Differences

This shows you the differences between two versions of the page.

--- articles:iso_9001_certification_cost [2023/05/19 11:51] – [Estimating the Cost of ISO 9001 Certification] rrandall
+++ articles:iso_9001_certification_cost [2023/06/18 20:01] (current) – [Multi-Site Businesses] rrandall
@@ Line 8: / Line 8: @@
 ===== The first 3-year Cycle =====
 {{ :articles:3-year_certification_cycle_transp.png?direct&360|}}
-The first 3-year cycle includes an “Initial” Audit” which consists of Stage 1 & Stage 2 audit activities. After successful completion of the Stage 2 audit, along with verification and closure of any nonconformities identified, the company will receive its certification. This is followed by 2 (two) “Surveillance” audits. At that point, the company has the opportunity to renew its certification for another 3-year term. The continuing certification audits begin with a “Reassessment” audit that covers the entire scope of the certification. This is then followed by another two (2) “Surveillance” audits. And the process repeats.
+The first 3-year cycle includes an “Initial” Audit” which consists of Stage 1 & Stage 2 audit activities. After successful completion of the Stage 2 audit, along with verification and closure of any nonconformities identified, the company will receive its certification. This is followed by 2 (two) “Surveillance” audits. At that point, the company has the opportunity to renew its certification for another 3-year term.
+The continuing certification audits begin with a “Reassessment” audit that covers the entire scope of the certification. This is then followed by another two (2) “Surveillance” audits. And the process repeats.
 This means, unless the company is growing in size, that the first 3-year cycle will be the most expensive. I will cover the specifics of “how” that cost is calculated below. So open a blank spreadsheet (or get your pen & calculator ready) and I’ll show you how to calculate your approximate costs relating strictly to ISO 9001 certification EXCLUDING the travel & living expenses of the auditor(s)… which can be a significant, separate cost if the CB you select doesn’t have auditors in your immediate area.
@@ Line 28: / Line 30: @@
 .	All CBs are required to consult [[https://iaf.nu/en/iaf-documents/?cat_id=7|IAF MD 5, “Determination of Audit Time of Quality, Environmental, and Occupational Health & Safety Management Systems”]] (available free) to determine the number of audit days required for each audit (the "MD" designator means that it is a "Mandatory Document"). This determination begins by obtaining the number of personnel at the company who will be involved with the company’s Quality Management System (QMS).
 <WRAP center round important 80%>
+[[https://iaf.nu/en/iaf-documents/?cat_id=7|IAF MD 5]] defines applicable personnel as: \\
+<WRAP indent>
+//1.9. Effective Number of Personnel \\
+The effective number of personnel consists of all personnel (permanent, temporary, and part-time) involved within the scope of certification including those working on each shift. When included within the scope of certification, it shall also include non-permanent (e.g. contractors) personnel.//
+</WRAP>
 Personnel not involved with the QMS typically include those individuals who have absolutely no direct or indirect involvement with customers or fulfilling customer requirements. Examples may include cafeteria personnel, groundskeepers, janitorial, and/or security personnel within a manufacturing company. Also, there are no direct requirements in ISO 9001 for Accounting/Financial functions… even though Accounts Receivable invoices to customers.
 </WRAP>
@@ Line 47: / Line 54: @@
 |  276-425  |  10  |  8501-10700  |  22  |
 |  426-625  |  11  |  >10700  |  Follow progression above  |
 .	The CB will then make adjustments to the number of audits days determined from “Table QMS 1” based upon the complexity of the company (Ref. IAF MD 5, Figure QMS 1 – Relationship between Complexity and Audit Time) and associated risks of its products and/or services (Ref. IAF MD 5, Annex A, Table QMS 2 – Examples of Risk Categories).
@@ Line 69: / Line 75: @@
 </WRAP>
-In order to understand how audit days and be reduced (or increased) it is important to understand the difference between the terms “Audit Time” and “Audit Duration”. As per MD 5, sec. 1 “Definitions”, these terms are defined as:
+In order to understand how audit days and be reduced (or increased) it is important to understand the difference between the terms [[articles:what_is_audit_duration_vs_audit_time|“Audit Time” and “Audit Duration”]].
-<blockquote>
-**1.6. Audit Time** \\
-Time needed to plan and accomplish a complete and effective audit of the client organization’s management system (ISO/IEC 17021-1). \\
-**1.7. Duration of Management System Certification Audits** \\
-Part of audit time (1.6) spent conducting audit activities from the opening meeting to the closing meeting, inclusive. \\
-Note: Audit activities normally include:
-  * conducting the opening meeting
-  * performing document review while conducting the audit
-  * communicating during the audit
-  * assigning roles and responsibilities of guides and observers
-  * collecting and verifying information
-  * generating audit findings
-  * preparing audit conclusions
-  * conducting the closing meeting
-</blockquote>
-For a simple (low complexity) company providing products/services in a low-risk category, the CB is allowed to reduce the audit time by up to 30% (Ref. IAF MD 5, sec. 3.9). However, if the company is complex and/or providing products/services in a high-risk category, then the CB can add time to the audit (IAF MD 5 provides no guidance on how much time may be added). Later, additional audit time may also be determined necessary due to new “risks”, such as “the results of any prior audits” (Ref. ISO 17021-1, sec. 9.1.4.2)
+For a simple (low complexity) company providing products/services in a low-risk category, the CB is allowed to reduce the **audit time** by up to 30% (Ref. IAF MD 5, sec. 3.9). However, if the company is complex and/or providing products/services in a high-risk category, then the CB can add time to the audit (IAF MD 5 provides no guidance on how much time may be added). Later, additional audit time may also be determined necessary due to new “risks”, such as “the results of any prior audits” (Ref. ISO 17021-1, sec. 9.1.4.2)
 IAF MD 5, sec. 2.1.2 states “the duration of a management system certification audit should typically not be less than 80% of the audit time…”. The CBs read this “should” as “shall”.
@@ Line 112: / Line 98: @@
 ==== Multi-Site Businesses ====
-If your company is a multi-site, there are additional criteria that must be taken into account. With the information above, reference, [[https://iaf.nu/en/iaf-documents/?cat_id=7|IAF MD 1, "IAF Mandatory Document for the Audit and Certification of a Management System Operated by a Multi-Site Organization"]].
+If your company is a multi-site, there are additional criteria that must be taken into account. With the information above, reference, [[https://iaf.nu/en/iaf-documents/?cat_id=7|IAF MD 1, "IAF Mandatory Document for the Audit and Certification of a Management System Operated by a Multi-Site Organization"]], which identifies a multi-site organization as:
+<blockquote>IAF MD 1, sec. 2.4 Multi-site Organization \\
+An organization covered by a single management system comprising an identified
+central function (not necessarily the headquarters of the organization) at which
+certain processes/activities are planned and controlled, and a number of sites
+(permanent, temporary or virtual) at which such processes/activities are fully or
+partially carried out.</blockquote>
 {{page>wiki:pathforward}}