ISO (International Organization for Standardization) as the name implies it’s an independent
international organisation, develops International Standards, such as ISO 9001 and ISO 14001, but
they are not involved in the ISO certification and do not issue ISO certificates. External
certification bodies in India perform the ISO certification process.In this article we will look
at ISO Certification process in detail.
Objective of ISO certification
The aim of getting ISO certification is to advance the improvement of standardisation in the
technology of an organisation.
Advantages of ISO Certification
- International credibility: ISO Certification plays a vital role in helping the
organisation to build credibility in overseas business.
- Customer Satisfaction: ISO standards are intended to make organisations to
serve their customers in a better way that would simultaneously increase customers’ satisfaction
- Government Tenders: ISO Certification is quite essential to bid for Government
Tenders.
- Business Efficiency: Functional efficiency of organisations is improved by
obtaining ISO Certification. SOP (Standard Operating Procedures) and work instructions can be
developed with the help of ISO Certification Agency. Implementation of ISO in an organisation
manages the resources efficiently.
- Product Quality: By obtaining ISO Certification, the product quality matches up
the international standards, it will reduce the risk of product order rejections that may occur
due to the flawed products.
- Marketability: ISO Certification improves the business credibility, and it
helps the business marketing directly.
Applicable Fee for ISO Certification
Fee for ISO certification in India varies from organisation to organisation. The ISO certification
body will compute the fee for ISO certification by considering the below mentioned different
parameters:
- Size of an organisation
- Number of employees
- Processes of Organization
- Level of risk associated with the scope of services of the organisation
- The complexity of the management system
- The number of working shifts
ISO Certification Processing Time
ISO certification processing time also varies from organisation to organisation. The ISO
certification body will notify the details processing time for completion of ISO certification after
assessing the size of an organisation.
Prerequisite
The precondition for processing ISO certification or ISO registration is explained in detail below:
Selecting the Type of ISO Certification
First of all, the entrepreneur needs to choose the type of ISO certification required for the
business. There are various types of ISO certification are available such as listed below:
- ISO 9001:2008- Quality Management System
- OHSAS 18001 – Occupational Health & Safety Management System
- ISO 37001 – Anti-bribery management systems
- ISO 31000 – Risk Management
- ISO 27001 – Information Security Management System
- ISO 10002 – Compliant Management System
- ISO 14001:2015 – Environment Management System
- ISO 26000 – Social Responsibility
- ISO 28000 – Security Management
- ISO 22008 – Food Safety Management
- SA 8000 – Social accountability
- EnMS EN 16001 ISO 50001 – Energy Management
- SO/IEC 17025 – Testing and calibration laboratories
- SO 13485 – Medical devices
- ISO 639 – Language codes
- ISO 4217 – Currency codes
- ISO 3166 – Country codes
- ISO 8601 – Date and time format
- ISO 20121 – Sustainable events
- SO/IEC 27001 – Information security management
Selecting an ISO Certification Body (ISO Registrar)
As stated above ISO does not provide companies’ certification. It needs to be done by the external
certification bodies. Thus it is mandatory to recognise the credible certification body. When
selecting a certification body, the entrepreneur has to follow the things listed below.
- Evaluate several certification bodies
- Check if the certification body uses the relevant CASCO standards
- Check whether the certification body is accredited.
Note: Accreditation is not compulsory; however, the companies should meet the ISO
accreditation bodies’ requirements.
To find an accredited certification body in our country, contact the National Board of
Accreditation (NBA), India.
ISO Certification Process in India
The process for obtaining ISO certification in India is explained in detail
below:
Make an Application
Once the entrepreneur or application has selected the ISO standard and ISO certification body, need
to make an application in a prescribed form (depends on the ISO registrar). The application should
contain rights and obligations of entrepreneur and certification body parties and includes liability
issues, confidentiality, and access rights.
Documents Review by Registrar
The ISO certification body will review all the quality manuals and documents related to various
policies and procedures being followed in the organisation. Review of existing works will help the
ISO registrar to identify the possible gaps against the requirements stipulated in the ISO
standards.
Determination of Pre-assessment Needs
The Pre-assessment is an initial review of the Quality Management System in an organisation to
identify any significant weakness or omissions in the system and registrar will provide the
organisation with an opportunity to correct the deficiencies before the regular registration
assessment is conducted.
Prepare an Action Plan
After the ISO registrar notified the existing gaps in the organisation, the applicant or entrepreneur
has to prepare an action plan to eliminate these gaps. The action plan should contain the list of
the required tasks to be performed to meet the Quality Management System
Note: The entrepreneur may need giving training to employees to work efficiently to
achieve quality management system. Make all the employees in the organisation to aware of the ISO
standards concerning work efficiency and quality standards.
Onsite Inspection or Audit
The ISO registrar will conduct a physical onsite inspection to audit the changes made in the
organisation.
During the audit, if the registrar finds anything that does not meet with the requirements of the ISO
standards, registrar determines the severity and issue findings. Audit findings are usually called
as nonconformities and fall into one of two categories depending on severity.
- A Minor Non-conformance – It deals with minor infractions of procedures or
minor failures of the system in meeting the ISO standards.
- A Major Non-conformance – It deals with issues where the nonconforming products
are likely to reach the customers or where there is a breakdown in the quality system that
results in an inefficient system in meeting the requirements of the standards.
Final audit
The registration cannot proceed until all significant nonconformities are closed and verified by the
Registrar. This usually involves a re-audit of the affected areas and, of course, the associated
costs.
Note: Minor nonconformities require a corrective action plan and that will be closed
at the first surveillance.
Get ISO Certificate
After all, non-conformities are addressed, and all the findings are updated in the ISO audit report,
the registrar will grant the ISO certification.
Surveillance Audits
Surveillance audit will be conducted primarily to ensure that the organisation is maintaining ISO
quality standards. It will be performed from time to time.