General

by -
What to Expect in an ISO Audit

Expectations from ISO audits can largely depend on the type of organization you are a part of. ISO audits examine whether a company’s management systems are in compliance with the ISO standards and relevant requirements. They also identify the existing or potential errors within management systems and suggest ways to rectify them. Other than addressing problems, audits help in checking what actions have been taken to meet organizational goals and objectives as they look for ways through which improvement can be made within the system.

The various types of audits include certification audits, on-site or remote audits, internal audits, and surveillance audits.

You can learn about the various types of audits here.

What do ISO Auditors Look for?

Effective ISO auditors look to understand the overall goal of your management system and provide evidence that helps them assess an organization’s compliance with the ISO standards. ISO auditors assess and evaluate organizational performance, below are a few examples of where an auditor would assess processes and why. These examples specifically address ISO 9001:2015.

a. employee training: as covered under the competence training and awareness clause of ISO 9001, records of employee training are monitored by auditors. To ensure workforce capability, auditors may inspect employee work evaluations, training test scores, degrees and certifications, position descriptions, employee resumes, performance reviews and training agendas.

b. management resources: to implement a quality driven culture and continuous organizational improvement, auditors focus on expanding and clarifying requirements for management responsibility as part of the QMS.

c. document control: organizations are required to document the process of controlling the creation, maintenance and access of documents according to ISO 9001 quality management standards. The documents can either be present in the form of paper or an electronic file and must be available in formats that make sense for the organization i.e. in the form of spreadsheets, presentations, images, or video clips. They must be tagged, titled, or numbered for their easy identification and should be approved by individuals with authority every time they are updated.

d. Enterprise quality management software: choosing the correct e-QMS to comply with the ISO requirements is also essential and is considered a good practice although it is not strictly required by the standard.

e. Management review agenda: to meet the requirements of the standard,a detail-oriented agenda with updated, complete information to mitigate risks and record actions that help with quality management is expected.

f. CAPAs: auditors understand that quality driven organizations focus on continuously updating and improving their systems by taking preventive and corrective actions along the way. Auditors expect companies to invest in strong CAPAs that promote organizational agility and conformance for an effective QMS.

This list is not an exhaustive list of what you can expect during an audit, but simply a few examples of what you can experience during your audit and why the auditor will be looking into them. At an audit, you can expect your auditor to be looking for conformance to the standard. Therefore, you will want to be forthcoming with answers and ensure your explanations help the auditor to understand your processes. Interviews are a chance for your employees to show what they do and how they do it – showcasing your processes working effectively.

Audits are a chance for you to learn about what is working and what isn’t. This is an opportunity to learn where you can improve to be better and more efficient at what you do best.

by -
Ethics in Auditing - ISOUpdate.com

Ethics and Integrity is the choice between what’s convenient and what’s right. Reinforcing good execution and behavior of any organization relies on an auditor to confront poor execution and behavior and endorse proper and conforming behavior, and not simply “look the other way” when pressured from above or by budget. If you wish to perform a value-added service with your audits and report, you have a duty to utilize ethical practices in your audits, for the good of your own reputation, and the good of the company paying you to audit their work.

Ethics is a personal choice, it’s a personal compass that dictates right from wrong but unfortunately, it’s not always common sense. Being an auditor, you may face scenarios where you can’t always tell which choice is right, which choice is easy, and which choice will let you keep your clients happy. The issue stems from a bias in the industry that is hard to avoid. The people you audit are paying you, and therefore hold power over you as an auditor or a Certification Body to produce favorable results or they will jump ship to another provider. While this is an industry norm, it still produces scenarios where the potential for “letting something slide” is easily allowed. This, however, is not ethical and tarnishes the whole perceived image of certified entities.

We go into how Auditors have a responsibility to be ethical in their position of power. If you want to learn more, read the full article here.

by -
ISO-Right-For-You

Product, Place, Price, Promotion. AKA, The Marketing Mix. This tool developed by J. McCarthy is a business basic model “used to pursue its marketing objectives in the target market”.

The Marketing Mix is one tool that can help you as an organization understand how to promote yourself and your product in a way that makes sense for your customer and their needs.

One thing you may learn during your analysis is your customers’ need for quality for example, or perhaps they care deeply about the environment and spending their dollars with environmentally conscious companies.

Researching your customer and their purchasing decisions can lead you to a new growth avenue – but can you achieve these?

