If you want your QMS to be certified against ISO 9001, you will use a Certification Body to do this (as they issue you a Certificate) saying you comply.
A Certification Body should be accredited by another body (called an Accreditation Body) that they operate in a fair and effective way and comply with their own ISO standard (ISO 17024).
Globally, there is an organisation called the International Accreditation Forum (IAF, https://www.iaf.nu/). The IAF oversees the work of the major accreditation bodies worldwide. The task of the IAF is to guarantee uniformity and fair implementation of ISO standards by all its members. Its members all agree to recognise certificates issued by Certification Bodies accredited by the other Accreditation Bodies around the world. It is from this agreement that the international recognition for ISO 9001 certificates arises.
Visually, the relationship looks like this:
There are particular areas where the preference is given to IAF-endorsed ISO certificates. One example is applications for national and local government tenders, or for major companies, as they recognise that an IAF-endorsed certificate from anywhere around the world is consistent with standards of their national IAF-endorsed Accreditation Body.
In the UK, the United Kingdom Accreditation Service (UKAS) is the single IAF and Government recognised Accreditation Body. In the USA, there are a number of Bodies covering a range of standards, such as ANSI. The list of members on the IAF website (https://www.iaf.nu/) can show you who the appropriate Body is in the different countries.
The website for the Accreditation Body will list all of the Certification Bodies they have accredited and the standards they certify. It is from this list of Certification Bodies that you should select who you want to certify your QMS.
Non-IAF Certification and Accreditation Bodies
For the sake of completeness, we’re also going to discuss the non-IAF Accreditation and Certification bodies.
There are Certification Bodies and Accreditation Bodies who are not part of the IAF-endorsement path. You can choose to use them, if you wish, but I offer a personal note of caution.
The certificates they issue are not IAF-endorsed. As a result, Governments and major companies may choose to reject them as ‘valid’ ISO 9001 certificates as they will be looking for IAF-endorsed certificates.
I have seen companies go through the process of gaining a non-IAF certificate, investing time and money to achieve it, then have it rejected by a major potential customer because it wasn’t IAF-endorsed. Using Certification Bodies that are not IAF-endorsed can be cheaper, but the certificate can be less valuable. In fact, there is nothing to stop someone setting up a new Certification Body in the morning, issuing ISO 9001 certificates by the afternoon and just taking your money … it has been done in the past (referred to as ‘certificate factories’ by some). If I can give you one tip … stick with the IAF-endorsed path. If you’re willing to invest the time and money in building a QMS and having it certified, you deserve to have that recognised properly around the world.
One of the strongest reasons for using an IAF-endorsed Certification Body is that the ISO standard for Certification Bodies strictly forbids the same organisation, or an organisation within the same corporate group, from proving consultancy and auditing services to the same client without a gap of literally years between the two. If we think about this logically, this makes sense … you would never be allowed to mark your own answers in a formal examination; or, a driving instructor would never be allowed to formally test their own student drivers, etc. This independence between consultancy and auditing prevents the situation of ‘marking your own homework’, and ensures an independent assessment of the organisation before a UKAS Certification Body can issue a certificate.
Consider these two scenarios.
An fictional organisation ‘Mill Certificates Inc’ doesn’t meet the ISO requirements to act as a Certification Body and isn’t UKAS-approved, but issues certificates regardless. As an external organisation, how do you know how thoroughly any organisation with a Mill Certificates Inc ISO certification was assessed? Some non-accredited bodies have been known to simply perform telephone assessments, and issue certificates based on that level of inquiry … and some non-accredited certification bodies don’t even perform that level of assessment! Contrast that with a UKAS-accredited body … every Certificate they issue can be assessed by UKAS to ensure the level of competence and quality of the Audits. That means they must maintain a high standard of performance to retain UKAS accreditation, while a non-accredited body’s standards can be far lower.
This comes from a real-life example. After receiving quotes from a number of consultancies, a client appoints the consultancy with the cheapest price but isn’t IAF-endorsed, which we will call ‘TrustMe Management Systems‘, because TrustMe guarantees its customers it will pass an ISO assessment within 45 days from signing the contract. TrustMe will provide both consultancy and auditing services to the client as part of a package. A TrustMe representative duly holds some meetings with the client and produces a documented QMS manual for the client. A separate TrustMe auditor then visits the client, assesses the manual and observes the company in action, and duly awards the Certificate to the client. The client then presents that Certificate to a customer as part of a tendering process, but the customer rejects the Certificate for not being IAF-endorsed.
Do you think the client feels they’ve got value for money?