QCS MANAGEMENT PVT LTD
ISO refers to International Organization for Standardization. ISO is an independent membership private organization. ISO develops & publishes international standards on Quality management, Environment management, Occupational health& safety management, information security management, food safety management etc.
For long term sustainability in a fiercely competitive market ,it is essential for any organization to constantly deliver high quality of goods & services to ensure customers loyalty and fulfill legal compliance. ISO certification helps to protect reputation as well as bring an overall sustainable improvement in the performance and regulatory compliance of any organization irrespective of their size or nature of business. Besides, international standards published by ISO also helps in the improvement of an organization’s overall management system related to Quality, environmental performance, health& safety of workers, information security and food safety etc.
There is often a misconception on total cost of Quality, which some people mistakenly identify as the total amount of money to be spent to achieve a Quality management system certification , but it is not so.
Total cost of quality is an intangible cost which an organization is forced to incur for not having an effective Quality management standard built into the business system in the first place.
Every time a company looses a potential sales to the nearest competitor because of poor quality of products & services, it largely remains invisible to the company”s management and does not get reflected on the annual profit& loss account or balance sheet. Similarly every time a rejection is made or a rework is ordered or products are recalled from the market on quality related issues, companies suffer huge losses to the tune of billions of dollars in revenue. The total of such costs taken together which the company is compelled to loose due to lack of an effective management system is termed as the total cost of Quality.
Therefore, the ultimate objectives of any business is to increase profits. In order to increase the profits it must constantly deliver high quality of Products & Services to satisfy customers requirements and achieve legal and regulatory compliance. In order to achieve all these objectives you need to adopt an effective management system based on international standards.
ISO certification may sound a daunting, complex and costly affair , but it is not so. It is pretty straightforward, simple and cost effective if you adopt the right approach. There is always a right way and wrong way of doing ISO. If you will like to embark on an ISO certification process and don’t know where to start, you can follow these simple steps to get you started to fulfill your desired objectives ;
To start with Let’s understand the different processes of getting ISO certified .
First of all, you need to select the type of ISO certification scheme suitable to your business needs. There are various types of ISO certification available in the market. We have selected the five most popular certification schemes for you along with a brief summary on each standard.
1. ISO 9001: 2015 Quality Management System.(QMS)- ISO 9000 family of standards comprising of ISO 9001 (QMS Requirements)and ISO 9000 ( Terms & definitions) are being used globally by over 1 million companies in 180 countries to improve the Quality of performance of their interrelated business processes. The ultimate objective of ISO 9001 standard is to achieve a high efficiency of process performance to constantly deliver quality products& services to exceed customers satisfaction and achieve legal compliance for sustainable growth. ISO 9001 forms the basis of many other international standards such ISO 13485 Medical devices, TS16949 automotive, Aerospace AS9100 etc. ISO 9001 uses a process based approach and PDCA cycle to improve the process performance of an organization in a time bound and systematic way. ISO 9001 can be easily integrated with any other ISO standard such as ISO 14001,ISO 45001 etc and can form the basis of building a good foundation for your business organsiation.
2. ISO 14001: 2015 – Environmental Management system (EMS)- ISO 14001 Environmental Management system standard basically deals with identification and control of significant environmental aspects& related impacts on the environments caused by industrial activities of any particular nature. It basically aims to achieve a sustainable improvement of a company’s environmental performance in the entire lifecycle of the products(services) right from the input to the output and recycling stage through better waste management techniques. It brings a systematic cohesion between a company’s environmental performance & achievement of business objectives and also helps in compliance with environmental legislations. Companies who fulfills its environmental responsibilities are favored by customers over their competitors and helps to bring additional brings business gains. ISO 14001 can be easily integrated with any other ISO standard such as ISO 9001,ISO 45001 etc.
3. ISO 45001: 2018- Occupational health & safety Management system (OHS&S)- The enormous burden of poor working conditions. The ILO estimates that some 2.3 million women and men around the world succumb to work-related accidents or diseases every year; this corresponds to over 6000 deaths every single day. Worldwide, there are around 340 million occupational accidents and 160 million victims of work-related illnesses annually. The ILO updates these estimates at intervals, and the updates indicate an increase of accidents and ill health.( International labor organization. ref: https://www.ilo.org/moscow/areas-of-work/occupational-safety-and-health/WCMS_249278/lang--en/index.htm ).ISO 45001 is a framework adopted by companies to prevent work related hazards and minimize health & safety risks of employees and any other third party visiting the factory/ office premises. It also helps to comply with health & safety legislations, minimize insurance premiums & liability payouts, reduces absenteeism for ill health and ensures a better lifestyle and working conditions for staff & workers to increase productivity for the company.
