How to Prepare for an ISO Certification Audit
An ISO certification audit can feel daunting, but thorough preparation makes the process straightforward. This guide covers what to expect during your certification audit and the key steps to prepare your team and system.
Understanding the Audit Process
ISO certification audits are conducted by accredited certification bodies (also called registrars or certification organisations). They typically comprise two stages:
- Stage 1 (Document Review) — The auditor reviews your management system documentation to verify it meets the standard's requirements and assesses your readiness for Stage 2.
- Stage 2 (Implementation Audit) — The auditor visits your site(s), reviews records, observes work activities, and interviews personnel to verify that your documented system is effectively implemented.
Step 1: Complete Your Internal Audit
Before inviting an external auditor, conduct a thorough internal audit against the full requirements of your chosen standard. This should be done by a trained internal auditor or experienced external consultant. Address all non-conformances before Stage 1 of the certification audit.
Step 2: Conduct a Management Review
Most ISO standards require evidence of a management review — a formal meeting where senior leadership reviews system performance, KPIs, incident data, audit results, and strategic risks. Document this meeting thoroughly; auditors will look for it.
Step 3: Prepare Your Documentation
Ensure all required documented information is current, approved, and accessible. Common documentation gaps auditors find include: out-of-date procedures, missing records (training, calibration, maintenance), and undocumented controls for identified risks.
Step 4: Brief Your Team
Your workforce is your greatest asset in an audit — and your greatest risk. Brief all personnel on what to expect: auditors may ask anyone to explain their role in the safety system, describe a recent hazard they identified, or walk through how they would report an incident. Honest, consistent answers build auditor confidence.
Step 5: Prepare Your Audit Trail
For every significant requirement in the standard, be ready to show the auditor the evidence. Create a document pack or index that maps standard clauses to your documents and records. This demonstrates competence and saves time during the audit.
On the Day: What to Expect
Auditors are looking for conformance — evidence that your system meets the standard and is actually being followed. They are not trying to catch you out. Be transparent, provide evidence promptly, and if you identify a gap the auditor finds first, acknowledge it and explain your corrective plan.
Share this resource
Key Points
- •Certification audits have two stages: document review (Stage 1) and implementation audit (Stage 2)
- •Complete an internal audit and management review before inviting the external auditor
- •All documented information must be current, approved, and readily accessible
- •Brief your entire workforce — any employee may be interviewed during the audit
- •Create a clause-by-clause evidence index to demonstrate your system comprehensively
Filter
Categories
Most Popular
More Like This
- ISO 45001 vs AS/NZS 4801: Key Differences ExplainedISO & Certification
- Exemplar Certification for Asbestos & Demolition (ISO 45001)ISO & Certification
- ISO Certification for Construction CompaniesISO & Certification
Recently Added
- WHS Gap Analysis: A Step-by-Step Guide
- ISO 45001 vs AS/NZS 4801: Key Differences Explained
- What Is a Safety Management System?
- Exemplar Certification for Asbestos & Demolition (ISO 45001)
Need Help?
Our WHS consultants can help you implement this in your business. Book a free consultation today.
Book a Consultationor call 1300 891 503
