Certification is the final and optional stage of an ISO 9001 implementation but isn’t compulsory (as mentioned before). Certification is undertaken by an organisation acting as a Certification Body.
But you might wonder why you should certify, and it’s a valid question.
Consider, for one moment, a potential new employee. As part of assessing their suitability for the post, you’d consider their qualifications. If they didn’t have the ones you wanted, you would have to assess their skills and abilities yourself to see if they met your standards, with all of the associated costs of doing so.
That same process takes place each time you choose a new supplier. You would assess their suitability against a number of criteria that mattered to you (e.g. commitment to customer satisfaction, ensuring their staff were trained properly and appropriately, that the management took customer focus seriously, etc.) and decide if they were the right company to deal with. To do that properly could involve sending a member of your staff, or paying an external party, to assess their business on your behalf to confirm if they met your list of criteria or not, incurring costs to assess a supplier you many not even accept.
What if there was a different way? Imagine if the supplier had already paid someone to assess them against a certain standard of performance.
That is where certification comes in, and not just for ISO 9001. There are a wide range of industry standards companies can be assessed against, from CHAS and NICEIC in the building trade, FENSA in the glazing industry, Lexcel in the legal industry, etc. and those organisations that meet the requirements can advertise their compliance on vehicles, company documentation, etc.
What that means in practice is if you were looking for a supplier from the building trade, for example, you can safely assume that anyone with CHAS certification has met or exceeded all of the Health and Safety requirements of the CHAS scheme without you spending a penny to confirm it.
That same situation exists in the ISO 9001 world. An organisation able to prove ISO 9001 certification has demonstrated to independent auditors that they meet all of the requirements of ISO 9001 (of which our list of supplier criteria above were taken from). That means you, as a potential customer, no longer need to assess that potential supplier for your criteria, you can just choose an ISO 9001 certified organisation and be satisfied that your critieria have been met, with no additional cost to you.
Indeed, this is what many large organisations already do. If you want to tender for business with large public sector or private sector organisations, many ask for ISO 9001 certification as a qualifier (i.e. to even let you tender for the work) so that they can be sure you already meet some of the requirements they have for their suppliers.
So how does certification work?
The Certification Process has two stages:
A Certificate is valid for a number of years, and then the organisation must undergo the Certification Process again. During each year of the Certificate’s validity, the Certification Body will return to undertake Surveillance Audits where they will assess approximately a portion of your QMS to ensure that your are continuing to maintain and follow the system.