Font size: +
7 minutes reading time (1398 words)

ISO9001 and the Certifying Audits – Stage 1

It's finally time, you have done all the hard yards and now it's time to actually get your new ISO9001:2015 system officially certified, so what exactly does that mean and how do you do it, there are a few steps to move through to get to that all important ISO9001:2015 certificate. In this post we will cover the 1st two steps.  

The Certifying Steps

Selecting a Certifying Body 

Firstly, what is a certifying body? That's just the name given to the group of organisations who have been accredited by the International Standards Organisation (ISO) to audit organisations and decide if they are meeting the requirements of the assorted standards, if they aren't nationally accredited then obviously, they are of zero use to you here! Within New Zealand they should be accredited by JASANZ, in the United Kingdom it's UKAS and US it's ANAB. You should be selective when picking a company to act as your certifying body, they have the potential to add a lot of value to your organisation, so you want to pick a good one, here are a few hints.

​ Experience within your industry It's important that you find a company who has experience dealing with organisations within your industry or at least very similar. If you are a manufacturing organisation it's not going to be much help to select a company who only deal in office-based work. By ensuring that they have some experience you will spend less time having to educate them on what is good and not so good in your style of organisation for example. Be picky about who you use, it's your money and if they are unlikely to add value then you don't want them.
​ Can you work with the Certifying Body Long Term As we have mentioned this is a group of people who will come in and audit your organisation, they bring an external eye to it so will see things you don't which is what you want, but can you work with them long term, do they want to work with you long term to add ongoing value in future audits. It's important that you basically get a good feel for them and that the output from their audits will add value, which means you need them to find things for you to improve!
​ Recommendations & References​We all like working people that our fiends and colleagues have had a good time working with so it shouldn't be any different with your certifying body. Ask them for a selection of reference sites you can get in touch with for feedback, asking for 4 or 5 and calling 2 or 3 would be a good way to go. Equally if anyone in your team have worked with someone before then that is also a great source of information that should be used.
​ Time frames​You have worked your butt off getting to this point so you don't want to have to hang around for months waiting on someone to come and audit you so check what their availability is when enquiring with them. Make sure it works for you, not them.
​ Fees​It goes without saying but just in case, make sure you look at the fee structure to understand what is and what isn't covered, is there travel costs involved in them auditing you and what are the hiding gotcha's that can add up quickly.

The Stage 1 Audit

The stage 1 audit is basically a preaudit that is generally conducted at your site, it doesn't have to be, however. If you have an online system like Mango or say in Google docs that you could give someone access to remotely it can be done off site, of course how much experience the auditor has on your industry is also a factor here.

The purpose of the stage 1 audit is to make sure you have all of the required processes and procedures in place and of course that your resources are ready (and available).

As part of the ISO9001:2015 stage 1 audit they will look at the scope of the management system, this sets the boundaries of what they will audit, so for example if you don't do any design work you would exclude design from the audit, this removes most of clause 8 and dramatically cuts down the auditing time. Be warned however, excluding things from your audit obviously means that any ISO9001:2015 certification will not cover that area and of course you should have a very good reason for the exclusion.

As part of the process the auditor is looking to understand your operation, it's processes and the equipment that is being used. As part of these discussions they are interested in understanding the level of controls you have in place, how you manage those controls and who is responsible for what. They need to understand the impact of any external requirements either form customers or from industry requirements, in electronics for example, frequently IPC requirements are a factor in your quality system.

Essentially then it's a brief (1-2 days) look under the hood of the quality management system to make sure everything is there and there are no glaring issues that would stop a full audit. As part of the stage 1 process the auditor will review these things and create a report for you, if there are issues that would result in a failed audit they will list them in the report as areas of concern that you need to fix prior to the stage 2 audit. This is where the auditor really earns their money, remember at stage 1 you want them to find things, it's where some of the improvement in your Quality management System comes in.

Outcomes of the Stage 1 Audit

As already mentioned you should expect feedback on area's that need to be improved in order to pass a stage 2 ISO9001 audit, these will also be accompanied by a number of nice to do things that should be looked at as basically tune-ups for your system to help it run better, again give these serious thoughts, they are there to help.

As well as this the auditor will try to figure out if they need more people for e a stage 2 audit to get it done in a reasonable timeframe.

The findings of the audit will generally be presented at the end in a sit-down discussion so the auditor can explain their findings and make sure you understand. This is a great opportunity for you to as questions… ask lots and lots of questions, it's your money.


Selecting the right auditor is a bit part of having a worth while audit, you don't want someone who will give things a cursory glance and say yes or no, you want someone who is really going to look to understand and give helpful advice. The Stage 1 audit is about understanding your organisation and it's readiness for the full audit, out of this you should expect a level of feedback which will include things you need to fix to pass the full audit, these are what you want, it's a good thing so take it as such. It may be that the Audit actually says you are not yet ready for a stage 2 audit, again this is OK, they will give you the list of the gaps and you can re-engage when you have these gaps closed.

Get In Touch

If you need any support in developing or improving your ISO or Quality Systems we'd love to hear from you, just click here to make an appointment and find out how we can help you Make Things, Better

You can also call John on 0211649739 to set up a meeting 

Virtual Quality Management


Virtual Quality Management Support - Virtual Quality Management

Our Virtual Quality Management Support is designed to help your company achieve improved results plus meet the requirements of ISO but at a fraction of the cost. To Do this, we have partnered with the outstanding team at Mango and use their cloud based QHSE Management system to be able to deliver the best compliance support service available. Find out more about it here.
ISO9001 and the Certifying Audits – Stage 2
ISO9001 and the required Documents and Records

Related Posts



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, 17 September 2019

Captcha Image