If you’ve spent months building, refining, and implementing your ISO 9001 Quality Management System (QMS), the impending certification audit can feel like a final exam with incredibly high stakes. It is completely normal to feel a sense of anxiety. However, knowing exactly how the process unfolds can replace that anxiety with confidence.
An ISO 9001 audit is not a “gotcha” exercise. ISO Certification Group Auditors are professionals trained to look for conformity and evidence that your system works—they are actually looking for reasons to pass you, not fail you.
Here is a clear breakdown of what you can expect when our auditor steps through your doors (or logs into your virtual meeting).
1. Stage 1: The Document Review (The “Readiness” Audit)
Before the auditor looks at what your employees are doing on the floor, they need to see what your system looks like on paper. This is known as the Stage 1 audit.
- The Goal: To verify that your documented QMS meets the basic requirements of the ISO 9001 standard and to plan the Stage 2 audit.
- What Happens: The auditor will review your Quality Manual (if you have one), policies, scope, procedures, and internal audit/management review records. This is often done remotely.
The Outcome: The auditor will either say, “You are ready for Stage 2,” or they will identify gaps in your documentation that you should be fix before your Stage 2 audit.
2. Stage 2: The Main Event
This is the phase most people think of when they hear “audit.” The auditor will visit your facility, onsite or remotely to verify that your actual day-to-day practices match your documented procedures and the ISO 9001 standard.
A. The Opening Meeting
The audit kicks off with a brief, formal meeting with your management team. The auditor will introduce themselves, confirm the scope of the audit, review the audit plan/schedule, and explain the rules of engagement.
B. The Floor Walk and Interviews
The auditor will leave the conference room and observe your operations in real-time. Expect them to:
- Talk to your team: They will interview employees at random. They aren’t trying to trick anyone; they just want to know if employees understand their jobs, the company’s quality policy, and what to do if something goes wrong.
- Follow the trail: Auditors often use a “tracer” method. They might select a random completed customer order and trace it backward—from shipping, back through production, purchasing, and finally to the initial sales quote—checking the paperwork and processes at every step.
C. Evidence Gathering
Auditors operate on the principle of “show me.” If an employee says, “We inspect every part,” the auditor will ask, “Can you show me the record of the last five inspections?” Expect to pull files, digital records, training logs, and calibration certificates.
3. The Closing Meeting: The Verdict
Once the auditor has gathered enough evidence, they will hold a closing meeting with your management team to present their findings. There should be no surprises here; a good auditor will communicate any issues as they find them during the audit.
Findings generally fall into one of these categories:
- Conformity: Great job! Your process meets the standard.
- Observation: Not a violation, but a suggestion from the auditor on how you could make a process better or more efficient based on industry best practices.
- Minor Non-conformance: A small lapse in following a procedure or a minor gap in the standard. This won’t stop you from getting certified, but you will need to submit a plan to fix it.
Major Non-conformance: A complete breakdown of a required process or a total absence of a requirement. This will pause your certification until you can prove you have completely resolved the issue.
4. Post-Audit Activities
If the auditor finds zero non-conformances, they will recommend you for certification right then and there.
If you receive non-conformances, don’t panic. You will be given a timeframe (usually 30 to 90 days) to submit a Corrective Action Plan. You’ll need to conduct a root-cause analysis and show the auditor the steps you are taking to fix the problem permanently. Once accepted, your certificate will be issued.
The Takeaway
Expect a rigorous but fair process. The auditor is there to verify that your QMS is a living, breathing part of your organization, not just a binder gathering dust on a shelf. Treat them with professional courtesy, answer their questions honestly, and view the process as a powerful tool to make your business better.
About The Author
Oscar Combs is the President of ISO Certifications Group, a certification body headquartered in Houston, Texas. With over 31 years of experience in the field, he is recognized as an expert in management systems that help organizations manage risk and improve operational efficiency.
ISO Certifications Group
ISO Certifications Group is an accredited ISO certification body that certifies ISO 9001, ISO 14001, ISO 45001 and ISO 50001 Management Systems for organizations. Contact us at info@isocertificationsgroup.com for more information or www.isocertificationsgroup.com.
