ISO certification certifies that a management system, manufacturing process, service, or documentation procedure has all the requirements for standardization and quality assurance. Certification can be a useful tool to add credibility, by demonstrating that your product or service meets the expectations of your customers. For some industries, certification is a legal or contractual requirement. ISO (International Organization for Standardization) is an independent, non-governmental, international organization that develops standards to ensure the quality, safety, and efficiency of products, services, and systems.ISO certifications exist in many areas of industry, from energy management and social responsibility to medical devices and energy management. ISO standards are in place to ensure consistency. Each certification has separate standards and criteria and is classified numerically. ISO does not perform certification. ISO, develops International Standards, such as ISO 9001 and ISO 14001, but are not involved in their certification, and do not issue certificates. This is performed by external certification bodies, thus a company or organization cannot be certified by ISO. Thus the International Organization for Standardization (ISO) is a non-governmental system of national agencies whose resolution is the advancement of universal standards for government and business. Global standards are planned for trade between nations. They deliver a technical base and an arrangement of the best management practices. Measures guarantee safe organizational techniques and products that lessen the ecological effect. ISO Standards advantage business and trade by abridging procedures and decreasing an association’s environmental risk. Consumers are also advantaged by learning that best in class practices are thus created for worldwide relevancy. However ISO's Committee on Conformity Assessment (CASCO) has produced a number of standards related to the certification processes, which are used by certification bodies.
Certification– the provision by an independent body of written assurance (a certificate) that the product, service or system in question meets specific requirements.
Accreditation – the formal recognition by an independent body, generally known as an accreditation body that a certification body operates according to international standards. The International Organization for Standardization owns the registered trademarks abbreviated as, "ISO" and also owns the registered trademarks for the ISO logo. Hence, use restricted to ISO members and technical committees only i.e. Only ISO,ISO members, and ISO technical committees (TCs) are allowed to use the ISO logo and ISO short name in accordance with ISO Policies. All others are generally not allowed to use ISO’s trademarks
ISO certificate is one of the ways that provide standards to the organizations and thus lead way to innovation and development of trade. These standards also ensure that the products and services of the organization meet the customer and regulatory requirements. In addition to this, it also demonstrates continuous improvement. ISO is an independent, non-governmental, international organization that creates standards to ensure the quality, safety, and efficiency of the products, services, and systems. It also certifies that the management system, manufacturing process, service or the documentation process has fulfilled all the requirements for standardization and quality assurance.ISO certificate is provided in many areas of industry that is from energy management and social responsibility to medical devices and risk management.
ISO certificate is a certification that provides standards to the organizations and thus shows the way to innovation and development of trade. ISO Certification is mandatory to form certain standards that ensure the quality, safety, and efficiency of products and services. It also ensures that the products and services of the organization meet the customer and regulatory requirements.
Additionally, ISO Certification helps in demonstrating continuous improvement. It also certifies that the following process has fulfilled all the criteria for standardization and quality check. The certification is issued in various fields and every ISO certification has a different set of criteria.
ISO 9001 certification implies that the products and services provided by the company meet international standards and indeed are of good quality. This certification is mandatory because:
For standards users, customers and consumers, ISO means quality, confidence, trust, safety and many other positive values. That is why ISO and their members care about how ISO's trademarks are used and whether unauthorized use of the ISO trademarks could mislead, create false impressions, or cause confusion. ISO and their members (located in many countries worldwide) will take appropriate action if they consider the misuse of ISO's trademarks puts their reputation at risk. For all others except ISO members and ISO technical committees (TCs), here are some non-exhaustive guidelines to help you avoid misusing ISO's trademarks. (ISO members and ISO TCs may use ISO’s trademarks according to ISO Policies).
The primary elements of ISO 9001:2015 are-
The aim of getting ISO certification is to advance the improvement of standardization in the technology of an organization.
CASCO is the ISO committee that works on issues relating to conformity assessment. CASCO develops policy and publishes standards related to conformity assessment; it does not perform conformity assessment activities. Membership to CASCO is open to full and correspondent members. CASCO is made up of a number of groups that take care of different tasks. CASCO’s standards development work is carried out by working groups of experts who are put forward by the ISO member bodies. The experts do not always belong to the member body but represent an expertise required by the working group. Membership to CASCO is open to all ISO members. CASCO’s policy work is carried out by three groups:
Conformity assessment involves a set of processes that show your product, service or system meets the requirements of a standard. Undergoing the conformity assessment process has a number of benefits:
The main forms of conformity assessment are testing,certification, and inspection.
Certification is the provision by an independent body of written assurance (a certificate) that the product, service or system in question meets specific requirements. Certification is also known as third party conformity assessment. Many companies and organizations decide to get certified to one of ISO’s management system standards, such as ISO 9001. This is a way of showing outsiders that the organization has an effective quality management system in place.
TestingTesting is the determination of one or more of an object or product’s characteristics and is usually performed by a laboratory. CASCO has developed a number of standards that laboratories can follow to help ensure that their results can be trusted.
InspectionInspection describes the regular checking of a product to make sure it meets specified criteria. Fire extinguishers, for example, need regular inspections to ensure they are safe for use. CASCO has developed a number of standards that inspection bodies can follow to help ensure that we can trust their work.
Keeping It ConsistentISO has produced standards to help make conformity assessment activities as uniform as possible across industries and across the world. Amongst other things, this reduces the need for duplication of testing when importing or exporting, thus facilitating global trade. ISO standards are in place to ensure consistency. Each certification has separate standards and criteria and is classified numerically.
