Home Resources Blog July 2017

What are the Costs of Third Party Certification?

20 July 2017

Every time I meet a client, one of the questions they ask me is “how much is all of this going to cost?" Whether in the private or public sector, we all have to budget and justify our spending prior to gaining approval, and ISO Certification is no different.

One of the benefits of third-party certification is the impartiality and value-added experience a third-party auditor can bring to your business, but how much should you pay for this? Unfortunately there is no simple answer to this question as it depends entirely on your organization and management systems!

How Much Does ISO Certification Cost?

Whether you are implementing a quality management system following ISO 9001:2015 or working to comply with General Data Protection Regulation (GDPR) through ISO 27701:2019, certification will ultimately help your business thrive by reducing operating costs, improving stakeholder relationships and lowering risk. As a result, the financial benefits of ISO certification almost always outweigh the upfront costs. For many organizations, ISO certification is actually very affordable.

The cost to get ISO certified depends on a number of factors. A small business that is close to meeting standard requirements when the process begins will have a relatively smooth certification process and relatively low certification costs, for example. Although you can expect to pay for copies of your chosen standard and initial certification, as well as re-certification every three years, you may find that the total cost of ISO certification is less than you would have thought. This means certification can be attainable for businesses of all sizes.

The cost of ISO certification can vary based on the size of your organization, the standard you're implementing and more. The best way to get an accurate idea of ISO certification cost is to request a quote from your third-party certification body.

The Quote

The quote is a cost estimate provided by an accredited certification body listing what they would charge your organization for their auditing and ISO certification services. The exact quote given will vary based on the certification body's rates, your organization and the standard you're seeking certification for.

The actual quote for a third party ISO Certification Audit such as ISO 9001:2015 or ISO 14001:2015 is relatively straightforward. Your quote will normally include the number of days required for an audit multiplied by a day rate. The quote is further broken down into the initial cost for certification (Stage 1 and Stage 2) and the ongoing maintenance costs over a three year period, including a surveillance audit in years one and two, and a full re-certification audit in the third year. 

It's easy to see that the quote is built primarily around the number of days a third-party certification body needs to spend auditing your management system. However, the costs included in a quote are not the only factors that impact the total cost of ISO certification.

Variables That Affect The Cost Of ISO Certification

The total cost of ISO certification consists of direct costs paid to the certification body and indirect costs paid by your organization to achieve compliance with the ISO standard or standards of your choice. Here are a few variables that affect the cost of ISO certification:

  • Implementation: The amount of time and resources you spend implementing the standard within your organization will impact the cost of certification. You will need to purchase copies of the standard and spend time learning and interpreting its requirements, but it's still possible to keep costs low by implementing the standard efficiently and correctly the first time. The more efficiently you approach implementation, the less certification is likely to cost.
  • Employee training: Employee training may be necessary or helpful when working toward certification, and it often pays off for years after the initial investment. Be sure to factor the direct costs of online, in-house or classroom training into the total cost of ISO certification.
  • Hidden costs: Your quote for ISO certification may sometimes include additional items such as expenses, travel time, application fees and annual management fees. Some third parties hide these costs in the small print where most people don’t look. At NQA, we never charge hidden fees, so you'll always know how much you'll pay and what you're paying for.
  • Audit duration: Audit duration impacts the direct costs of ISO certification. The less time audits take, the less you will need to pay your third-party certification body. This means you'll be rewarded for meeting the requirements for certification when the process begins. Audit duration will appear reflected in your quote. NQA offers competitive industry rates and exceptional customer service to ensure you receive the best value for your investment.

Determining Audit Duration

Because audit duration plays such an important role in determining the cost of ISO certification, you may want to understand what factors cause audit duration to be longer or shorter for different organizations. Here are five factors we consider when estimating audit duration at NQA.

1. Number Of Employees

This has the biggest impact on your audit duration, as it determines the size of your organization and how many day-to-day users of the management system processes there are. This is important as it gives us a good indication of a starting point for the audit duration based on the IAF (International Accreditation Forum) document IAF MD 5:2015 - DETERMINATION OF AUDIT TIME OF QUALITY AND ENVIRONMENTAL MANAGEMENT SYSTEMS.

It is also important that we understand the activities that the employees of the organization engage in. Don’t worry — we don’t need a breakdown of job roles and titles by individual, but groups of employees that undertake the same activities (e.g Telesales) or seasonal workers employed only at Christmas, or staff that work shifts in manufacturing plants and hospitals etc. can help us to understand any variations from one month to the next.