*Pl note OHSAS 18001 not an ISO standard but a British standard on occupational health & safety has already been changed to an ISO standard to be referred as ISO 45001.
4. ISO 27001:2013 – Information security Management system (ISMS)- ISO 27001 focuses on cyber security. Shockingly, 5 million data records are stolen each day worldwide. A data breach is expensive, not just in financial terms, but in terms of your reputation too. Gaining ISO 27001 shows that you take cyber security seriously and is a step towards GDPR compliance. The certification process will also give you independent insight into your current procedures and how they can be improved.
5. ISO 22000: 2005 – Food Safety Management system (FSMS)- ISO 22000 Food Safety Management System – Hazard Analysis and Critical Control Points is a systematic approach to ensure effective control, identification and controlling microbiological, chemical or physical hazards in all stages of production from the receipt of raw material to the delivery of the final product
It must be noted that ISO itself does not provide certification to the companies. Certification is done by the external certification bodies. It is very important that you choose recognized and credible certification body.
While choosing the ISO registrar or certification body, you should keep the following in mind:
· Evaluate several ISO Certification service providers.
· Avoid going for cheap certification bodies because they do not follow any audit process to issue their certificates and in the long run it becomes costly for the organization.
· Check if they are following the relevant CASCO standards of ISO 17021. CASCO is the ISO committee that works on issues relating to conformity assessment.
· Check whether it is accredited or not. Accreditation is not compulsory but they provide confidence to the consumers that the audit process being followed by the ISO certification body is credible and neutral that meets the latest criteria’s of CASCO standards such as ISO 17021 2015.
A. Create an application /contract :The applicant and the registrar should agree on a certification audit contract. This contract usually defines the rights and obligations of both parties and includes liability issues, confidentiality, and rights of access to logos. To start with, the application and contract must be duly filled, and signed by the applicant company. Application &contract ( annex 13) can be downloaded from our company website @www.qcspl.com. or can be sent through an email on receipt of an enquiry from the applicant organization.
B. Review of application & issue an Offer for certification: On receipt of the signed application form , the certification body will review the application form and issue an offer for certification to the applicant .
C. Registration & issue of audit plan : Once the applicant organsiation accepts the offer for certification & completes the registration process, an audit plan will be issued in advance by the CB before each audit stages after mutually confirming the audit dates in consultation with the client .
D. Review of documented information’s : The ISO auditor appointed by the CB will review all your QMS/EMS/OHS/FSMS/ISMS manuals/ documents/ records related to various policies & procedures being followed in the organization as per the requirements of the respective international standards. Review of existing work will help the ISO auditor to identify the possible gaps against the requirements stipulated in the ISO standards.
C. Make an Action Plan: After the ISO auditor communicates the existing gaps in your organization, you should prepare an immediate action plan to address these gaps. Prepare the list of the required tasks to be performed to bring the desired changes in your organization. You may be required to give training to your employees to work efficiently while adapting to new procedures. Make all the employees aware of the ISO standards in terms of work efficiency and QMS/EMS/OHS/FSMS/ISMS standards.
D. Initial Certification Audit:
The initial certification audit is divided into two categories- Stage 1 and Stage 2.
Stage 1 audit : The ISO auditor will audit the changes made by you in the organization. They will then try to identify the possible non-conformities in your systems and procedures to the desired quality management system. They will divide these non-conformities into minor and major non-conformities. The applicant must carefully assess all these non-conformities and get it aligned as per the desired quality standards through modification in the techniques and processes used by the organisation.
Stage 2 audit : After all the required changes are done in the organization, the ISO auditor does the final auditing. The auditor will check whether all the observations & non-conformities of stage 1 audit have been satisfactorily addressed by the organsiation as per the standards. The company must submit the objective evidences of implementing the necessary actions or tasks raised in the corrective action plan. If the ISO auditor is satisfied , they will prepare the final ISO audit report and forward it to the registrar with a recommendation for certification.
E. Certification decision & issue of ISO Certificate- After all non-conformities are effectively addressed by the applicant organization as per the audit findings mentioned on the audit report, the registrar will grant the ISO certificate for an effective term of three years followed by a recertification audit before the end of the given term to maintain the continuity of the certificate.