In this article, you will learn how the adoption of standards, like ISO 9001, ISO 14001 or ISO 45001 can not only help your organization and its longevity, but it can also show your commitment to your customers through certification.

Why ISO Standards?

Part of ISO Guidelines is a framework for successguiding requirements that have been created by industry professionals and evaluated by a committee. They have been approved as an internationally adopted and recognized framework to build a business upon.

For example, if you work in the Aerospace industry, you have a different framework than those in the Automotive industry because you have different unique challenges.

The generic quality framework, ISO 9001:2015, was designed as a foundation for success with generic business principles and frameworks to allow organizations to create or improve an organization at its most basic roots to ensure efficiency and quality of work.

Implementing ISO 9001 into your business allows you to take time to look deep into the organization, and evaluate what you do great, what you do well, and what needs improvement.

Standards are not only a great foundation to grow a business upon though. These guiding requirements allow you to look within your organization, find your strength and allow them to shine and identify possible areas for improvement, places that need help to grow to their full potential.

The nature of ISO Standards audit processes allows unbiased reviews to truly see the organization without judgement. This is a great marketing opportunity to showcase your strengths.

Promote your certificate, your congratulatory statements from auditors, and what you are proud of.

Part of ISO 9001 is also measuring and monitoring. If you are interested in learning about how much productivity has gone up each quarter, or the number of sales per year, you are encouraged to do so in ISO 9001.

This is a great opportunity to learn real facts about your organization, in an effective manner, that you can then share with your customers. These are real, tangible numbers than can really impress prospective clients.

If you are looking to attract new people to your organization, you might want to look into obtaining ISO 14001:2015 certification. “Of those born between 1981 and 1996, 62% want to work for a company that makes a positive impact”. 

Companies with an active interest in sustainable practices, and the certification to prove that, can gain a lot of edge in the competitive hiring market place. Not only that but showcasing your commitment to sustainability and quality of goods and workplace safety with certification to ISO 45001, the standard for occupation health & safety, can prove to prospective hires how committed to their wellbeing you are.

Standards help you as an organization navigate best practises while allowing you to thrive as a unique organization and culture.

ISO Certification does not ask you to subscribe to a one size fits all approach to business. But it does show you how to eliminate inefficiencies and set you on a path for growth and longevity with a base set of tools for success.

by -
iso50001-energy-management

Written by Jorine Bibi

With people and companies around the world growing steadily more conscious of the need to conserve energy and protect our environment, ISO certifications are becoming all the more relevant. With this in mind, let’s take a fresh look at the ISO 50001 standard, and how companies today can address energy management and the benefits of pursuing certification.

ISO 50001 is an international standard that sets forth requirements companies need to meet in order to establish effective energy management systems (or EnMS). Effective EnMS under ISO 50001 entails meeting expectations with regard to energy performance, energy efficiency, and reduced environmental impact — all of which can be brought about in a variety of ways, depending on a company’s functions and practices.

In other words, while ISO 50001 outlines general ways for companies to achieve meaningful progress, different companies can set different specific goals for their system, its success rate and scope.

To offer a glimpse of how companies can go about the process, here are a few steps that can help to spark progress toward measurably improved EnMS.

Establishing Energy Data Transparency

It is important to track and analyze energy data to reliably report and measure success and failure. A company hoping to demonstrate meaningful progress toward improved EnMS will need to establish greater transparency regarding its energy consumption, use, and change. This way, the company can not only offer a clear picture of its energy management but also conduct the analysis necessary to identify potential areas of improvement. You can’t effectively know if a change was successful if you don’t have accurate measurements to prove otherwise.

Improving Electrical Efficiency

Before looking to bigger and bolder technologies or methods, companies can also address energy performance on a more granular level, by assessing any relevant electrical functions. In today’s highly capable electronic devices, more is demanded of the printed circuit boards that actually communicate electrical signals. This demand can sometimes lead to lost or incomplete signals, which can result in a sort of hidden energy waste. It’s for this reason that more advanced PCBs can now be designed with impedance calculators that effectively ensure reliable connections and smooth signals. Transitioning to electronics using more reliable PCBs can be a means for a company to revamp its electronic functions in a way that moves in the direction of greater energy efficiency. It’s not just your lightbulbs that can be updated to be more efficient, take a look at all your technology and see where improvements can be made, the timeline needed for these changes, and measure these changes inefficiencies for evidence for your ISO 50001 certification audits.

