It may seem unimportant in the scheme of things, but people, like potential customers, will judge you based on your correct use of technical and allied terms.
ISO certification, often called third-party certification or registration, is a process where an independent certification body assesses if an organization, product, service, or management system complies with the requirements of a specific ISO standard. If the organization meets these requirements, it receives a certificate affirming its conformity.
Accreditation, conversely, is the formal recognition of a conformity assessment body's (a.k.a Certification Body's) competence, impartiality, and performance capability. It is typically carried out by an independent accreditation body and is awarded to certification bodies, testing laboratories, and inspection agencies that meet specified standards and guidelines.
If your organization performs testing, assessments, or inspections of any kind, consider applying for ISO accreditation; if not, you should work towards ISO certification.
ISO certification and accreditation can offer significant benefits to organizations that can secure them.
Both validate an organization's adherence to widely accepted industry standards and best practices. It also helps them increase their efficiency, reduce their errors, and improve the overall performance of their management systems.
Because of this, having an ISO certification or accreditation can help your organization demonstrate your expertise in your given field and show your commitment to quality, competence, and compliance. This can give you a substantial market edge, particularly in sectors where accreditation is required or heavily favored when choosing firms to do business with.
Lastly, because ISO standards were designed to create a common language and framework for industries irrespective of geographical location, cross-border collaborations can proceed more smoothly due to aligned goals and processes.
Obtaining ISO certification or accreditation involves several steps tailored to the specific standard or accreditation body. Here's a quick overview of how the process goes.
ISO Certification Process | ISO Accreditation Process |
---|---|
Determine the Relevant Standard Identify the ISO standard(s) applicable to your industry or business needs (e.g., ISO 9001 for quality management, ISO 14001 for environmental management, etc.). |
Select Accreditation Body: Identify and choose an appropriate accreditation body recognized for accrediting organizations to the specific standard (e.g., IAF for ISO certifications). |
Understand Requirements: You'll be able to take a moment to familiarize yourself with the requirements outlined in the chosen ISO standard to assess your organization's current practices against the standard's criteria. |
Assess Compliance: Could you assess and make sure that your organization meets the requirements set by the accreditation body, including technical competence, management system compliance, and other specific criteria? |
Gap Analysis Could you conduct a Gap Analysis to identify areas where your organization needs improvement or alignment with the standard's requirements? |
Application Submission Please apply to the accreditation body and provide detailed documentation showing conformity to the accreditation requirements. |
Implementation: Please make the necessary changes and set up systems, procedures, and documentation to meet the requirements of the chosen ISO standard. |
Assessment and Evaluation: Undergo an assessment by the accreditation body, which includes on-site inspections, reviews of documentation, and evaluations to determine compliance. |
Internal Audit: Could you perform an internal audit to see if your organization's systems and processes align with the ISO standard's requirements? |
Accreditation Decision: Based on the assessment, the accreditation body decides whether to grant accreditation to your organization. |
Certification Body Selection: Choose an accredited certification body recognized for issuing ISO certifications. Engage with them to initiate the certification process. |
Maintaining Accreditation: Maintain compliance with the standards and requirements to retain accreditation, often involving periodic assessments and audits by the accreditation body. |
External Audit: You can go ahead and go through an external audit conducted by the chosen certification body to evaluate your organization's conformity to the ISO standard. |
|
Certification Decision: The certification body will decide whether to grant ISO certification based on the audit findings. |
ISO standards have different requirements based on the needs of the specific industry or the intended outcome. These include differences in the depth of requirements, the scope of application, and the level of specificity within each standard.
Some standards may have more prescriptive and detailed requirements, while others offer broader frameworks adaptable to various organizational structures and industries.
The more you understand these distinctions, the more your organization can implement the most suitable ISO standard(s) aligned with your objectives and operational context.
Check out the table below for a quick guide on which standard is meant for which use and where to learn more about them.
ISO Standard and where to find more information about them |
Description |
Type |
Implementation Guides |
It focuses on establishing a quality management system to consistently deliver products/services that meet customer and regulatory requirements. |
Certification |
Implement ISO 9001 yourself: it's easy with our 24/7 Tutor Support |
|
Provides guidelines for managing environmental responsibilities, reducing environmental impacts, and ensuring compliance with environmental regulations. |
Certification |
Would you be ready to implement ISO 14001? Here's everything you'll need |
|
Information security, cybersecurity, and privacy protection |
Offers a framework for managing information security risks, protecting sensitive data, and ensuring information assets' confidentiality, integrity, and availability. |
Certification |
|
ISO 45001:2018 - Occupational Health and Safety Management System (OHSMS) |
Focuses on creating a safe and healthy work environment, reducing workplace injuries, and improving overall occupational health and safety performance. |
Certification |
Implement ISO 45001 yourself: it's easy with our 24/7 Tutor Support |
Addresses food safety hazards in the food chain, ensuring safe production, handling, and distribution of food products. |
Certification |
|
|
Provides a framework for improving energy performance, reducing energy consumption, and enhancing energy efficiency within organizations. |
Certification |
|
|
Medical devices — Quality management systems — Requirements for regulatory purposes |
Specifies quality management system requirements for organizations designing, producing, and servicing medical devices. |
Certification |
|
Certification |
|
||
ISO/IEC 17025 - General requirements for the competence of testing and calibration laboratories |
Accreditation to ISO/IEC 17025 demonstrates that a laboratory operates competently and generates valid results, enhancing confidence in its work. |
Accreditation |
|
ISO/IEC 17020 - General criteria for the operation of various types of bodies performing inspection |
This standard outlines requirements for the competence of bodies performing inspection activities. Organizations that perform inspections in various fields, such as construction, manufacturing, or certification, may seek ISO/IEC 17020 accreditation. |
Accreditation |
|
It provides requirements for bodies providing audit and certification of management systems. While this standard itself does not grant certification, it's used by certification bodies to demonstrate their competence in certifying management systems such as ISO 9001 (Quality Management), ISO 14001 (Environmental Management), etc. |
Accreditation |
|
|
This standard sets requirements for bodies operating certification of persons. Organizations that certify individuals' competencies or qualifications in various professions, like personnel certification bodies, use this standard as a basis for their accreditation. |
Accreditation |
|
|
ISO 22301:2019 - Security and resilience - Business continuity management systems |
Focuses on providing effective IT services by establishing processes for service management and continual improvement. |
Accreditation |
|
ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission) are separate entities that develop and publish international standards but focus on different areas.