Mutual RecognitionA Mutual Recognition Agreement or Arrangement (MRA) increases confidence in conformity assessment between countries as it formally recognizes the results of each other’s testing, inspection, certification or accreditation, reducing duplication of conformity assessment activities.
If an organization bills them as "ISO 9001 certified," this means the organization has met the requirements designated under ISO 9001. ISO 9001 requires organizations to define and follow a quality management system that is both appropriate and effective while also requiring them to identify areas for improvement and take action toward those improvements. As a result, it's typically understood that an organization claiming ISO 9001 certification is an organization with products and services that meet quality standards.
The certification ISO 9001:2008 includes three components: ISO, 9001, and 2015. Here's what each component represents
ISO- As mentioned above, ISO refers to the International Organization for Standardization. This organization develops the standards, and it does in order to certify businesses or organizations. Certification is handled third-party and tested annually.
9001- The number appearing after ISO classifies the standard. All standards within the ISO 9000 family refer to quality management. ISO 9001 is among ISO's best-known standards, and it defines the criteria for meeting a number of quality management principles. It helps businesses and organizations be more efficient and improve customer satisfaction.
2015- The final number in an ISO certification refers to the version of the standard that's being met and is represented by the calendar year those standards were launched. 2015 is the fifth edition of ISO 9001. It was launched in September 2015, and Mead Metals has updated its processes to meet the specifications of this newest version.
The best way to learn about new, revised, or updated ISO standards is from ISO themselves. As the organization that sets the standards, they would be the best source. Additionally, there are outlets that offer summaries and explanations of ISO updates to help individuals and businesses understand them. For instance, the website 9001simplified detailed what changed when ISO 9001 changed from 2008 to 2015
Many people assume that ISO grants certification, but in fact, this is not true; instead, a registrar or certification body (CB) will be the one to grant certification. When choosing a registrar you should make sure that they are accredited. They should be a member of the International Accreditation Forum (IAF), and additionally need to be ISO/IEC 17021:2015 certified. One of these standards is ISO/IEC 17021:2015 Conformity assessment. “Requirements for bodies providing audit and certification of management systems“, which in effect stipulates the requirements for Registrars who certify organizations to ISO management standards like ISO 9001, ISO 14001, etc.
People often say “ISO Certified” but ISO does not issue certificates or certify individual companies to any standard. So who can Grant ISO 9001 Certification? They are issued by certification/registration bodies (also called Registrars or CB’s), which are independent of ISO. Certification Bodies (CBs) need to be accredited by an IAF member to be internationally recognized.
ISO/IEC 17021 ensures international acceptance of the CB’s certifications (i.e. your ISO 9001:2008 certificate) by requiring that all Accreditation bodies (ANAB, etc.) belong to an internationally accredited organization, like the IAF. Likewise, the IAF ensures that CB’s comply with ISO/IEC 17021. Some Quality System Registrars are not accredited by IAF, and thus are not meeting ISO 17021 — and will not be internationally recognized. Make sure that you choose a Registrar who is accredited by an IAF member (ANAB or the equivalent of ANAB in your country or region). When you receive your registration certificate, it should display the ANAB and the IAF logos and unfortunately, without them, you are not officially ISO 9001 certified.
Decreased Operational Costs
International Business Recognition
Increased in overall Revenue
Improved Customer Acquisition
Government Tender Eligibility
Improved Resource Management
Help Protect your Business Brand
Reduced Business Risks
ISO certification refers to the seal which is approved from an external body whereby a company complies to one of the internationally recognized ISO management systems. This certification can further be used to tender for a business as a proof of a company’s credibility but also instills confidence in a potential client that promises will be kept. By ISO certification body we mean a registrar which is competent and authorized to issue certification on the management system after an audit. It is the awards credentials to individuals who meet specific competence requirements relating to a particular profession, an occupation, a job or a portion of a job. Distinguishing the best ISO certification body is really a very challenging task being an individual or organization. Any certification body can only be stated as leading when they meet below requirement:
Some of the best ISO certification bodies in India
No doubt the price is the main criteria and you should ask a couple of certification bodies for their proposals and think over it what to do what not to do. However, the price is not the only thing that we should look for but we should consider other things also:
A wise decision must be taken in selecting the right organization to carry out your ISO certification. Always choose an accreditation body that is a signatory to the IAF Multilateral Recognition Arrangement (MLA) that would be proved the best practice. It will be competent to deliver a consistently reliable and impartial service which meets the appropriate, internationally-recognized standard. To find an accredited certification body in our country, contact the National Board of Accreditation (NBA), India.
Benefits of choosing an accredited ISO certification bodiesFollowing are the benefits of choosing an accredited ISO certification body:
It gives you the confidence of getting the service that closely meets your requirements.
A chance to win a new business since the use of accredited conformity assessment services is increasingly a stipulation of specifiers in both the public and private sector;
Through accredited ISO certification bodies, you can gain access to overseas markets since certificates issued by them are recognized well and accepted throughout the world.
It helps to identify the best practice since the certification body needs to have an appropriate knowledge of your business sector.
It controls the cost with the help of knowledge transfer since accredited certification bodies can be a good source of impartial advice.
It also offers market differentiation and leadership by showing to others credible evidence of good practice.
Besides, it demonstrates due diligence in the event of legal action.
Last but not least, it reduces paperwork and increases efficiency by reducing the relevance of re-audits your business.
The very first step is to choose the kind of certification the organization wants.
Once the entrepreneur selects the ISO standard; it shall make an application in a respective form based on the ISO registrar. The application shall include the power and responsibilities of the entrepreneur and certification body and includes liability issues, confidentiality, and access rights.