Adjusting Spending Priorities

To some extent, the idea of adjusting spending priorities is present in all other relevant suggestions. Companies may have to spend on ways to establish energy data transparency, as well as on assessing and replacing electronics, for example. It’s worthwhile to consider this as a specific step toward better EnMS. Energy management can save a company money, but the process of establishing new processes and obtaining more efficient technology can require some adjustment of company’s spending priorities, however, demonstrating that adjustment will prove to your auditor of your commitment and continual improvement which will help in achieving ISO 50001 certification.

Seeking Out Energy-Efficient Tech

We discussed addressing energy management on a granular level, through internal electrical designs. However, companies striving for meaningful change in these areas should also seek to identify bigger changes they can make in favor of energy-efficient technology. One way to do this can be to look to clean-tech companies and the products and services they provide. For instance, a company conducting this sort of search might be inspired to install solar panels or implement water-waste monitors at office locations. This can make for a good general start, though it’s also wise for companies working on energy efficiency to find ways to improve that specifically relate to their primary functions as well – look internally at where there are opportunities and risks that can be a chance for real change!

Any company can achieve ISO 50001 certification. Through establishing clear progress toward better energy management and efficiency, companies can prove to stakeholders, the community, new customers, and current customers of their commitment to a better tomorrow.

About The Author

Jorine Bibi Author LogoJorine Bibi is an environmental blogger. She hopes that her articles provide her readers with information on what the world can do to reduce its energy use. She also believes that if we don’t address the issue of climate change soon it will be too late. In her free time, she likes to tend to her garden.

by -
cost-of-iso-certification

What is the cost of becoming ISO Certified?

The complexity and size of an organization largely determine and influence the ISO certification cost.

The International Accreditation Forum (IAF) publishes requirements that Certification Bodies (CB) must follow to determine the audit time for your management systems audit. These requirements consider the number of employees you have working in your organization, the complexity of your activities and the number of sites from which your organization operates.

If you have contacted numerous CB’s for a quote for certification, you may notice there are discrepancies between them. These differences are often due to administrative cost variants and the audit day rate.

Day rates can vary between CB’s, as can the charges for audit prep and report-writing.

Travel expenses are billable to you, the client, and variations in cost can also occur depending on if the CB has a qualified, local auditor or if they will need to send in an auditor from a different location.

What is the cost of NOT becoming ISO Certified?

Most organizations today are in a race of relevancy, consumer demands, and customer expectations.

Obtaining customers is a difficult task, especially in today’s competitive marketplace, but retaining customers is often just as difficult with one wrong move or bad product potentially ruining your reputation.

Following are some of the costs of not becoming ISO certified:

Unmet customer requirements:

Consider, if an organization is focusing on short term payoffs and not working towards understanding and meeting customer requirements, it will negatively impact the organizational brand name and customer loyalty in the long run, which will also have an adverse effect on the company’s reputation.

Greedy and bottom-line driven organizations can face customer backlash from scandals, scathing reviews, and a bad reputation from the masses, which is extremely hard to overcome and bounce back from.

Implementing an ISO management system helps an organization consider long term goals, strategic direction, policies that are in line with goals and objectives, and risk-based thinking methodologies that are specifically designed for the organization to maximize efficiencies and, in turn, profits.

Product quality:

Like customer expectations, product quality is essential to today’s consumer.

Your customers expect that the goods and services you provide will meet their expectations. They purchase your product with an end goal in mind, and you must deliver on that promise – be it one time, or thousands of times.

Each product or service you deliver should be consistent with these expectations, if not exceeding them. Any deviation in this quality output can be the reason for a customer complaint or the loss of a customer and your reputation in their mind and circle.

Maintaining this quality day in and day out should be your main objective as an organization, and ISO Standards set out to achieve this through manageable, measurable quality systems designed specifically for your organization to ensure quality outputs on consistent bases and measures to remedy deviations before they reach the consumer.

Company objectives:

ISO certification requires the company to identify and describe various processes and objectives using business metrics. Therefore, not having an ISO Certification can leave customers and suppliers ambiguous about the organization’s goals and outcomes.

Especially for customers and suppliers who operate in other parts of the world and are purchasing overseas, purchasing from ISO Certified companies is often a requirement to satisfy their own company protocols.

Because ISO Certification is the same worldwide, companies can rest assured they are getting a quality product overseas when they purchase from ISO Certified organizations.

