Frequently asked questions

As ISO simplification experts, we’ve compiled answers to the most common questions about ISO certification, implementation, and working with consultants. Whether you’re exploring ISO for the first time or looking to improve your existing systems, you’ll find clear, practical answers here.

Can’t find what you’re looking for? Get in touch with our team for personalised guidance

Frequently asked questions graphic

Quick navigation

Getting Started with ISO

ISO certification demonstrates that your organisation meets international standards for management systems. Different ISO standards address specific aspects of business management including quality (ISO 9001), environmental (ISO 14001), and health and safety (ISO 45001). Certification provides independent verification that your systems meet these standards, building trust with customers, suppliers, and stakeholders.

The appropriate ISO standard depends on your business objectives, industry requirements, and stakeholder expectations. ISO 9001 suits organisations wanting to demonstrate quality management and customer satisfaction. ISO 14001 is ideal for businesses managing environmental responsibilities. ISO 45001 addresses occupational health and safety. Many organisations implement multiple standards to create integrated management systems.

Most organisations are ready for ISO certification when they have established processes, committed leadership, and a willingness to document and improve their operations. You don’t need perfect systems before starting, that’s exactly where we come in.

We have a proven process and will design and install a management system built around the way your company already works. From there, it naturally grows and matures with your business, becoming stronger and more efficient over time. After all, we have our guarantee for a reason, we guarantee there’s no easier route to gaining, maintaining, and running UKAS-certified ISO management systems.

Whilst you can implement ISO standards without certification, formal certification provides independent verification that you meet the requirements. Many clients, tender processes, and supply chain requirements specifically require certified compliance. Certification demonstrates credibility and commitment that self-declaration cannot match, often opening doors to contracts and opportunities that would otherwise be unavailable.

ISO certification costs include consultancy fees for system development and implementation, certification body fees for external audits, and internal resource costs for staff time and involvement. Total investment varies significantly based on organisation size, complexity, and current systems. Smaller businesses might invest a few thousand pounds, whilst larger organisations with multiple sites could invest significantly more. Contact us for a tailored quote based on your specific circumstances.

ISO certification is accessible and valuable for small businesses. The investment is scalable to organisation size, and small businesses often see faster returns through improved efficiency, reduced waste, and access to new contracts. Many small businesses find that winning a single new contract or avoiding one significant incident covers their certification investment. We specialise in creating appropriately sized systems that deliver value without unnecessary cost or complexity.

ISO standards apply across virtually all industries and sectors. We work with businesses in multiple sectors including manufacturing, construction, professional services, healthcare, technology, logistics, hospitality, and many others. The standards are designed to be flexible and adaptable to any organisation providing products or services, regardless of sector-specific requirements.

ISO 9001 Questions

ISO 9001 is the international standard for quality management systems. It provides a framework for consistently delivering products and services that meet customer requirements whilst demonstrating continuous improvement. The standard applies to organisations of all sizes across any sector. For comprehensive information, read our guide on what ISO 9001 is and why your business needs it.

ISO 9001 delivers increased customer confidence and satisfaction, improved operational efficiency, reduced waste and errors, enhanced employee engagement, better decision-making based on data, competitive advantage in tenders, and a framework for continuous improvement. Many organisations find ISO 9001 drives business growth by providing systematic foundations for scaling operations. Learn more about ISO 9001 benefits.

With EmmersonWills, UKAS-certified ISO 9001 certification can be achieved within 3 to 6 months, depending on size, complexity, and current systems. Smaller businesses with simpler operations may achieve certification faster, whilst larger organisations with multiple sites may require longer. The timeline includes system development, implementation, internal auditing, and external certification audits.

When implemented correctly, ISO 9001 streamlines operations rather than creates bureaucracy. The standard requires only necessary documentation that supports your business processes. At EmmersonWills, we focus on creating practical, value-adding systems that integrate naturally with your operations, ensuring you meet certification requirements without unnecessary paperwork or complexity.

Yes, ISO 9001 shares the same structure as ISO 14001 and ISO 45001, making integration straightforward. Integrated management systems reduce duplication, streamline processes, and prove more cost-effective to certify than maintaining separate systems. Many organisations start with ISO 9001 and later integrate additional standards as their needs evolve.

