Whether it is the certification Roadmap of any of the various management systems, the certification provides evidence to interested parties you are compliant to international standard(s). With this being said, where should you start the road to achieving certification, more profitable, and sustainable business?
For each company, the certification process will vary depending on the organization’s current processes and which management standard they are seeking. Below is an example of the process that would be taken for certification of a management system in any of the ISO standards. For more details about any of the specific ISO Certifications, please visit the specific standard to find out more.
What does the initial preparation look like?
Upon deciding the management system you wish to implement, there are certain initial steps that need to follow to ensure your success. The following are some simple tips that have proven invaluable to companies that are pursuing certification.
- Make sure you begin the process with the right attitude.
- Have a complete understanding of the concept set forth in the standard, and use the standard as a guide template to define your management system.
- Know what application and implications of the standard will mean to your company.
- Use the standard as a tool for improvement.
- Have an understanding of the risks and processes that affect your organization’s ability to realize its business strategy.
- Select your partner (certification body/registrar) carefully.
What steps should I follow?
Below you will find 10 general steps that will take you down the road to certification:
- Obtain the standard
Obtain and read a copy of the standard to familiarize yourself with the requirements, and decide if certification/registration to this standard makes good sense for your organization.
- Review literature and software
There is a large amount of published information available that is designed to assist you in understanding and implementing a standard. Note also that for some standards there are guidelines developed for how to implement the requirements within an organization (e.g. ISO/TS 9002 for ISO 9001 and ISO 14004 for ISO 14001). Use some time to investigate what is available and identify which could be of support for your implementation process.
- Assemble a team and define your strategy
The adoption of a management system needs to be the strategic decision of the whole organization. It is vital that your senior management is involved in the decision and creation process. They decide the business strategy that an efficient management system should support. In addition, you need a dedicated team to develop and implement your management system.
- Determine training needs
Your team members responsible for implementing and maintaining the management system(s) will need to know the full details of the applicable standard(s). There is a wide range of courses, workshops, and seminars available designed to meet these needs. We provide a number of public training courses around the world. Contact your local KSQA office for more information.
- Review consultant options
Independent consultants will be able to advise you of a workable, realistic, and cost-effective strategy plan for implementation.
- Develop your management system documentation
Decide an appropriate platform for your management system documentation (e.g. specific software, process-map based, SharePoint-based). The right platform is important to ensure effective management, communication, and implementation of your management system. Your management system should describe the policies and operations of your company. The documentation includes relevant processes and other documented information needed to support you in meeting your intended outcomes and the requirements of the applicable standard.
- Determine, manage and document your processes
An important step in establishing your management system is to determine the needed processes and their interactions in accordance with your policies, strategy, and objectives. These processes should cover areas such as:
- Product and service realization (operational processes)
- Meeting relevant needs and expectations of customers and other stakeholders
- Management processes, including measurement, analysis, improvement, and innovation
- Implement your management system
Communication and training are key to successful implementation. During the implementation phase, your organization will be working according to the established processes and connected criteria to document and demonstrate the effectiveness of the management system.
- Consider a pre-assessment
You can choose to have a preliminary evaluation of the implementation of your management system by a certification body/registrar. The purpose is to identify areas of non-conformance or weaknesses and allow you to correct these areas before you begin the accredited certification process. Receiving a non-conformance means that a particular area of your management systems is not compliant with the requirements of the standard.
- Select a certification body/registrar
Your business relationship with the certification body/registrar will exist for many years, as your certification has to be maintained. To have an efficient management system, continual improvement is key. KSQA will help you get the maximum value out of the certification process, evaluating strengths and improvement opportunities.
Initial audit and certification
Upon acceptance of the application, KSQA conducts a two-staged initial audit which will consist of Stage 1 and Stage 2 audit.
Stage 1 is performed to evaluate submitted documentation against the requirements of the management system standard. The internal audits, management review meetings, and other requirements will also be reviewed in accordance with the standard.
If any areas of concern are identified during the Stage 1 audit, the concerns are communicated to the client at the conclusion of Stage 1 and any necessary time to allow adequate correction is determined.
The maximum time allowed between Stage 1 and Stage 2 audit is three (3) months.
The Stage 2 audit is to gather objective evidence to substantiate the effective implementation of the management system to form the conclusion on whether or not to grant the certification.
Where KSQA cannot verify and close out all the corrective actions for addressing the findings raised during the Stage 2 audit within six (6) months, another Stage 2 audit will be conducted. As long as the client can close the findings from Stage 2 then KSQA will grant certification.
KSQA conducts onsite or remote surveillance audits at planned intervals to maintain the confidence that the certified management system continues to fulfill the certification requirements.
The first surveillance audit is conducted within twelve (12) months from the date of the certification decision.
