Certification Audits: How to Prepare for your Stage 1 Certification Audit.
There are many Benefits to becoming ISO 9001:2015 Certified. Those benefits, in a well-established quality management system, extend throughout the organization to all levels. But what does it take to get prepared and what is expected of your organization during the certification audit.
Well, first off, the certification audit, sometimes called the registration audit is conduct by a certification body or Registrars. This audit is actually composed of two separate audits: the stage 1 and stage 2 audits.
Preparing for your Stage 1 Audit
The ISO 9001:2015 stage 1 audit is simply a review of the Quality Management System (QMS) documentation. This documentation typically includes the organization Quality Manual, QMS Policy, Master Documentation List and Organizational Chart to start. The auditor will ask questions pertaining to the organization processes and request the scope of certification for review. The scope will be matched against the organization observed active processes currently taking place.
Providing a process flow diagram and showing how each the process interact with one another is also required. This process flow will aid the auditor in matching up the scope statement for certification, organizational activities, and documentation. Regarding the scope, the auditor will ask if there are any exclusions that the organization is taking. For example, if the organization does not perform design and development activities then they can justify excluding section 8.3 Design and Development requirements in the ISO 9001:2015 standard. Overall, the auditor is evaluating whether the scope statement is accurate.
During the Stage 1 audit the auditor will mark any i areas of weakness or potential problems reviewed that are not currently meeting the ISO 9001 requirements as a concern. Areas reviewed will either be marked as conforming, no issues, or as a concern that will have to be corrected prior to the stage 2 audit. While the stage 1 is just a documentation review and not a review of the organization’s implementation of the ISO 9001 requirements some areas of implementation will be covered. One such area will be the requirements for establishing and monitoring Quality Objectives. Most registrars would like to see 2-3 months of data collected for monitoring established quality objectives. The auditor will question what process are monitoring and how the organization measures the effectiveness of those processes. The auditor will then evaluate the objective programs and determine if the organization meets or will be able to meet the objective target program requirements by the stage 2 audit.
Some additional items, that fall more on the implementation phase of the audit will be question pertaining to the organization conducting an internal audit and management review. The auditor will inquire into if the organization has conducted a full system internal audit of all its processes. This audit must be conducted by an independent and competent individual. For more details on the internal audit process check out our prior blog post: Diving Deeper into ISO 9001:2015 Internal Audits.
For the management review, the organization will be asked to provide evidence that a management review has been conducted. Section 9.3 of the ISO 9001:2015 standard lists the requirements of the management review and lists the requirement inputs and outputs of the meeting. Generally, the organization will document the management review agenda and minutes from the meeting that demonstrate who from top management attended the meeting and what was covered.
In summary, the stage 1 certification audit is mostly focused on ensuring that core documentation for the QMS has been established and is in conformance with the standards requirements. The exceptions, as mentioned above, would be the review of the organization’s quality objective, internal audit records, and management review minutes. Overall, the auditor is mainly evaluating the organizations readiness to processed to and successfully complete the stage 2 audit. You will receive a Stage 1 Audit Report summarizing all of the areas of concern to be address by the stage 2 audit. Generally, the stage 1 and stage 2 audits will be scheduled anywhere from 30-60 days apart.
In our next, blog post we will be discussing what to expect during your ISO 9001:2015 Stage 2 Certification Audit.