ISO 14001 Questions

ISO 14001 is the international standard for environmental management systems. It provides a framework for managing environmental responsibilities systematically, reducing environmental impact, improving resource efficiency, and demonstrating environmental commitment. The standard applies to organisations of all sizes across any sector. For comprehensive information, read our guide on what ISO 14001 is and why your business needs it.

ISO 14001 delivers reduced environmental impact and resource consumption, lower waste and energy costs, improved legal compliance, enhanced corporate reputation, competitive advantage in environmentally conscious markets, better risk management, and a framework for continuous environmental improvement. Many organisations find cost savings exceed certification investment. Discover more about ISO 14001 benefits.

No, ISO 14001 doesn’t require stopping legitimate business activities. Instead, it requires understanding environmental impacts, complying with legal requirements, and continuously improving environmental performance. The standard focuses on managing and reducing impacts through better practices, efficiency improvements, and pollution prevention rather than prohibiting operations.

Environmental legislation varies by activities, location, and sector. Common requirements include waste management regulations, environmental permitting, water discharge consents, air quality standards, and pollution prevention requirements. ISO 14001 requires identifying and complying with all applicable legal requirements. We help organisations navigate complex environmental legislation and ensure full compliance.

ISO 14001 drives cost savings through improved resource efficiency, reduced energy consumption, lower waste disposal costs, decreased water usage, prevention of environmental incidents, reduced risk of fines, and lower insurance premiums. Many organisations find savings from improved efficiency exceed certification investment, making ISO 14001 financially beneficial as well as environmentally responsible.

ISO 45001 Questions

ISO 45001 is the international standard for occupational health and safety management systems. It provides a framework for preventing work-related injuries, ill health, and fatalities whilst creating safer, healthier workplaces. The standard applies to organisations of all sizes across any sector. For comprehensive information, read our guide on what ISO 45001 is and why your business needs it.

ISO 45001 delivers reduced workplace accidents and injuries, lower insurance premiums and compensation claims, improved employee wellbeing and morale, enhanced legal compliance, competitive advantage in tenders, reduced absence, better risk management, and a framework for continuous safety improvement. Many organisations find accident prevention savings exceed certification investment. Discover more about ISO 45001 benefits.

Yes, ISO 45001 replaced OHSAS 18001 in 2018. The new standard brings occupational health and safety into alignment with other ISO management system standards, making integration easier. ISO 45001 places greater emphasis on worker participation, leadership commitment, and context of the organisation compared to OHSAS 18001.

Yes, ISO 45001 explicitly addresses both physical and mental wellbeing. The standard recognises that occupational health extends beyond preventing injuries to supporting overall employee health, including psychosocial risks such as work-related stress, fatigue, bullying, and harassment. Organisations must identify and manage these risks alongside physical hazards.

ISO 45001 places strong emphasis on consulting and involving workers in health and safety decisions. Organisations must establish processes for worker participation in hazard identification, risk assessment, incident investigation, and determination of controls. This participative approach improves system effectiveness and enhances employee engagement.

Certification Process

With EmmersonWills, UKAS-certified ISO 9001 certification can typically be achieved within 3 to 6 months of starting implementation. The exact timeline depends on your organisation’s size, complexity, and the standards being implemented.

Our process covers everything, from system design and development to implementation, internal auditing, and managing the external certification audits. We establish realistic timelines based on your specific circumstances and project-manage the entire journey end-to-end, keeping everything efficient, structured, and on track.

After all, we have our guarantee for a reason, we guarantee there’s no easier route to gaining, maintaining, and running UKAS-certified ISO management systems.

Certification involves two stages conducted by an independent UKAS-accredited certification body. Stage 1 reviews your documentation to ensure it meets standard requirements. Stage 2 is the main assessment where auditors verify your system is implemented effectively, interview staff, review records, and observe processes. Following successful completion, the certification body issues your certificate valid for three years.

After certification, you maintain it through surveillance audits (typically annually) and full recertification every three years. Between audits, you must operate your management system, conduct internal audits, hold management reviews, monitor performance, and continuously improve. We provide ongoing support to help maintain certification effectiveness and prepare for external audits.

