introduction to compliance

The Journey to ISO Compliance and Certification

The Journey to ISO Compliance and Certification 150 150 Simon Randall

By Simon Randall

Operating any form of business in today’s modern climate is a very competitive affair. In order to compete with industry leaders for market share in any business niche, it’s not only essential for companies to have a product or service that is in demand, but the way that the business itself carries out its operations must also be seen to be exemplary. To reinforce their professionalism, their commitment to best practice, and to open the window to new opportunities, more and more business are acquiring ISO certification.

The Formation of the ISO

The initials “ISO” stand for the International Standardisation Organisation.

It’s a body that was formed back in 1947 with their headquarters in Geneva, Switzerland. It was launched with the express purpose of developing voluntary international standards. The aim was to create a number of standards that businesses could adopt by gaining appropriate ISO certification. The end goal was to raise the global levels of business behaviour, competence, and performance.

Since its inception, the ISO has created more than 19,500 different ISO standards. They cover virtually all aspects of business, commerce, and technology, from food safety to information technology, and from agriculture to pharmaceuticals.

ISO accreditation is very useful to companies as a sales tool. Of course, it doesn’t sell products and/or services per se; however, it says a lot about the professionalism of the companies that hold it. But in addition to raising standards, and offering potential customers some assurances regarding quality, ISO certification also helps companies to become more efficient, and therefore to reduce running overheads and running costs.

Using a UKAS Accredited Certification Body

Companies seeking to gain ISO accreditation are required to elect a certification body to work with. The certification bodies here in the UK are all privately owned companies. When searching to find a partner to work with and to gain certification through, it is recommended that businesses should use a UKAS accredited organisation.

UKAS stands for the United Kingdom Accreditation Service. They specialise in providing accreditation, imaging, and diagnostic services, and they also design and host training courses and seminars. Companies that have decided to try and obtain an ISO certificate in whatever discipline is appropriate to their theatre of operations, should choose a UKAS accredited certification body or partner. It will guarantee that they will be working with an organisation that meets UKAS’s strict criteria.

The Journey towards ISO Certification

The journey that some businesses follow in pursuit of ISO certification varies from company to company. This is largely dependent on the professionalism of the company. The more aware a business is of its obligations, and the harder it has strived to achieve best practice – the closer that company will be to ISO conformance. However, there will still be a large learning curve to be negotiated in order to achieve full compliance and eventual certification. The partnership that develops between the company seeking certification and the certification body itself will be crucial to the outcome of the journey.

ISO 9001 and ISO 14001

The two most sought after ISO approvals are ISO 9001, which is awarded for the management of quality, and ISO 14001, which is awarded for the way a business manages its affairs in terms of the environment. Both certificates are very topical. ISO is all about quality, so having an official recognition of good quality management is what many companies are seeking to achieve.

Protecting our environment is also something that is on many people’s minds. They are becoming increasingly aware of the impact that businesses can have on the planet’s environment, and therefore the social responsibility that they all share. Achieving ISO 14001 certification not only helps to fulfil that obligation, but it also lets clients know that a company is taking its responsibility seriously and is pro-actively doing something about it.

The Importance of the ISO Auditing Process

The ISO auditing procedure is pivotal in two ways.

  • Stage 1 & 2 audits measure a company’s compliance in terms of systems and management.  Approval is followed by certification.
  • Surveillance audits measure a company’s ongoing compliance once certification has been granted,

The audits are not only vital to achieving ISO certification, but they are also critical to maintaining compliance and eventually becoming re-certified. Most ISO certificates last for 3 years. During this 3-year period, the best accreditation bodies will carry out surveillance audits on an annual basis. At the end of the 3 years a rectification audit will be carried out. Once any reported variances of compliance have been acted upon and corrected, a new 3-year ISO certificate will be issued.

The Implementation of Change is Key

The journey towards achieving an ISO certificate will sometimes necessitate change. Change to working practices and change to management and procedural approaches. Change is one of the most difficult things that many companies have to deal with. It’s the area where the relationship between the company and the accrediting body will be most tested.

However, that’s not to say that all businesses will need to implement changes as a well-run business will already have an efficient system in place that documents processes and procedures effectively.

If this is not already a strong part of the business, then not only must all of the systems be put into place, and correct procedures followed systematically, but the company ethos must also change. If ISO procedures are not fully welcomed and embraced by the new company ethos, they will fall by the wayside shortly after the certificate has been issued. ISO can then be managed effectively, using procedures that work for the individual business, such as getting customer feedback, collecting information via surveys and so on.

ISO is one of those things that appear to scare some smaller businesses but it’s really not something that should. It needn’t be a burden to a company, but one that uses existing processes to prove quality of product or services.

Photo Credit: Argonne National Laboratory