Employee morale and company culture:

With an ISO Certification, employees of an organization benefit from documents and clearly specified objectives, strategies and operational processes that are made specifically for them and in the easiest method for everyone to understand.

ISO makes it a point to ensure companies speak directly to their employees on how they can better the organization, work towards a strategic direction and quality plan, and how to do their job at their most efficient.

With these plans in place, employees build confidence in their abilities in their roles and the company’s active interest in their well-being.

Employees who feel confident in their job, employer, and career direction are more likely to enjoy their position and therefore build good groundwork for a sustainable and ideal company culture. It is up to your organization to build a good company culture with good people and good practices, and an ISO Certification can provide a great foundation to build on.

Monetary cost:

You can expect an average ISO Certification to cost around $3000-$5000 annually, with cost savings coming from a decrease in travel expenses and extra costs coming from the size of your organization.

The costs of an audit vary between CB’s, but typical costs include the audit time, administrative costs, and travel expenses.

While certification may seem expensive, the opportunity cost of no certificate is much greater.

Consider the number of deals you’ve lost without certification, the level of inefficiencies you run from wasteful practices and processes, and the associated long-term costs.

ISO Certification asks you to operate at your peak, work using risk-based thinking, and continuously improve.

These are all business benefits that will contribute to your long-term success.

International recognition:

Since ISO Certification is an internationally recognized standard of quality and management systems and used by millions of organizations around the world, being certified is an accomplishment that is recognized worldwide.


It is an accomplishment to be proud of, and one that not every organization can achieve, but all should strive for.

The cost of not being certified is to your international credibility and loss of potential business.

With the growth of databases that consumers and suppliers have access to verify companies’ active certifications, the consumer is more knowledgeable than ever and that is something all organizations should consider when looking to the global marketplace.

Proving your capabilities with an internationally recognized management system can help boost your credibility and trust on the world stage, and sometimes it is the only way you can compete internationally.


Want to find help with your certification? Visit our Directory Resources to find the help you need!

by -
ISO Certifications in the Medical Field - ISOUpdate.com

Written by: Aurion ISO Consultants

The Healthcare Industry is driven by a set of standard instructions and regulations from the medical associations and governing bodies.

Achieving quality excellence, optimizing process flows, and effectively managing daily operations is the aim of every hospital management.

To streamline the daily hospital operations, and embrace the global best practices, ISO Certification is the right choice.

ISO Standards – Must-Have Certifications for Healthcare Providers

Following ISO Standards are must-haves for a Medical or Healthcare Providers

  • ISO 9001:2015 Quality Management System Certification
  • ISO 14001:2015 Environmental Management Standard
  • ISO 50001:2018 Energy Management Standard
  • ISO 45001:2018 Health and Safety Standard
  • ISO 27001:2013 IT Security Management Standard
  • ISO 13485:2016 Medical Devices Certification
  • ISO 17025:2017 Laboratory Testing Standard

The ISO 9001:2015 Standard provides specific requirements for a quality management system that will enhance the ability to deliver care that will meet the requirements of the patient.

Importance of ISO 9001:2015 Certification in the Medical Field

Also, ISO 9001 Certification enables the hospital to comply with the statutory and regulatory guidelines for the governing authorities.

Benefits ISO 9001:2015 certification will bring to the hospitals

  • Periodic Management Reviews & internal Audits
  • Measurements and control of suppliers
  • Conduct frequent customer feedback survey and ensure preventive measure are taken
  • Standardized and formal corrective action procedures
  • Risk management and assessment to avoid unprecedented events.
  • Continual improvement through process optimizations and productivity enhancements

ISO 14001:2015 Environmental Standard in Hospitals

To reduce the environmental impacts in the hospital sector, ISO 14001:2015 standards play a significant role.

From the number of goods and services purchased to the consumables used, there will be a vital environmental impact.

To reduce and mitigate the risk of environmental impact and transform the hospital operations into a greener and environmentally friendly, ISO 14001 environmental management system comes handy.

The EMS System will ensure the hospital functions in full swing but by keeping a check on the levels of environmental effects at all stages.

Benefits to the hospitals from ISO 14001:2015 Standards

Effective Supply Chain Management – Keeping a track of the purchase quantities, materials, consumption patterns, waste treatment, etc.

Eliminating Waste and Reducing the Impact

Hospitals have huge amounts of food, food containers, plastic drink containers, medical supplies, etc., The daily waste generated will be enormous in a large hospital. Hence, correct recycling is very important. There has to be a full-fledged waste treatment plant and a recycling unit that adheres to environmental policies.

