[Infographic] The route to ISO Certification explained

Certification body auditor congratulating company employees for achieving ISO certification

The 12-step ISO Certification process explained

We're often asked about the ISO certification process. Even though we're not a Certification Body - our business is e-training - we thought of giving you, our readers, a quick overview of how to get ISO certification for your Quality Management System or another Management System type.


Table of Contents

  1. ISO Certification Process Overview
  2. 12-Step ISO Certification Process
    1. Inquiry
    2. Completion of Questionnaires
    3. Review of Proposals
    4. Confirmation of Application
    5. Initial Audit - Stage 1
    6. Document Review
    7. Initial Audit - Stage 2
    8. Corrective Action
    9. Review and Verification
    10. Issuance of Certification
    11. Surveillance Audits
    12. Recertification
  3. Download the ISO Certification Process Infographic
  4. ISO 9001 Implementation Learning Materials


ISO Certification Process Overview

To obtain an ISO Certificate for your organization you will need to engage the services of a Certification Body and go through an ISO Certification Process.Infographic-The-ISO-Certification-Process-e1464093164668

Our infographic will take you through that process and answer some frequently asked questions, including: 

  • What is the nature of the ISO 9001 certification process?
  • Are all Certification Bodies the same?
  • How many steps are involved?
  • How long will our ISO 9001 Certification last?
  • How often will we be audited?
  • Is the ISO 9001 certification process different from other ISO management system standards?

To begin answering these questions, we have prepared a flowchart taking you through the steps involved in the ISO Certification Process.

Whichever Standard you wish to be certified against - ISO 9001, ISO 13485, ISO 14001, ISO 27001, ISO 45001 etc. - the process is the same and involves you using the services of an independent third-party, a Certification Body, to confirm your full compliance with the ISO 9001 requirements.

12-Step ISO Certification Process

We begin at the point where your management system has been developed, implemented and is now being maintained. The infographic then takes you through the 12 steps involved with hints and tips to ease your journey.  Enjoy!

1. Inquiry

Identify suitable Certification Bodies (CBs) with accreditation for your economic sector wherever possible.

2. Completion of Questionnaires

Submit information to get quotations. The number of employees is a key factor; however, provide core employment numbers only. All will quote for a three-year contract.

3. Review of Proposals

Compare the total cost for a three-year cycle and select a Certification Body. If the specific economic sector where your business operates favours a particular certification body, you should seriously consider that CB.

4. Confirmation of Application

Agree on a schedule for the audit and the audit plan. Typically, certification bodies will require a one-month to three-month notice.

5. Initial Audit - Stage 1

The certification body will conduct a site visit to review your readiness for the audit. They will provide you with a report detailing the level of compliance to the requirements of the standard. They will also highlight areas where improvements are needed before proceeding to the Stage 2 Audit.

6. Document Review

Send or present on your site your system documentation to the Certification Body for review. This will ensure that your documented system covers the requirements of the Standard.

7. Initial Audit - Stage 2

A Registration Audit will be conducted at your business location(s) by the Certification Body team. This comprehensive audit will check that every element of the Standard is complied with. An Audit Report will be produced detailing the state of compliance and any nonconformances found.


We have Lead Implementer Courses for five ISO Standards


8. Corrective Action

Corrective action will be required to address every noncompliance. For major noncompliances, there may be a delay while evidence of ongoing compliance is built up.

9. Review and Verification

The Certification Body will review corrective action to ensure that they are satisfied that they will be effective in preventing the recurrence of noncompliance to standards.

Another site visit by the CB Audit Team may be necessary and this will involve additional costs.

10. Issuance of Certification

After the internal review of the Audit Report to confirm that the recommendation for certification is consistent with evidence recorded in the Report, the Certification Body will issue your Certificate with 3-year validity.

11. Surveillance Audits

After certification, the Certification Body Team will carry out annual surveillance audits to help you maintain your system.

12. Recertification

At the end of the three-year period, a Recertification Audit that is as thorough as the Initial Registration Audit is carried out. Upon successful completion, a new three-year certificate is issued.

Download the ISO Certification Process Infographic

Want to keep a handy copy of the ISO Certification Process for the office? Download the flowchart for free. Just follow the steps below.

  1. Click on the infographic to open an enlarged image on Pinterest.
  2. On Pinterest, right-click on the image, select 'copy' and then paste to your own Desktop.
  3. You can now save and/or print the infographic as you wish.

ISO 9001 Implementation Learning Materials

To get started with ISO 9001 implementation, consider...

  1. Our ISO 9001:2015 Lead Implementer Course with its 100+ page Implementation Handbook,
  2. The Infographic '33 Steps to ISO 9001:2015 Implementation', and
  3.  Our Blog 'ISO 9001:2015 and Risk-based Thinking - some practical advice'.


New call-to-action


Note: First published in June 2017; updated January 2022

Related Articles

deGRANDSON Global is an ISO Certified Educational Organization

InISO 21001 ISO 29993 ISO 29994 October 2021 we secured certification to three education-related ISO Standards.  We now have a university-grade management system in place conforming to the requirements of  …

  • ISO 21001, Educational Organizational Management System,
  • ISO 29993, Learning Services outside formal Education,  and
  • ISO 29994, Learning Services – additional requirements for Distance Learning.

We have chosen ISO 21001 certification because, unlike IRCA and Exemplar badges (which in our opinion are commercially compromised), it is based on independent third-party assessment.  It is a ‘university grade’ standard in use globally by schools, colleges, and universities to demonstrate their competence.


Written by Dr John FitzGerald

Director & Founder of deGRANDSON Global. Spent 15 years in the manufacturing industry and 25 years training, consulting & auditing management systems
Find me on:

Subscribe to Email Updates

Recent Posts