With EmmersonWills, that’s highly unlikely. Our proven implementation process prepares you thoroughly so that certification audits run smoothly and confidently.

Certification audits assess how well your management system meets the standard’s requirements, identifying both conformities and any non-conformities. Minor non-conformities can usually be addressed quickly without delaying certification, while major ones may require limited additional work and a short follow-up audit.

After all, we have our guarantee for a reason, we guarantee there’s no easier route to gaining, maintaining, and running UKAS-certified ISO management systems.

Certification body fees vary based on organisation size, number of employees, number of sites, and standards being certified. Annual surveillance audit fees are typically lower than initial certification fees. Costs also depend on which certification body you choose. We help clients select appropriate certification bodies and understand fee structures to make informed decisions.

Yes, you can transfer certification between UKAS-accredited certification bodies. Organisations sometimes make this change due to service quality, cost, or auditor compatibility issues.

If we’re your consultants, we can guide and manage the entire transfer process on your behalf, acting in your best interests to ensure a smooth, straightforward transition with no disruption to your certification status.

Working with Consultants

ISO consultants bring experience from multiple implementations, understand certification body expectations, help avoid common pitfalls, and create systems that add value beyond compliance. Quality consultants save time, reduce stress, and increase likelihood of first-time certification success. The investment typically pays for itself through efficiency gains and avoiding costly mistakes or delays.

Look for genuine online activity and impartial, third-party hosted reviews, such as Trustpilot, to see real client feedback and results. You can view ours at uk.trustpilot.com/review/emmersonwills.com.

EmmersonWills specialises in ISO simplification, it’s what we do, and we do it exceptionally well. We guarantee there’s no easier route to gaining, maintaining, and running UKAS-certified ISO management systems.

Our consultants are hand-picked to align with our culture and identity framework, which is built on unwavering customer focus. Each consultant is employed full-time (never sub-contracted), meticulously trained, and fully immersed in our approach. We adapt standards to fit how your organisation already operates, creating practical systems that deliver real value and lasting results.

After all, we’re the ISO Simplification Experts, and proud of it.

Much less than you might think, especially with EmmersonWills. Our processes are designed to fit seamlessly with how your company already works, so everything feels natural rather than forced.

Leadership involvement is still important to demonstrate commitment and provide direction, and key staff contribute their knowledge of day-to-day operations. But we take on the heavy lifting, guiding the process efficiently and keeping disruption to a minimum.

Our approach is built around simplicity, we make ISO feel like an extension of what you already do. After all, “Simple is Hard”, and that’s exactly what we specialise in.

No consultant can formally guarantee certification, as the final decision lies with independent certification bodies. However, at EmmersonWills we are 100% confident in what we do, and well practised. Our clients consistently achieve first-time certification success because of the depth of our process and the quality of our preparation.

Our guarantee exists for a reason: in the opinion of our Managing Director, any consultant claiming to guarantee certification shouldn’t be in the industry, that’s what consultants are there to ensure through competence and method, not empty promises. Our guarantee reflects that truth: we guarantee there’s no easier route to gaining, maintaining, and running UKAS-certified ISO management systems.

We provide full, ongoing support after certification, not occasional or limited assistance. Our involvement includes internal audits, management review facilitation, documentation updates, legislative compliance monitoring, staff training, and preparation for surveillance audits.

Our clients stay with us because we don’t step back once certification is achieved. We continue to manage, guide, and maintain their systems so they remain compliant, effective, and simple to run. For us, certification isn’t the end of the journey, it’s where the partnership truly begins.

UKAS Accreditation

UKAS (United Kingdom Accreditation Service) is the sole national accreditation body recognised by the UK government. It independently verifies that certification bodies meet strict, internationally recognised standards. UKAS accreditation ensures genuine credibility, proving your audit was impartial, your auditors were competent, and your certificate carries real value.

Without UKAS oversight, there’s no safeguard against bias or poor practice. Many non-accredited providers act as both consultant and certifier, creating a direct conflict of interest. They often sell low-cost, templated systems for you to fill in, generic programmes that rarely reflect how your business actually operates.

