Checklist of ISO 9001 Implementation & Certification Steps
If your company is looking at implementing a quality management system (QMS) based on the ISO 9001 standard and becoming certified, you might be overwhelmed with figuring out where to start. To help with this, here is an overview of the 13 steps that are needed to help you make sure that nothing is missed during your implementation and preparations for certification:
1) Management support – This is critical. Without the support of management your implementation of ISO 9001 will almost certainly fail. Plan your sales pitch well to convince your management that ISO 9001 is a good idea.
2) Identify requirements – Another crucial step to make sure your implementation succeeds is to make sure you have identified all the requirements that exist for your QMS. These will include customer requirements, as well as other requirements such as regulations and the needs of your company culture.
3) Define scope – Defining the scope of your QMS will help to ensure you know the limits of what needs to be done, so that you do not include areas of your business that might not have an effect on your system. The key tool to define the scope is the quality policy which will be the first document you will need to create for the QMS.
4) Define processes and procedures – These will include the mandatory procedures defined by the ISO 9001 standard, but also any additional processes and procedures required by your company to ensure consistent and adequate results with respect to quality. The key is to define all the processes in your company and look at how they interact within your organization. It is in these interactions that problems can occur.
5) Implement processes and procedures – Often, these processes will already be in place at your company and will just need to be adequately documented to ensure consistent results. Not all processes need to be documented procedures, but it is important to decide which ones need to be in order to ensure compliant products and services.
6) Training and awareness programs – It is important that everyone in your organization know what you are doing with your QMS and how they fit into the equation. Employees should have training on what ISO 9001 is, so that they are aware of why you are doing this, as well as the important training of any changes to the processes they are involved in.
7) Choose a certification body – This can be a very important step in how effective your implementation is. The certification body is the company that will ultimately come in to audit your QMS and decide if it is compliant with ISO 9001 requirements, as well as whether it is effective and improving. It is best to interview several certification bodies to decide which is right for your company.
8) Operate the QMS / Measure the system – This is when you will collect the records that will be required in audits to show that your processes meet the requirements set out for them, that they are effective, and that improvements are being made in your QMS as needed. Certification bodies need this to happen over a certain length of time, which they will identify, in order to ensure that the system is mature enough to show compliance.
9) Conduct internal audits – Before the certification body comes in to audit your system, they will first want you to audit each process internally. This will give you a chance to make sure that the processes are doing what you had planned. You will also have a chance to implement the necessary corrective actions to fix any problems that you find.
10) Conduct management review – Just as it is important that management support the implementation of ISO 9001, it is also important that they are involved in the continued maintenance of the QMS. Management needs to review specified data from the activities of the QMS in order to ensure that the processes have adequate resources to be effective and improve.
11) Corrective Action – This is the step where you find the root cause of any problems found during your measurements, internal audits and management review and take action to correct the root cause. This is the key step toward improvement, which is a main focus of having an ISO 9001 QMS.
12) Stage 1 certification audit – This is a review of your documentation by the certification body auditors to verify that, on paper, you have addressed all the necessary requirements of the ISO 9001 standard. The auditors will issue a report outlining where you comply and where there are problems, and you will have a chance to implement any corrective actions to address the problems. This may take place during the timeframe defined for the initial operation of the QMS.
13) Stage 2 certification audit – This is the main audit when the certification body auditors will review the records you have accumulated by operating your QMS processes, including your records of internal audits, management review and corrective actions. From this review, which will take several days, they will issue a report detailing their findings and whether they have found your QMS to be effective and in compliance with the ISO 9001 requirements. The auditors will also make a recommendation for certification if you meet all requirements. If you have any major non-conformances, then you will need to take corrective action for these problems before certification can be recommended.
A good plan will help a lot when you implement ISO 9001 and work toward certification, so do take the time to plan and know what resources you need – this will save you time and resources later on.