In this blog article, we’re going to talk about the different types of ISO certification standards that exist and the process that you will go through when trying to implement these ISO standards within your organisation. This will be followed by a brief discussion about the different certification bodies available that will guide you through certification. Additionally, we will go over the various ways in which I can be of help to you when you get to implement these types of Management Systems within your organisation.
For those of you who favour listening over reading, rest assured that your preferences are kept in mind. Here’s Luke speaking about the importance of choosing to implement the correct ISO standard within your organisation.
Different Types of ISO Certification that Exist
“There are different types of ISO certification standards and some are suitable for certain types of industries while others can be adopted by any type of organisation. For example, ISO 9001, which talks about quality, ISO 14001, which talk about talks about the environment, and ISO 45001, which talks about health and safety, can be implemented by any organisation within any industry.”
“Then, there are other standards that are suitable for particular organisations and/or industries. For example, ISO 22000, which talks about food safety is of course suitable for food manufacturers and companies involved within the food industry. Similarly, ISO 27001, which focuses on information security, is relevant to organisations which handle sensitive information, such as software companies. Another specific ISO standard is ISO 13485. This standard puts the limelight on medical devices and is mainly sought after by organisations involved in the handling and dealing of medical devices. And of course, there are many other ISO standards that are suitable and relevant to different types of organisations, some being more specific than others.”
The Implementation Process for ISO Certification
“The implementation process that a company will have to go through when implementing an ISO standard starts by having an initial consultation.”
” If you approach me to help you implement an ISO standard within your organisation, we would use this initial session to talk about ways in which your company can implement the relevant ISO certifications, even if you are planning to implement completely different types of ISO certification. Secondly, we would talk about the funding opportunities that would be available at the time for your organisation. I am one of the approved advisors by Malta Enterprise, so if you are a company based in Malta, I would be in a position to help you out by tapping into the relevant funding opportunities that may be available.”
“After having this conversation, if you would be eligible for funding, we would apply for this in order for you to eventually receive the relevant grant in due time. This amount will be given to you by the Government of Malta.”
“Then, we would in a position to start off with the implementation process. The first thing that we would need to do is to perform what is known as Systems Mapping. Here, we would start to evaluate the operations of your business and we would see what type of processes are relevant for the organisation. We will then proceed to take this information and compare it to the actual requirements of the standard. This is called Gap Analysis. By identifying the gap between what you are currently doing and what the standard needs you to do, then we would have automatically created an action plan for improvement for your organisation.”
“Once the Gap Analysis has been carried out, we would then move on to the systems implementation, whereby will take the actions that we would have defined during the Gap Analysis and implement them within your organisation. This implementation has to be done through the use of training. Training your employees on how to follow the systems as required by the international standard that is being implemented is a crucial aspect of the whole process. Once the implementation has been complete and all systems have been fully deployed, then we will move on to the internal audit.”
In a few words, the internal audit is basically a process whereby the activities within an organisation are examined and vetted to see whether or not they are following the requirements as necessary. The internal audit can be performed either by someone from that very same organisation, or it can be done by an external party, for example Luke Desira.
“The idea of an internal audit is that we continuously find areas for improvement for your organisation. Once the internal audit and management review meeting have been done, then we can move ahead and talk with the certification body to grant you your ISO certification. After getting certified the last step would be to maintain your ISO certification which is a system for continual improvement and, therefore, we will keep on doing internal and external audits to yield results, determining whether continual improvement is indeed a culture that has been adopted by the work force of your organisation.”
Types of certification bodies
There are different types of certification bodies that as an organisation, you might consider to work with. The nature of your organisation and where you are based generally dictates what certification body you will opt for. Here is what luke says about choosing a certification body for your organisation.
“Over my 12 years experience, I have worked with a multitude of certification bodies, both Maltese and international certification bodies. And after all these years, it remains clear that they all have their pros and cons. What I would strongly advise to do though is to make sure that whatever certification body you opt to work with, ensure that they have the proper accreditation. Unfortunately, there are some certification bodies that are not properly accredited. Therefore, the certificates that they put out are not relevant. If you do not work with an accredited certification body, your ISO certification will not carry much weight!”