What is ISO and why do Tenders and Clients require an organisation to conform to an ISO Standard?
- ISO is the recognised name for the International Organisation for Standardisation. It is not an acronym, it is derived from the Greek word ISOS, which means equal to, which suggests that all members of the organisation have an equal voice.
- ISO was founded in the 1940s and is a voluntary organisation that consists of multiple countries, where their standards division collaborates to discuss best practice standards.
- The objective of ISO is to standardise standards globally, to ease trade and create a level of uniformity in conforming to best practice standards.
- There are over 26 000 different ISO standards ranging from Geometrical Specifications, Environmental, Textiles, Cabling, Quality, Safety and Health.
- Clients who require an ISO Certificate are looking for confidence and assurance your organisation is conforming to best practice standards and can to deliver products and services to an optimum standard.
What are my risks in the process of attaining ISO Certification?
- Implementing an ISO Management System and conforming to the standard is tedious and challenging, the amount of work required to implement a system that works for the organisation requires careful understanding of the organisation’s culture.
- Approximately 55% of clients lose their certification in the first year of attaining it.
- The key to a successful management system is to document what the organisation does and to align the generic requirements of the standards to the organisation’s environment with appropriate documentation.
How Quickly Can I get an ISO Certificate?
- Attaining an ISO certificate is not a membership you pay for, it is a process where you implement a Management System.
- A Management System comprises of Policies, Processes, Procedures, Work Instructions, Risk Assessments, Forms, Templates and records aligned to the requirements of the standards.
- Depending on the size of the organisation and its current conformance to the ISO Standard, an organisation will have to provide a minimum of 3 – 6 months of records to justify conformance to the standard.
- WWISE has assisted organisations from as short as 7 days to as long as 3 years, depending on the organisation’s size, the current conformance to standards, the commitment of management and the culture of the organisation.
- On average WWISE can commit to assisting an organisation to conform to an ISO Standard within 3 months.
How do I get my Organisation ISO Certified?
Any organisation wishing to become ISO certified, needs to implement and maintain an ISO Management System. The steps that are recommended for an organisation to become ISO certified are as follows:
STEP 1 : Gap assessment
Why do organisations need gap assessments?
- To understand the organisation’s current conformance to the ISO Standard of their choice.
- To identify the relevant documentation and records the organisation might already have which are aligned to the standard, and identify how to map it to the ISO Standard’s requirements.
- A gap assessment assists the organisation and WWISE to indicate the amount of work required to conform to the ISO standard and to comply with legal requirements.
What are the outputs of the Gap Assessment?
- A Gap Assessment report indicates the current conformance to the standard and the performance of its Management System.
- An Obligation-free proposal to assist the organisation in closing the identified gaps to conform to the standard with a task list/project plan for implementation and preparation for certification.
STEP 2 : Closing gaps
- Gaps are closed from a documentation and governance perspective in accordance with the ISO standard.
- Awareness Training for all Staff on the importance of ISO, the benefits of ISO certification and the requirements required per role/individual in the company.
- Information is gathered to understand the respective roles, responsibilities, processes and procedures.
- The templates for all documentation are standardised and aligned to the organisation’s corporate identity.
- The Management system is documented and aligned to the standard’s requirements.
- Risk management and the specific plans aligned to the standard are focused on and forms are created to collect data to generate Statistics.
STEP 3 : Implementation of the ISO Management System
- ISO management system documentation are implemented and records of at least 3 – 6 months are generated.
- On the job training and Workshops on how to use the management system are conducted.
- Internal audit training and maintenance training are conducted to ensure a level of skills transfer.
- Internal audits (dress rehearsals) are conducted with workshops on non-conformances, corrective actions, the updating of risk assessments and the management system if required.
- A management review is conducted. During the management review an action plan is created to ensure all items, either capital or operational expenditure, are managed and documented.
STEP 4 : Certification
Key points to consider when choosing a certification body:
- Is the Certification Body accredited? Logos to look out for are: South African National Accreditation System (SANAS), United Kingdom Assurance Services (UKAS), International Accreditation Forum (IAF), Deutsche Akkreditierungsstelle (DAkkS) and many more.
- There are multiple certification bodies globally, it is important that the certification bodies are accredited and being audited by an accreditation body as mentioned above. This ensures credibility of the certification body and respective clients would want to note that the certification was not attained through the internet or purchased, as each certification body is audited by an accreditation body to the ISO 17021 standard.
Who are the different certification bodies?
- The Different Certification Bodies are:
- South African Bureau of Standards (SABS)
- British Standards Institute (BSI)
- TUV Nord
- TUV Rhineland
- TUV Sud
- Bureau Veritas
- Standard Global Service (SGS)
What is the difference between Single Site and Multi-Site Certification?
- Single Site Certification –One site/location and its departments (HR, Finance etc) and Processes (Recruitment, Induction, Creditors and Debtors) are audited.
- Multi-Site Certification – Organisations with various sites or offices across the country or world require multi-site certification. The sites are sampled over a 3-year period. The Initial Stage 2 audit will be conducted for all sites.