UKAS-accredited certification is trusted globally and demanded by serious buyers, regulators, and tendering authorities. It’s the only type of certification that demonstrates independent oversight, impartiality, and audit competence.

By contrast, non-accredited certification often operates on a “stack them high, sell them cheap” model. These providers are frequently both consultant and certifier, a conflict that undermines objectivity and credibility. They may offer what looks like a shortcut, but it’s a false economy: a certificate that won’t hold up under client, insurer, or regulator scrutiny.

Many procurement teams now verify certification status automatically using the UKAS CertCheck tool. If your certification isn’t listed there, you’re invisible, and often ruled out before you even get a call.

The difference is accountability and integrity. UKAS-accredited certification bodies are independently monitored to ensure audits are fair, impartial, and delivered by competent professionals. They are not allowed to offer consultancy, meaning they have no vested interest in the outcome of your audit.

Non-accredited providers, however, often blur this line, selling cheap “combined consultancy and certification” packages. These typically involve templated systems or online programs that ask you to fill in generic forms. They may look professional, but they hold no real weight and are often rejected by clients or procurement systems.

No, and this is where many businesses get caught out. Some certification bodies operate without UKAS accreditation, offering low-cost, fast-track certificates. These providers often act as both consultant and certifier, creating a clear conflict of interest and undermining the integrity of the audit process.

UKAS-accredited bodies cannot do this, their independence is mandatory and verified. That’s why we work exclusively with UKAS-accredited certification bodies, ensuring every client receives credible, recognised certification that stands up to scrutiny from any buyer, regulator, or auditor.

You can instantly check a certification body’s accreditation and certificate validity using the official UKAS CertCheck tool, the government-backed database of genuine, UKAS-accredited certifications.

If the certification body or certificate doesn’t appear there, it isn’t UKAS-accredited, regardless of any logo or wording they use. Always confirm that:

  • The certification body is listed on the UKAS website.
  • The certificate displays the UKAS crown and tick logo.
  • The body is accredited for the specific ISO standard you’re pursuing.

In today’s market, procurement and compliance teams routinely use CertCheck before engaging a supplier. If your certification isn’t listed, the opportunity is lost before it begins.

Integration & Multiple Standards

Yes, implementing multiple ISO standards together is often more efficient than pursuing them sequentially. ISO 9001, ISO 14001, and ISO 45001 share the same high-level structure, creating natural synergies. Integrated implementation reduces duplication, streamlines documentation, and creates a unified management system. Many organisations implement two or three standards simultaneously with appropriate planning and support.

Integrated management systems reduce duplication of processes and documentation, streamline internal and external audits, improve operational efficiency, reduce certification costs, provide holistic business oversight, and create unified frameworks for improvement. Rather than maintaining separate systems for quality, environmental, and health and safety management, integration creates a cohesive approach to business excellence.

This depends on your business priorities, resources, and stakeholder requirements. Starting with one standard, typically ISO 9001, allows you to build strong foundations before expanding. However, implementing multiple standards together (such as ISO 9001, 14001, and 45001) can often be more efficient, as many requirements overlap.

At EmmersonWills, we assess your specific circumstances and recommend the most practical approach for your business. In fact, more often than not, we’ll provide clear options for implementing one, two, or all three standards together, giving you full transparency on cost, timing, and what’s genuinely best for your organisation.

Adding an ISO standard later is not significantly cheaper, in practice, it’s often comparable to implementing the first one from scratch. While some principles overlap, you’ll still need full planning, documentation alignment, training, internal audits, and additional certification body audit time for the new standard.

If you know you’ll need multiple standards (e.g., ISO 9001, 14001, 45001), implementing them together as an integrated system is usually the most efficient and cost-effective route. We’ll outline clear options for one, two, or all three standards so you can see the total cost, timeline, and impact before you decide.

Yes, many industry-specific standards build upon or align closely with ISO management system standards. For example, the National Highway Sector Schemes (NHSS) build on ISO 9001 for highway-related activities.

