Guide to prepare your organization before an ISO certification audit. Documentation, objective evidence, simulation, and common mistakes.
A certification audit evaluates whether your management system meets the standard's requirements. Proper preparation reduces findings and accelerates the certification process.
Each ISO standard requires a minimum set of documents. Verify they exist, are approved, and up to date. Use the standard's required documented information list as a checklist.
Objective evidence demonstrates that controls work. It includes records, screenshots, logs, meeting minutes, and test results. Organize it by clause or control.
Auditors interview people from different areas. Ensure each responsible person knows their role within the management system and can explain the processes they execute.
Internal audit is a requirement of all ISO management system standards. It must cover all in-scope processes and produce a report with classified findings.
Each internal audit finding requires root cause analysis and corrective action. Document the implementation and verify its effectiveness before the external audit.
Coordinate the room, system access, personnel availability, and organized documentation. A professional and orderly environment conveys management system maturity.
The certification body grants a period (usually 90 days) to implement corrective action. If resolved satisfactorily, certification proceeds.
It is not mandatory, but the internal auditor must have demonstrable competence and be independent of the audited area. Internal auditor training is highly recommended.
It depends on the scope and size of the organization. For an SME, between 2 and 5 days of on-site auditing, divided between Stage 1 (documentation) and Stage 2 (implementation).
Assessment within 72 business hours. ISO methodology. No ties to certification bodies.
Request diagnosis