1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Timeline for ISO9001:2015 Certification?

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by xrat86, Apr 11, 2017.

  1. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    Where can I find a simple timeline of events that must occur to achieve ISO 9001:2015 certification?

    I understand that the duration of the tasks may differ depending on my organization. I am after the major tasks. I read on other posts about "Stage 1"; "internal audits", "Stage 2" etc... How do i know "the organization and context" of getting certified? Must we hire a consultant, that does not know our business but does know ISO, to hold our hand? That seems like a non value add and just a good ole boy network.

    We have purchased the ISO 9001:2015 standard and it is silent WRT to certification.

    Do we need to shell out more money for information that should (IMHO) be free?

    While we are at it, in the context of this (certification) what is a CB?
     
  2. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    Here is what i think is the required, please correct me / fill in any blanks.

    Internal Audit – prior to Stage 1 & 2; try and do several prior to Stage 1

    Management Review – at least one required prior to Stage 1

    Stage 1 – is your QMS (and related paperwork) in place? CB comes and checks us.

    Stage 2 – are you doing what you said that you were doing in Stage 1? Same CB comes and checks us a few weeks after Stage 1.

    CB agreement includes initial audit(s) and surveillance/maintenance audits over a three year cycle. Interim audits focus on a piece of the whole QMS, at end of three years full QMS audit needed is desired to keep ISO certification.

    CB = Certification Body, accredited with ANAB in the USA
     
  3. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Wow, lots of questions.

    So you've posted the timeline of the certification process. What must occur before is difficult to define, except in big "buckets". Is that what you want to know?

    Reading this it seems to me that you don't have a good grasp of the actual way to implement a QMS. Don't worry, we've all been there. So, to answer your next question, you can either learn, slowly and by making mistakes and eventually develop your QMS and maybe get an ISO 9001 Certificate, spending a great deal or time/money in the process - or you can hire some help to speed you through by their knowledge and experience to get it done better. How do you know the consultant doesn't "know your business"? If you go about hiring the wrong person because you think that, please don't blame the consultant - you chose them! Same comment about the "good ole boy" network. There are many, many good consultants and the know immeasurably more than you know. I know someone who had more than 40 years experience of designing and implementing QMSystems in huge corporations and small across a diverse range of industry types and isn't close to being a "good ole boy". Well, maybe "ole" and "man"...

    A meme on Facebook tells the story of the huge ship which cost millions of dollars and it stops working. The best brains couldn't fix it. Eventually, they exhaust their resources and along comes an old guy with a tool box. He goes into the ship and finding the engine, he takes out a hammer and at a precise place, taps the engine. It works!

    Delighted, the ship owners tell him to submit his bill - he has, after all fixed their expensive piece of junk. His bill is $100,000. The ship owners reject the bill saying they want it itemized, because he only spent about half an hour fixing the ship. So he sends a new bill in, it reads:

    Tapping engine with hammer = $10.99
    50 years of experience to know WHERE to tap = $99,989...

    A Certification Body is an independent organization which (may) have the capabilities to evaluate (audit) and certify management systems. AKA Registrars.
     
  4. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    Yes, that is what i was / am after. I get that the particulars of what must occur before is difficult to define.

    Allow me to finish your statement; "...and achieve certification per the requirements of the certification body" or something along those lines. Implementing a QMS does not have to be difficult. Why must the certification process not be part of the ISO9001:2015 document and CLEARLY defined? Why must it be information not readily available to the casual observer? My experience, if it is difficult it is less likely to succeed.

    Your meme example; obviously that company was not ISO 9001:2015 certified else they would have in place the processes to transfer knowledge to those that need(ed) it. The old guy with the tool box worked for the company, got tired of outsiders telling how to do his job so he took the early retirement package offered him. When the phone rang, he smiled knowing that the company never listened to him about how things "really worked around here" and he saw the opportunity to make a buck. :)
     
  5. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Because, ISO 9001:2015 and certification are mutually exclusive. A customer may require a supplier, for example, to be ISO 9001 compliant, but not certified by a CB (which is actually the original intent of using ISO 9001, back in 1987 when it was first published)
     
  6. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    1,071
    Likes Received:
    722
    Trophy Points:
    112
    Location:
    USA
    Please contact your CB customer service/last auditor.

    Failing that, general guidelines are as follows:

    1) Certificates must be transitioned by mid-September 2018. Since a typical audit cycle is 90 days (on the basis of potentially having action requests from the audit) Some CBs are enforcing a June, 2018 deadline for transition audit.