At EmmersonWills, we’ve invested significantly in our systems to seamlessly integrate ISO management systems with a wider range of sector schemes, including Achilles, Constructionline, and others. This allows us to create comprehensive, compliant systems that meet all applicable requirements while minimising duplication, complexity, and administrative effort.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Implementation practicalities

ISO standards require specific documented information including policies, objectives, scope of the management system, processes and procedures where needed, and records demonstrating system operation. The exact documentation depends on which standard you’re implementing. Modern ISO standards emphasise necessary documentation that adds value rather than creating paperwork for its own sake. We help organisations create the minimum documentation required whilst ensuring full compliance.

Internal audits verify that your management system works as intended and identify opportunities for improvement. They should be carried out by competent personnel who are independent of the area being audited. You can train your own staff as internal auditors or use external resources.

Many organisations choose to use experienced consultants to perform or support internal audits. Consultants bring a fresh, objective perspective and often identify improvements that internal teams may overlook, saving both time and effort. However, if you prefer to keep it in-house, your staff can be trained to the same standard with the right support.

Audit frequency depends on the risk and importance of activities, but most organisations complete annual internal audits of all key processes before external certification audits.

A management review is a formal meeting where top management evaluates the performance, suitability, and effectiveness of the management system. ISO standards require these reviews at planned intervals, typically annually, though some organisations choose quarterly or bi-annual reviews. Reviews cover audit results, customer feedback, process performance, improvement opportunities, and resource needs.

With our support, management reviews become highly time-efficient. We chair the meetings to keep them focused and on track, ensuring all required topics are covered without unnecessary discussion. When chaired internally, reviews often drift off-point and fail to address everything needed, our facilitation keeps them structured, productive, and genuinely beneficial.

Not necessarily. Many organisations designate existing staff members to coordinate the management system alongside their regular responsibilities. Smaller businesses might allocate 5-10 hours weekly for system management, whilst larger organisations may require dedicated personnel. The role involves coordinating audits, maintaining documentation, tracking improvements, and liaising with certification bodies. We help organisations determine appropriate resource allocation based on their size and complexity.

Training requirements vary by role and responsibility. All employees need awareness of the management system, quality/environmental/safety policy, and their contribution to system effectiveness. Personnel performing specific tasks need competence training for those activities. Internal auditors require formal audit training. Management reviews require leadership understanding of system requirements. Training is ongoing rather than one-time, with refresher training for changes and new starters. We provide tailored training programmes for all levels.

ISO standards are technology-neutral and don’t mandate paper or digital records. Electronic systems are fully acceptable and often preferable for accessibility, version control, and backup. However, your chosen format must ensure records remain legible, identifiable, protected, and retrievable for required retention periods. Many organisations transition to digital systems during ISO implementation, improving efficiency whilst meeting compliance requirements.

ISO standards accommodate any working arrangement including remote, hybrid, and flexible working. The key is ensuring processes, communications, and controls work effectively regardless of location. Remote auditing (including internal and external audits) became widely accepted during recent years. Document management systems, cloud platforms, and video communications support effective ISO management with distributed teams. We help organisations adapt their systems for modern working practices.

Business Impact & ROI

Yes, ISO certification significantly improves tender success rates. Many public sector contracts, large corporations, and supply chain positions require ISO certification as a minimum qualification. Even when not mandatory, certification demonstrates professionalism, capability, and commitment that gives competitive advantage over non-certified competitors. Clients we’ve helped frequently report that winning a single new contract justified their entire certification investment.

ROI varies by organisation but commonly includes winning new contracts, improved efficiency and reduced waste, fewer customer complaints and returns, reduced incidents and insurance premiums, improved employee productivity and retention, and enhanced reputation leading to business growth. Beyond financial returns, ISO provides systematic foundations for sustainable business growth and resilience.

Once certified, you receive a certificate to display and can use certification marks in marketing materials (subject to certification body rules). Communicate certification through your website, email signatures, proposals and tenders, company literature, and social media. Many organisations issue press releases announcing certification. The certification demonstrates commitment to quality, environmental responsibility, or safety depending on the standard, building customer confidence and differentiating you from competitors.

