top of page

All you need to know about ISO Certifications

You are considering getting ISO certified and need to know where and how to start. Here are some of the most asked questions about ISO certification in Australia:

Q: What kind of ISO certifications does Australia Pacific Industry Certification offer?
A: Australia Pacific Industry Certification offers a range of ISO certifications, including ISO 9001 (Quality Management), ISO 14001 (Environmental Management), ISO 45001 (OHS Man
agement) and ISO 27001 (Information Security Management).

Q: Why should my business get ISO certified?
A: ISO certification demonstrates to your customers that you are committed to providing high-quality products and services that meet international standards. It can also help you improve your processes and operations, which can lead to
cost savings and increased efficiency.

Q: How long does the ISO certification process take?
A: The ISO certification process can take several months, depending on the size and complexity of your business. Australia Pacific Industry Certification can help you navigate the process and ensure that you achieve certification in a timely manner.

Explaining a concept

Q. Why ISO certification is important?


ISO certification, which refers to the certification granted by the International Organization for Standardization (ISO), is important for several reasons. ISO certification offers numerous benefits to organisations, including improved credibility, enhanced customer confidence, competitive advantage, operational efficiency, risk management, international recognition, and compliance with standards and regulations.


Q. Can ISO certification be transferred?

Yes, it can, normally ISO certifications are valid for 3 years and at the end of your contract you can work with any other certification body you want. However, it is also possible to transfer your certifications during this 3-year period but keep in mind that you have to get a letter of transfer from the original CAB before being able to get certified by the new one.


Q. Can small businesses get ISO certification?


Yes, they certainly can. If they have all the required procedures and records and practice according to the standard requirements, their size is irrelevant.


Can you look up ISO certification validity?

Yes, it can be checked using the certification number and the company name. Only certification bodies accredited by the IAF are permitted to issue valid and legitimate ISO certifications.

Q. Is ISO Certification mandatory in Australia?


ISO certification is not mandatory in Australia. ISO certification is a voluntary process through which an organisation can demonstrate its compliance with specific ISO standards. It's important to note that while ISO certification is not mandatory, there may be specific industry or regulatory requirements in Australia that mandate compliance with certain standards. For instance, many local and state government tenders require the applicants to be ISO-certified. 


Q. Where should I get ISO certification from in Australia?

If you are considering ISO certification for your organization, it is advisable to consult with a local certification body or seek professional advice to determine the relevance and benefits of certification for your specific circumstances.

Q. How much does it cost to get ISO certification?


First, you should consider the system setup costs which is a consultant or your employee.

Then, the cost of audit and certification issue and registrations vary depending on the certification Body (CAB). Getting ISO via some large international CABs can be a costly practice, however, smaller certification bodies can do it at half price as they have less overheads and admin costs. For each certification, you must at least consider over AUD 3000.


Q. What is the difference between ISO Certification vs Surveillance Audit?


ISO certification and surveillance audits are related but distinct processes within the realm of ISO standards. Here's an explanation of each:


ISO Certification:

ISO certification, also known as ISO registration, is the process by which an organization demonstrates its compliance with specific ISO standards. It involves a comprehensive assessment of the organization's management systems, processes, and practices by an independent certification body. The certification body verifies that the organization's systems align with the requirements of the chosen ISO standard(s) and issues a certificate upon successful compliance. ISO certification is typically valid for a specific period, often three years, subject to ongoing surveillance audits.


Surveillance Audit:

A surveillance audit, also referred to as a maintenance audit or follow-up audit, is conducted to ensure that an organization maintains compliance with the ISO standard(s) after receiving certification. These audits occur periodically, usually within the three-year certification cycle. The purpose of surveillance audits is to assess whether the organization has continued to implement and follow the prescribed management systems and processes as required by the ISO standard. The audits help verify that the organization's compliance is consistent and ongoing.


During a surveillance audit, the certification body reviews relevant documentation, interviews personnel, and assesses the organization's performance against the ISO standard(s). 


The audit may focus on specific areas of concern identified in previous audits or any changes made to the organization's systems since the initial certification. If the organization successfully meets the requirements of the surveillance audit, its ISO certification remains valid.


Q. Can you provide an example of a situation where an organisation might fail a surveillance audit?


Let's consider an organization that has obtained ISO 9001 certification for its quality management system (QMS). During a surveillance audit, the certification body identifies the following issues:


Non-compliance with documented procedures: The organization has deviated from its documented procedures without proper justification or change control. For example, employees are not following the prescribed steps for product inspection and testing, leading to potential quality issues.


Ineffective corrective actions: The organization has experienced non-conformities or customer complaints but has not implemented effective corrective actions to address the root causes. The corrective actions taken are superficial or do not address the underlying issues, resulting in recurring problems.


Lack of management involvement: The organization's top management is not actively engaged in the QMS. They have not demonstrated leadership commitment, failed to conduct management reviews, or neglected to allocate necessary resources to maintain and improve the QMS.


Inadequate employee training: The organization has not provided sufficient training to its employees regarding the QMS requirements, resulting in a lack of awareness and understanding among staff members. Employees may not be adequately trained to perform their assigned tasks or to identify and report quality issues.


Poor documentation control: The organization has not established proper controls for document management, resulting in outdated or incorrect documents being used in day-to-day operations. This lack of control undermines the integrity and effectiveness of the QMS.


Based on these findings, the certification body may determine that the organisation has not maintained compliance with the ISO 9001 standard during the surveillance audit. As a result, the organisation may fail the audit, and its ISO certification may be at risk of being suspended or revoked unless the identified issues are promptly addressed and corrective actions are implemented.

bottom of page