Table of Contents
Whether you are a large or small business in India, you must have come by ISO registration and the need for an ISO certificate for businesses. ISO or International Organization for Standardization is an independent body that develops international standards for technology, scientific testing processes, quality, working conditions and more. It’s a non-government organisation, that comprises standards body from over 160 nations worldwide. Each member country has standards body for their nation. Important thing to remember is that ISO does not issue ISO certificate. There are independent bodies in India and other countries that help with ISO certification registration requirements.
ISO certification for MSME can be a gamechanger as it implies superior quality of products or services. In several cases, ISO certification for government tenders is becoming a plus as it builds credibility for the small business. On that note, let us take a look at the ISO certification process, documents required, fees and other requirements in details.
What is ISO certificate registration?
As mentioned earlier, ISO certification is provided by external bodies. The certificate is provided upon careful inspection and establishes your business as one that meets international quality standards in its field.
It comes with a fee and as a small business it is likely that you will wonder why you should venture for it. Some of the benefits of ISO certificate for MSMEs are:
- Credibility across domestic and international markets
- Government tendering as in some cases, tender eligibility requires a business to have ISO certified products
- Customer trust as customers feel confident about your product meeting global quality standards
- Enhanced marketing and sales capabilities as your brand comes with the seal of ISO certification
ISO certification process in India – Steps before you begin
There are several popular standards available, and before you go for the ISO registration process, it’s essential to identify which certificate/you need.
Some of the popular types of international standards are:
- ISO 9001 for quality management
- ISO/IEC 27000 for information security management
- ISO 45001 for occupational health and safety
- ISO 14001 for environmental management
- ISO 50001 for energy management
- ISO 13485 for medical devices
- ISO 22000 for food safety management
Once, you have knowledge of the ISO certificate you need, the next step would be to identify the external agency providing it.
Quick tips on selecting an ISO service provider:
- Consult other business associates/references to get a list of recommendations
- Compare and evaluate the list to identify the ones with better reputation and select the one best suited for your needs
- Ensure CASCO standards are being met, i.e., committee for ISO’s guidelines and assessment
- Look for niche and specialisation of the agency based on your ISO certificate requirements, i.e., the agency must have prior experience in auditing businesses in similar industries
- Check for accreditation, i.e., they have the licences required to provide you with the certificate
- Select an agency with comprehensive auditing licences, i.e., they have the skills and licences available to audit your business for multiple ISO certifications if required
List of ISO Certification organisations:
- Bureau Veritas
- SIS Certifications
- Tuv Nord
ISO certificate registration process – Main steps
Once you have the basics in check, it’s time to commence with the main ISO certificate registration. Take note that the processing time for ISO registration varies between organisations. The ISO certifying agency will update you on the time required once they have assessed your application and requirements.
Listed below are the key steps in ISO certificate registration in India:
Apply for the certificate
The first step is to apply for the ISO certificate. The ISO Registrar and the company owner usually creates a contract that outlines the rights, confidentiality norms, liabilities, access rights, and other details. Once this is done, a form has to be submitted. This usually contains:
- Essential business details and features such as business name, address, processes and operations
- The standards certificates applied for
- General information about resources, technology, outsourced processes, consultancy services used, etc. (e.g., for instance, if your company uses bid consulting services and is applying for ISO certification to increase their chances of winning government contracts)
Once your application has been submitted, it will be up for review. The ISO certifying body will review all the documents submitted by you. These may include any technical documents on quality and production, different procedures followed, business policies, etc. The auditing team may also review documents on current work to measure if your business is operating as per expected standards.
Note: As business owners it is recommended that before you apply for ISO certification, you assess your current state and make changes to processes and procedures where ISO guidelines are not being met. For instance, if you are a steel supplier or steel manufacturer and applying for ISO 9000 registration, you should ensure that your management is aligned, staff is trained, policy manuals and operating procedures are in place, etc. This will enable you to be prepared for audit and reduce risks of rejection.
Work on the Action Plan
It is likely that during the review there will be gaps identified in how your organisation operates. The ISO Auditor will intimidate you of the gaps in meeting standards. Based on it, as the business owner, you will have to design an Action Plan that will list the steps and tasks to be undertaken to eliminate the gaps. This step highlights the corrective actions required before the detailed audit process begins.
Certificate Audit – On Premise
Once you have made the changes to your business operations and systems as recommended, the ISO Auditor will conduct an on-premise inspection to ensure that all compliances have been followed and the requirements met. This is a macro level audit to check the deficiencies and whether or not processes are being followed as per documentation.
If the requirements are not fulfilled, the Auditor cannot proceed with the ISO certification process. These non-conformities are usually categorised as minor or major, but unless there’s required changes made in the techniques and procedure, and quality standards are adhered to, the overall process cannot be continued.
Note: When you create the contract with the ISO registration service provider, the timelines for the audit process are clearly defined. In many cases, along with site inspection, the auditor may also speak with the personnel to understand their level of preparedness for the final audit. In general, Stage 2 is undertaken and completed within 90 days of Stage 1 audit.
This step involves the ISO Auditor ensuring that your company has adhered by the general ISO standards and is in conformity. Remember, at this is the final step for the auditor to assess your capabilities. As such, it’s recommended that all changes recommended are immediately implemented and adhered to, to ensure that there’s minimum chances of rejection. Once the auditor is satisfied, the final audit report will be generated and forwarded to the registrar for closing the process.
Most final audits begin with an opening meeting and end with the closing meeting.
Getting the ISO certificate
The Registrar issues the ISO certificate based on the audit report shared.
Documents required for ISO registration certificate
As can be understood, there are some documents that you will require for the ISO registration process.
- PAN and Aadhaar card of the applicant
- Identity and address proof (business and residential)
- Passport size photographs
- Copy of sale deed (for owned property) or a rental agreement (for rented premises)
- Utility bills
- Incorporation certificate (or MOA) for a company
ISO certificate fees
The fees for getting an ISO certification depends on different factors including the standards you are applying for.
In general, the ISO certificate fees is around ₹1,500-₹2,500. ISO 9001 certificate is priced around ₹3,999. However, IAF ISO 9001 certificate cost can range between ₹3,000-₹8,000.
Some of the factors that determine the cost of ISO certification are:
- Size of the company i.e., number of employees, shifts
- Processes and its complexities
- Standards applied for
- Number of locations
- Risks associated with the services/products offered
Accordingly, the cost can even go up to a lakh for a 3 years tenure. In general, ISO certificates are valid for a period of 3 years. Before the expiry of 3 years, companies can apply for recertification.
ISO 9000 registration process
Now that we understand how your business can get the ISO certificate registration, let’s take a look at the registration process for ISO 9000.
- Get alignment of top management in terms of pre-requisites, timelines, costs, processes involved
- Ensure skill development and training
- Check all policy documents, procedure manuals, and any other relevant documents including company documents, tech specs etc.
- Conduct internal audit to ensure that all are aligned and take the required steps to prepare for the ISO 9000 certification process
Once you are satisfied that internally you are ready to commence the ISO certificate application process, follow the process mentioned above w.r.t. finding an agency and more.