What A Wonderful Life.........: How to make Certification work for you by Jolito Ortizo Padilla

Conceptualized by GA Consultancy

Know what standard you want, then read it

The vast range of management system standards are available to companies highlights the importance of firm knowing what they want to get out of the certification process. Neil Hannah, global operations director, BSI Group, says: "Companies getting started in certification need to have a clear view of activities they seek certification and when". There maybe a contractual or regulatory requirement, as in automotive industry. Or companies may wish to improve the procedure of work for employees so they are more productive. This aim could be achieved by identifying processes within the organization and considering where improvements could be made.

Roger Bennett, the International Accreditation Forum's director for conformity assessment bodies, says that it is the responsibility of a company's quality or regulatory department to obtain standards appropriate to its sector, and then read them. Phil Shaw, accreditation manager of UKAS, adds: The organization will, in light of the standard, need to review its operating practices and organizational structure to ensure that it has a demonstrable system and arrangements that comply, "This means the company must understand the scope of the standard."

The standard can be implemented in-house, and there are consultants available to help establish the standard, as Roger points out. However, certification bodies are not allowed to consult on the implementation as this would be a conflict of interest if that body were also certificating the standard. Consultants should not impose a standard system in the company -it should be made tailored to fit the company's current system and specific needs. Relevant people in the organization should be involved in the process of documenting what they do.

Evaluate several certification bodies

The next step is for companies to consider what kind of certification they require. Roger says there are several different kinds of clients: badge hunters looking for the cheapest possible solution", "the normal business hoping to improve its processes", and "those end looking for something well beyond what ISO 9001 offers". Roger suggests that small certification in one country are often "best placed to meet the needs of the badge-hunters". Larger clients , who may be international, usually look for a large , global certification provider to conduct audits in many disciplines and countries.

However, Roger says that clients should always look for a certification provider that is accredited by a reputable accreditation body which is part of IAF's Multilateral Recognition Arrangement- the mechanism by which accreditation bodies are evaluated. "This gives a measure of confidence that the accreditation body has been assessed by auditors from other accreditation bodies under the control of the IAF."

Jackie Burton, business and customer relations manager at UKAS, adds: " Certification bodies should be impartial and competent for the areas in which they offer certification. This is why certification bodies themselves become accredited -to demonstrate that they are capable of offering the kind of robust assessment needed in order for certification to be meaningful and that they will do so in a fair and competent way."

Furthermore, says Neil Hannah, organization should choose a brand which they, and their stakeholders, trust. " All reputable certification bodies with accreditation from IAF member can deliver certification to a similar standard but not all certification bodies are the same., "he says." "When faced with a difficult choice , many of us rely on the recommendation of another purchaser."

Companies should also ensure that they establish whether the certification body has auditors with experience in the organization's sector of activity.

The certification process

Certification bodies usually carry out an initial audit of the system, when it is first certified, which will look at the complete system. This will be followed by surveillance audit, where there is a "cycle of shorter audits in which a snapshot of the system is taken", according to Vince Desmond, executive director of Business Development CQI. "There will be a sampling of activities, for example getting the views of 50 customers, or levels of product recall, " he says, " The certification body is not looking at everything the organization does."

The length of time the auditing process tales depends on the size and type of organization. Catherine Golds notes how, in small organization, it may take just one day, but could take a number of weeks in a larger organization.

Organization should prepare for the assessment because it is the certification body which decides on whether they meet the assessment or not. Certification bodies will report back on the systems and processes which are no working in line with the management system standard.

They may decide that the company is not conforming to the system standard , but this can take a variety of forms-it may be minor, in which case it is described as a "single observed lapse" or it may be major in that an aspect of the system is not being addressed. In this case, the company would need to take action to rectify what is not being addressed within the management systems and processes.

When a standard gets updated

While achieving a certified standard should not be an excuse for companies to rest on their laurels when it comes to the development and success of their management systems, they will need to be aware of what is required when standard get updated. They were reviewed every five years by ISO to ensure that they stay relevant to companies.

ISO 9001 was updated in 2008, and it is now in its fourth edition. The update has been relatively small , so there were no new requirements-just minor editorial changes to the wording of the standard.

Certified organizations have a transition period in which they can ensure they remain compliant with the standard. In the case of ISO 9001:2008, this period runs from 14 November 2008 for one year. They will then be audited in line with the new standard when their next assessment takes place.

It depends on how much a standard has changed as to what a company needs to do in terms of updates- they should look at the amendments to a standard and consider what changes may need to be made to their management system. The certification body will also need to adapt, as Roger says: If the changes have been significant-with new requirements-the certification body may need to retrain the auditors, re-brief sales staff and redraft product manuals and marketing materials. Roger explains that significant changes are introduced through a transition period agreed with the IAF and clients have an agreed time to change their management systems and processes to meet the revise standard before certification bodies carry out audits.