ISO 14001 Standard and the implementation of the environmental management system will help in monitoring the waste treatment and recycling and reduce instances of reducing the environmental pollution in any means.

Lowering Energy Consumption

The EMS System ensures the overall level of energy consumption is kept low. The power consumption is very high for a hospital. ISO 14001 helps in optimizing power usage. As an ISO 14001 compliant hospital, adhering to the ISO standards and follow power-saving practices will result in great cost savings as well as environmental protection.

Compliance to the Environmental Laws

There are a couple of environmental laws a hospital has to comply with. The regulations are spanned from using the right gas in the air-conditioning units to emissions from the site, there are checks to be done.

Also, fire and safety, the process of water usage and treatment, waste management, cleaning, and maintenance, all have to give importance to environmental protection.

ISO 14001:2015 implementation and practising will result in huge cost savings and reduction of waste materials and water. The supply chain will be more effective and help in lowering the environmental impact as a whole.

Empowering the hospital staff and employees on the need for environmental protection is essential to achieve long term sustainability.

ISO 50001:2018 Energy Management Standard

ISO 50001 Standard complements the environmental standard by offering a specialized system for energy management.

It helps hospitals, medical device manufacturers, etc., to reduce their operating expenses and improve overall energy efficiency.

ISO 45001 Health and Safety Standard is a vital standard for healthcare. It helps in avoiding workplace hazards and accidents.

Keeping the hospital clean, enhance hospital staff engagement, provide awareness training on health & safety, take corrective actions to ensure non-occurrence of incidents, etc., are few areas of focus for ISO 45001 Standard.

ISO 27001:2017 IT Security Standard Certification

As medical devices are getting connected and technologically advanced there is a high risk of data breach and healthcare information loss.

Hence incorporating best cybersecurity practices is the need of the hour. Minimizing the risk of stolen data and system hacks has become a key focus for the healthcare sector as a whole.

ISO 27001 is based on internationally recognized best practices in cybersecurity and is not restricted to any single healthcare platform or medical software. It also helps in mitigating the risk of data loss and enhances cybersecurity measures.

ISO Certification for Medical Devices & Laboratory Testing

Product conformity is a crucial part of the design and manufacturing of medical devices. ISO 13485:2016 Standard helps medical devices manufacturers in designing quality systems to test their devices at all stages of production, and in the design phase.

Similarly, the ISO 17025:2017 laboratory testing standard helps in calibrating and testing laboratory equipment.

 It will ensure the laboratory follows top-rated testing practices in line with global practices. It also reduces re-testing and saves the customer’s cost. It helps in improving the brand value of the testing laboratory too.

About the Author

John Wick is an ISO Consultant working with Aurion ISO Consultants in Dubai. John likes to write on ISO Training, ISO Consulting, latest changes in ISO Standards, industry-wise benefits from getting ISO Certified. Reach out for expert consultation on any ISO related queries.

About Aurion

Aurion ISO Consultants, Dubai offers world-class ISO Services such as Training, Consulting, Certification, Implementation, and Audits in Dubai, UAE and Worldwide.

Aurion ISO Consultants is an Award-Winning Consultant firm in Dubai, UAE and one of the fastest-growing ISO Service provider in the UAE and GCC region. We have assisted 1800 clients across several countries globally.

We provide you with a Single-Window Solution with ISO Consulting, ISO Training, and ISO Implementation and ISO Audit Services. With our ISO Certification, you can transform your business into quality first one.

Contact Us: Aurion ISO Consultants | 0097142504150 | contact@aurioninternational.com |#213&214,6E-A Dubai Airport Freezone, Dubai | www.aurioninternational.com

While you are planning to implement ISO Certification Standards for your organizations, to know more about the ISO Certification standards and all ISO related services from Aurion ISO Consultants, you call us right away!

by -
quality-culture

Writted by: Qooling

Quality management is a field that is important for every organization. Although we see more emphasis on Quality when an organization works based on a standard, whether it be ISO or any other. In order to support all the Quality related activities, companies build up Quality departments. These departments are key in maintaining the Quality of the products and services. More often than not, we see that the Quality department becomes responsible for everything related to Quality. However, in the end, every employee that is involved in the processes to produce the product or service has an impact on the Quality and, therefore, should be responsible for that part of the process. The Quality department cannot be responsible for the Quality of every product and service the company delivers or produces; it should be more distributed within the organization.

