The terms ISO Certification and ISO Accreditation are used interchangeably and usually refer to the fact that an organization has been certified that it complies with ISO standards. However, this raises further questions like “what is ISO”, what are their “standards” and how does an organization get “certified”? In the sections below we try to answer these and other questions to help you get started on your way to becoming ISO Accredited.

What is “ISO”?

ISO is an organization based in Geneva, Switzerland. ISO is an acronym for the “International Organization for Standardization”. You would think the acronym would be IOS, right? But you’re forgetting something… They’re Swiss. You can find more information on ISO  here.

The International Organization for Standardization (ISO) has members from 167 countries and publishes all sorts of standards covering a myriad of subjects from seatbelts to snowmobiles. This type of global standardization gives the world some confidence in international goods and services and promotes further integration of the global economy.

What is an ISO “standard”?

ISO standards are essentially documents that outline the requirement a particular product or process must meet. For example, to be certified as compliant with ISO6683:2005 Earth Moving Machinery Seatbelts, the seatbelt needs to meet performance requirements for strength, durability and reliability.

Here’s a contentious fact – You must PAY to access standards, with some standards costing hundreds of dollars (or more). The result is that many businesses don’t have access to the standards that they are legally obliged to comply with. In Australia, standards (including ISO standards) are managed and distributed by SAI Global and are rebranded as “Australian Standards”, AS or ASNZ (including New Zealand).

Standards not only exist for physical products, but also for intangibles. In the case of ISO45001, 9001 and 14001 these intangibles are “management systems”. A management system is a series of documents and processes which detail how an organization manages a certain aspect of its work. The main ISO standards for management systems used in Australia are:

• ISO45001 – Occupational Health and Safety Management Systems
• ISO9001 – Quality Management Systems, and
• ISO14001 – Environmental Management Systems

Inside the standard is detailed information on how to meet the requirements. For example, ISO45001 – Occupational Health and Safety Management Systems includes sections on:

• Leadership and worker participation (commitment, policies and roles/responsibilities)
• Planning (hazard ID, risk assessment, determination of legal requirements)
• Objectives and targets (a set of self-made targets and plans to achieve them)
• Competency (what competencies should various stakeholders maintain)
• Communication (internal and external communication between stakeholders)
• Document control (how documents are created, stored, distributed and collected)
• Monitoring and measuring (tracking ongoing performance, including internal audits)
• Improvements (identification and rectification of non-conformance and continual improvement)

Once an organization has documented plans, policies and procedures that meet (or exceed) the requirements outlined in ISO, it is ready to become certified.

How does an organization become “certified”?

The journey to certification is usually broken down into two main components. First is the development of the documentation. This process can be driven internally if the organization has staff with the relevant skills and knowledge. Alternatively, consultants can be used to help guide the process. For more information on how we can assist, click here.

Consultants guide the process by providing:

• Gap analysis of existing systems
• Document development
• Training for staff in how to implement the systems
• Ongoing assistance, and
• Assisting at ISO Audits

Once your organization has all the required documentation in place and, importantly, has started to implement and use the systems you are ready to undergo your certification audit. The certification audit is usually broken down into stages and is completed over several days. The auditor must be certified by a relevant accreditation body (e.g. QMS or JAS-ANZ) and will assess your organization’s performance in relation to the requirements of the standard. No audit will achieve 100%, and non-conformances will be found. The important thing is that your organization is dedicated and provides the ongoing resources required to implement the relevant systems. Another important factor is consistency. Having one great audit doesn’t mean you can sit back and relax; the implementation of the ISO systems requires ongoing attention.

Upon the completion of your certification audit, you will receive the audit report along with your certifications which you can proudly display at your business and/or website. After the initial audit, surveillance audits are conducted yearly to ensure your ongoing compliance with the requirements of the standards.