What NOT to prepare for your first ISO certification audit

Whether it’s to ISO9001, ISO14001, ISO27001 or any ISO certification standard implementing systems compliant to these standards can be a big value add to your business and enable growth and development in the years to come.

Over the years our team of auditors have seen it all so we’ve collected their wisdom on where they have seen some organisations go wrong when working towards their ISO certification so you can learn from it and make achieving ISO certification a much smoother process.


  1. Panic.

This may seem intuitive but many people see an audit as an intimidating and generally scary process. The Stage One audit is essentially a preliminary assessment, a “check up” of your current systems against the ISO standard – it’s perfectly okay to have issues. Read over our Should i expect non-conformances at my certification audits blog post for a little more on what non-conformances mean for your ISO certification.


  1. Do no preparation.

We often encourage businesses to lets us see their systems “warts and all” to start off with to prevent the mistakes the next point articulates but a fundamental understanding of the standard is essential. We have developed our self-assessment checklists specifically for this purpose – to help organisations complete an initial assessment of their systems – download them here. Some very basic preparation that often gets overlooked is can you easily locate documents that are likely to need to be looked at – are these at hand?  A lot of time ends up getting wasted in audit because things aren’t easy to locate.


  1. Do too much preparation or creating “things” just because

Often we see procedures, documents and manuals that appear to be created because they were something a client thought that we would want to see and unfortunately more often than not they aren’t required by the standard. This is common especially regarding ISO 9001 Quality Certification – there is no longer a requirement to have a quality manual. This goes back to the point above – do your research and prepare what the standard requires you to have as that is what we are assessing your business against – if it isn’t in there you won’t need it. Simple.


  1. Put it all in context OR If they have done the research – Forget about their context

ISO9001, ISO14001 and OHSA18001 are all generic standards – they can be and have been applied to nearly every industry you can imagine. Reading through the standard and considering the requirements within the context of what your business does is crucial. One of an auditor key roles is to interpret the standard according to your organisation specifically.


If you think you’re ready to take on the certification process? Request a Quick Quote!

Or if you just need some more information first reach out and Contact us – we are more than happy to answer your queries and questions.