You’ve made the plans, built the quality system and conducted the audit. Next comes the ISO Registration Process, but do you know the proper steps of this process? And how can you be sure you’re getting the most value for your investment?
ISO Registration Process:
The ISO Registration Process comes after your company’s ISO 9001 audit. The purpose of registering your company is to show that you’ve met the requirements. And to do this effectively, you will need to follow eight essential steps.
1. Finding an ISO 9001 Registrar
You’ll need to begin searching for an ISO registrar during the 2 to 3 months your company is still building its quality system. You can search the ANSI-ASQ National Accreditation Board (ANAB) to select the registrar right for you.
Registrars must meet the requirements of the ISO Accreditation Bodies. These requirements include things such as independence; Registrars cannot consult for instance. This system ensures uniformity in the registration process.
Accreditation Bodies maintain directories of the Registrar organizations that they accredit. These directories are available on their websites. You can normally find these websites by doing a search on the Accreditation Body’s name or initials.
A directory of registrars in the U.S. can also be found at the ANSI-ASQ National Accreditation Board website which offers access to a searchable database of accredited registrars in the United States.
In Canada, contact the Standards Council of Canada for a list of registrars. All other countries should consult the accreditation authority or member body for their country. Consult the ISO website for a complete list of ISO Member bodies.
Select a registrar that has experience within the scope category of your specific industry, which you can also find on the ANAB site. Keep in mind accreditation, scheduling issues, fees and comfort level when selecting the registrar right for you.
Registrar qualifications are a key consideration. As you research Registrars you will notice that some appear to be very limited in scope just based on their names. Registrars must be accredited in a particular industrial sector in order for them to be able to certify a company in that sector. Some Registrars are accredited in several if not all sectors; others specialize in certain sectors. The best approach to evaluating a Registrar’s qualifications for your industrial sector is to contact the Registrar.
After qualifications, price is always a concern. Be sure to evaluate the total cost including expenses, fees and the cost of surveillance.
Probably as important as price, within limits of course, is the overall experience a client gets with a registrar. Important areas to consider are the interpersonal skills of the auditors; the office support and ability to get questions answered; are the audits a value-added experience, will the Registrar work with you, how flexible are they in adjusting dates – how many weeks notice.
3. Creating an ISO Application
A company and a registrar will agree on the application contract. This is an important step of the ISO Registration Process because it defines the rights and obligations of both parties, and includes liability issues, confidentiality and access rights.
4. Conducting a Quality Document Review
The registrar will require a copy of your quality manual and procedures to verify that all the requirements of the standard are addressed. The ISO Registration Process is not a quick process, be sure to allow 2-4 weeks in advance for the registrar to fully review all of the necessary documents.
5. Determining Preassessment Need
Though optional, this 2-4 week initial review of the system identifies any significant omissions or weaknesses. It saves time and allows the registrar to assess any issues and resolve logistics before the actual assessment audit.
The Preassessment is an initial review of your Quality Management System to identify any significant omissions or weaknesses in the system and provide your organization an opportunity to correct any deficiencies before the regular registration assessment is conducted.
NOTE: During ISO 9001 Registration, only one preassessment may be conducted and Registrars CANNOT provide quality consulting or advice on system implementation. Evaluating the quality system and documentation to meet ISO requirements is allowed but registrars cannot provide guidance on how to implement a quality system.
6. Issuing an ISO Assessment
During the audit, or physical onsite inspection of procedures in action, the auditors will issue findings if they assess anything that doesn’t meet requirements, or nonconformities. The length of this step of the ISO Registration Process will depend on the scope of the audit and the size your organization.
In general, the flow of activities during the audit is as follows:
- Opening Meeting. An introduction of the audit team and key personnel in your company. The scope and general approach to the audit is discussed. This is also the time to question anything that is unclear in the audit schedule and communicate any last minute changes to the system or schedule.
- Brief tour of the facility. Keep it brief, the auditors just want to get a general feel for the layout and processes involved. This may also be done at the preassessment.
- Additional review of documents. Audit team members review documentation for areas they will audit.
- Examination. The audit is conducted, personnel are interviewed, and objective evidence is collected to show the system has been effectively implemented.
- Daily review. At the end of each day or the beginning of the next, the audit team reviews any issues identified during the assessment. Potential findings or nonconformities may be clarified at this time.
- Closing Meeting. The audit team states their conclusions regarding the audit and presents any findings or nonconformities that were identified along with any observations they may have.
- Audit Report issued. Within a few weeks of the audit, the Registrar issues the audit report. The report generally restates what was discussed in the closing meeting.
During the audit, if the auditors find anything that does not meet with the requirements of the ISO standard or that does not meet the requirements of your procedures, they determine the severity and issue a finding. Audit findings are usually called nonconformities and fall into one of two categories depending on severity.
- A Minor Nonconformance deals with minor infractions of procedures or minor failures of the system in meeting the ISO 9001:2008 requirements. These will not hold up your registration.
- A Major Nonconformance deals with issues where nonconforming product is likely to reach the customer or where there is a breakdown in the Quality System that results in the system not being effective in meeting the requirements of the standard. This will hold up your registration.
The primary difference to you between a major and minor nonconformance is that your registration cannot proceed until all major nonconformities are closed and verified by the Registrar. This usually involves a re-audit of the involved areas and, of course, the associated costs. Minor nonconformities require a corrective action plan and they are closed at the first surveillance.
Auditors work for or contract to Registrars to perform registration assessments and surveillances. They are the “front line” in the process. The Registrars are responsible for ensuring Auditors meet qualification requirements. Their requirements include training in auditing, ISO 9001 training, and at least one member of the audit team must have experience in the industrial sector of the company being audited.
Verify credentials. If a person claims to be certified as an ISO 9000 lead auditor, ask to see proof of his or her certification. Make sure the certification is current by checking the expiration date. Facts about ASQ’s certification are available via the ASQ website.
Auditors collect the objective evidence demonstrating the effectiveness (or lack thereof) of the company’s quality management system and make registration recommendations to the Registrar. The Registrar has the ultimate decision, however.
7. Completing ISO 9001 Registration
After all of the findings are put into the ISO audit report and nonconformities are addressed, your company has the option to register as ISO 9001 conformant. You will receive a certificate and can also be listed in a register, which the company can use to publicize its registration and use in advertising.
8. Checking with Surveillance Audits
To ensure that the system is maintained and that changes don’t result in deficiencies in the system, registrars perform regular surveillances of the system. Over the three-year period of your certificate, auditors will perform one full and two partial checks of your system.
Considerations in Planning
The Document Review and Preassessment typically require 2-4 weeks each. However, the number of registrars and the number of days for each stage of the registration audit depends on the size and complexity of your organization. To help the ISO Registration Process go smoother, set target dates accordingly to allow both you and the registrar time to fully prepare.
Strong Return on Your ISO Investment
Always keep in mind, registration and the entire audit process should provide you with valuable feedback to improve your system. So for guidance in your audit process, Bizmanualz ISO 9001 Quality Procedures Manual will get you on your way. After all, it’s your company, it’s your registration, and so make sure you get a strong return on YOUR investment.