ISO 9001 Audit is an essential part of the certification process. The purpose of an ISO 9001 audit is to evaluate the operational effectiveness of your Quality Management System and ensure that your quality management system complies with the ISO 9001:2015 standards. An ISO 9001 audit is a documented process meant to identify any issues with the system and come up with potential areas of improvement and actions to meet its quality objectives.
Although continual improvement is the purpose of any ISO 9001 audit, there are various types of ISO 9001 audits depending on the purpose of the audit and who is conducting it. The audits are categorised as internal and external audits, or first-party, second-party, or third-party ISO 9001 audits.
First-party ISO 9001 audits are internal audits, conducted by your organisation using your internal resources. Second-party ISO 9001 audits are conducted by your contractors, suppliers, or customers to verify specifications in your contractual agreement. Third-party ISO 9001 audits are also external audits conducted by the certification body or registrar for the purpose of certifying your company.
ISO 9001 Internal Audit
An ISO 9001 internal audit is a compliance requirement under the standard. Periodic internal audits are to be conducted to determine the effectiveness of your quality management system in order to explore opportunities for improvement, meet statutory/regulatory requirements, and gain insight into your implemented quality management system in meeting specific objectives. An ISO 9001 internal audit involves several steps, including planning the audit schedule, preparing for the audit, conducting the audit, reporting the audit findings, and following up on nonconformity issues.
ISO 9001 Certification Audit
ISO 9001 certification audit is an external audit for the purpose of getting your organisation ISO 9001 certified. The following are the steps involved in the ISO 9001 accreditation process:
- Hiring a Registrar: Hiring an ISO 9001 certification body or registrar is the first step in the process. A certification body issues an ISO 9001 Certificate. You will enter a three-year contract with the certification body.
- Certification Audit (Stage 1) – The Stage I Certification audit is the first stage of an ISO 9001 certification audit. This is typically an off-site audit and is often referred to as a “Documentation Audit”. The Stage I Certification audit is conducted to determine your readiness for the Stage II Certification audit. A registrar will review your quality management system documents and the scope of your quality management system as part of this audit.
- Certification Audit (Stage 2) – Stage II Certification Audit is a comprehensive assessment of your quality management system to verify that it is effective and meets the requirements of the ISO 9001 standards. Once you are done with the correction of any identified issues from the Stage One audit, you can move to the Stage 2 Certification Audit. It comprises an extensive evaluation of your quality management system to verify that it is effective and in compliance with ISO 9001 requirements. Audit activities include an opening meeting with your management team, facility tours, interview sessions with your employees, and a closing meeting.
- Corrective and Preventive Actions (CAPA) – ISO 9001 Audit findings may include non-conformities that are major, minor, and/or observations. When an ISO 9001 Audit finds a non-conformance with the ISO 9001 standard, it issues non-conformities. A major non-conformity is an issue that affects the whole system and the effectiveness of your quality management system. A minor nonconformity is something that affects part of the system. Observations are often issues that may warrant attention in the future. Organisations are required to come up with a plan to correct the non-conformance issue and prevent it from happening in the future when a non-conformity is identified
- Issuance of ISO 9001 Certificate: The ISO 9001 Certificate is issued by the Certification Body or Registrar when you complete an ISO 9001 Audit. Issuance of ISO 9001 certificates is often subject to addressing nonconformities with Corrective and Preventive Action plans promptly. The certificate will state the scope of your quality management system, the mark of your registrar, due dates for surveillance audit, and how long your certificate is valid.
ISO 9001 Surveillance Audit
ISO 9001 Surveillance audit is an audit conducted by the ISO 9001 certification body that issued the certificate. ISO 9001 certificates are valid for three years from the date of issuance of the certificate. In order to retain your certificate, it is required that the certification body conduct annual surveillance audits for the following two years. The purpose of this follow-up audit is to ensure that you maintain conformance with the standard.
ISO 9001 Recertification Audit
ISO 9001 Certification is valid for three years, and a recertification audit is needed after three years. The purpose of an ISO 9001 recertification audit is to ensure that the ISO 9001 Quality Management System continues to meet the requirements of the ISO 9001 standard. During the audit, the certification body assesses the organisation’s processes, procedures and documentation to verify continued compliance and effectiveness.
FREE ISO 9001 CONSULTATION: Liberty Management Group (LMG) offers a free, on-site ISO 9001 consultation. Whether you are just starting on building a quality management system from scratch or need to evaluate your existing system for ISO 9001 certification, our experienced consultants will be able to give advice and guide you through the entire process of implementation and certification of ISO 9001.
After the initial on-site visit, we will provide you with an estimate of the cost and time frame of the ISO 9001 implementation and certification process. No contract or commitment is required unless LMG is selected to provide any further service.