Surveillance audits are not necessarily full system audits; thus surveillance audits are generally one-third of the time as the initial audit.
There are a total of two Surveillance audits prior to the Recertification Audit.
Prior to the expiration of the certification, the certified client will indicate to KSQA their intention to continue with the certification and KSQA will then provide a new quotation for recertification.
The recertification audit is conducted to evaluate the fulfillment of the requirements of the certification.
KSQA will ensure the decisions for renewing certifications are prior to the certificate expiring.
If KSQA has not completed the recertification audit or unable to verify the implementation of corrections and corrective actions for MAJOR nonconformities prior to the expiry date of the certification, then recertification will not be recommended.
KSQA may restore certification within six (6) months following the expiration of certification, provided that the outstanding recertification activities are completed. The effective date on the new certification is on or after the recertification decision by Technical Reviewer and the expiry date is based on prior certification cycle.
KSQA shall in response to a request by a certified client for modification of the scope of certification, review the request and determine any audit activity necessary to decide whether or not the modification may be granted.
When necessary, KSQA may conduct short notice audits for its certified clients in response complaints, changes affecting the system, or as follow up on suspended certified clients.
Suspending, withdrawing or reducing the scope of certification
KSQA will suspend, modify (extend or reduce scope), or withdraw the certification of the certified client violates his/her certification contractual or financial obligations with KSQA. Below are some of the reason a KSQA may suspend certification:
- the certified client has persistently or seriously failed to meet requirements;
- financial requirements not met;
- the certified client has requested to voluntarily suspended;
- the required surveillance or recertification audit not performed at the prescribed frequency.
While under suspension, the certified client’s certificate is temporarily invalid. During this time the client cannot promote the certification. Additionally, KSQA will also make it known through the KSQA website that the certificate status is “suspended”.
Suspension can last up to a maximum of six months. The client must resolve the issues or the suspension will result in the withdrawal or reduction of the scope.
Clients must notify their customers of their reduced or withdrawn certification. KSQA will remove the certified company from it list of certified companies. The client may appeal any actions through the appeal process.
KSQA follows a procedure to resolve disputes / appeals with their clients or third parties regarding it actions and decisions around the certification system. KSQA takes every reasonable effort to resolve all appeals and disputes related to its activities. KSQA is responsible for all decisions at all levels of the handling of appeals.
Personnel involved in the appeal process are not part of the audit or certification decisions.
The submission, investigation and decision will not result in any discriminatory actions against the person filing the appeal.
When an appeal is received, KSQA will acknowledge the receipt of the appeal and provide progress reports to the appellant and the final outcome.
The disputes/appeals include the following elements and methods:
- Receiving, validating and investigation. Actions are taken related to appeal, considering previous similar situations;
- logging and retaining all appeals, including the actions to resolve;
- ensuring that if required any appropriate corrections and corrective actions are taken
When KSQA receives an appeal, KSQA is responsible to collect and verify all information to allow the appeal to be validated.
The final outcome and decisions are communicated to the appellant by, or reviewed and approved by, personnel not involved in the subject of the appeal.
KSQA gives the appellant formal notification of the end of the appeal process.
KSQA is responsible for all decisions at all levels of the complaints-handling process. All formal complaints related to the certification activities of KSQA or if the complaint involves a certified client, the complaint can be emailed to email@example.com or click on the here to be directed to our “Contact Us” page.
The submission, investigation and decision will not result in any discriminatory actions against the person filing the appeal.
Upon receiving the complaint, KSQA will confirm is the complaint relates to certification activities that KSQA is responsible for. If KSQA is responsible and involves a certified client, then KSQA will examine the complaint and determine the effectiveness of the certified management system.
If determined to be a valid complaint about a certified client, KSQA will inform the client at the appropriate time.
The process for receiving, evaluating and decisions on complaints is documented in a documented procedure. The process is subject to KSQA requirements for confidentiality related to the complainant and the subject of the complaint.
Use of KSQA’s name, Certification Mark or logo
Certified clients may use KSQA’s name, Certification Mark or log in accordance with the following rules.
- The IAS Accreditation body mark may only be used in conjunction with KSQA’s Certification Mark;
- The client shall only make reference to the certification status in communication such as the internet, advertising or other media;
- The certification mark or logo is not used with misleading statements regarding the certification.
- The client does not use or allow the use of any certification document or any part in a misleading manner.
- If status certification becomes withdrawn, the client shall discontinue using all advertising material that references certification
- Amends advertising matter when the scope of certification has been reduced or withdrawn.
- The management system certification does not allow reference to be used in a way to imply that KSQA certifies a product, service or process.
- The certification does not allow reference that applies to activities and sites outside the scope of certification.
- The client does not use the certification in a manner that would bring the KSQA and/ or certification into disrepute or cause KSQA to lose public trust.