Your Guide To Achieving ISO:9001

1. Document Operational Procedures

This can be in a process map format or purely descriptive text. The procedures refer to your “day-to-day” processes that you routinely carry out, and not necessarily to the “one-off” operations although you may still wish to have these documented. These procedures should itemise the different crucial steps to carry out the tasks, together with the member of staff who is responsible for doing them. Reference should also be made to any internal documents, paper files or computer files that may be used in the process.

2.Document Management Procedures

You also have to document your management procedures which can be any managerial processes you have in place to manage your business. However, there are some mandatory ones that are required for ISO 9001, which include:

  • Document Control
  • Non-conformances
  • Corrective action
  • Preventive action
  • Internal audits
  • Records management

Although they are mandatory, you can merge some together and make a single procedure, for example, Records management and Document control could be a single procedure, as could Corrective action and Preventive action, as long as the points are covered.

3.Quality Manual

You also have to produce a Quality Manual that shows how you operate in line with BS EN ISO 9001 which is in the form of itemised clauses that give information on how you deal with customer satisfaction, quality control, staff training, communication etc.


Once you have your operational and managerial procedures in place, together with your Quality Manual, you will need to carry out an audit for each of these procedures and document the findings.

5.Management Review Meeting

You will also need to hold/convene a Management Review meeting with the relevant managers to a set agenda as directed by ISO 9001, documenting the minutes.

6.Certification Company

You will now be ready to commission a certification company, such as ISOQAR Ltd, to assess you. You will be quoted a fee for this. The company will usually pay you two visits. Stage one is to check your documents and see that you have a Quality System in place. Stage two will be to carry out an audit with you with a view to awarding your certificate. The outcome will be either a successful audit with the certificate issued or there may be some outstanding issues in which case you will be granted time to address and correct these. Depending on the severity of the issues the Auditor can request a third visit. The time between the first two visits will depend on the Auditor’s availability and how ready they think you are.

7.What Happens After Your Certification?

Once you have received certification you will need to maintain it. This means you will need to carry out internal audits annually and hold your management review meetings in compliance with your Quality Manual.

8.Surveillance Visits And Triennial Visits

The Auditor from your chosen certification company will visit you every year ( or six months, depending on the size of your company) for a surveillance visit to carry out audits. Every third year you will receive a more thorough visit. You can carry out stages 1 to 7 yourself by purchasing the system or MAWQUALITY can do this for you on a consultancy basis. Point 8 will always need to be carried out by an independent, unbiased accreditation company, such as ISOQAR Ltd, to gain UKAS approval.