Quality Department

In the new world, the Quality department is more like an internal consultancy department helping the different departments continuously improve. This way, each department is responsible for the Quality of the output they deliver, while the Quality department helps them improve processes. Making this switch isn’t easy for the company, as Quality departments have been holding this responsibility sometimes for decades. On the other hand, this switch isn’t easy for the different departments either. They are used to having the Quality department solving all the problems. With this new approach, they can no longer do this and they have to step up their game. Fortunately, slowly but surely, more and more companies are embedding this approach to Quality management. In order to do this, transparency is key.

New Approach

When moving towards this new approach to Quality management, it is important that the company has the right solution to support this. It requires a lot more transparency throughout the organization. The people operating the core processes need to create the NC reports themselves in order to give the consultative Quality department data to help improve the processes. This can only be accomplished if easy-to-use and intuitive solutions are provided. This way, more data will flow into the improvement processes.

The other way is that the Quality department helps with setting up the CAPAs. They can do some CAPAs, but shouldn’t own them all. The responsibility is with the process owners. This way, ownership will be equally distributed instead of being only with the Quality department. Next to the CAPA and NC management, the operational people should be handed the tools to bring Quality to the next level. Great examples are mobile apps for all kinds of checklists and to manage the actions they have to do. This way they can contribute to the management system on the go without much impact on their daily activities. Providing data for the management system becomes a seamless process and part of their normal job.

About Qooling

Qooling enables organizations to improve their quality, safety and security through data. Leverage all the tools on one platform to improve quality and safety culture. Learn more

Want to learn more about Management Systems & Quality? Read our blog!

Follow Qooling on Twitter @QoolingQuality

Find Qooling on LinkedIn

by -
Difference Between AS9100 and AS9120 Certification

Aerospace standards are not only meant to work towards customer satisfaction but also help with providing improved quality and timely delivery. They are also used for problem identification and risk mitigation. Moreover, these standards help to reduce the overall cost of projects by cutting risks and potential for error by developing sound business processes that ensure quality outputs are consistently achieved. Both AS9100 and AS9120 work towards streamlining and reducing the number of required audits along the aerospace supply chain and include aspects of the ISO 9001 standard plus specific areas of importance related to quality for the Aerospace industry.

Important Note: Differentiation is made between the new information added in the AS Standards by Bold and Italics.

The true difference between the two AS standards and the reason your organization should be certified to one over the other lies in the type of aerospace organization that you operate – whether you create products and services or whether you distribute products within the aerospace industry.

AS9100 and AS9120 are internationally recognized standards for quality management for the aerospace industry that are operated by IAQG or the International Aerospace Quality Group (IAQG).

When discussing the benefits of these standards, it must be kept in mind that these standards facilitate and monitor continuous improvement but also open market opportunities. The standards help demonstrate and validate transparency and traceability through a supply chain network which helps reduce costs, increase efficiency and ultimately save time, money and resources. They also help ensure that a system is monitored and supported by the regulatory authority which helps engage, motivate and involve the staff. Moreover, certification helps with trade as it is often considered a requirement in the aerospace industry.

Important Note: While AS9100 mentions several guidance standards that do not require certification, these only provide guidance and specifications.

What is AS9100?

QMS for quality assurance in design, development, production, installation, and servicing

AS9100 is an international standard containing requirements for establishing and maintaining a quality management system for the aerospace industry. Its official name is AS9100 Quality Management Systems – Requirements for Aviation, Space and Defense Organizations and it is intended to be used by organizations that design, develop, and produce aviation, space, and defense products and can be applied throughout the supply chain.

Because the aerospace industry has high standards of customer satisfaction and strict laws imposed by regulatory authorities AS9100 focuses on how the products are made to ensure the organization produces and continuously improves products that meet these high industry standards. This standard establishes the elements that a quality management system must have for companies to consistently provide safe, quality products that are delivered on time.

The design and implementation of this standard will be influenced by the size and organizational structure of the company, its needs, its objectives, processes and the products it provides.

What is AS9120?

QMS for quality assurance in stockholding and distribution of aerospace/defense parts

AS9120 is a standard that specifies the requirements for a quality management system (QMS) for stockist distributors in the aerospace industry. The standard addresses chain of custody, traceability, control, and availability of records. AS9120 was developed for stockist or pass-through distributors of aerospace commodity items. This standard is part of the AS9100 series, and it includes all of the ISO 9001 requirements, plus specific requirements related to aerospace distributors.

