Have you searched and read a lot of articles on ISO 9001 but still have some questions? Doubts such as how to get this certificate, what you have to do to get it, who issues this certificate, how long does it take to get it, if your organization can get it … If this is your case, I want to tell you that in this post I will explain everything you need to know and all the questions my clients have asked me before implementing the standard in their organizations. Here you have 4,698 words to explain in detail what ISO 9001 is; You will not find on the internet a more complete definition of what ISO 9001 is, I assure you.
My goal with this post is that you have 0 doubts in relation to the ISO 9001 concept, for this I am going to share incredible content and so return to consult this blog for any questions you have about the ISO 9001: 2015 standard.
After reading this post:
- You will learn what ISO 9001 is and what the standard is based on.
- you will know what the acronym ISO means
- You will know what UNE-EN-ISO means, why: 2015 and which organizations are in charge of preparing this standard.
- You will know what the standard is about and how it is structured.
- You will find out what to do and what are the necessary phases to obtain this certificate.
- You will learn who the certifying bodies are and what their role is.
- you will learn to identify consultants and what role they have.
- You will know what happens if during the audit you do not meet a requirement or have misinterpreted the requirement.
- You will know what the validity of the certificate is once you obtain it.
- You will find out if ISO 9001 is intended for service companies, companies that manufacture products or both types of companies.
- You will be happy to know what working according to ISO 9001 requirements will add to your organization.
- you’ll be delighted to know what benefits you can get when you get certified in your organization.
- You will be able to estimate how much time you will have to dedicate per week or per month to obtain the certificate.
- You will be able to estimate how much it costs to obtain the ISO 9001 certificate.
Who are the certifying / evaluating bodies? What role do they have?
Certifying / evaluating bodies are external entities that certify that an organization complies with the ISO 9001: 2015 standard or any other management system. These are private companies that are dedicated to certify and validate the management systems they inspect. To do this, they will carry out an audit that in the case of ISO 9001: 2015 will be based on compliance with the requirements of the standard itself. This audit will be carried out by people who are qualified by the certifying body itself to carry out the audit. Therefore there are auditors who are specialized in different sectors and know the activity they are auditing.
You may still be wondering what auditors audit and see during the audit …
In an audit, what is checked is that the requirements of the ISO 9001: 2015 standard are met. The auditors will be able to audit “against the standard” and “against our internal documentation ( manuals, procedures, records, work instructions.” There is nothing else. They cannot audit anything other than to verify that the requirements of the ISO 9001 standard are met: 2015 or check what we say in our own internal documents (action protocols).
Regarding the certifying / evaluating bodies, I am going to tell you something important… Attention!
If you want the quality certificate issued by the certifying bodies to be valid in the market, you should find out if the certification body is accredited by a higher body. What is that of being accredited? … Well, that it has an official recognition of its competence to certify. These certifying/evaluating bodies also receive periodic audits from these accrediting bodies to prove the competence of their actions.
Therefore, investigate if the certifying body you have selected is accredited because otherwise the certificate that they will issue you will not be valid.
Who are the consultants? What role do they have?
Consultants are companies specialized in helping other companies that want to implement ISO 9001 but do not know how to do it or where to start.
The implementation of this standard on certain occasions tends to generate a general paralysis, fear or ignorance so great that companies choose to hire external consultants to help them implement the standard and be able to pass the audit without any problem. On many occasions it is also true that despite not being afraid of the standard, organizations do not have the time or specialized human resources to implement the ISO 9001 standard, hence they prefer to go to external consultants since the opportunity cost to implement them themselves will be much higher than hiring an external professional. IVE Consultores is one of those external consultants available to the needs of companies to provide them with an advisory, consulting, and training service related to the ISO 9001: 2015 standard.
It is important that, if you decide to hire an external consultant, you investigate whether they have the necessary skills and / or experience to help your organization implement the standard.
What happens if during the external audit you do not meet any requirement of the standard or have misinterpreted the requirement?
While the external audit carried out by the certifying / evaluating bodies is being carried out, a breach of a requirement may appear because the ISO 9001 standard has been misinterpreted or because we have mistakenly overlooked compliance with this requirement.
In this case, the external auditors (certifying/evaluating bodies) will raise a non-conformity in their audit report that you will have to solve, analyzing the root cause of the non-conformity, implementing corrective actions, and delivering a corrective action plan. In a certification audit, there may be one or more nonconformities.
