What is ISO Certification and why does it matter?

Yes. Another acronym. But what is ISO and why does your business organisation need ISO certification?

The International Organization for Standardization (ISO) is an international non profit organisation that works with experts to create and manage a wide range of management standards for all industries. ISO has a standard for most businesses, industries and processes. It’s the most comprehensive list of industry standards in the world.

ISO standards can benefit your business in many ways. They can improve financial performance, increase resilience, provide structure and future-proof your business. ISO are always developing new standards and guidance documents to help organisations improve and develop. Your customers and stakeholders want to know that your organisation meets the highest standards which is why ISO certification is becoming more important.

Let’s take the two standards that our ISO consultants at CSR Management currently help our clients with:

There are many other international standards that we work with but ISO is always the starting point for any organisation that is serious about standards.

If you want to explore how ISO can benefit your business then contact us for a FREE ISO consultation.

What are ISO Accreditation Bodies?

Each country has its own national accreditation organisation endorsed by the International Accreditation Forum (IAF); the UK’s is UKAS, in the USA it is A2LA, ANAB, IAS and UAF. These organisations give accreditation to the certification bodies auditing their management systems and procedures to ensure they continue to comply with the certification requirements for the standards they certify. UKAS review a sample of reports from each organisation to ensure standards are being maintained across all certification bodies. They also attend a sample of audits conducted by each certification body.

What are ISO Certification Bodies?

Once our ISO management consultants have worked with you to implement what is needed for your ISO certification then you need to go through the certification process. We have partnered with several certification bodies in the UK and US. Certification bodies are accredited by the country’s relevant accreditation body, and are constantly monitored to ensure consistent standards across the organisations. The certification bodies audit and certify organisations like yours. They can also recommend consultants to support implementation, CSR Management is currently recommended by BM Trada, NQA, Bureau Veritas and Alcumus ISOQUAR. This demonstrates our commitment to ensuring that our clients achieve certification in the quickest time possible whilst guaranteeing the quality of our work.

What do i get with ISO Certification?

Once your organisation is audited and achieves certification then you will be issued a certificate by a certification body. You will have successfully demonstrated compliance with your chosen standard. Congratulations. Certificates are issued for 3 years and the organisation will need to receive at least one external audit per year to maintain their certification, depending on the size and complexity of the organisation. The 3 year cycle is completed by a recertification audit which may be longer than in interim ‘surveillance’ audits, and the certification body will aim to cover all locations and activities in scope over the three year cycle, if this is impractical on an annual basis. Our certification partners will ensure that you receive physical copies of your certificate in addition to the ISO Standard logo to display on your website and marketing material.

What is Annex SL?

All ISO standards are now developed following a consistent framework called Annex SL. This breaks the standard down into key areas around which requirements relevant to the objective of the standards are developed. The below shows the sections which all ISO standards will contain going forward. 

  1. Scope
  2. Normative references
  3. Terms and definitions
  4. Context of the organisation
  5. Leadership
  6. Planning
  7. Support
  8. Operation
  9. Performance Evaluation
  10. Improvement

Not all standards have been transitioned to the new framework yet, but ISO 9001 was one of the first.

Sections 1-3 are administrative, and while they are useful to understand, you don’t have to ‘comply’ with them, as such. They refer to other standards and explain what different references and terms mean, in the context of the standard in question.

Annex SL is based upon a Plan, Do, Check, Act cycle (PDCA)

  • Plan: establish objectives and processes necessary to deliver results in accordance with the organization’s policy.
  • Do: implement the processes as planned.
  • Check: monitor and measure processes against the policy, including its commitments, objectives and operating criteria, and report the results.
  • Act: take actions to continually improve.

Clauses 4-10 require an organisation to have documents, procedures or some other form of evidence to demonstrate an understanding of the requirements, and that their solutions have bene effectively implemented.

Common Certifications

The following is a list of the most common ISO certifications

  • ISO 9001:2015, Quality
  • ISO 14001:2015, Environmental
  • ISO 14298:2013, Graphic technology
  • ISO 18788:2015, Management system for private security operations
  • ISO/IEC 19770-1:2017, Information technology – IT asset management
  • ISO/IEC 20000-1:2018, Information technology – Service management
  • ISO 20121:2012, Event sustainability
  • ISO 21001:2018, Educational organizations
  • ISO 21101:2014, Adventure tourism – Safety
  • ISO 21401:2018, Tourism and related services
  • ISO 22000:2018, Food safety
  • ISO 22301:2019, Security and resilience
  • ISO/IEC 27001:2013, Information technology – Security techniques
  • ISO 30301:2019, Information and documentation
  • ISO 30401:2018, Knowledge management
  • ISO 35001:2019, Biorisk management
  • ISO 34101-12019, Sustainable and traceable cocoa beans
  • ISO 37001:2016, Anti-bribery
  • ISO 37101:2016, Sustainable development in communities
  • ISO 39001:2012, Road traffic safety (RTS)
  • ISO 41001:2018, Facility management
  • ISO 44001:2017, Collaborative business relationship
  • ISO 45001:2018, Occupational health and safety
  • ISO 50001:2018, Energy
  • ISO 55001:2014, Asset management
  • ISO 15378:2017, Primary packaging materials for medicinal products
  • ISO 19443:2018, Quality management systems —nuclear energy sector
  • ISO/TS 22163:2017, Railway applications
  • ISO/IEC 80079-34:2018, Explosive atmospheres
  • ISO 10012:2003, Measurement
  • ISO 20252:2012, Market, opinion and social research
  • ISO 28000:2007, Specification for security management systems for the supply chain
  • ISO 30000:2009, Ships and marine technology

Get in touch with our CSR Management Consultants for more information.