ISO 9001 Frequently Asked Questions (2024)

Here are somecommonfrequently asked questions related to ISO 9001:2015 to help you in your certification journey.

Jump to a question:

• What Is ISO 9001?
• What Are The Benefits Of ISO Certification?
• Who Should Get ISO 9001 Certification?
• How Does ISO 9001 Certification Work?
• How Much Does ISO 9001 Certification Cost?
• What Are The ISO 9001 Revisions From 2015?
• Does ISO 9001 Require A Management Rep?
• What Would ISO 9001 Consider A Risk In The Exporting Business?
• Is ISO 9001:2015 The Most Complicated Version Of ISO 9001?
• Do All The Elements OfISO 9001Management Review Have To Be Covered In One Meeting?
• How Does ISO 9001 Documentation Work?
• What Are Some Examples Of Incorporating Risk From ISO 9001?
• Are Risks Control Parameters In ISO 9001?
• How Do You Refer To Sources Of Inputs In ISO 9001?
• Can You Manage ISO 9001 Risks Using the ISO 14001 Approach?
• Do You Need To Identify Risks For Every Process In ISO 9001?
• Should You Do ISO 9001 Processes Mapping As A Visual Document?
• Will ISO 9001 Auditors Look For More Robust Systems Now?
• What's The Difference Between "Maintained" And "Retained" Information In ISO 9001?
• How Can You Engage Senior Management In A More Risk-Based Approach?
• What Is The Difference BetweenManagement Oriented Processes And Support Oriented Processes?
• What Should A Documented Business Risk Register For ISO 9001 Look Like?
• Do You Have To Re-Number Your QMS To MatchISO 9001?
• Should You Use A Joint Risk Approach For ISO 9001 And ISO 27001?
• How Do You Measure Leadership In ISO 9001?
• How Does NQA Track The Transition To ISO 9001?
• How Do The Changes To ISO 9001 Updates Affect Integrated Systems?

What Is ISO 9001?

ISO 9001 isthe world's most used standardfor Quality Management Systems (QMS). Used in over 178 countries, ISO 9001 gives organizations a set of management guidelines that help ensure consistently high-quality products and results.ISO 9001 does notoutline exactly how a business should be managed. Instead, it offers a flexible system that companies can implement to improve quality control.

What Are The Benefits Of ISO 9001 Certification?

The QMS system presented in ISO 9001 can help a business produce products of reliably high quality, improve customer satisfaction, boost operational efficiency, manage risk and more.Like other types of ISO certification, ISO 9001 certification shows your company's stakeholders that you care about quality control and effective management. With ISO 9001 certification, you may even be able toget more business, since many international companies will only work with ISO-certified partners.

Who Should Get ISO 9001 Certification?

ISO 9001 certification has the potential to benefit businesses in awide variety of industries, including automotive, aerospace, construction, electronics, medical device manufacturing and more. ISO 9001 presents guidelines for Quality Management Systems that can apply to all types of business models. Operations of any size can get certified. In fact, NQA works with small businesses as well as highly recognized brands.

All businesses interested in meeting and exceeding quality control metrics and expanding business horizons should consider ISO certification.

How Does ISO 9001 Certification Work?

To earn ISO 9001 certification, you will need to implement the standard and successfully complete a two-visit Initial Certification Audit. After earning the initial certification, you will need to complete yearly surveillance audits and re-certification audits every three years to maintain your certification.

The audits must be completed by an accredited third-party certification body like NQA. In addition, you must be able to prove that your QMS has been operational for at least three months and has undergone a management review and a full cycle of internal audits before you can earn ISO 9001 certification.

How Much Does ISO 9001 Certification Cost?

Thecost of ISO 9001 certificationvaries based on a number of factors, including audit duration, business size, risk and how close you are to meeting ISO 9001 requirements when you start implementing the system. You should also expect to pay for copies of the standard, any process changes that are necessary to meet ISO 9001 requirements and employee training, if necessary.

The best way to find out how much ISO 9001 certification will cost your organization is to request a quote from NQA by using our online form or calling080-67740400.

What Are The ISO 9001 Revisions From 2015?

Annex SL is the single biggest change to the ISO 9001:2015 document.Annex SL is a standard structurethat applies to all ISO management systems standards.

Does ISO 9001 Require A Management Rep?

No. However,NQA will still need a nominated contact for all matters related to certification and the organization of certification visits. NQA do not expect this to have much impact on our relationship with our clients.

What Would ISO 9001 Consider A Risk In The Exporting Business?