The non-conformities recorded by the certifying / evaluating bodies can be:
- Minor non-conformities: when there is a partial breach of a requirement of the standard.
- Major Non-Conformities: when there is a total breach of a requirement of the standard or there is a breach of a legal requirement inherent to the activity of the organization.
In relation to what you are thinking right now …
Yes, they will give you the certificate but as long as you solve the non-conformity that appeared within the period stipulated by the certifying / evaluating bodies and of course, as long as the list of non-conformities is not the list of the supermarket’s purchase of the month
I can’t tell you how many non-conformities can cause an audit report to come out with a negative recommendation. This will depend on the severity of the non-conformities and the number of them. In any case, it will be the decision of the external auditor who
Never, ever has it happened to me as a consultant that an external audit report has been recommended by the certifying / evaluating bodies not to certify or repeat the certification audit. But I have seen a report with this note “certification is not recommended.” It was a company that had passed an audit without the help of an external consultant and without having worked the rule very well, the truth; In the audit report, there were many non-conformities (major and minor) that forced the head of the company to seek external help to resolve the non-conformities and convene an extraordinary audit to be able to solve the deviations found in the previous audit. The result of the extraordinary audit, of course, was positive and the company managed to get the certificate.
What is the validity of the certificate once you obtain it?
Once the ISO 9001 certificate is issued, you will see the following written in it:
- the registration number of your certificate.
- the name of your company and the physical address of your office.
- a reference to conformity with ISO 9001: 2015.
- the scope of certification, that is, the activity that has been audited and that complies with the standard.
At the bottom of the certificate will appear the date of issuance of the certificate and an expiration date. This period is three years.
Therefore three years is the validity period of the certificate.
eye! That does not mean that you comply with the requirements of the standard the first year and forget about your management system until three years after the certificate expires.
The certifying bodies must make annual visits to you to verify that you continue to meet the requirements of the standard year after year.
Therefore, I am sorry to tell you that every year you must pass audits to continue maintaining the certificate.
But the good news is that the first audit is the most difficult and complete as all the requirements of the standard have to be audited. In later years, requirements related to purchasing or competition and education, for example, may not be audited.
Yes, I know, it is a demanding certification system, but I tell you one thing and I ALWAYS say it to all clients who complain about the demands, of certain aspects, of the standard … “Not everyone or all companies have an ISO 9001 certificate ”. Hence the difference between a company that is certified and another that is not.
“The ISO 9001: 2015 certification system is demanding, so not everyone or all companies have an iso 9001 certification in Saudi Arabia“
Ok and… is ISO 9001 intended for service companies, companies that manufacture products or both types of companies?
The standard is prepared to be implemented and certified in any type of organization, service companies or companies that manufacture products. If you read the standard, mainly block 8, you will see how products and services are referred to at all times.
Therefore, all the requirements are aimed at being implemented in organizations that provide services and manufacture products. All you have to know is to interpret the requirement of the standard and how to apply it to each type of organization.
Good and all these… What will working according to the requirements of ISO 9001 contribute to my organization?
This is another question to which I always answer in the same way with another series of questions. I throw them at you to see what opinion you have …
What entrepreneur is not interested
1. have your work processes documented under procedures?
2. Identify all the interested parties that are around your organization and detect the possibility that there are risks derived from some type of non-fulfillment of their needs and / or expectations?
3. Identify risks and opportunities in your business, evaluate them and subsequently address them?
4. define management objectives and indicators to measure business processes and goals?
5. Maintain the equipment that make up the infrastructure of your organization and that may be critical to your daily activity?
6. Have jobs described so that everyone in your organization knows what to do and when to do it?
7. Analyze the internal and / or external problems that your organization has to know what has happened and propose an action will help you eliminate the problem at its roots and prevent it from happening again?
8. improve your business management ?
All this and some other things is what you are going to achieve by implementing the ISO 9001 standard. This is the added value that the standard is going to bring you and by which you are going to differentiate yourself from the rest of the companies that are not certified.
And once certified, what benefits can my organization obtain?
Apart from the aforementioned, once you obtain the ISO 9001 certificate in your organization you will be able to:
- access sectors in which only companies that are certified are accepted (for example, most large hotels only want to work with suppliers that are certified to ISO 9001)
- access public tenders in which the ISO 9001 certificate is a basic requirement to be able to compete
- be lucky to have generated a work habit based on processes and records to keep your production cycle under your control.
- differentiate yourself from your competitor companies that are not certified with the standard.
- benefit from learning to analyze the problems in your organization in such a way that you act on the root of it to solve it.
