ISO 9001 FAQ’s
We often receive questions about ISO 9001 Quality Management System certification.
We’ve compiled the most commonly asked questions and provided our answers below, which we hope helps.
Speak with our knowledgeable team on 0333 242 8633.
If you’re implementing the system yourself, then yes, you will need a copy.
As a starting point, we’ve put together a Guide to the Requirements of ISO 9001. It’s free to download, written in plain English, and is a useful introduction to the standard and its requirements.
Our 30 years’ experience tells us that the majority of ISOQAR customers secure more business and benefit from efficiency gains through ISO certification. We would recommend undertaking certification once your business has been operational for three months.
Certification can depend not only on the size of your business, but also how complex the structure is. Alcumus ISOQAR can help you estimate how long certification will take, based on what you, and your customers, define as ‘in scope’ of your certification.
You may choose not to certify all of your sites, services or products.
The narrower the scope, the quicker you can build your Quality Management System. An auditor would ideally like to see that your system has been up and running for three months. An IAN independent consultant can support you to implement your system quickly.
In this instance, no, you would not need two different systems and certificates. It is rare for a single organisation to hold more than one certificate for the same standard. One objective of ISO 9001 is to implement consistent standards across an organisation. It is important to ensure that your management system covers the appropriate sites and products that you want certifying. This query relates to the scope of the standard and Alcumus ISOQAR can advise further to clarify on any issues relating to scope.
Yes, many organisations extend their certification. It’s called an ‘extension to scope’. It’s easily done – it simply involves extending an existing system to cover additional sites and/or products you wish to certify. After a successful ISO 9001 audit, an amended certificate can be issued.
If you are a group of separate companies, then you will need separate certificates. If you have multiple sites located in different countries within the same company, one certificate can apply to all.
‘Policies’ are broad principles. A policy can often easily be stated on one side of a sheet of paper. A policy doesn’t contain granular details and it should be in writing.
As described in supporting ISO documentation, a procedure is a ‘specified way to carry out an activity or a process’ and a process is a ‘set of interrelated or interacting activities which transforms inputs into outputs’.
It could be said that a process is what happens, and procedures describe how it happens.
A work instruction is more detailed still and dictates exactly how a certain task should be performed.
You will also come across the phrase ‘process approach’. It’s regarded as one of the pillars of management systems. It’s a way of managing your activities as a system of processes, rather than as people, products and departments. It means you take a holistic view, rather than taking these factors in isolation. Undertaking a ‘process approach’ involves establishing effective and efficient processes that are consistently followed and improved upon. It’s the basis for most management standards.
There is no one size fits all for processes and procedures. These should be bespoke to each individual organisation based on context, scope and size.
‘Understanding the needs and expectations of interested parties’, as ISO 9001 puts it, is a critical early stage in developing your QMS. It relates to more than just customers. Interested parties include shareholders, suppliers, contractors etc.
Customers are the focus, however. It’s important to know what they want to build a successful system, as well as a successful business. You will need to demonstrate that you have carried out your research – whether by email surveys, telephone surveys, customer feedback, focus groups, face-to-face interviews. They all help build a picture. Read more on how ISO 9001 puts the customer at the centre of an organisation here.
The current version of the ISO 9001 standard states that a manual is not mandatory. Despite this, we do recommend that have one, even if it’s not a printed document on a shelf. A manual refers to your collection of policies, objectives, procedures, records etc. relating to your management system. It makes life easier for you and the auditor.
There is no official body that oversees this. It’s for you to determine who is ‘competent’ to conduct your internal audits. As a minimum, anyone conducting internal audits should complete a Foundation Course to get an understanding of what the standard is all about, then ideally attend an internal auditor training course. They’re both just one day each, and more details can be found within our ISO training section.
It’s important that ‘top management’, to use ISO terminology, take responsibility for their management system. It should not be delegated. Auditors will expect to speak to top management to assess their involvement. It’s recommended that top management take the one day foundation course to familiarise themselves with the standard. For a Quality Manager, if this is your full time role rather than just a role that you occasionally assume, then we firmly recommend a lead auditor course. It’s an excellent investment, not only in the individual, but also for the organisation. This course will enable you to learn how to improve your system and operate more efficiently.
Absolutely. If you have more than one ISO system, or are thinking of adding another standard such as ISO 45001, you should look at combining them into an Integrated Management System (IMS).
You can share elements of the standards, like the Management Review. Your certification body can also audit integrated management systems simultaneously, saving time and money.
Whilst it’s not possible to fail certification, it is possible not to be awarded a certificate. The auditor will highlight nonconformities when auditing. It’s very rare not to find any. The auditor will then decide whether your system should be certified or not based on the number and severity of those nonconformities.
You won’t receive your certificate until those issues have been corrected. It is rare not to be awarded a certificate if you can demonstrate that effort has been made to meet the standard. Read more on the audit process. It relates to ISO 9001 but the same principles apply for all of the standards.
Yes, it is possible to transfer mid-cycle. We find that organisations commonly transfer their certification, often because they have different certificates with different certification bodies and want to simplify the process, or because they are dissatisfied with the service they are receiving from their existing certification body.
UKAS rules state that organisations cannot be tied into long term contracts. That isn’t the case with non-UKAS bodies, so it’s important to check the small print.
Find out more about transferring to ISOQAR. If you are transferring from another UKAS accredited body, this is a free and simple process.
Firstly, check the terms and conditions of your contract with your current certification body. It may be that you are tied into a contract with them for a specified length of time. UKAS accredited certification is more rigorous so be prepared to put additional work in to achieve certification. It is possible to enlist the support of an independent consultant to look at your options on your behalf, and a pre-assessment will provide you with a preliminary evaluation of your management system. ISOQAR would be happy to do this for you.
Many small businesses hold ISO 9001 certification. Alcumus ISOQAR also has sole traders as customers. It’s a great asset to strengthen your organisation and secure more business, as well as an effective marketing tool to help you stand out from your competitors.
ISO 17021 is relevant only to certification bodies, like Alcumus ISOQAR. It’s the standard against which certification bodies are assessed if they want to secure UKAS accreditation. UKAS could be considered to be a regulator for the certification industry. They are appointed by the UK government to audit and accredit certification bodies. ISO 17021 is a mark of competence, consistency and impartiality and shows that a certification body conforms to the highest standards.
You should ensure that the certification body you choose is UKAS accredited; your certificate will then be accepted worldwide. Many people mistakenly assume that all certification bodies are equal – this simply isn’t the case. Unaccredited certification is often not recognised.
Ensure that your ISO 9001 Certificate is UKAS Accredited
It’s vital that you ensure that your ISO 9001 certificate is issued by a United Kingdom Accreditation Service (UKAS) accredited body, such as Alcumus ISOQAR.
A UKAS accredited certification body undergoes regular rigorous inspections to confirm we are operating to the highest standards.
UKAS accredited certificates are accepted worldwide as evidence that you meet global standards of best practice.
Ready to go? Start your journey with Alcumus ISOQAR today
Choose from a phone call or an email quote, to find a format that suits you and your business