F. Surveillance Audits - Within the specified certification cycle of three years, it is mandatory to conduct (minimum two) Surveillance audits at annual intervals from each other with the first surveillance audit falling due within the 1st year of the initial certification date. The overall purpose of each surveillance audit is to ensure that QMS/EMS/OHSAS/FSMS/ISMS policies &objectives as per the requirements of the standards are being continuously accomplished and improved by the organization.
G. Renewal audit- The client organsiation need to conduct a Re- certification audit minimum two months before the end of its term of three years from the initial audit/ issue date.
G. GAP Analysis audit ( optional ) – This audit is generally conducted by the regsitrar to assess the strengths & weaknesses of the applicant organization, related to the requirements of the international standards, so that the organization can initiate possible action steps to meet the deficiencies found in his management system before the final external audit by the certification body.
Time taken in completing the whole process of ISO certification also varies from organization to organization. The fair idea can be given by the ISO certification agency after assessing the size of the company.
Generally, the time required to complete the process of ISO certification is approximate :
· Small organisations: 2-3 months
· Medium organisations: 4-6 months
· Large organisation: 6-12 months
Cost for getting ISO certification is not fixed and varies from organization to organization. QCS calculates the cost of ISO certification separately for each organization after considering them on different parameters such as :
· Number of employees
· Number of units
· Number of Processes
· Level of risk associated with the scope of services of the organisation
· Complexity of the management system
· The number of working shifts etc.
Cost Savings for Certification of Mature Management Systems via ASRP
What is ASRP?
Advanced Surveillance and Recertification Procedures, or ASRP, is a process applied to certified organization that have a proven performance track record of maintaining the integrity of their management system. Only organizations that have established confidence and demonstrated system effectiveness over the course of their certification can meet the minimum requirements. The benefits of applying ASRP favor the organization by providing more effective and efficient audits to the organization and reduce certification fees to the organization. The ASRP program places more dependence on the organization’s internal audit and management review processes. This is done by allowing qualifying companies to rely more heavily on internal audits, special targeted surveillance audits, and the use of inputs from the organization to demonstrate the conformance of the organizations management system.
Different Types of ASRP
The procedures used in ASRP rely mostly on the organizations internal audits process, but different kinds of audits are used as part of the process to monitor the organizations management system. Some of the defined monitoring that occurs in the program are described below.
Companies looking to save money and time should look towards ASRP if they meet these qualifications:
According to Quality Digest, ASRP “is a solution that shows demonstrated cost reductions in external audit frequency, but has also increased value through its unique approach.” Not only does ASRP provide benefits for companies, but for consumers as well. The efficiency of the process can lead to quicker effectiveness and more efficient resource allocation over time. In terms of cost reduction for businesses, companies using ASRP will see reduced third-party audits. When reducing the amount of time, visits, and money spent on audits during recertification, companies can allocate resources elsewhere to improve efficiency and effectiveness of their systems. This allows qualifying organizations access to greater flexibility during auditing and certification processes.
The value these procedures offer is endless. Companies can expect to find the certification focus to shift from premature to mature systems. By having a more mature outlook on recertification, management systems will see enhancement on performance indicators and preventive actions and risks completely eliminate and/or mitigated quicker. Management systems will see continuous improvement despite the reduced rate of external audits. While relying on internal audits, organizations using ASRP will spend more time doing normal day to day activities rather than experiencing disruptions in their business or management systems.
Why QCS ?
QCS MANAGEMENT PVT LTD. (QCS) has been a key participant in developing and defining ASRP since its beginning. QCS has been accredited by ASCB-UK for international management systems and operates in over 20 countries. QCS aims to provide auditing services with more efficiently for greater productivity, reduced waste, and higher profits for companies . QCS has the ability to provide services internationally with Rep offices around the world. With various certification, auditing, training, and assessment services, QCS has the means and capabilities to audit and certify using ASRP to help companies with mature management systems take the next step.
Getting certified for an ISO can be an extensive process, but over 99% of our clients will recommend QCS to others. QCS has had incredible success in providing ISO clients with sustainable processes that reduce costs and enhance current market share. By switching your ISO certifications to QCS , businesses can be assured that their certifications are up to standard for their industry.
Please fill up the QCS application form with the necessary details of your company to receive an offer for certification . You may please send all communications to the following address;