Distributors of aerospace commodity items directly impact the performance of these items if they are mishandled or traceability is lost between the original equipment manufacturer (OEM) and final customer. AS9120 has been developed to help distributors minimize the occurrence of anything that could negatively affect the performance of their commodities.

This certification is intended for organizations that procure parts, materials, and assemblies, and sell these products to a customer in the Aerospace industry. This includes organizations that procure products and split them into smaller quantities. This standard is not intended for organizations that rework or repair products.

Summary & Notes

It is important to note that the AS Standards mentioned in this article are not product standards since they do not define product quality. They only ask you to control processes in order to meet customer requirements for your outputs. Since these are not personal standards, an individual cannot become certified to them, they can only become a third-party auditor of the standards.

An organization can become certified to the AS standard through a 3-year process with annual audits conducted by internal and external auditors and recommendation for certification by an accredited certification body. This is done to ensure an organization’s processes and quality management system are inspected by an impartial third-party at regular intervals to ensure compliance with the AS Standard.

With various representatives for departments of aviation, space, and defense companies in the Americas, Asia-Pacific and Europe, AS9100, AS9110 and AS9210 standardize not only quality management system requirements but can be used at all levels of the supply chain by different organizations around the world, in order to ensure improved quality, reduced costs, consistent outputs, and improved delivery performance.

This is accomplished through the reduction or elimination of organization-unique requirements, effective implementation of the quality management system, and wider application of good practices.

The benefits of AS9100 AND AS9120 include not only market acceptance but the opening of international opportunities as both the standards are endorsed by all major aerospace bodies and regulators including Federal Aviation Administration (FAA), U.S. Department of Defense (DoD) and National Aeronautics and Space Administration (NASA).

by -
Types of Audits - ISOUpdate.com

Looking to become certified to ISO 9001? Not sure what to expect from the process, and from ISO Audits? It’s a good idea to prepare yourself and your organization for what to expect from an auditor, what is needed from you, and what will happen at each stage of the certification process to have a smooth and stress-free experience. In this article, we will briefly explain the different types of audits an organization can expect to go through when seeking their first certification to ISO 9001 and subsequent audit cycles once you are certified.

If you have never been certified to ISO 9001 before, you should expect a long road ahead of you. The first step to certification is implementation. This can be done in house with your own people, or with a consultant. Learn more about how to implement ISO 9001 and what to expect [LINK]. It may take your organization a few months to fully implement your Quality Management System and have it effective and ready for a certification audit. While the standard is generic and concise, it can be quite overwhelming, so ensure you are asking questions and reaching out to professionals at every step.

One specific requirement of the standard is Internal Audits, that is the act of evaluating your own processes internally and recording evidence to report to your management, company and certification auditors.

Internal Audit:

Internal audits are self-examination done by the company itself at least once per calendar year. They are performed on-site and are useful in determining conformity, effectiveness, and opportunities for improvement. By going through internal auditing your organization will be able to compare your quality management system to the required standard(s) and prepare for the certification audit. There are no “stakes” with an internal audit, they are completed to meet a requirement of the standard and serve as a learning opportunity for your organization. It is during this process that you want to find as much as you can so you know what your certification auditor will see and so that you can be prepared with ways to improve. Your certification auditor, or external auditor, holds a lot more power in a sense because this is the person who is a representative of your certification body and will determine if you achieve third-party certification to ISO 9001.


Want to learn more about Internal Audits? Check out ISOUpdates Article on ISO Internal Audits Explained Iso here!


External Audit:

An external audit is performed by a third-party auditor associated with your hired Certification Body. The external auditor will conduct a certification audit or surveillance audit at least once during each calendar year to determine if your organization should be recommended for ISO certification or continue to hold your current certificate. An external auditor must perform audits based on a set of rules from their own ISO Standard for auditing best practices and must obtain strict qualifications set by the certification bodies. Auditors must also be selected by a certification body with consideration to the organization’s industry, the auditor’s understanding of their industry and the specific industry codes the auditor must hold to conduct the audit.

An external audit scope may include any number of processes, and the scope will be detailed to you ahead of time in an audit plan so you and your people can be prepared and present. In the 3-year cycle of certification, each process must be audited during the initial certification or recertification audit and at least once per the 2-year surveillance cycle to evaluate effectiveness.

