Things with ISO standards can get really complicated: there are many ISO management standards – the most popular ones are ISO 9001, ISO 14001, ISO 27001, ISO 22301, ISO 20000, etc. – and there are a multitude of ways to get accredited/certified/registered related to those standards.

These standards are applicable for both, Individual professionals and Organisations.

The agenda for this article is to discuss the process for a company to get ISO certified:

A typical certification audit (A.k.a. 3rd party audit) generally follows the general process of IT Audit:

  • Requesting Documents

  • Preparing an Audit Plan

  • Scheduling an Open Meeting

  • Conducting Fieldwork

  • Drafting a Report

  • Setting Up a Closing Meeting

Based on the process above, a company either qualifies or disqualifies for certification, which is why organisations hire audit organisations (A.k.a. Accredited organisations) to consult them through the certification process and do the 3rd party Audits.

That has a whole other process altogether, but it again differs from company to company.

The process for one such organisation (Codec Networks) is as follows:

  1. Reachout:You may contact us through social media or through direct communication at / visit & tell us what standard you are looking to get certified for.

  2. Pre-Proposal checklist: We will send you a questionnaire/checklist to be filled by your business/technical team. This checklist consists of basic information we would need in order to send you a techno-commercial proposal

  3. Proposal: We’ll give you a proposal enclosing the Scope of Work, timeline & cost involved in execution of the project.

  4. Audit & Compliance team: We will assign you an account manager who will be your point-of-contact/consultant & co-ordinator in the whole process.

  5. Pre-assessment: (optional) Pre-assessment audit is done before the actual assessment is done, another term for this step is Opinion Audit. This step is carried out as a precautionary step to identify any weakness/nonconformity that may need resolving.

  6. Assessment: This step is the actual performance of audit, the process of the same depends on the standard chosen by the auditee.

  7. Certification: We’ll issue a certificate of registration , clearly outlining the scope of your certification.

  8. Compliance: Your account manager will carry out ongoing assessments to support your continual improvement activities.

  9. Training: We will have an awareness training for the employees of the organisation after the completion of the the process &  certification courses & training to bring the professionals involved to bring them upto the certification level during/before the certification.







Codec Networks provides IT Trainings from EC Council CEH ECSA, LPT, CHFI, Network Security, Penetration Testing, ISACA, ISC2, PECB ISO 27001LA LI, Cisco Networking CCNA CCNP, Linux Administration RHCE, Prog Languages JAVA, Advanced Java, android development. We also offer B2B Industry Solutions and Services in IT | Information|Cyber Security in Delhi NCR India.

View all posts by