ISO certification often positively affects insurance premiums and requirements. Insurers recognise UKAS ISO-certified organisations as lower risk due to systematic management, better controls, and reduced incidents. Many insurers offer premium reductions for ISO 45001 (health and safety) certification. Some insurance policies or client requirements mandate ISO certification. Discuss certification with your insurer to understand potential benefits and ensure you meet any specific requirements they may have.

Certification scope can be expanded to include new sites, activities, or acquired businesses. This typically requires a scope extension audit by your certification body to verify the management system covers new operations. Notify your certification body promptly of significant changes to discuss the process. For acquisitions, you might integrate the acquired business into your existing certification or maintain separate certifications initially. We help organisations manage certification through growth and change.

Funding availability varies by region, sector, and business size. Some local enterprise partnerships, sector-specific programmes, or small business support schemes offer grants or subsidised consultancy for ISO implementation. Availability changes regularly and depends on government priorities and regional initiatives.

In some cases, you may be able to access support for initial implementation, but there is little chance of obtaining ongoing funding in subsequent years. Since ISO certification is an annual obligation, this should be considered when budgeting for long-term maintenance.

Even without grants, many organisations find ISO investment delivers strong returns through efficiency improvements, reduced waste, and new business opportunities.

The main costs are consultancy and certification body fees, but consider internal staff time for system development, participation in audits, and ongoing management. There may be costs for addressing gaps identified during implementation (e.g., equipment calibration, training, documentation systems). However, these typically represent good business practices that add value. Annual surveillance audits and recertification every three years involve ongoing costs. We provide transparent cost breakdowns so organisations can budget appropriately with no surprises.

Common Concerns

Common audit failures include inadequate top management engagement, insufficient documented information or records, lack of internal audits or management reviews, non-compliance with legal requirements, ineffective corrective actions, and poor understanding of requirements among staff.

With proper preparation and implementation, most organisations achieve first-time certification success. Our systematic approach addresses these common pitfalls, ensuring clients are fully prepared for certification audits, which we are also on hand to manage and represent them in when commissioned.

Yes, and you’ll likely be surprised by how little you have to do with our support. ISO implementation can be scaled to your available resources and phased over several months to spread the workload.

Our proven processes and hands-on approach mean we handle much of the work, guiding you step by step while keeping disruption to a minimum. Many busy organisations achieve certification with ease through our simplification-first method, which removes unnecessary tasks and ensures everything stays efficient, focused, and achievable. After all, we have our guarantee for a reason, we guarantee there’s no easier route to gaining, maintaining, and running UKAS-certified ISO management systems.

ISO requires management systems to reflect actual practices, so when processes change, documentation should be updated accordingly. This doesn’t usually require certification body approval, except for significant changes such as scope, locations, or major activities, which should be communicated to your certification body.

The key is to keep your management system as a living tool that evolves with your business rather than a static document. Regular management reviews and internal audits help ensure it stays current and relevant. We’re on hand to help, guide, and process any changes where required, it’s easy, because we future-proof our systems through flexibility. After all, “simple is hard”, and we’re the ISO Simplification Experts.

Having an incident doesn’t automatically mean losing certification. ISO standards require organisations to respond appropriately to incidents, investigate causes, implement corrective actions, and learn from events. What matters is how you manage incidents within your management system framework. Certification bodies understand that incidents occur; they focus on whether your system identifies, responds to, and prevents recurrence of issues. Proper incident management actually demonstrates system effectiveness.

ISO provides foundational management system standards that establish structure, documentation, and continuous improvement frameworks. Six Sigma and Lean are improvement methodologies that can complement ISO. Many organisations use ISO as their management system foundation and apply Lean or Six Sigma tools for specific improvement projects. ISO certification is independently verified through external audits, whilst Lean and Six Sigma typically don’t involve formal certification of the organisation (though individuals may be certified in the methodologies).

No, ISO certification and CE marking serve different purposes. CE marking indicates products meet EU safety, health, and environmental requirements and is mandatory for selling certain products in the EU. ISO certification verifies your management systems meet international standards. Some product certifications reference ISO standards, but ISO management system certification focuses on how you manage your business rather than certifying specific products. Both may be required depending on your market and products.

