ISO 9001 Audit is an essential part of the certification process. The purpose of an ISO 9001 audit is to evaluate the operational effectiveness of your Quality Management System and ensure that your quality management system complies with the ISO 9001:2015 standards. An ISO 9001 audit is a documented process meant to identify any issues with the system and come up with potential areas of improvement and actions to meet its quality objectives.
Although continual improvement is the purpose of any ISO 9001 audit, there are various types of ISO 9001 audits depending on the purpose of the audit and who is conducting it. The audits are categorized as internal and external audits, or first party, second party, or third-party ISO 9001 audits.
First-party ISO 9001 audits are internal audits, conducted by your organization using your internal resources. Second-party ISO 9001 audits are conducted by your contractors, suppliers, or customers to verify specifications in your contractual agreement. Third-party ISO 9001 audits are also external audits conducted by the certification body or registrar for the purpose of certifying your company.
ISO 9001 Internal Audit
ISO 9001 internal audit is a compliance requirement as per the standard. Periodic internal audits are to be conducted to determine the effectiveness of your quality management system in order to explore opportunities for improvement, meet statutory/regulatory requirements, and gain insight into your implemented quality management system in meeting specific objectives. ISO 9001 internal audit involves various steps like planning the audit schedule, planning the audit process, conducting the audit, reporting on the audit, and following up on non-conformance issues.
ISO 9001 Certification Audit
ISO 9001 certification audit is an external audit for the purpose of getting your organization ISO 9001 certified. The following are the steps involved in the ISO 9001 accreditation process:
- Hiring a Registrar: Hiring an ISO 9001 certification body or registrar is the first step in the process. An ISO 9001 Certificate is issued by a certification body. You will enter a three-year contract with the certification body.
- Certification Audit (Stage 1) – The Stage I Certification audit is the first stage of an ISO 9001 certification audit. This is typically an offsite audit and is often referred to as a “Documentation Audit”. The Stage I Certification audit is conducted to determine your readiness for the Stage II Certification audit. A registrar will review your quality management system documents and the scope of your quality management system as part of this audit.
- Certification Audit (Stage 2) – Stage II Certification Audit is a comprehensive assessment of your quality management system to verify that it is effective and meets the requirements of the ISO 9001 standards. Once you are done with the correction of any identified issues from the Stage One audit, you can move to the Stage 2 Certification Audit. It comprises an extensive evaluation of your quality management system to verify that it is effective and in compliance with ISO 9001 requirements. Audit activities include an opening meeting with your management team, facility tours, interview sessions with your employees, and a closing meeting.
- Corrective and Preventive Actions (CAPA) – ISO 9001 Audit findings may include non-conformities that are major, minor, and/or observations. When an ISO 9001 Audit finds a non-conformance with the ISO 9001 standard, they issue non-conformities. A major non-conformity is an issue that affects the whole system and the effectiveness of your quality management system. A minor nonconformity is something that affects part of the system. Observations are often issues that may warrant attention in the future. Organizations are required to come up with a plan to correct the non-conformance issue and prevent it from happening in the future when a non-conformity is identified
- Issuance of ISO 9001 Certificate: The ISO 9001 Certificate is issued by the Certification Body or Registrar when you successfully complete an ISO 9001 Audit. Issuance of ISO 9001 certificates is often subjected to addressing nonconformities with Corrective and Preventive Action plans in a timely manner. The certificate will state the scope of your quality management system, the mark of your registrar, due dates for surveillance audit, and how long your certificate is valid.
ISO 9001 Surveillance Audit
ISO 9001 Surveillance audit is an audit conducted by the ISO 9001 certification body that issued the certificate. ISO 9001 certificates are valid for three years from the date of issuance of the certificate. In order to retain your certificate, it is required that the certification body conducts annual surveillance audits for the following two years. The purpose of this follow-up audit is to ensure that you maintain conformance with the standard.
ISO 9001 Recertification Audit
ISO 9001 Certification is valid for three years and a recertification audit is needed after three years. The purpose of ISO 9001 recertification audit is to ensure that the ISO 9001 Quality Management System continues to meet the requirements of the ISO 9001 standard. During the audit, the certification body assesses the organization’s processes, procedures and documentation to verify continued compliance and effectiveness.
FREE ISO 9001 CONSULTATION: Liberty Management Group (LMG) offers a free, onsite ISO 9001 consultation. Whether you are just starting out on building a quality management system from scratch or need to evaluate your existing system for ISO 9001 certification, our experienced consultants will be able to give advice and guide you through the entire process of implementation and certification of ISO 9001.
After the initial onsite visit, we will provide you with an estimate of the cost and time frame of the ISO 9001 implementation and certification process. No contract or commitment is required unless LMG is selected to provide any further service.