What’s Really Required for a Small Company to Get ISO 9001 Certification?

Key Steps for How to Get ISO 9001 Certification

When the process is approached with questions other than “How much does it cost to get ISO 9001 certified?” or “How long does it take to get ISO 9001 certification?” companies allow themselves to focus on true improvement to the whole business.

It is not hard to set up an ISO 9001-compliant quality management system for a small business — the key is simply taking time to understand the requirements and what is needed to satisfy each one. The most recent revision to the ISO 9001 standard (2015) created a more simplified process that makes it easier for small businesses to comply with ISO.

It shifts focus from paperwork to results, creates flexibility that allows the program to be tailored to small companies and those in service-based industries, and it provides general guidelines that can be applied to any organization.

From a 30,000-foot view, businesses simply need to follow these steps:

1. Decide to become certified.
2. Buy the standard and read it.
3. If you need a consultant to help you implement the standard, select a consultant from an ISO 9001-certified firm.
4. If you do not need a consultant to help you implement the standard, assign the project to yourself or another capable individual in your organization.
5. Compare each requirement of the standard to the processes and systems you currently have in place. Our whitepaper, ISO 9001 IN SMALL BUSINESS, breaks these requirements down into digestible and applicable actions that drive quality, efficiency, and performance in an easy-to-digest manner.
6. If your processes meet requirements, continue doing what you’re doing.
7. If they do not meet requirements, make improvements to achieve compliance.
8. Select a certification body or registrar.
9. After the audit, address any non-conformance issues identified, if applicable, and receive your certification.

What’s Not Required When Implementing ISO 9001 for a Small Company?

Two important factors are NOT required to take on the pursuit of the standard.

1. You Don’t Need to Hire Anyone

First, it is not required to hire someone full-time to implement ISO 9001. However, it is helpful to have an individual assigned to the success of the ISO 9001 certification process. Choose a champion on your team to spearhead the effort — someone who is organized, process-minded, and focused on quality. If you aren’t sure that your team can completely handle the process, you may choose to partner with quality consultants to help develop understanding and ensure your QMS fulfills the requirements.

2. You Don’t Need to Do Extra Paperwork

Second, ISO certification doesn’t require added paperwork. While records and documentation are a big part of ISO compliance, the standard simply requires organizations to organize and document their existing processes and systems in a way that is controlled and easily accessible. As you move through the process to ISO 9001 certification, you may find that you already have all of the documentation you need to comply with the standard.

Documented Information

Each organization can determine for itself the adequate amount of documented information needed to demonstrate effective planning, operation, and control of their processes, and the implementation and continual improvement of the effectiveness of their QMS. The documented information is used to communicate a message, provide evidence of what was planned and what has been done, and for the general sharing of necessary business knowledge.

Documents You Must Maintain and Retain

The standard lays out specifics regarding documents to be maintained — plans, policies, and documents that are subject to change — and documents to be retained — records that are not changed after they are released.

The documented information that organizations must maintain includes:

• The scope of the quality management system (4.3).
• Documented information necessary to support the operation of processes (4.4).
• The quality policy (5.2).
• The quality objectives (6.2).

The documented information that organizations must retain includes:

• Monitoring and measuring equipment calibration records* (7.1.5.1)
• Records of training, skills, experience, and qualifications (7.2)
• Product/service requirements review records (8.2.3.2)
• Records about design and development (8.3)
• Product and Service requirements (8.5.1)
• Records about customer property (8.5.3)
• Change control records (8.5.6)
• Record of conformity of product or service with acceptance criteria (8.6)
• Record of nonconforming outputs (8.7.2)
• Results of the quality objective data that is monitored and measured (9.1.1)
• Internal audit reports (9.2)
• Management review meeting minutes (9.3)
• Results of corrective actions (10.1)

And while this documentation is required, piles of paper and binders of records are not. The standard allows for flexibility in medium, including paper, magnetic, electronic, or optical computer discs, photographs, and master samples. Each company is given the autonomy to determine what format is most appropriate for their organization to demonstrate processes and compliance with the standard.

How Businesses Have Control During ISO 9001 Implementation

Specific procedures and processes are not included on the required documentation list. Each organization is given the autonomy to determine the best method of organizing and communicating their business conduct practices — from top executive function to day-to-day operations.

For organizations that already employ standardized processes, cohesive teams, and consistently deliver desired outputs, very little will be required regarding documentation. Newer businesses and those new to the standard will benefit from the close and careful examination of their business practices as they develop the documents and records needed to meet standard requirements.

With its deep-rooted approach, the standard allows businesses to align strategic business goals with the implementation of their ISO-certified QMS. In developing the context of the organization (4.1), companies will examine their strengths, weaknesses, opportunities, and threats (SWOT) as well as the risks specific to their industry that could negatively affect their business.

Furthermore, the evaluation of employee awareness (7.3) ensures that the entire team understands the organization’s Quality Policy and how they fit into the processes defined therein. Creating awareness of how each team member affects outputs and deliverables helps create buy-in and participation in the new QMS.

Consultants help organizations strategize and determine the minimum amount of documentation required to ensure that the full team understands their roles and responsibilities while also helping businesses use their quality management systems to achieve and record consistency in desired outputs.

If you choose to partner with a consulting agency, be sure to ask if they have successfully achieved ISO certification to the 9001 standards. Doing so will ensure their knowledge of the process and commitment to the theories, and you’ll rest assured knowing you’re working with a consultant who practices what they preach!

If they find areas of non-conformance, that does not mean that you have failed an audit – it simply means that you will need to address and fix those issues before you receive your certificate.

Your Business Can Benefit From ISO 9001 Certification

Ultimately, ISO 9001 requirements are tied to improving business performance.

When the auditor and management representatives dig into the system you have built, they want to see that the effort has been driven by your top management, is understood by your team, and is documented in a way that supports long-term growth, continuity, and success for your business. They want to see that your world-class operations are truly the way of life – not just a pile of carefully organized documents that you keep on a shelf for show and tell.

By implementing ISO 9001 standard requirements, your company will be better run, employees will better understand what is expected of them, and customers will be better served. With attention, care, and a little tenacity, you can take the steps to help your business stand out above your competition through ISO 9001 certification.

Core Business Solutions Can Assist You With ISO 9001 Certification

If you’re interested in implementing ISO 9001 in your business, Core Business Solutions can help. With years of experience helping businesses just like yours become ISO 9001 certified, our team has the tools and skills necessary to ensure you meet crucial standards. As a result, you can serve your customers and clients on a whole new level.

Reach out to us today to learn more about our ISO certification solutions.