Scope & Coverage

You can define certification scope to cover specific parts of your business, particular sites, or certain activities. However, the scope must be logical and not exclude relevant areas to avoid responsibilities. For example, you can’t exclude processes that significantly affect your ability to meet requirements. Your scope statement appears on your certificate and must accurately represent what’s included. We help organisations define appropriate, credible scope that meets their needs whilst ensuring certification integrity.

Certification scope describes what your management system covers including activities, products, services, and locations. The scope should be clear, specific, and exclude only elements genuinely outside the management system. For example, “Design, manufacture and installation of commercial kitchen equipment at our Birmingham facility” is more specific than “manufacturing.” Scope definition affects certification audit duration and costs. We help organisations define scope that appropriately represents their business whilst managing certification efficiently.

Yes, your management system must address activities performed by external providers (contractors, subcontractors, temporary staff) where they affect your ability to meet requirements. This includes ensuring contractors understand relevant requirements, are competent for their tasks, and work within your system’s controls. You don’t certify contractors, but you must manage their activities within your system. This particularly applies to ISO 45001 where you’re responsible for health and safety of everyone affected by your operations.

Multi-site organisations can achieve certification covering all locations under a single certificate. Certification bodies use sampling approaches for surveillance audits when there are numerous sites, visiting different locations over the three-year certification cycle. All sites must operate within the same management system with consistent policies and processes, though site-specific procedures can address local requirements. Multi-site certification is often more cost-effective than certifying sites separately. We specialise in helping multi-site organisations implement consistent yet practical systems.

Non-Conformities & Corrective Actions

Non-conformities are instances where your system doesn’t meet ISO standard requirements or your own documented processes. Certification bodies classify them as major (significant failure affecting system integrity) or minor (isolated lapses not affecting overall effectiveness). Major non-conformities must be corrected before certification is granted or may require follow-up audits. Minor non-conformities require corrective action plans but typically don’t prevent certification. Most organisations have some minor non-conformities during audits; what matters is how you address them.

Corrective actions address the root causes of non-conformities or problems to prevent recurrence. This involves identifying what happened, why it happened, and implementing changes to stop it happening again. Modern ISO standards integrate prevention throughout the management system rather than having separate “preventive actions.” The focus is on risk-based thinking, addressing potential problems before they occur through risk assessment, planning, and system design. We help organisations develop effective corrective action processes that drive genuine improvement.

ISO standards are reviewed and updated periodically (typically every 5-7 years) to remain relevant. When standards update, there’s usually a transition period (often three years) during which organisations can be certified to either the old or new version. Eventually, all certificates must transition to the new version. Updates typically refine requirements rather than completely changing them. We keep clients informed about standard updates and support smooth transitions to new versions without disruption to certification.

Transition periods are typically three years from publication of the new standard version. During this period, certification bodies can certify or recertify organisations to either version. Before the deadline, all organisations must transition to the new version or their certificates become invalid. Certification bodies stop certifying to old versions approximately one year before the final transition deadline. We monitor standard updates and help clients plan timely transitions, often incorporating updates during regular surveillance or recertification audits.

You cannot formally “pause” certification, but you can choose not to renew after the three-year certificate expires. Some organisations let certification lapse during difficult periods with the intention to recertify later. However, this effectively means starting again, typically requiring both Stage 1 and Stage 2 audits, which is time-consuming and can delay re-entry into tenders or client frameworks.

It’s also worth noting that certification details are publicly listed through the UKAS Certificate Checker and other accredited registers, meaning a lapsed status is visible to potential clients. This can impact credibility and cost business opportunities.

If you’re facing temporary challenges (such as restructuring), it’s best to speak with your certification body about adjusting surveillance audit timing. In most cases, maintaining certification through a difficult period is far more efficient and beneficial than allowing it to lapse and having to restart the process.

Still Have Questions?

Can’t find the answer you’re looking for? Our team at EmmersonWills is here to help. We offer free initial consultations to discuss your specific circumstances and provide tailored guidance on ISO certification.

With our guarantee of no easier route to UKAS-certified ISO compliance, you can move forward with confidence knowing you’re working with true ISO simplification experts.

Contact us today to start your simplified ISO certification journey.