The ISO Certification Process

While the ISO certification process can vary depending on the scheme, generally management systems such as ISO 9001, ISO 14001, ISO 27001 or ISO 45001 follow a Two Stage Process, with the certificates lasting for a period of 3 years before renewal.

Pre-Certification Services

Are you ready for ISO Certification?

Certification bodies can not provide consultancy or advice, so you need to be ready for Certification before engaging with them.

We Can Support You: If you have not yet implemented a management system or you’re unsure whether you are ready for ISO Certification, our consultants can help

We are independent of Certification Bodies, so we CAN offer advice and support.  Contact us to find out more.


Pre-Audit or Gap Analysis

UKAS Accredited Certification Bodies will not advice or provide consultancy.

A pre-audit/gap analysis from a consultant will help you identify missing or weak areas of you management systems.

As this is not part of the formal certification process it is not a pass or fail audit, however leaving pre-audit findings unresolved could lead to non conformances during the certification process.

Contact us to discuss a pre-audit or gap analysis service.

Stage 1 – Document Review

The stage 1 audit signals the start of the ISO certification process, and is used as an opportunity for the certification body to review the structure of your management system, through the available documentation.

They will seek to verify that any mandatory requirements have been addressed within the documentation.

This is usually conducted On-Site and is also used to plan for the stage 2 audit, allowing the auditor to tour your site and assess any special circumstances that could affect the audit.

It’s often said that the stage 1 audit is not ‘pass or fail’, however the auditor can raise non-conformances that must be addressed by the stage 2 visit, and they can recommend the stage 2 date be postponed if they feel the management system will not be ready in time.

There is a maximum timeline between stage 1 and stage 2 audits, after which you will need to re-do stage 1.

Finding Raised at your Stage 1 Audit?  Don’t Panic.
Our Consultants can help you resolve any issues and prepare for a successful Stage 2.  Contact Us.



Stage 2 – Certification Audit

The stage 2 audit will cover all aspects of the management system, sampling records to obtain objective evidence that the system is operating effectively.

For this reason, there needs to be a minimum of 3 months of records and evidence for the auditors to review.

The stage 2 audit will again be held on-site and will need to include all business areas and locations referenced in your certification scope statement.

Stage 2 audits are generally considerable longer than the stage 1 audit.

There are several categories of audit finding at stage 2, the most serious of which, a major non-conformance can delay the certification. Find out more about Categories of Audit Findings.

Surveillance Audits

A programme of surveillance audits will usually be created at the end of the stage 2 audit.

Intervals can vary depending on the complexity of your management system and your preference, but usually these fall either annually or 6-monthly.

Surveillance audits are booked just as the other audits are, so there is no spot-checks or surprise visits.

In practice, these audits take a similar form to the stage 2 audits above, however they will focus on smaller sections of the management system each visit. Therefore these visits are generally shorter than the stage 2 process.