Application shall be filed along with the requisite documents and the same shall be reviewed by the ISO certification body. ISO Certification body will review all the quality manuals and documents related to various policies being followed in the organization.
The ISO certification body will review all the quality manuals and documents related to various policies and procedures being followed in the organization. Review of existing works will help the ISO registrar to identify the possible gaps against the requirements stipulated in the ISO standards.
The Pre-assessment is an initial review of the Quality Management System in an organization to identify any significant weakness or omissions in the system and registrar will provide the organization with an opportunity to correct the deficiencies before the regular registration assessment is conducted..
To identify any significant weakness in the Organization, the Pre-assessment (Initial review) of the Quality Management System in an organization is reviewed by the registrar and will also provide an opportunity to correct the deficiencies before the regular registration assessment is conducted.
Once the initial review of the Quality management system is reviewed, the ISO registrar notifies the existing gaps in the organization, and to eliminate these gaps the applicant has to prepare an action plan. The action plan should contain the list of the requisite work to be performed to meet the Quality Management System.
Note: The entrepreneur may need giving training to employees to work efficiently to achieve quality management system. Make all the employees in the organization to aware of the ISO standards concerning work efficiency and quality standards.
The registrar will conduct a non-premises inspection to audit the changes made in the organization. However, if the registrar finds that the requisite changes do not meet the requirements of the ISO standards, the registrar will categorize the organization into two categories depending on severity.
Note-The ISO registration cannot precede until all significant non-compliances are closed by the Registrar while doing a re-audit.
The registration cannot proceed until all significant nonconformities are closed and verified by the Registrar. This usually involves a re-audit of the affected areas and, of course, the associated costs.
Note: Minor nonconformities require a corrective action plan and that will be closed at the first surveillance.
The registrar will issue the ISO certification when all the non conformities are resolved and are updated in the ISO audit report.
Surveillance audit will be conducted primarily to ensure that the organization is maintaining ISO quality standards. It will be performed from time to time.
Before getting an ISO certification, the following aspects have to be considered:
Before you can get certified, you will first have to develop and document your production processes, implementing the correct procedures to ensure you can maintain your quality standards. Here are the four essential steps to becoming an ISO-certified business
Develop your management system |
|
Implement your system |
|
Verify that your system is effective |
|
Register your system |
|
Choosing the type of ISO Certification-First of all, the entrepreneur needs to choose the type of ISO certification required for the business. There are various types of ISO certification are available such as listed below:
It must be noted that ISO itself does not provide certification to the companies. Certification is done by the external bodies. It is very important that you choose recognized and credible certification body. While choosing the ISO registrar, you should keep the following in mind:
It is advisable that an attorney with “ISO experience” must be appointed to overwhelm many of the potential pitfalls that creep around within ISO Registration and to understand the requirement in detail. The elementary information would be mandatory from your end to start the process. The Attorney will begin working on your request once all the information is provided, and the payment is received.
How much does it cost?The costs for developing and registering a formal management system vary depending on the size and complexity of your organization and your internal processes.
You can reduce some of these costs by using an external consultant, especially since this reduces the risk of starting down the wrong path or missing critical requirements of the standard. As a general guideline, it usually takes eight to 18 months from inception to registration, with the average being 12 months. ISO certification processing time also varies from organization to organization. The ISO certification body will notify the details processing time for completion of ISO certification after assessing the size of an organization.
Industry | ISO 9001 | ISO 27001 | ISO 14001 | ISO 45001 | ISO 22000 |
---|---|---|---|---|---|
Manufacturing / Fabrication | Yes | Yes | Yes | ||
Construction / Architecture | Yes | Yes | Yes | ||
IT Companies | Yes | Yes | Yes | ||
Engineering Design | Yes | Yes | |||
BPO | Yes | Yes | Yes | ||
Banks / Financial Institutes | Yes | Yes | Yes | ||
Import & Export Businesses | Yes | ||||
Mining, Petroleum, Oil & Gas | Yes | Yes | Yes | Yes | |
Staffing / HR Solutions | Yes | Yes | |||
Trading Companies | Yes | ||||
Travelling, Cargo, Shipment & Supply Chain | Yes | ||||
Automotive (Service & Manufacturing) | Yes | Yes | Yes | ||
Power & Energy | Yes | Yes | Yes | ||
Software/App/Website Development | Yes | Yes | |||
Food Manufacturers | Yes | Yes | Yes | Yes | |
Rubber/Plastic Manufacturer | Yes | Yes | Yes | ||
Restaurants / Caterers / Hotels | Yes | Yes | Yes | ||
Facility Management | Yes | Yes | Yes | ||
Service Providers | Yes | Yes | |||
Security Guard Agencies | Yes | ||||
Interior Design Companies | Yes | ||||
Chemical Companies | Yes | Yes | Yes | ||
Pharmaceuticals | Yes | Yes | Yes | Yes | |
Laboratorys | Yes | Yes | Yes | Yes | |
Recycling Organizations | Yes | Yes | Yes | ||
Hazardous Waste Handling | Yes | Yes | Yes | ||
Agriculture | Yes | Yes | |||
Printing Companies | Yes | Yes | |||
Event Management | Yes | ||||
Public Administrations | Yes | Yes | |||
Govt. Offices | Yes | Yes | |||
NGO | Yes | ||||
Schools or Educational Institutes | Yes | ||||
Colleges or Educational Institutes | Yes | ||||
Training Institutes (Non-Formal) | Yes | ||||
Spas & Salons | Yes | ||||
Organic Products | Yes | Yes | Yes | ||
