ISO (International Organization for Standardization) as the name implies it’s an independent international organisation, develops International Standards, such as ISO 9001 and ISO 14001, but they are not involved in the ISO certification and do not issue ISO certificates. External certification bodies in India perform the ISO certification process.In this article we will look at ISO Certification process in detail.
Objective of ISO certification
The aim of getting ISO certification is to advance the improvement of standardisation in the technology of an organisation.
Advantages of ISO Certification
- International credibility: ISO Certification plays a vital role in helping the organisation to build credibility in overseas business.
- Customer Satisfaction: ISO standards are intended to make organisations to serve their customers in a better way that would simultaneously increase customers’ satisfaction
- Government Tenders: ISO Certification is quite essential to bid for Government Tenders.
- Business Efficiency: Functional efficiency of organisations is improved by obtaining ISO Certification. SOP (Standard Operating Procedures) and work instructions can be developed with the help of ISO Certification Agency. Implementation of ISO in an organisation manages the resources efficiently.
- Product Quality: By obtaining ISO Certification, the product quality matches up the international standards, it will reduce the risk of product order rejections that may occur due to the flawed products.
- Marketability: ISO Certification improves the business credibility, and it helps the business marketing directly.
Applicable Fee for ISO Certification
Fee for ISO certification in India varies from organisation to organisation. The ISO certification body will compute the fee for ISO certification by considering the below mentioned different parameters:
- Size of an organisation
- Number of employees
- Processes of Organization
- Level of risk associated with the scope of services of the organisation
- The complexity of the management system
- The number of working shifts
ISO Certification Processing Time
ISO certification processing time also varies from organisation to organisation. The ISO certification body will notify the details processing time for completion of ISO certification after assessing the size of an organisation.
Prerequisite
The precondition for processing ISO certification or ISO registration is explained in detail below:
Selecting the Type of ISO Certification
First of all, the entrepreneur needs to choose the type of ISO certification required for the business. There are various types of ISO certification are available such as listed below:
- ISO 9001:2008- Quality Management System
- OHSAS 18001 – Occupational Health & Safety Management System
- ISO 37001 – Anti-bribery management systems
- ISO 31000 – Risk Management
- ISO 27001 – Information Security Management System
- ISO 10002 – Compliant Management System
- ISO 14001:2015 – Environment Management System
- ISO 26000 – Social Responsibility
- ISO 28000 – Security Management
- ISO 22008 – Food Safety Management
- SA 8000 – Social accountability
- EnMS EN 16001 ISO 50001 – Energy Management
- SO/IEC 17025 – Testing and calibration laboratories
- SO 13485 – Medical devices
- ISO 639 – Language codes
- ISO 4217 – Currency codes
- ISO 3166 – Country codes
- ISO 8601 – Date and time format
- ISO 20121 – Sustainable events
- SO/IEC 27001 – Information security management
Selecting an ISO Certification Body (ISO Registrar)
As stated above ISO does not provide companies’ certification. It needs to be done by the external certification bodies. Thus it is mandatory to recognise the credible certification body. When selecting a certification body, the entrepreneur has to follow the things listed below.
- Evaluate several certification bodies
- Check if the certification body uses the relevant CASCO standards
- Check whether the certification body is accredited.
Note: Accreditation is not compulsory; however, the companies should meet the ISO accreditation bodies’ requirements.
To find an accredited certification body in our country, contact the National Board of Accreditation (NBA), India.
ISO Certification Process in India
The process for obtaining ISO certification in India is explained in detail below:
Make an Application
Once the entrepreneur or application has selected the ISO standard and ISO certification body, need to make an application in a prescribed form (depends on the ISO registrar). The application should contain rights and obligations of entrepreneur and certification body parties and includes liability issues, confidentiality, and access rights.
Documents Review by Registrar
The ISO certification body will review all the quality manuals and documents related to various policies and procedures being followed in the organisation. Review of existing works will help the ISO registrar to identify the possible gaps against the requirements stipulated in the ISO standards.
Determination of Pre-assessment Needs
The Pre-assessment is an initial review of the Quality Management System in an organisation to identify any significant weakness or omissions in the system and registrar will provide the organisation with an opportunity to correct the deficiencies before the regular registration assessment is conducted.
Prepare an Action Plan
After the ISO registrar notified the existing gaps in the organisation, the applicant or entrepreneur has to prepare an action plan to eliminate these gaps. The action plan should contain the list of the required tasks to be performed to meet the Quality Management System
Note: The entrepreneur may need giving training to employees to work efficiently to achieve quality management system. Make all the employees in the organisation to aware of the ISO standards concerning work efficiency and quality standards.
Onsite Inspection or Audit
The ISO registrar will conduct a physical onsite inspection to audit the changes made in the organisation.
During the audit, if the registrar finds anything that does not meet with the requirements of the ISO standards, registrar determines the severity and issue findings. Audit findings are usually called as nonconformities and fall into one of two categories depending on severity.
- A Minor Non-conformance – It deals with minor infractions of procedures or minor failures of the system in meeting the ISO standards.
- A Major Non-conformance – It deals with issues where the nonconforming products are likely to reach the customers or where there is a breakdown in the quality system that results in an inefficient system in meeting the requirements of the standards.
Final audit
The registration cannot proceed until all significant nonconformities are closed and verified by the Registrar. This usually involves a re-audit of the affected areas and, of course, the associated costs.
Note: Minor nonconformities require a corrective action plan and that will be closed at the first surveillance.
Get ISO Certificate
After all, non-conformities are addressed, and all the findings are updated in the ISO audit report, the registrar will grant the ISO certification.
Surveillance Audits
Surveillance audit will be conducted primarily to ensure that the organisation is maintaining ISO quality standards. It will be performed from time to time.