If your organization is looking to obtain Certification to an ISO Standard there are few areas within your business which will require specific focus, regardless of which Standard you are seeking Certification against.
1 – Policies
Begin by reviewing your organizations policies to ensure they include a commitment to the requirements of the Standard. Make sure the policies have been communicated effectively within the organization and externally to relevant Interested Parties. Auditors will most likely ask several people about the policies of the organization to confirm Interested Parties know and understand how the organization has committed to achieving the standard and how their activities influence those commitments.
2 – Objectives
What are your organizations objectives, in relation to the Standard? They need to be documented. The achievement of these objectives is what drives the entire management system. An Auditor will ask for these objectives and check how they have been established, an outline of the plan to achieve them, and evidence of how they are being measured and monitored. Auditors will now be looking for quantitative data relating to how your organization has measured and monitored these objectives.
3 – Organizational Context
This is a term which has emerged within many of the recent revised ISO standards such as ISO 9001:2015 and ISO 14001:2015. Based upon the notion that your organization does not exists in a vacuum, it requires your organization to consider factor both internal and external issues that could impact the management system into your strategy. An Auditor will require you to show evidence about how your organization has identified, evaluated and incorporated these internal and external issues.
4 – Risks and Opportunities
You need to to identify and evaluate factors which could negatively affect your management system, and the likely hood of achieving your objectives, these are the risks. Your also need to identify the factors which can enhance and improve your organization’s performance, the opportunities. Auditors will need to see an outline of your risks and opportunities along with evidences of how they have been identified and the actions which are in place to address them.
5 – Planning Changes
Change is both constant and inevitable. Within a well-functioning management system change needs to be identified and addressed. In preparing for an audit, identify and document changes which have and will be occurring within your organization. These could be new and stricter regulations, new products or new equipment. An Auditor will look for evidence that changes were identified and addressed proactively. You may also be asked to identify how you future proof your organization and identify upcoming changes.