Gyms & Sports Center | Yes | ||||
Hospitals | Yes | Yes | Yes | ||
Skin, Dental & Eye Clinics | Yes | ||||
Fitness & Slimming Clinics | Yes | ||||
Medical (Manufactures/Suppliers/Traders) | Yes | Yes | Yes | ||
Textile & Apparel | Yes | Yes | |||
Telecommunication | Yes | Yes | Yes | ||
Aerospace | Yes | Yes | Yes | Yes | |
Entertainment Sector | Yes | ||||
News & Media | Yes | ||||
Electronics Industry | Yes | Yes | Yes | Yes | |
Advertising Industry | Yes | ||||
Retail Sector | Yes | ||||
Space Industry | Yes | Yes | Yes | ||
Robotics | Yes | Yes | |||
Hospitality | Yes | Yes | Yes | ||
Small Businesses | Yes | ||||
Consumer Durables | Yes | Yes | |||
E-Commerce | Yes | Yes | |||
FMCG | Yes | ||||
Biotechnology | Yes | Yes | Yes | Yes | |
Gems & Jewelry | Yes | ||||
Insurance Agencies | Yes | Yes | |||
MSME | Yes | ||||
Renewable Energy (Solar & Other) | Yes | Yes | |||
Railways | Yes | Yes | Yes | ||
Roads | Yes | Yes | Yes | ||
Tourism | Yes | ||||
Science & technology | Yes | Yes | |||
Real Estate | Yes | ||||
Ports | Yes | Yes | |||
HealthCare | Yes | Yes | Yes | ||
Defense Manufacturing | Yes | Yes | Yes | Yes | |
Consulting Agencies | Yes |
In general, the flow of activities during the ISO 9001 audit is as follows:
During the audit, if the auditors find anything that does not meet with the requirements of the ISO standard or that does not meet the requirements of your procedures; they determine the severity and issue a finding. Audit findings are usually called nonconformities and fall into one of two categories depending on severity.
ISO auditors work for or contract to ISO Registrars to perform ISO registration assessments and surveillances. They are the “front line” in the process. The Registrars are responsible for ensuring Auditors meet qualification requirements. Their requirements include training in auditing, ISO 9001 training, and at least one member of the audit team must have experience in the industrial sector of the company being audited.
If a person claims to be certified as an ISO 9000 lead auditor, ask to see proof of his or her certification. Make sure the certification is current by checking the expiration date. Auditors collect the objective evidence demonstrating the effectiveness (or lack thereof) of the company’s quality management system and make registration recommendations to the Registrar. The Registrar has the ultimate decision, however.
The ISO Registration Process comes after your company’s ISO 9001 audit. The purpose of registering your company is to show that you’ve met the requirements. And to do this effectively, you will need to follow eight essential steps.
You’ll need to begin searching for an ISO registrar during the 2 to 3 months your company is still building its quality system
Registrars must meet the requirements of the ISO Accreditation Bodies. These requirements include things such as independence; Registrars cannot consult for instance. This system ensures uniformity in the registration process.
Accreditation Bodies maintain directories of the Registrar organizations that they accredit. These directories are available on their websites. You can normally find these websites by doing a search on the Accreditation Body’s name or initials.
Select a registrar that has experience within the scope category of your specific industry. Keep in mind accreditation, scheduling issues, fees and comfort level when selecting the registrar right for you.
Registrar qualifications are a key consideration. As you research Registrars you will notice that some appear to be very limited in scope just based on their names. Registrars must be accredited in a particular industrial sector in order for them to be able to certify a company in that sector. Some Registrars are accredited in several if not all sectors; others specialize in certain sectors. The best approach to evaluating a Registrar’s qualifications for your industrial sector is to contact the Registrar.
After qualifications, price is always a concern. Be sure to evaluate the total cost including expenses, fees and the cost of surveillance.
Probably as important as price, within limits of course, is the overall experience a client gets with a registrar. Important areas to consider are the interpersonal skills of the auditors; the office support and ability to get questions answered; are the audits a value-added experience, will the Registrar work with you, how flexible are they in adjusting dates – how many weeks notice.
A company and a registrar will agree on the application contract. This is an important step of the ISO Registration Process because it defines the rights and obligations of both parties, and includes liability issues, confidentiality and access rights.
The registrar will require a copy of your quality manual and procedures to verify that all the requirements of the standard are addressed. The ISO Registration Process is not a quick process, be sure to allow 2-4 weeks in advance for the registrar to fully review all of the necessary documents.
Though optional, this 2-4 week initial review of the system identifies any significant omissions or weaknesses. It saves time and allows the registrar to assess any issues and resolve logistics before the actual assessment audit.
The Pre-assessment is an initial review of your Quality Management System to identify any significant omissions or weakness es in the system and provide your organization an opportunity to correct any deficiencies before the regular registration assessment is conducted.
NOTE: During ISO 9001 Registration, only one pre-assessment may be conducted and Registrars cannot provide quality consulting or advice on system implementation. Evaluating the quality system and documentation to meet ISO requirements is allowed but registrars cannot provide guidance on how to implement a quality system.
During the ISO audit process, or physical onsite inspection of procedures in action, the auditors will issue findings if they assess anything that doesn’t meet requirements, or nonconformities. The length of this step of the ISO Registration Process will depend on the scope of the audit and the size your organization.
After all of the findings are put into the ISO audit report and nonconformities are addressed, your company has the option to register as ISO 9001 conformant. You will receive a certificate and can also be listed in a register, which the company can use to publicize its registration and use in advertising.
