Getting started with ISO


The first step we recommend is contacting a certification body for general guidance. You may also want to contact a consultant that you can work with to tailor a process specific to your needs. The information below is a general timeline for a company. Every company is different in scope, readiness, and resources. Times may vary and this is for general reference only.

Immediately to 1 Month:

  • Obtain Management Commitment.
  • Attend standards overview training if necessary.
  • Consider outside party to conduct gap analysis

By 2 Months:

  • Attend lead or internal auditor training
  • Establish process approach (QMS)
  • Determine Environmental Aspects and Impacts(EMS)
  • Write top level policies and procedures
  • Contact registrar for quotes if not done already

By 3 Months:

  • Training for additional internal auditors
  • Prepare work instructions

By 4 Months:

  • Begin initial internal audits
  • Conduct management review of internal audit results
  • Implement corrective actions
  • System goes live
  • Plan and schedule audit dates with registrar

By 5 months:

  • Optional Pre-Audit with registrar
    • NOTE: Pre-audit might have been done in lieu of Gap Analysis with consultant or other organization.

By 6 months:

  • Conduct internal audits based on system being in place (and pre-audit feedback).
  • Management review of internal audit results (and pre-audit feedback).
  • Implement corrective actions

By 7 months:

  • Stage 1 portion of Certification Audit
  • Address any non-conformances from Stage 1
  • Stage 2 portion of Certification Audit
    • Allow 1 to 4 weeks between Stage 1 and Stage 2 for adequate time to address Stage 1 findings.
  • Address any non-conformances from Stage 2 and submit to auditor for approval and submission with report to certification body for issuance of certificate.