And when it comes to getting to work … How much time will I have to dedicate per week or per month to be able to obtain the ISO 9001 certificate?
Important question that I get asked a lot.
My answer is always the same … it depends.
It depends first on whether you are going to ask for help from an external consultant, in this case obviously the hours you will dedicate will be less.
If you are going to implement the standard with the internal resources of your organization, keep in mind that the dedication time will be much longer.
It will also depend on how large your organization is and the scope of the quality management system that you are going to certify.
But come on I’m going to get wet and tell you roughly how many hours you should dedicate to it.
Look, as a consultant, I spend an average of between 68h – 85h until passing the certification audit. These hours include around 12h – 16h only of accompaniment to defend the work carried out on the days when the certifying / evaluating bodies carry out the certification audit and I accompany the client during these days. These 12h – 16h of external audit monitoring will depend on the size of your organization and therefore more or less audit hours.
Within 68h – 85h, around 35h of consulting visits to clients’ facilities are included to learn about their processes and help them meet the requirements of the standard.
If we add we have:
- Around 16h of external audit accompaniment (which will depend on the size of the organization).
- About 35h of visits to clients.
This adds up to 51h, the rest until reaching 85h is 34h that I dedicate to preparing the meetings and the subsequent work of the meetings in my office.
These are my hours, yours will inevitably be longer. How much more? That is a difficult answer because even before implementing the standard you want to carry out a training process for the staff and those hours I would also add to the project.
But hey doing a calculation it may be that you take 3 times as long as I would; this is about 255h. (without taking into account the training hours) Do they seem like a lot, right?
Well, there are not so many hours taking into account that 160 hours are worked per month.
255h means that you can get the ISO 9001 certificate by your own means in approximately 1.5 months if you dedicate yourself exclusively to working on the implementation and certification.
However and here I take the opportunity to tell you that if you have manuals, books and/or documents that help you to prepare certain procedures and / or records, it will take much less time since you will not face the blank page when describing, for example, how you are going to carry out your risk analysis. In the services of this website, you can find my book entitled “How to implement ISO 9001: 2015 Step by Step” a book to which I have dedicated many hours and all my experience as a consultant to help companies implement and certify the standard ISO 9001: 2015.
Well, here I have left you the numbers that you surely wanted to know, I can make something wrong as I told you depending on the size of the company and how wide the scope of certification that you will submit to the examination of the certifying / evaluating bodies but ultimately I think that these will be the hours that you will have to dedicate when obtaining the ISO 9001 certificate.
And the last question so that you have 0 doubts… How much does it cost to obtain the ISO 9001 certificate?
Well again I will have to tell you that it depends and this time it will depend on three factors:
- if you want to train your employees first.
- if you hire an external consultant.
- the fees of the certifying / evaluating bodies.
At this point, and with all the information I have given you, I am not going to hide how much my time costs, so you will have the best possible idea of the overall calculation of the project. My way of working with companies varies depending on what they need from me:
- If organizations have time and internal resources to implement the standard: I offer an advisory service in which I simply act as an external advisor, reviewing the work carried out by the organization that hires me. I carry out this review through periodic meetings and guiding on how things have to be done. Here the project is led by the clients and I simply advise them, my remuneration being based on the hours of advice I do.
- if organizations do NOT have time and / or internal resources to implement the standard: I offer a consulting service in which my involvement in the project is much greater since in a consulting service I am the one who leads the project, establishes the periodicities of the meetings, I am the one who writes most of the work procedures and who helps the organization to fill in the records to comply with the requirements of the ISO 9001 standard. The remuneration in this consulting service is based on a fixed price that is previously agreed in an economic offer.
Yes I know. I haven’t told you what my financial compensation is …
Look, for the advisory service, I value my time at € 50 every working hour.
And for the consulting service it will depend on several factors such as the size of the organization, the complexity of its processes and the breadth of its scope of certification.
Regarding the fees of the certifying / evaluating bodies, like any company, it varies depending on which one you choose but I will give you an idea of the prices that are at least moving here and for this date that I am writing ( August 2018)… For an ISO 9001 and if your company has up to 10 employees, the price is between € 950 – € 1,200.
Well, this is all I wanted to tell you about the ISO 9001 standard. More than 4,800 words to explain it and worry about having left you with 0 doubts.
By the way, now that you know much more about ISO 9001, do you dare to implement it and certify it in your business? Let me know by leaving a comment.
see also craigslist Tampa