To ensure that the system is maintained and that changes don’t result in deficiencies in the system, registrars perform regular surveillances of the system. Over the three-year period of your certificate, auditors will perform one full and two partial checks of your system.
The Document Review and Pre-assessment typically require 2-4 weeks each. However, the number of registrars and the number of days for each stage of the registration audit depends on the size and complexity of your organization. To help the ISO Registration Process go smoother, set target dates accordingly to allow both you and the registrar time to fully prepare. It is to be noted that, registration and the entire audit process should provide you with valuable feedback to improve your system.
All in all, the training timeline will depend on numerous factors including the understanding of the requirements, the preparedness of an organization, and the size and complexity of the organization. Still, most can expect to receive their ISO 9001:2015 certification in three to six months.Point to be noted that individuals cannot become ISO certified only businesses and organizations can. It's also worth noting that ISO doesn't provide the certification. Instead, certification is made possible through third party organizations
When ISO 9001:2015 became available in September 2015, there was a three-year transition period for businesses and organizations to receive training and update processes, which allowed businesses of all shapes and sizes the time they needed to receive training and update processes.
Time taken in completing the whole process of ISO certification also varies from organization to organization. The fair idea can be given by the ISO certification agency after assessing the size of the company. Generally, the time required to complete the process of ISO certification is approximate:
Small organizations: 6-8 months
Medium organizations: 8-12 months
Large organization: 12-15 months
Time taken in finishing the entire procedure of ISO certification additionally changes from business to business. Thereasonable thought can be given by the ISO certification office in the wake of surveying the size of the organization. For the most part, the time required to finish the procedure of ISO certification is somewhere between 15 to 60 Days.
Cost for getting ISO certification is not fixed and varies from organization to organization. The ISO certification agency calculates the cost of ISO certification separately for each organization after considering them on different parameters such as-
The entire process of documentation is divided into four different levels:
1.Copy of PAN Card
2.Passport size photograph
3. Copy of Aadhaar Card/ Voter identity card
4. Two copies of sales bill/purchase bill
Step 1: Visiting the ISO online registration portal
Step 2: Submitting the scanned copy of your passport size photos
Step 3: Submitting the scanned copies of your Aadhaar card and purchase bill
Step 4: Emailing in the scanned documents to the ISO certification body
Step 5:Selecting the type of certificate from the list
Step 6: Filing the documents with the registrar
Step 7: Your ISO certificate is audited and issued via email.
The overall ISO Implementation Process may take a minimum of 45 days to 150 days based on the nature and size of the Organization. The Timeline shown below is just for indication to give you a pictorial imagination of the ISO Implementation Process. Actual Actions may vary based on the Business Factors and Requirements.
Our ISO Implementation approach is based on the System and processes of your organization. Decisions are made based on facts and not by opinions of any kind, this brings consistency and confidence in the operation of your business. A systemized approach to solving problems enables to prevent the occurrences of problems in the future.
S.No. | ISO Standards | Description | Body |
1 | ISO 9001:2015 (Quality Management Systems) | ISO 9001:2015 sets the criteria for Quality Management Systems (QMS), although this is not necessary. Any company can get registered under this, despite its size (large or small) or field of activity.
This certificate is issued to any organization that can demonstrate its ability to control food safety hazards to ensure that food is safe. Any organization can get this certificate regardless of its size or position in the food chain. |
AIAO-BAR |
2 | ISO 14001-2015 (Environmental management systems) | This certificate is allotted to any organization irrespective of the size, type, and nature and applies to the environmental aspects of the activities, products, or services that an organization determines it can either control or influence considering the life cycle perspective | AIAO-BAR |
3 | ISO 45001:2018 (Occupational Health and Safety Management System) | This certificate specifies the requirements of any occupational health and safety management system, which gives guidance for its use. This enables organizations to provide safe and healthy workplaces and prevent work-related injuries and ill-health. | AIAO-BAR |
4 | ISO 22000:2005 (Food Safety Management) | Certificate demonstrates its ability to control food safety hazards to ensure that food is safe. It can be used by any organization regardless of its size or position in the food chain | AIAO-BAR |
5 | ISO 29990:2010 (Learning services for non-formal education and training) | This ISO standard provides a generic model for quality professional practice & performance. It also provides a common reference for Learning Service Providers (LSPs) and the clients in the development, design, and delivery of non-formal education, training, and development. | AIAO-BAR |
6 | ISO 15001:2010 (Anesthetic and respiratory equipment) | This certificate specifies the requirements for the oxygen compatibility of materials, components, and devices for anesthetic and respiratory applications, which can come into contact with oxygen in normal conditions or single fault conditions at gas pressure greater than 50kPa. | AIAO-BAR |
7 | ISO 50001:2011/15 (Energy Management System) | This type of ISO certificate specifies requirements for establishing, implementing, maintaining and improving an energy management system. The purpose of this is to follow a systematic approach in achieving continual improvement of energy performance, including energy efficiency, energy use, and consumption. | AIAO-BAR |
8 | ISO 16732-1:2012 (Fire Safety Engineering) | It provides the conceptual basis for fire risk assessment by stating the principles underlying the interpretation and quantification of fire-related risk. As these fire risk principles apply to all fire-related phenomena and all end-use configurations, so this would mean that these principles can be applied to all types of fire scenarios | AIAO-BAR |
9 | HACCP (Hazard Analysis Critical Control Point) | Hazard Analysis and Critical Control Point or HACCP is a food industry standard. It is a systematic food safety program that was developed by the food industry that examines every step in a food processing operation. Like identifying a specific hazard, implementing effective control measures, and monitoring procedures. | AIAO-BAR |
