Certification Bodies and What to Look Out for

certification bodies

When getting ISO certified, one of the most important steps is found at the end of the process, that of choosing a certification body. You see, when you implement an ISO standard in an organization, you have to get certified. This has to be done through an accredited certification body.

In this blog, you can find the link to the video where Luke Desira gladly explains all that you need to know when working with certification bodies. Moreover, if you prefer reading, you can find the transcript here.

Summary of the things you need to look out for when working with Certification Bodies:

  • Always work with an accredited certification body, or else your certificate will carry no value.
  • The more established the certification body, the higher the price.
  • The size of your organization and industry are the two most important factors that are considered when certification bodies charge you.
  • You must carry out a Management Review Meeting, an Internal Audit and welcome the certification body to do an external audit every year.

Video Transcript for Certification Bodies

Hi, in this video I wanted to give you more information about the process of working with a certification body. So after you have implemented your management system within your organization, you will need to look for a certification body.

And the first question that would pop up in your mind would be who to get certified with. So there are different certification bodies that you can work with and the most important thing that you have to consider is that you have to work with an accredited certification body.

What does this mean? There are different certification bodies in the world. Some are based in Malta, others are based in other countries. For example, in Italy, and in England, different countries have different certification bodies. Keep that in mind.

And given that this is an international standard, therefore you can choose to work with any certification body that you would like to work with. Having said that, some certification bodies offer the service of a certification body even though they are not accredited. Be aware fo this!

This means that practically their certificate is worthless. Therefore, when you are working with a certification body, the first thing that you have to consider is that you are working with an accredited certification body.

And then there are different options when it comes to these accredited certification bodies. Some of them have very famous brands, okay, and others are less famous. As long as you work with an accredited certification body, they all carry the same weight when it comes to the actual certificate.

Working with a famous certification body invariably increases the price of your actual ISO certification and in my personal opinion it doesn’t add much value to the implementation of your management system. Having said that I strongly suggest that you get in touch with different certification bodies making sure that they are accredited before choosing the certification body that you would like to work with.

The second topic that I would like to talk about is the costs that are associated with carrying out a certification audit. So the price of the certification body depends on different aspects. As I have mentioned earlier one of the most important factors when choosing the price or when identifying the price for a certification body is the actual certification body.

Keep in mind that it is ultimately up to the certification body to decide on the value of their services and price them how they please. Having said that, there are two main criteria that all certification bodies consider when pricing their service for clients which are the size and the sector of your organization.

Naturally, the larger the organization, the greater the number of people working with the organization and the longer the audit will have to be. Therefore, the higher the price would be for larger organizations when compared to smaller organizations.

Another question that certification bodies ask when getting their information to be able to give you the quote would be the industry of your organization, the NACE code for example, whereby with this NACE code they will be able to determine the complexity of the operations of your organization and that also has an impact on the duration of your audit.

Therefore, the number of employees and the sector of your organization have an impact on the duration of the audit and both of these elements effectively affect the price that the certification body will charge you.

And once again, I wanted to explain that the price greatly depends on the certification body that you are going to choose to work with. I know that some of my clients would like to have a ballpark figure before starting an ISO implementation project. For a company employing around 15 to 20 people, the price for ISO certification as charged by an accredited certification body which is not super famous, yet still offers an accredited ISO certification to your organization, the price for such a certification body will be around €1500. Again, this is just a ballpark figure and depends on the certification body and other factors as mentioned earlier.

I work with certification bodies that charge much less. I work with certification bodies that, for example, can charge around €1000 for certification and I’ve also worked with certification bodies who charge €3000 for the same size of company and within the same industry.

So once again, testing the waters and seeing all the certification bodies that are available to work with is extremely important because different certification bodies have different prices for their services. And another question that I get asked quite often is how long does certification last?

This is an interesting question because the ISO certificate itself has an expiry date of three years. This makes people think and believe that once you get ISO certified and you have the certificate Then you won’t have to do anything until that certificate expires Naturally, this is a wrong assumption since to maintain your ISO certification, you will effectively need to do two main things

  1. You must carry out internal audits and management review meetings on a yearly basis.
  2. You will also need to host the certification body on a yearly basis for them to do an external audit.


Whether you’re after ISO Certification, internal audits, or results-oriented consultancy, Luke has the plan for you. Reach out to him and start your journey today.
ISO Consultant in Malta


Luke has a plan for you whether you want ISO certification, internal audits, or results-oriented consulting. Contact him immediately to begin your adventure.