ISO primarily creates standards for various industries and sectors, covering multiple topics such as quality management, environmental management, information security, occupational health and safety, food safety, energy management, and more.
On the other hand, the IEC specifically deals with international standards in electrical, electronic, and related technologies.
That said, they sometimes collaborate to develop joint standards, especially in areas where their respective interests overlap.
An excellent example of this is ISO/IEC 27001. Jointly published by ISO and IEC, it outlines best practices and requirements for establishing, implementing, maintaining, and continually improving an information security management system. ISO/IEC 17025, which specifies the general requirements for testing and calibration laboratories' competence, is another excellent example.
ISO certification and accreditation typically come with different levels than other certifications like Project Management Professional (PMP), Leadership in Energy and Environmental Design (LEED), Cisco Career, and Information Technology Infrastructure Library (ITIL).
The validity period or duration of specific ISO certifications or accreditations can vary based on several factors, including the type of certification or accreditation, the ISO standard involved, and the certification or accreditation body's policies.
Once an organization achieves certification, it is considered valid for three years. In addition, Certification Bodies typically require organizations to undergo periodic surveillance audits (usually once a year or every few years) to assess the organization's management system's continued effectiveness and adherence to the standard.
Accreditation granted to conformity assessment bodies by accreditation bodies is usually valid for five years. Again, accreditations are typically subject to periodic reassessments and evaluations to maintain validity. The frequency of these reassessments can depend on factors like the type of conformity assessment activity, the accreditation body's policies, and the specific standard being applied.
Certification bodies are independent legal entities that certify an organization's compliance with a particular standard. Most certification bodies are private businesses, though some are associated with national standards organizations. There are hundreds of certification bodies operating across the globe.
They work in compliance with ISO 17021, an ISO standard for the management and administration of certification bodies. The intention is that all certification bodies should offer external auditing services of an equivalent standard.
However, there are many bogus certification bodies in operation. The question that comes to mind is: how do we distinguish between a genuine certification body and a bogus one? The answer lies in accreditation, which we look at next.
Accreditation boards exist to ensure that accredited certification bodies operate to a uniform and high standard of external auditing. Typically, there is one national accreditation board per country.
These boards audit the activities of certification bodies in a manner very similar to how certification bodies audit certified companies. Occasionally, you will find that when a certification body comes to carry out an external audit at your site, the auditor is accompanied by an observer from the accreditation board. This is part of the accreditation board's auditing activity and is geared towards ensuring a uniform auditing standard by the certification body.
They have joined to form the International Accreditation Forum, IAF, to ensure a uniform standard between accreditation boards.
This global group of approximately 60 boards actively maintains and improves auditing standards. To that end, they continue to produce guidance to be followed by accreditation boards and certification bodies.IAF-logo-205x132
The various accreditation bodies have mutual agreements to ensure that certificates issued by one of the Accredited Certification Bodies (CB) are accepted worldwide.
[For a listing of UK Accredited Certification Bodies with details of the scope of their accreditation, visit the UKAS site; for Ireland, see INAB.
ISO does not itself certify organizations, contrary to common belief. Many countries have formed accreditation bodies to authorize certification bodies. Certification bodies, in turn, audit organizations applying for ISO 9001 certification. The diagram illustrates the relationships concerned.
The most important way is to ensure that an accredited certification body audits your organization. And this is so that you will be audited fairly to a high, uniform standard with international recognition.
[Remember: Your organization is certified to ISO 9001 or other management system standards. And it is your Certification Body that is accredited to ISO 17021]
There is no international body, the equivalent of the IAF, regarding ISO training. Many commercial and/or professional bodies claim to accredit specific courses.
Sometimes, this 'accreditation' can be purchased by the training organization. So, as a buyer of training, you need to check out claims regarding the accreditation of the training course of interest.
Generally speaking, the distinction between accreditation and certification is becoming blurred in the marketplace. The terms, where training is concerned, are routinely used interchangeably.
Click on the image thumbnail to see the image in full size, or click the button on the other side to go to our ISO auditor overview page to learn more about our courses.
We have chosen ISO 21001 certification because it is based on independent third-party assessment, unlike IRCA and Exemplar badges (which we believe are commercially compromised). It is a 'university grade' standard used globally by schools, colleges, and universities to demonstrate competence.
We offer courses for ISO 9001, ISO 13485, ISO 14001, ISO 17025, ISO 27001, ISO 45001, Risk Management, Data Protection and more.