10 | ISO 27001:2013 (Information security management systems) | This ISO standard specifies the necessary requirements for establishing, implementing, maintaining, and continually improving an information security management system. In addition to this, it also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. | AIAO-BAR |
11 | ISO 20000-1:2016 (Information technology) | The ISO/IEC 20000-1:2016 certification is one such standard certification that helps in the implementation of an efficient Standard Quality Management System (SQMS) in the IT companies. Thi is certification is internationally acclaimed and most of the IT companies used this to enhance the quality of services that they deliver to the clients. The ISO/IEC 20000-1:2016 certificate is mandatory for the companies that are involved in the IT sector and provide different services to the clients. Attaining this certificate helps them in easy monitoring and improvement of service quality. | AIAO-BAR |
12 | ISO 13485:2016 (Medical devices QMS) | This is a type of certificate that specifies requirements for QMS where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements. | AIAO-BAR |
13 | ISO 16949:2009 (QMS for automotive production and relevant service part) | This ISO certificate defines the quality management system requirements for design and development, production, and relevant installation and services of automotive-related products. | AIAO-BAR |
14 | ISO 20121:2012 (Event Sustainability Management System) | This certificate specifies requirements for an event sustainability management system for any event type or related activity. And thus it guides on conforming to those requirements. | AIAO-BAR |
15 | ISO 19011:2011 (Guidelines for Auditing Management System) | This type of standard applies to every organization that needs to conduct internal or external audits of management systems or manage an audit program. | AIAO-BAR |
16 | ISO 4217:2015 (Codes for representation of currencies) | This type of standard specifies the structure for a 3-letter alphabetic code and an equivalent 3-digit numeric code for the representation of currencies. For any of the minor currencies, it shows the decimal relationship between such units and the currency itself. | AIAO-BAR |
17 | ISO 10012:2003 (Measurement Management System) | This type of standard specifies certain quality management requirements of a measurement management system that can be used by an organization performing measurements as a part of the overall management system. This is also to ensure all metrological requirements are met. | AIAO-BAR |
18 | ISO 31000:2018 (Risk Management) | This standard provides certain guidelines on managing risk by organizations. These guidelines can be customized to any organization and its context. In addition to this, these can also be used throughout the life of the organization and in any activity as well (including decision-making at all levels) | AIAO-BAR |
19 | CE Mark (Certification Mark) | In case one finds a CE mark on any product/packaging of the product, then this would mean that the product has met all the requirements of the harmonized European standard. This mark indicates that the product has met with the essential health and safety requirements of all directives that apply to the product. The European Commission, handling the administration of the program, describes that the CE mark is used to freely trade a product in the internal European market. If any product is to be sold in the European community, this mark is necessary. | AIAO-BAR |
20 | GMP 22716 (Goods Manufacturing Practices) | Guidelines are given for the production, control, storage, and shipment of cosmetic products. The guidelines provided cover the quality aspects of the product. But they do not cover safety aspects for the personnel engaged in the plant nor do they cover aspects of protection of the environment | AIAO-BAR |
21 | HALAL | Halal is a Quranic term that means ‘permitted’ or ‘lawful’. When this term is used to any food or consumables, then it would mean any item which is permissible for consumption and is used by Muslims based on Islamic law. According to this law, it is a responsibility of a Muslim to make sure that the food consumed or any business performed is not detrimental to their health or well-being. Halal mark is the new benchmark for quality. Halal trade specifies the trade of certified quality products that meets the rigorous internationally accepted standard in production and hygiene. | AIAO-BAR |
22 | ISO 3834-2:2005 | This standard specifies comprehensive quality requirements of fusion welding of metallic elements either in shops or at field installation sites. | AIAO-BAR |
Many organizations with ISO Certification are unaware that you can transfer your ISO Certification from one Certification Body to another at any stage you wish, you are not tied into any contract. This is the rule for all Accredited Certification Bodies such as Auva Certification.Organizations transfer for many different reasons such as:
The transfer process is free when transferring to Auva but some other Certification Bodies may charge for the service
EligibilityIn order to transfer your certification, the current certification must be accredited by an IAF or Regional MLA. If you are holding a certification from a registrar that is not covered by such accreditations, then you should reach out to a registrar as a new client. If your accreditation is suspended, you are not allowed to transfer. If your registrar let their accreditation expire, the organization must transfer to a new registrar within 6 months, if longer than 6 months the organization will not qualify as a transfer and will be treated as a new client.
How does the transfer process work?The transfer process is simple and you do not lose any time in your certification, your certificate is protected throughout the entire process so you do not need to worry about something happening to it. The first stage is to receive a no obligation quotation from new Accredited Certification Bodies, and ensure that you are transferring from another Certification Body as this has an implication on the assessment costs and stages.
Once you have accepted the quotation you can send a copy of your current certificate, do not inform your current Certification Body at this time. The new Accredited Certification Body will send a request to your current Certification Body and request the last three years assessment reports and findings and notify them of your intent to transfer. A copy of this email will be sent to you so that you are clear of the actions which are taken. After your current Certification Body has received this notification they are obliged to maintain your current certificate and provide the new Accredited Certification Body with the documents requested in line with Accreditation requirements.
When these documents have been received, the internal technical team of the new Accredited Certification Body will perform a review and determine if the transfer is valid. This should never be an issue unless there are outstanding non-conformances, if there are, then this can get these closed before the completion of the transfer takes place.
