The Process of Obtaining ISO Certification
Qualifying for ISO certification is an accomplishment for an organization. It takes considerable effort at every level to graduate to an ISO-Certified company. The procedure to be followed by a company in obtaining ISO certification involves the following:
1. Management’s Commitment to Quality
Appointment of a management representative is the most important requirement to obtain ISO Certification, as he/she has to co-ordinate among the various divisions of the company. This appointment is followed by quality awareness programmes for the top management and, subsequently, for all employees.
2. Formation of Steering Committee
The next step in obtaining ISO Certification is the formation of a Steering Committee (Quality Council) and a ‘quality’ task force, headed by the management representative. A policy regarding quality is prepared in consultation with the top management.
3. Preparation of Quality Manual
The preparation of manuals for quality systems is done after the formulation of policy and care is taken to ensure that all the processes are recorded. An internal review of these manuals and procedure help in identifying the deficiencies in the existing system which are then rectified.
4. Training of Employees
The training of employees is also important, as every member represents his/her organization in some way or the other. The objective of training is to create an awareness of existing procedures and of the requirements of ISO standards. Everyone understands his/her role and responsibilities in the organization. Training requires participation by everyone from the chairman to the peon.
5. Internal Audit (Self Assessment)
An internal audit team is formed to assess and evaluate the processes of the organization. Before the team takes charge, it has to undergo a training programme in order to become acquainted with ISO requirements. The procedure is forwarded for third party assessment/certification.
6. Requesting the Accreditor for Third Party Assessment
The company requests the ISO certifying agency for third party assessment and for certification of the firm, along with the data prepared during the internal audit. Depending on its perception of the company from data available, the certifying agency provides a quotation to the company to cover the cost of initial surveillance and subsequent assessments ISO Certification.
7. Submission of Controlled Copy
The supplier submits a ‘controlled copy’ of its existing manual on quality at least a month and a half before the visit agreed upon for the initial assessment.
8. Review and Evaluation
The ISO certifying agency reviews and evaluates the company’s manual on quality to ensure that existing systems address ISO standards requirements. It prepares an interim note on the basis of the documents provided (with any supplementary requirements necessary to obtain the required certification) on the assessment of the systems and forwards it to the company to facilitate any necessary corrective measure before the initial assessment.
9. Initial Assessment
The initial assessment by the certifying agency is to audit the company’s quality system for compliance with ISO standards. Initial assessment involves the following steps:
- The auditor’s interaction with company’s senior management to clarify the scope of the ISO certification and manner of reporting.
- A detailed scrutiny of the existing system during which any nonconformities disclosed are discussed and reported.
- A concluding session for the preparation of the auditor’s findings and their presentation to the company’s senior management. In this session, the lead assessor collates and categorizes any non-conformity raised against the company’s system and suggests corrective action.
- Where non-conformities relate to major problems with the company’s quality’s systems, corrective measures are taken by the company.
10. Final Assessment and Issue of Certificates
On successful completion of the final assessment, the auditor issues a certificate of approval to the company, detailing the standards of quality against which the assessment has been made and declaring their scope. Generally, a certification is valid for three years from the date of issue.
After the issuance of the certificate, the accreditor (the certifying agency), monitors conformance by way of routine surveillance visits, generally, twice a year. Apart from the surveillance visits, the agency can conduct surprise visits. The certifying agency reserves the right to terminate certification before the actual expiry date in the case of failure to meet adequate ‘quality’ requirements.
The process of obtaining ISO certification takes anywhere from 18 months to 24 months depending on the size of the organization and its commitment to ISO standards. The ease or difficulty in obtaining certification depends upon the company’s existing processes of documentation, the implementation of these processes and again, the commitment of the company’s top management and employees to quality.