Let’s go deeper into the different audits involved in obtaining and maintaining an ISO Certification:

Certification Audit:

A certification audit is conducted once every 3 years to verify the effectiveness of the whole QMS against the ISO 9001 standard. A third-party certification audit is conducted by an IAF-MLA signatory member Certification Body accredited to ISO 17021 – the standard for Management Systems Certification Bodies. The certification audit is broken down into 2 stages, a stage 1 audit and a stage 2 audit:

Certification audits consist of two stages

STAGE ONE audit is used to determine if your company is ready for stage two. A certification body will detail the minimum requirements your organization must meet to ensure you’re ready for a stage 2 audit, going through your documentation and comparing it to the requirements of the standard to assess compliance and readiness for an audit. It is best to be sure your organization is ready because, during a stage 2 audit, your certification body can raise non-conformities and other issues with your system that may require the auditor to return to audit your system, resulting in additional costs.

STAGE TWO is an on-site audit where a third-party auditor will review your documents, your processes, interview your employees and review your operations to determine compliance with the ISO 9001 standard. Your Certification Body will submit an audit plan ahead of the arrival of your auditor to allow you to prepare your documents, schedule the availability of relevant employees and allow for any necessary preparations. If your organization has more than one shift, the audit will be planned accordingly to sample as much evidence from each shift as needed to prove compliance. During the audit, you can expect the auditor or audit team (depending on the size of your organization) to hold an opening meeting which will detail their audit plan and schedule, after which the audit will begin. The scope and timeframe of the audit are dictated by ISO 17021. Certification Bodies cannot change the number of days the audit needs to be on-site, that is a predetermined guideline which is based on the number of employees at your organization and the level of risk associated with your QMS. Be upfront about how many employees you have, full-time, part-time and contract employees. If this number changes, inform your certification body as this may change your audit schedule.

Surveillance Audits:

In the 3-year cycle of an ISO Certificate, you will receive 2 surveillance audits, once each calendar year after your certification audit the first year of your cycle. Once you receive your ISO certification, the next 2 years will include smaller surveillance audits, with the auditor only auditing select processes and departments. The length and duration of these audits are again dictated by ISO 17021. Between the time of your certification audit and your surveillance audit, you will need to ensure you are continuing to meet the requirements of ISO 9001, for example holding internal audits, management review meetings, etc. within the timeframes dictated by the standard. You will also need to continue upholding the internal requirements your organization has documented as part of your QMS, i.e., hiring processes, performance reviews,  etc. Failure to meet the requirements of your own system or the standard will result in non-conformances being raised during your external audit.

Non-conformities:

As mentioned in this article, failure to meet the requirements of ISO 9001 will result in a non-conformity which must be addressed and resolved via corrective action within a certain timeframe before your organization can be granted certification. The timeframe given for resolution is dependent on the severity of the non-conformance. Non-conformances can be Major, Minor, or an Opportunity for Improvement.

Summary

The road to Certification for ISO 9001 can seem long and daunting, but the payoff is well worth it. Setting your business up for long term success by utilizing ISO 9001 and the world’s leading quality management system to effectively and efficiently run your business is just good business. Ensuring your organization has rules and processes in place that ensure you produce exactly what you say you will make good business sense. Having a third-party come in to verify this once a year holds you and your staff accountable to your rules and processes as well as the standard. Holding an accredited ISO 9001 certificate is outward proof to your customers that you hold their values and hopes for the quality of your products and services to the highest standard, the ISO Standard. Being ISO 9001 certified proves to your customers, your suppliers and your stakeholders that you care about the quality and consistency of your work above anything else, and you care about the longevity of your business practices. It may seem like a long road when you first embark on it, but the hardest step is always the first step. Once you have created momentum and movement within your organization of quality first, your organization will see the rewards that certification brings.

by -
Improving Root Cause - ISOUpdate.com

When analyzing a problem and determining its root cause, you need to apply logical and critical thinking, analytical skills and calculations to fit pieces together like a puzzle to present a picture that makes sense to the beholder. When fixing a problem, it shouldn’t be enough to just use a band-aid solution – if you fix the symptoms only, the problem is more likely to occur again. You should want to determine the root cause of the problem to ensure that it never happens again. Determining a root cause can be an easy few questions and answers, but here at ISO Update, we want to help you improve your ISO 9001 Root Cause Analysis to ensure your organization is performing at its best.

Read the full article here.