2. Scope Of The Certification

This allows us to really understand the activities you conduct as a business. This is important as it allows us to identify the risk associated with your company's scope and the impact that the potential failure of the management system may have on your organization and the wider industry and community.

For example, there is much more risk associated with a quality or environmental management system failure in a power plant than there would be should a similar management system fail in an office environment. Therefore the more detail you can give us, the more accurately we can predict the risk level of your organizations scope.

3. Number Of Sites

The number of sites or locations your organization operates from can impact audit duration and the total cost of ISO certification dramatically on some occasions. As a UKAS Accredited Certification Body, we have to ensure that the management system is fully implemented and compliant at all locations within the scope of certification. This means visiting the Head Office location each annum, and some or all of the sites to ensure compliance.

When you have multiple locations across the UK or the globe, it may be possible to sample your sites if they are all conducting the same activities. If, however, you have a unique process at a site, then we will need to audit that location each annum to ensure compliance within the scope. Our methodology here is all aligned with the IAF document IAF MD 1:2007 – CERTIFICATION OF MULTIPLE SITES BASED ON SAMPLING.

4. Complexity Of Your Organization and Activities

Determining the complexity of your organization is similar to obtaining a house insurance quote. For example, you will regularly get asked questions such as “Is your house built near any flood plains?” and “What lock mechanism do you have on your doors?” Answers to these questions will either increase the complexity and risk associated with your insurance or decrease it, ultimately impacting your quote.

In a similar manner, your organization's complexity can impact your audit duration and quote in a positive or negative manner. It is therefore important that we fully understand the activities that your organization conducts and the context in which it operates as this all leads us to determining your complexity. So what are these complexity factors that impact your audit duration? Well here are just a few to give you an idea:

  • Site or remote work undertaken by employees – such as construction sites, or engineers
  • Simple or complex organization structure – for example 2 tier management structure or multiple management tiers and management system levels
  • Staff speaking in more than one language – the use of a translator will take time and therefore more time is required
  • High degree of regulation within the industry – e.g. banking industry, food safety or waste management
  • Whether you are an existing customer and we already know you as an organization and your management system

All of these and more can help us determine whether we can reduce your audit duration or whether we need to increase it.

5. Integrated Management System

Finally, your audit duration may be impacted if you have integrated your management system with another standard. The introduction of Annex SL in 2015, as a common structure for management systems, has enabled and eased the process of integrating management systems and conducting integrated management system audits.

An organization that has chosen to integrate ISO 9001:2015, ISO 14001:2015 and OHSAS 18001:2007, for example, will find cost and time efficiencies compared to those who implement separate management systems for Quality, Environmental and Health and Safety. This is because they are able to cover the same clause in both standards at the same time during an internal audit. For example the management review can cover the same requirements found in ISO 9001:2015, ISO 14001:2015 and OHSAS 18001:2007 and this will be even easier with the publication of ISO 45001.

Similarly, when your NQA auditor comes to audit the management review element, they can save time by auditing both aspects as once, through one collection of processes and documents.

Once again we have to ensure our quote is aligned with the requirements of the IAF document, IAF MD11: 2013 - THE APPLICATION OF ISO/IEC 17021 FOR AUDITS OF INTEGRATED MANAGEMENT SYSTEMS. It is therefore important to note that your quote can only be reduced for integration factors if both of the following criteria are met:

  1. Your management system is fully integrated
  2. NQA has an integrated management system (IMS) auditor to audit your organization.

It is for this reason that 98% of our full time auditors are multi-standard, Integrated Management Systems Assessors mitigating the risk of not being able to support you with your integrated management system.

Reducing Cost Through Gap Analysis

A gap analysis is an assessment you can use to determine how close you are to meeting your chosen standard's requirements. Using gap analysis, you can identify areas for improvement and address them before the real audit, reducing the amount of time auditing will take. If your business has already started implementing ISO standards, a gap analysis could help you reduce the cost of third-party certification.

Request a Quote

At NQA, we understand that no one knows your business better than you, so we will always try and meet with you or discuss your specific requirements, management system structure and organizational context to ensure that the quote we supply is as accurate as possible.

If you are interested in finding out the cost of gaining certification, please call 219-363-6151 to speak with a representative, reach out to us online or fill out our Quote Request Form. Just provide information about your company, the scope of certification and your level of risk or complexity to receive a quick quote or answer a few more questions to request a formal quote.