    2) A sensible time frame for preliminary/Stage 1 audit is 90 days prior to certification audit, but your CB might be able to make different arrangements. There is probably a cost to this, but is expected to help ensure the certification's travel costs will not be wasted as readiness to proceed can be determined beforehand. To be recommended for continuing to certification/Stage 2, CBs may ask for (depending who they are, and IF you have a current certificate in good standing):
    ● Your Policy statement
    ● Your identification of Context of Organization
    ● Your management system's high level Objectives & Targets
    ● Your identification of processes and their operational level Objectives/Targets/Key Performance Indicators (KPIs).
    ● Definition of the scope of the organization and the expectations of interested parties. As the standard says, this documented information is used to describe why _(xyz)_ clauses that do not apply to your site
    ● Identification of Process interactions - this does not have to be a process map
    ● Most recent internal audit, covering all the parts of the standard
    ● A copy of your most recent management review, which includes results of audits to the revised standard
    ● Description of your documentation and/or manual if you still use one
    ● Head count, including contract employees
    ● Shift times, which processes run on those shifts, and approximately how many personnel work on those shifts
    ● If your shifts are rotating, please provide a current schedule if you can.
    ● Any additional requests or information necessary for the preparation of the Stage 2 agenda

    I suggest the book ISO 9001:2015 In Plain English. I have a copy of the book and find it very informative.
     
    xrat86 likes this.
  7. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    When we established our QMS that is certifiable to ISO 9001:2015 we had the following activities per month:
    • 1st month - Initial Assessment by the consultant using a checklist based on clauses of the standard; Seminar on ISO 9001:2015 Requirements; Workshop on Establishing the Strategic Directions, Quality Policy and Quality Objectives;
    • 2nd month - Seminar on RBT Approach for the QMS Processes; Establish the procedures for Control of Documented Information, Performance Planning and Evaluation, Nonconformity & Corrective Action, and Internal Audit;
    • 3rd month to 4th month - Establish the Core and Support Processes documented procedures; Establish the Quality Manual;
    • 5th month - Internal Audit Training; Cause Analysis Training; Conduct of Internal Audit;
    • 6th month - Establish Corrective Actions on Internal Audit findings; Conduct of the Management Review with ISO related issues (as per clause 9.3.2);
    • 7th month - Readiness Assessment by the consultant; Stage 1 Audit by CB;
    • 8th month - Stage 2 Audit by the CB.
     
    xrat86 likes this.
  8. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    Incorrect. In order for ISO 9001:2015 to be of value to my organization (an interested party) how to either A - achieve compliance or more importantly B - achieve certification MUST be explicit and clearly defined; else the additional burden is placed on the interested party for no reason other then.....i can't think of one.

    The organization that publishes this document fails to implement it themselves by not understanding and acting on the needs and expectations of interested parties.

    Again, why is it not obvious to the casual observer?

    In reading this forum more, in this post and others, it is clear that the end user (i.e. an interested party) is left to navigate the quagmire that is ISO 9001. I have read countless posts about auditors (CB's) and consultants WRT to implementation/certification with differing opinion and interpretations. Why be so difficult? Who is left out? The very "interested party" that it is intended to help (like my organization). The 'process' becomes the product.

    So we are free to "consultant shop" or "CB shop" to find the path of least resistance? We contacted one "consultant" that quoted us $14,380 sight unseen and guaranteed 'certification'. Another one has asked many, many questions and is planning a visit (they are local thankfully) in order to understand our current state prior to giving a quote. ANAB accredited? Worth anything to my organization? How are we to interview/vet a consultant or CB and know which is best fit for us when we are kept in the dark WRT to expectations (certification)?

    Lost in the mix is the actual intent - providing a quality product. No wonder management often dismisses this process.
     
  9. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I beg to differ. Based on my experience of being around ISO 9000 implementation since before certification existed and in many related roles in the industry, I can assure you that ISO 9001 and Certification are indeed mutually exclusive! The rest of your post tells me that you are looking, as many do, for the "silver bullet" answer to all things "ISO". Life isn't like that. I understand your frustration, of course. But the fact is no-one can tell you the answer you're looking for. I had to figure it out. So will you. I'd suggest that obtaining guidance here is as good as any place, but dismissing comments which don't align with yours, is unlikely to get you the help you're seeking.
     
  10. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    Andy,
    Regardless of the past, we are in today. You fail to address the short comings of the current system. Perhaps for you it is second nature and direct; for a newbie it is anything but.

    Again - Why make the certification process complex? Hidden and not clearly spelled out?

    My time is better spent on developing our QMS and digesting the standards, not exploring the complex relationships and inter dependencies needed to become certified. I seek no silver bullet as that is fallacy. ISO 9001 can benefit my organization, no doubt; proving it to someone else should be a trivial matter.
     
