Pre-Requisite to ISO Certification Process in India
a. Choosing the type of ISO Certification
First of all, you need to choose the type of ISO certification required for your business.
There are various types of ISO certification available such as :
ISO 9001 2008 – Quality Management
ISO 14001 – Environmental Management
ISO 27001 – Information security Management
ISO 22008 – Food Safety Management and so on.
b. Choosing an ISO Certification Body
It must be noted that ISO itself does not provide certification to the companies. Certification is done by the external bodies. It is very important that you choose recognized and credible certification body.
While choosing the ISO registrar, you should keep the following in mind:
- Evaluate several ISO Certification service providers.
- Check if they are following the CASCO standards. CASCO is the ISO committee that works on issues relating to conformity assessment.
- Check whether it is accredited or not. Accreditation is not compulsory but they must meet the requirements of ISO Accreditation bodies.
Process for ISO Certification in India
a. Create an application /contract
The applicant and the registrar should agree on a contract. This contract usually defines rights and obligations of both parties and includes liability issues, confidentiality, and access rights.
b. Quality Documents Review
The ISO auditor will view all your quality manuals & documents related to various policies & procedures being followed in the organization. Review of existing work will help the ISO auditor to identify the possible gaps against the requirements stipulated in the ISO standards.
c. Make an Action Plan
After the ISO auditor communicates the existing gaps in your organization, you should prepare an action plan to eliminate these gaps. Prepare the list of the required tasks to be performed to bring the desired changes in your organization. You may be required to give training to your employees to work efficiently while adapting to new procedures. Make all the employees aware of the ISO standards in terms of work efficiency and quality standards.
d. Initial Certification Audit
The initial certification audit is divided into two categories- Stage 1 and Stage 2.
The ISO auditor will audit the changes made by you in the organization. They will then try to identify the possible non-conformities in your systems and procedures to the desired quality management system. They will divide these non-conformities into minor and major non-conformities. The applicant must carefully assess all these non-conformities and get it aligned as per the desired quality standards through modification in the techniques and processes used by the organisation.
After all the required changes are done in the organisation, the ISO auditor does the final auditing. The auditor will check whether all the non-conformities have been eliminated or not as per ISO quality standards. If the ISO auditor is satisfied, they will prepare the final ISO audit report and forward it to the registrar.
e. Completing the ISO Certification
After all non-conformities are addressed and all the findings are put in the ISO audit report, the registrar will grant you the ISO certification.
f. Surveillance Audits
Surveillance audit is basically conducted to ensure that ISO quality standards are being maintained by the organization.It is conducted from time to time.
Cost involved in the ISO Certification Process
Cost for getting ISO certification is not fixed and varies from organization to organization. The ISO certification agency calculates the cost of ISO certification separately for each organization after considering them on different parameters such as :
- Number of employees
- Number of Processes
- Level of risk associated with the scope of services of the organisation
- Complexity of the management system
- The number of working shifts etc.
Time involved in the ISO Certification Process
Time taken in completing the whole process of ISO certification also varies from organization to organization. The fair idea can be given by the ISO certification agency after assessing the size of the company.
Generally, the time required to complete the process of ISO certification is approximate :
- Small organisations: 6-8 months
- Medium organisations: 8-12 months
- Large organisation: 12-15 months