Once the new Accredited Certification Body is satisfied, they will issue you with a certificate that replicates your current certificate (dates, scope, address etc) but now on new Accredited Certification Body certificates instead of your current Certification Body. They will also issue you with the logos which you can put onto your stationary.
The last stage is to send a confirmation email to your now previous Certification Body informing that the transfer process has been completed and they can cancel the certificate you had with them. Again, a copy of this email will be sent to you so that you are fully aware of the process and stage completions.
Which standards can be transferred?Generally any ISO standard which has been certified by an Accredited Certification Body whose accreditation is with a member of the IAF MLA, you can check these out here. This might sound confusing but generally any globally recognized Accreditation Body such as UKAS and ANAB, if in doubt you can ask us here. There are other schemes which are not ISO standards such as AS9100, AS9120, AS9110 and IATF 16949 are also transferrable.
Step 1 – Send the basic information about your organization or, use up to 3 registrars
Step 2 – Expect to receive a prompt quotation or a follow up call.
Step 3 – Once the quotation is approved by your organization, the registrar should contact you to discuss an audit timeline based on your next surveillance audit or your recertification audit that would normally have been conducted by your current registrar.
Step 4 – When the audit date is set, the registrar will ask you to send your transfer documentation. This would include previous audit reports and current certificate
Step 5 – The auditor(s) conduct the audit and issue to the client any non-conformances for corrective action response.
Step 6 – Following the review and approval by the registrar, they issue a new certificate. This step usually takes a few days.
Step 7 – An organization’s certification is then posted to a public registration database
An organization undergoes many changes during and after certification to fill all the identified gaps in its journey of quality management. Once an organization has made a commitment to get ISO certified, it requires a huge investment in terms of time, effort, cost and change. Dedicated personnel must be identified, trained and deployed to manage this certification process. A baseline status is established and analyzed for gaps against the specifications of ISO 9001 QMS. Addressing these identified gaps may require adding new personnel, processes, documents and new quality controls. Organizations often employ Plan Do Check Act (PDCA) cycle to address gaps and improve the current state to reach the desired goal.
Internal auditOrganizations then perform an internal audit. It is intended to mimic an external audit and review the developed system to check if it meets ISO 9001 requirements. Established processes are checked to ensure that they comply with the quality manual the organization has put in place. For any gaps found during the internal audit, defined processes as per the quality manual must be followed to close the gaps. This approach puts the Quality Management System QMS into practice even before certification. It should be noted that implementing a QMS must enable an organization to continuously improve than merely satisfying certification requirements.
Once an organization is awarded an ISO certification, it is valid for 3-years. A QMS established for certification must be maintained on a regular basis to stay compliant and achieve intended objectives. QMS must be maintained for both continuous improvement and for recertification. Also, the certifying authority or registrar must conduct periodic checks within 3 years of time to ensure that the system is being maintained and is rooted in the processes and procedures of the organization. Quality management is a continuous journey and not an end state. For certified companies, continuously improving and maintaining compliance and getting recertified is a more difficult journey than the first-time certification. But, this can be simplified by managing changes to documents and processes efficiently using an Enterprise QMS. ISO 9001 certification renewal has to be done once a year and for the renewal, the authorities conduct a surveillance audit to ensure adherence to all the standards
Reasons for losing certified statusFor an organization that is fully committed to follow its QMS and continuous improvement, recertification will become a natural process step. However, many companies fail in maintaining ISO 9001 certification requirements and eventually lose the certified status during their next certification cycle. Typical reasons for such failure can be broadly categorized into: commitment, competence, complexity and change management, statuses of all of which can get altered from the state before.
When a senior management of a company embarks on an ISO journey for reputation alone, quality management and continuous improvement are hard to accomplish. Processes don’t get followed effectively and quality management remains on paper. Personnel who are managing ISO requirements, who fail to maintain a quality management system, will fail in enforcing continuous improvement. Assigning responsibility of quality management system to external contractors alone and not having efficient internal oversight will also result in a failure of the system. Competence in the personnel responsible for maintaining a QMS is an absolute requirement and needs to be planned and implemented through regular training programs. Some organizations make QMS too complex to adopt. This typically happens when several different systems are put in place and understanding the system relationships is hard for the employees who use them. This can be easily avoided by engaging Enterprise QMS software that integrates all quality management activities into a single platform. Lastly, but undeniably, most critically, one of the reasons for a QMS failure is inability to handle change management issues. After a quality management system is certified, an organization may encounter several changes in its documents, processes, tools used and procedures to be followed. These changes often arise due to changes in the business’s functions, management team, systems and markets. Any of these changes, if not handled in a planned manner, may disrupt the original quality management system that the organization has put in place. This will lead to quality management activities that are not per the defined quality manual. In fact, handling a change in a planned manner is an explicitly stated requirement in the ISO 9001 specifications.