  11. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    How can I be a informed / smart buyer WRT consultants and CB's if I am ignorant as to expectations, roles and responsibilities, scope, schedule, etc, etc, etc,,,,?
     
  12. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    The certification process is very simple. It's not hidden. It's available for you to discover in all manner of places. It's in ISO/IEC 17021. It's in many books, including my own. It's in blogs all over the internet. You seem to think that being a newbie is some kind of excuse. We were ALL newbies, but we researched, got involved, asked questions and didn't take a defensive position when we got frustrated. To dismiss history is dangerous. All systems have short comings. Experience tells you how to deal with it. History puts the experience into perspective. Ignore it at your peril. If you want help, ask questions and please stop pointing out everything that's wrong. It's counter productive. People here will help, and many of us have been involved with such forums and topics for 10+ years. We've helped thousands. We've also ignored those who dismissed our advice, which was given freely and without expectation of recognition. We collaborate with those who wish to be helped. Arguments get nowhere.
     
  13. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    1,071
    Likes Received:
    722
    Trophy Points:
    112
    Location:
    USA
    Information regarding expectations, roles and responsibilities, scope, schedule, etc, etc, etc. should be made available to you by your CB. That organization might also have a link on their web site that described the process. Have you looked?

    Consultants are not ANAB accredited, but some ANAB accredited CBs offer informational sessions to explain the standards. There is also good quality training out there for internal auditors, which can be accredited by Exemplar/IRCA. There is also ISO 9001:2015 In Plain English.

    0.1 of ISO 9001:2015 describes the standard and its intentions, primary of which is "a) the ability to consistently providing products and/or services that meet customer and applicable statutory and regulatory requirements." It is about that now, as it was in the 2008 version.

    ISO 9001:2015 does not describe the certification process because ISO does not certify anyone. Certification is done by certification bodies, who are expected to adhere to ISO 17021 Requirements for bodies providing audit and certification of management systems.
     
  14. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    Why did you not respond with "It's in ISO/IEC 17021" when i asked "Where can I find a simple timeline of events that must occur to achieve ISO 9001:2015 certification?" That would have been simple. I am not using newbie as an excuse, I am describing the reality that we (my organisation) face and seeking guidance from those more enlightened and inquiring further as to why and how as opposed to just taking the status quo as the best we can do (can you say continuous improvement?).
     
  15. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    The most complex task is "simple" the learned
     
  16. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    1,071
    Likes Received:
    722
    Trophy Points:
    112
    Location:
    USA
    ISO 17021 does not have timelines. It is a rules document for CBs and their auditors. I can help explain the process but must note that details are within CB policies and procedures unless industry documents (like IATF for automotive) over ride them.

    Is this your first certification?
     
  17. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    Yes it is our first. Still debating internally - "compliance" or "certification". Our customers may/might/could require it (certification) we are seeking clarification.

    If the timeline is not in ISO 17021; where does the timeline come from?
     
  18. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    A combination of things...

    Typically, to go from an application to a certificate:

    Application to Stage 1 Audit: 90 days

    Stage 1 to Stage 2 Audit: between 30 - 45 days

    Stage 2 to certificate issuance: 30 days

    Cert issuance to 1st Surveillance: just under 365 days

    However, there are many factors at play here which can affect the above, typical, durations.

    Then, there's where YOUR organization is starting from, its background in specific industries can help, management support, your scope, number of locations etc. etc.

    Plus, there's the approach you're going to take, your state of readiness at the stage 1 can affect the timing of the stage 2, for example. On top of that there's auditor availability and your location compared to a qualified auditor, which CB you've chosen and so on. Are you planning on using a consultant or learning how to do audits on your own and wait until the stage 2 happens to discover you didn't do them effectively enough...
     
    Paul Simpson likes this.
  19. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    1,071
    Likes Received:
    722
    Trophy Points:
    112
    Location:
    USA
    Compliance is for statutory and/or regulatory requirements; conformance is to the standard and your customer requirements.

    Quality Progress (American Society for Quality) published a timeline of the process for ISO 9001:2008 certification. Its phases with project objectives and milestones will not differ, but details do: for example, the 2015 version does not require the 6 procedures as described for 2008. ASQ has a web page describing ISO 9001:2015, which contains a number of additional information source links. The information provided in the ISO 9001 Technical committee's web page is more current, though it also provides information regrading the 2008 version.

    I hope this helps!
     
    xrat86 likes this.
  20. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    To date we have only contacted 1 with known ANAB accreditation. Their website is lacking specifics. Communication has been via email to date. Might progress to a face to face.

    At least know we might be able have an intelligent conversation with them (RE: ISO 9001 certification).

    Thank you.