When a team of climbers plan to conquer Everest, they sit down as a team and carefully plan it. They look at the weather, work out how much oxygen then need to carry, the amount of food required, how much they could climb in a day to decide where to place the base camps. Every single detail is looked at under a microscope, as each detail could mean success or failure, or worst-case scenario death of one of the team.
It is a similar process for organisations who wish to become accredited with one of the many ISO Management Systems. To ensure success and prevent a waste of time and money, which could impact seriously upon the organisation, it has to be done properly.
Like the climber’s base camps, when looking at ISO accreditation, there are a number of defined steps that need to be taken. These are:
Gap Analysis – You need to see what you have and more importantly what you don’t have. This will allow you, or a consultant, to produce an action plan.
Implementation Phase – This is where you document the processes and procedures required by the ISO Standard, and those that the organisation wishes to be documented. Your Documented Information such as the forms, checklists, invoices etc, that are associated with the organisation’s processes are checked and amended (where necessary) to ensure they are fit the for purpose. Staff Awareness workshops are delivered to let them know what is happening and how they are part of the process. Internal Auditors are trained.
Embedment Phase – This is where the organisation run the Management System and check it works, this is a good time to check your Internal Auditors are competent by auditing each of the organisation’s departments against their processes, procedures, documented information and knowledge of the Management System. This is a very important phase prior to accreditation, as it allows the organisation to catch and fix any problems before the external auditor visits.
3rd Party External Audit – This is a 2-stage audit from a Certification Body chosen by the organisation and not their consultant. This is important, as there must be no collusion between the consultant and the 3rd Party External Audit, this ensures a totally unbiased audit of the organisation’s system.
As I’m sure you can see now, to become ISO certified won’t happen in a day, a week or a month. In fact, to be done properly you should look at between 4 and 8 months, although some I have worked on have taken over a year, to be ready for certification. One thing you should note, the External Auditor will be looking for around 6 months’ worth of documented evidence that you are using the Management System as you have documented in you Management System Manual, Management Review Meeting minutes, and your mandatory and voluntary procedures.
Obviously large organisations may take longer, especially if they have several sites, but the process is the same for an SME or a Multi-national company.
So, if you are serious about achieving ISO certification in any of the 21,000+ Standards, then plan for it properly, ensure you have the skills and time to implement and embed it, get everybody in the organisation involved and do it properly.
For more information on ISO certification visit our website: www.csa-consultants.me or email:
CSA Consultants voted one of the 25 top ISO bloggers in the world by Feedspot.com.
Visit https://blog.feedspot.com/iso_blogs/ to view the top ISO bloggers in the world.