Home Certification Standards ISO 9001

ISO 9001 FAQ Page

Here are some common frequently asked questions related to ISO 9001:2015 to help you in your certification journey.

Jump to a question:

What Is ISO 9001?

ISO 9001 is the world's most used standard for Quality Management Systems (QMS). Used in over 178 countries, ISO 9001 gives organizations a set of management guidelines that help ensure consistently high-quality products and results. ISO 9001 does not outline exactly how a business should be managed. Instead, it offers a flexible system that companies can implement to improve quality control.

What Are The Benefits Of ISO 9001 Certification?

The QMS system presented in ISO 9001 can help a business produce products of reliably high quality, improve customer satisfaction, boost operational efficiency, manage risk and more. Like other types of ISO certification, ISO 9001 certification shows your company's stakeholders that you care about quality control and effective management. With ISO 9001 certification, you may even be able to get more business, since many international companies will only work with ISO-certified partners.

Who Should Get ISO 9001 Certification?

ISO 9001 certification has the potential to benefit businesses in a wide variety of industries, including automotive, aerospace, construction, electronics, medical device manufacturing and more. ISO 9001 presents guidelines for Quality Management Systems that can apply to all types of business models. Operations of any size can get certified. In fact, NQA works with small businesses as well as highly recognized brands.

All businesses interested in meeting and exceeding quality control metrics and expanding business horizons should consider ISO certification.

How Does ISO 9001 Certification Work?

To earn ISO 9001 certification, you will need to implement the standard and successfully complete a two-visit Initial Certification Audit. After earning the initial certification, you will need to complete yearly surveillance audits and re-certification audits every three years to maintain your certification.

The audits must be completed by an accredited third-party certification body like NQA. In addition, you must be able to prove that your QMS has been operational for at least three months and has undergone a management review and a full cycle of internal audits before you can earn ISO 9001 certification.

How Much Does ISO 9001 Certification Cost?

The cost of ISO 9001 certification varies based on a number of factors, including audit duration, business size, risk and how close you are to meeting ISO 9001 requirements when you start implementing the system. You should also expect to pay for copies of the standard, any process changes that are necessary to meet ISO 9001 requirements and employee training, if necessary.

The best way to find out how much ISO 9001 certification will cost your organization is to request a quote from NQA by using our online form or calling 800-649-5289.

What Are The ISO 9001 Revisions From 2015?

Annex SL is the single biggest change to the ISO 9001:2015 document. Annex SL is a standard structure that applies to all ISO management systems standards.

Does ISO 9001 Require A Management Rep?

No. However, NQA will still need a nominated contact for all matters related to certification and the organization of certification visits. NQA do not expect this to have much impact on our relationship with our clients.

What Would ISO 9001 Consider A Risk In The Exporting Business?

An example of a risk is completely and accurately completing the export documentation. Full licenses need to be in place. Price fluctuations may also be a risk or an opportunity.

Is ISO 9001:2015 The Most Complicated Version Of ISO 9001?

ISO 9001 is not necessarily complicated, but it is professionally challenging. There is much more high level, professional judgement required than in previous versions.

Do All The Elements Of ISO 9001 Management Review Have To Be Covered In One Meeting?

No, they can be covered in separate meetings. However, the requirement is to have a management review process, which may be a meeting or meetings, but could also take the form of other events or documentation. The requirement is to “…retain documented information as evidence of the results of management reviews.”

How Does ISO 9001 Documentation Work?

There are various ways of approaching ISO 9001 risk and result documentation. You could use a risk register and mitigation actions or identification of risk points on a process flow, recognizing that your procedures are carried out in a particular way to reduce risk.

What Are Some Examples Of Incorporating Risk From ISO 9001?

Examples of requirements that relate to risk include, for example: 8.4.2 Type and extent of control The organization shall ensure that externally provided processes, products and services do not adversely affect the organization’s ability to consistently deliver conforming products and services to its customers. And 6.3 Planning of changes When the organization determines the need for changes…..it shall consider the purpose of the changes and their potential consequences…

Are Risks Control Parameters In ISO 9001?

Risks will influence the control parameters needed to reduce or mitigate that risk.

How Do You Refer To Sources Of Inputs In ISO 9001?

The process requirements are in reality no different to the 2008 standard. The determination of inputs and outputs, and the importance of processes are enhanced and made more explicit in the 2015 standard.

Can You Manage ISO 9001 Risks Using the ISO 14001 Approach?

The same approach can be used, although the specific risks may differ from those managed using ISO 14001.

Do You Need To Identify Risks For Every Process In ISO 9001?

Yes, you do need to identify your risks in some way. If your processes are documented, it is useful to document the risks also.

Should You Do ISO 9001 Processes Mapping As A Visual Document?

ISO 9001 does not require that you map processes as a visual document, but it would be a very helpful thing to do.

Will ISO 9001 Auditors Look For More Robust Systems Now?

The only requirements that have reduced are the requirements for documented information. There are still very specific requirements for documented evidence (records). Any management system, whether highly documented or not, needs to be robust to be effective.

What's The Difference Between "Maintained" And "Retained" Information In ISO 9001?

You "maintain" elements of the system, e.g. infrastructure and "retain" documented evidence, i.e. records. 

How Can You Engage Senior Management In A More Risk-Based Approach?

Approach the requirements of the system from a risk perspective, using the vocabulary of risk but not necessarily the word “risk," and you will very likely get a positive response. The management review or internal audit process might be a good place to start.

What Is The Difference Between Management Oriented Processes And Support Oriented Processes?

Management oriented processes relate directly to the overall system, e.g. management review. The support processes support the system, e.g. training and competence, document control, calibration.

What Should A Documented Business Risk Register For ISO 9001 Look Like?

NQA does not promote specific templates. It would certainly be helpful to include internal and external interested parties. The primary purpose of a risk register is to help the organization identify its own needs.

Do You Have To Re-Number Your QMS To Match ISO 9001? Can You Use Your Existing QMS And Expand Sections To Cover The New Criteria?

You do not have to renumber your QMS. There is no requirement and never was a requirement to number your documentation as per the standard. However, you may well find it necessary and useful to expand your documentation to address the additional 2015 requirements.

Should You Use A Joint Risk Approach For ISO 9001 And ISO 27001?

You should use whatever approach makes sense and is effective for your needs. A joint risk assessment approach for ISO 9001 and ISO 27001 may make sense, depending on your needs.

How Do You Measure Leadership In ISO 9001?

Visibility, inclusiveness and good communications are all examples of leadership in ISO 9001. Employees should be aware of vision, mission, strategy and policy, if leadership is effective.

How Does NQA Track The Transition To ISO 9001?

Our Assessors and Client Executives will be working closely with our clients to track your progression towards the new standard. You should speak to your Client Executive to establish exactly where you are in the transition process.

How Do The Changes To ISO 9001 Updates Affect Integrated Systems?

The introduction of Annex SL will aid the integration process for ISO 9001, ISO 14001 and ISO 45001. You will need to think about transition dates and transition plans carefully though, due to the different publication dates.