S.No. | Standard and/or Project Under The Direct Responsibility of ISO/CASCO Secretariat | Description |
1 | ISO/IEC GUIDE 23:1982 | Methods of indicating conformity with standards for third-party certification systems |
2 | ISO GUIDE 27:1983 | Guidelines for corrective action to be taken by a certification body in the event of misuse of its mark of conformity |
3 | ISO/IEC GUIDE 60:2004 | Conformity assessment — Code of good practice |
4 | ISO/IEC GUIDE 68:2002 | Arrangements for the recognition and acceptance of conformity assessment results |
5 | ISO/IEC 17000:2020 | Conformity assessment — Vocabulary and general principles |
6 | ISO/IEC 17007:2009 | Conformity assessment — Guidance for drafting normative documents suitable for use for conformity assessment |
7 | ISO/IEC 17011:2017 | Conformity assessment — Requirements for accreditation bodies accrediting conformity assessment bodies |
8 | ISO/IEC 17020:2012 | Conformity assessment — Requirements for the operation of various types of bodies performing inspection |
9 | ISO/IEC 17021-1:2015 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 1: Requirements |
10 | ISO/IEC 17021-2:2016 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 2: Competence requirements for auditing and certification of environmental management systems |
11 | ISO/IEC 17021-3:2017 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 3: Competence requirements for auditing and certification of quality management systems |
12 | ISO/IEC TS 17021-4:2013 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 4: Competence requirements for auditing and certification of event sustainability management systems |
13 | ISO/IEC TS 17021-5:2014 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 5: Competence requirements for auditing and certification of asset management systems |
14 | ISO/IEC TS 17021-6:2014 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 6: Competence requirements for auditing and certification of business continuity management systems |
15 | ISO/IEC TS 17021-7:2014 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 7: Competence requirements for auditing and certification of road traffic safety management systems |
16 | ISO/IEC TS 17021-8:2019 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 8: Competence requirements for auditing and certification of management systems for sustainable development in communities |
17 | ISO/IEC TS 17021-9:2016 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 9: Competence requirements for auditing and certification of anti-bribery management systems |
18 | ISO/IEC TS 17021-10:2018 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 10: Competence requirements for auditing and certification of occupational health and safety management systems |
19 | ISO/IEC TS 17021-11:2018 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 11: Competence requirements for auditing and certification of facility management (FM) management systems |
20 | ISO/IEC TS 17021-12:2020 | Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 12: Competence requirements for auditing and certification of collaborative business relationship management systems |
21 | ISO/IEC TS 17023:2013 | Conformity assessment — Guidelines for determining the duration of management system certification audits |
22 | ISO/IEC 17024:2012 | Conformity assessment — General requirements for bodies operating certification of persons |
23 | ISO/IEC 17025:2017 | General requirements for the competence of testing and calibration laboratories |
24 | ISO/IEC TR 17026:2015 | Conformity assessment — Example of a certification scheme for tangible products |
25 | ISO/IEC TS 17027:2014 | Conformity assessment — Vocabulary related to competence of persons used for certification of persons |
26 | ISO/IEC TR 17028:2017 | Conformity assessment — Guidelines and examples of a certification scheme for services |
27 | ISO/IEC 17029:2019 | Conformity assessment — General principles and requirements for validation and verification bodies |
28 | ISO/IEC 17030:2003 | Conformity assessment — General requirements for third-party marks of conformity |
29 | ISO/IEC TR 17032:2019 | Conformity assessment — Guidelines and examples of a scheme for the certification of processes |
30 | ISO/TS 17033:2019 | Ethical claims and supporting information — Principles and requirements |
31 | ISO 17034:2016 | General requirements for the competence of reference material producers |
32 | ISO/IEC 17040:2005 | Conformity assessment — General requirements for peer assessment of conformity assessment bodies and accreditation bodies |
33 | ISO/IEC 17043:2010 | Conformity assessment — General requirements for proficiency testing |
34 | ISO/IEC 17050-1:2004 | Conformity assessment — Supplier's declaration of conformity — Part 1: General requirements |
35 | ISO/IEC 17050-2:2004 | Conformity assessment — Supplier's declaration of conformity — Part 2: Supporting documentation |
36 | ISO/IEC 17065:2012 | Conformity assessment — Requirements for bodies certifying products, processes and services |
37 | ISO/IEC 17067:2013 | Conformity assessment — Fundamentals of product certification and guidelines for product certification schemes |
The National Accreditation Board for Certification Bodies (NABCB) provides accreditation to Certification, Inspection, and Validation & Verification Bodies based on assessment of their competence as per the Board's accreditation criteria and in accordance with International Standards and Requirements. NABCB is a full member of International Accreditation Forum (IAF), International Laboratory Accreditation Cooperation (ILAC) and Asia Pacific Accreditation Cooperation (APAC), as well as signatory to its MLAs / MRAs. NABCB is also MRA signatory of Asia Pacific Accreditation Cooperation (APAC) for Occupational Health Safety Management Systems.
The Objectives of NABCB are:
Thus BIS (Bureau of Indian Standards) represents India in ISO. NABCB (National Accreditation Board for Certification Bodies) is one of the accredited certification bodies in India which uses CASCO standard.
ISO or The International Organization for Standardization is a non-governmental International federation of national standards with about One hundred and sixty-two Countries as its member. They provide International standards so as to generate products and services for high quality, safety, and efficiency. International standards are basically documents which provide certain specifications, guidelines or characteristics which help check the consistency of your product or services. There are more than One thousand nine hundred International Standards (which are updated as per the requirements) published by ISO. Few of the popular Standards are ISO 9000 (Quality management), ISO 22000 (Food Safety management), ISO 1400 (Environmental Management), ISO 26000 (Social responsibility), ISO 4217 (Currency codes), ISO 27001 (Information security) and so on. As an Entrepreneur, ISO 9000 (eligible for every sector) which includes ISO 9001:2015 is of our prime concern.
There isn’t any difference between accreditation bodies; all of them provide ISO standards certifications. The only difference you can mark is of market recognition, branding, and their prices
ISO 9001 is not mandatory to have, but it may be a client-imposed mandatory requirement. For example, you may need to have ISO 9001 certification to be eligible for tenders and work