
- If you know nothing at all about ISO there are demystifying courses.
- If you wish to set up management systems there is another training course for this.
- If you wish to be an internal or external auditor, you will need to complete a registered training course in this area.
The challenge following any training you undertake is to get sufficient experience as an auditor or consultant in order to be taken seriously by clients or engaged by consulting companies such as ICS.
The best way to gain experience is to offer your services to small businesses that require this level of service but cannot afford to pay a qualified consultant. Use your networks to identify companies that might benefit from your assistance but have ruled out this possibility due to lack of sufficient funds. Always ensure you get a testimonial as soon as you have completed the job and the client is satisfied.
In the meantime, a reputable course will go a long way to being seriously considered as an ISO consultant.
You also need to factor in your area of specialisation. Specialising in quality may only open up a limited market, therefore you may need to also specialise in environmental or OHS, or preferably all three. Alternatively consider other standards such as the information security standard or specialist standards in growth areas.
Think carefully and research your options before you invest any money. The Google keyword tool can act as a good indicator as to commonly used search terms in regard to ISO in Australia. For example, at the time of writing, OHS is a particular growth area.
Once you have your qualifications and some experience, then it’s time to contact other consultants and consulting companies and put yourself forward as a junior consultant.
ICS is committed to supporting consultants in the ISO compliance sector. If you would like to be considered for a position within ICS, feel free to call us on 1300 132 745 or contact us via our website. We will be more than happy to discuss any suitable vacancies within our organisation.