Let me quickly explain the process of certifications of audits done by certification bodies, okay?

So the first audit that is done by the certification body when they are auditing your organization to give you an ISO certification Is called a certification audit The next audit and the following audit so the orders on the first year would be called the certification audit The audits on the second and third year would be called a certificate surveillance audit and The audits on the fourth year which would effectively mean that your ISO certification would have expired by now the certificate itself therefore they would call that re -certification audit effectively from the Audity point of view which would be you nothing really changes just the name of the audit changes For for technicalities sake, okay?

It is the role of the auditor to determine the scope of the audit that will be done. When doing a certification audit and a re -certification audit, typically external auditors like to consider all the elements of your organization and when they are doing a surveillance audit, they might choose to audit subsections within your organization.

Therefore they might, for example, choose not to audit all your processes but they choose to audit some of your processes. Okay? Naturally, this has no implications for you as an organization because after having implemented an ISO standard within your organization, it is your responsibility to make sure that you are still following all procedures for all processes within your organization to make sure that you are following the principles that you would have implemented within your management system.

And I think that this system of having an internal audit and an external audit carried out within your organization, every year is critical to why ISO certifications are beneficial to organizations.

This is because unfortunately, as human beings, we tend to forget any improvements that we implement, both in our business and in our life. And having these audits, two audits per year will remind you of the procedures and policies that you would have implemented within your organization, making sure that both you and your employees and everyone within your organization is following the procedures that you would have implemented while going through the implementation process of your ISO certification.

The final question that I wanted to speak about relates to the costs of renewal, okay? So when it comes to renewal and renewing your ISO certification, effectively there will be no extra costs, except because that you would have already been paying every year, okay?

So as I have explained, the external auditors will come to your organization every year. This means naturally that you would need to pay them every year for them to do the surveillance or the certification audits. And as such, their fees from the first year, second year, third year, fourth year, fifth year, et cetera, tend to be the same. Some certification bodies like to price their certification audits at a price, and then the surveillance audits will be at a lower price, so it would be a three -year agreement.

And then that three -year agreement would restart again after your certificate has expired. Effectively, this changes very little to your management system, but it’s not a big deal. because once you have implemented the management system, all you need to do is to maintain it and to improve on your management system.

This means that the cost of consultants, for example, like myself, when helping you to implement the management system will be a certain fee, but then to maintain your ISO certification, it will be less than 10% of that actual fee because when I am assisting clients to maintain their ISO certification, my role is that of helping them to do the internal audit, management review, and to be present when the external auditors visit your organization.

So when you are renewing your ISO certification, effectively, you don’t need to recreate your management system. You don’t need to start afresh. Rather, at the first implementation, you are creating a management system.

That should be updated over time, naturally not just because an audit is coming but because you understand the importance of having a streamlined and updated management system within your organization.

That is all for now. I hope that you found this video interesting. If you have any questions about choosing a certification body that is suitable to the needs of your organization, I would love to help you make such a decision.

I would also love to help you implement your management system within your organization in a way that will benefit your organization. Thank you so much and I look forward to working with you.

WANT TO LEARN MORE ABOUT Certification Bodies?

Working with certification bodies is not something to take lightly. you need to ensure that your company is ready for this big step. But don’t worry. I can help you. As an ISO management system consultant, I promise to be with you from start to finish. From first contact, till you achieve your certification (and beyond), I will assist you with every action that is necessary.

Don’t forget to follow us on our Facebook and LinkedIn profiles, and subscribe to our Youtube Channel for more great content.

Book a Free 15 minute discovery call

Select a date and time to schedule a free 15 minute discovery call with Luke Desira.

Message Luke through an email


Give Luke a call

+356 7920 6686

Related Articles

High Level Structure

Breakdown of the High Level Structure of ISO Standards

If you take a look at all the ISO standards that have been published after 2015, you may notice a pattern in their structure. You see, ISO 9001, ISO 45001, ISO 14001 and the latest ISO 27001, amongst others, have adopted a high level structure. What this effectively means is that every one of these

Read More »
Preparing for a Stage 1 Audit for an ISO Standard - Stage 1 Audit

Preparing for a Stage 1 Audit for an ISO Standard 

In this blog, we are going to discuss the audit objectives and steps of the Stage 1 Audit. It also includes information on how to prepare for and conduct on-site activities, together with an introduction into the types of documented information to be reviewed during the stage 1 audit.  Objectives for a Stage 1 audit

Read More »
Scroll to Top