An example of a risk is completelyand accurately completing the export documentation. Fulllicensesneed to be in place. Price fluctuations may also be a risk or an opportunity.

Is ISO 9001:2015 The Most Complicated Version Of ISO 9001?

ISO 9001 isnot necessarilycomplicated, but it isprofessionally challenging. There is much more high level, professional judgement requiredthan in previous versions.

Do All The Elements OfISO 9001Management Review Have To Be Covered In One Meeting?

No,they can be covered in separate meetings. However, the requirement is to have a management review process, which may be a meeting or meetings, but could also take the form of other events or documentation. The requirement is to “…retain documented information as evidence of the results of management reviews.”

How Does ISO 9001 Documentation Work?

There are various ways ofapproaching ISO 9001 risk and result documentation. You could usea risk register and mitigation actionsoridentification of risk points on a process flow, recognizing that your procedures are carried out in a particular way to reduce risk.

What Are Some Examples Of Incorporating Risk From ISO 9001?

Examples of requirements that relate to risk include, for example: 8.4.2 Type and extent of control The organization shall ensure that externally provided processes, products and services do not adversely affect theorganization’sability to consistently deliver conforming products and services to its customers. And 6.3 Planning of changes When theorganizationdetermines the need for changes…..it shall consider the purpose of the changes and their potential consequences…

Are Risks Control Parameters In ISO 9001?

Risks will influence the control parameters needed to reduce or mitigate that risk.

How Do You Refer To Sources Of Inputs In ISO 9001?

The process requirements are in reality no different to the 2008 standard. The determination of inputs and outputs, and the importance of processes are enhanced and made more explicit in the 2015 standard.

Can You Manage ISO 9001 Risks Using the ISO 14001 Approach?

The same approach can be used, although the specific risks may differfrom those managedusing ISO 14001.

Do You Need To Identify Risks For Every Process In ISO 9001?

Yes,you do need to identify your risks in some way. If your processes are documented, it is useful to document the risks also.

Should You Do ISO 9001 Processes Mapping As A Visual Document?

ISO 9001 does not require that you map processes as a visual document,but it would be a very helpful thing to do.

Will ISO 9001 Auditors Look For More Robust Systems Now?

The only requirements that have reduced are the requirements for documentedinformation. There are still very specific requirements for documented evidence (records). Any management system, whether highly documented or not, needs to be robust to be effective.

What's The Difference Between "Maintained" And "Retained" Information In ISO 9001?

You"maintain"elements of the system, e.g. infrastructure and"retain"documented evidence, i.e. records.

How Can You Engage Senior Management In A More Risk-Based Approach?

Approach the requirements of the systemfrom a risk perspective, using the vocabulary of risk but not necessarily the word “risk," and you will very likely get a positive response. The management review or internal audit process might be a good place to start.

What Is The Difference BetweenManagement Oriented Processes And Support Oriented Processes?

Management oriented processes relate directly to the overall system, e.g. management review. The support processes support the system, e.g. training and competence, document control, calibration.

What Should A Documented Business Risk Register For ISO 9001 Look Like?

NQA does not promote specific templates. It would certainly be helpful to includeinternal and externalinterested parties. The primary purpose of a risk register is to help the organization identify its own needs.

Do You Have To Re-Number Your QMS To MatchISO 9001?Can You Use Your Existing QMS And Expand Sections To Cover The New Criteria?

You do not have to renumber your QMS. There is no requirement and never was a requirement to number your documentation as per the standard.However,you may well find it necessary and useful to expand your documentation to addressthe additional 2015 requirements.

Should You Use A Joint Risk Approach For ISO 9001 And ISO 27001?

You should usewhatever approach makes sense and is effective for your needs.Ajoint risk assessment approachfor ISO 9001 andISO 27001may make sense, depending on your needs.

How Do You Measure Leadership In ISO 9001?

Visibility, inclusiveness and good communicationsare all examples ofleadership in ISO 9001. Employees should be aware of vision, mission, strategyandpolicy,if leadership is effective.

How Does NQA Track The Transition To ISO 9001?

Our Assessors and Client Executives will be working closely with our clients to track your progression towards the new standard. You shouldspeak to your Client Executiveto establish exactly where you are in the transition process.

How Do The Changes To ISO 9001 Updates Affect Integrated Systems?

The introduction ofAnnex SL will aid the integration processfor ISO 9001, ISO 14001 and ISO 45001. You will need to think about transition dates and transition plans carefully though,due to the different publication dates.