ISO 9001 – Certify your Quality Management System (QMS)
On this page
What is ISO 9001?
The ISO 9000 family of standards refers to a series of quality management standards aimed at supporting organisations in implementing, maintaining and further developing efficient and effective QMS. The goal is to continually improve the quality of your services and products.
Analogous to ISO/IEC 27001 for information security, ISO 9001 has established itself both nationally and internationally as the central certification standard for quality management. ISO 9001 sets out the requirements for an effective QMS, to which you can be certified. The content of the standard includes, for example, customer satisfaction, the entire life cycle of product and process management, performance evaluation in the form of audits and a management review, and continual improvement in accordance with the Plan-Do-Check-Act cycle (PDCA), on which the standard is based.
Unlike ISO/IEC 27001, for example, ISO 9001 (like ISO 14001) differentiates by industry, distinguished according to the European Accreditation Codes (EAC).
RSM Certification GmbH is accredited to carry out certification audits of organisations in industries 33 (information technology) and 35 (provision of services to businesses). We are continually working to expand our certification offering.
Benefits of ISO 9001 certification
Process of a certification procedure
The general certification cycle is designed for three years due to the validity of the certificates and consists of the following phases:
- Initial certification
- Stage 1 audit (document review / adequacy review of the QMS)
- Stage 2 audit (effectiveness review of the QMS)
- First surveillance audit (no later than 12 months after the certificate is issued)
- Second surveillance audit (approx. 24 months after the certificate is issued)
Your path to ISO 9001
Submit an enquiry and optionally arrange an introductory meeting via video call at short notice
Quotation
Complete our basic data as a basis for an initial understanding of your organisation and for preparing the quotation
Place the order with RSM Certification GmbH and jointly coordinate the next steps (including scheduling)
Only for an initial certification: to gain a better understanding of your organisation and your ISMS, we usually carry this out in a joint remote session. Aim: to determine certification readiness
Conducting the Stage 2 audit / recertification audit, the effectiveness review of your ISMS
Technical review of the auditor(s)' documentation and the certification decision by RSM Certification GmbH
Issuing the certificate
Handover of the audit report, the certificate and the certification seal
Reviewing the continuous development of the ISMS as part of the surveillance audits
Certification by RSM Certification GmbH
Would you like us to certify you? Feel free to get in touch with us without obligation.
Get in touch without obligation
FAQ
No blanket answer is possible here, as this depends on a wide variety of factors, such as the number of employees within the scope, the number of sites and disaster recovery sites, the complexity of the processes and the management system, the extent of information system development (within the ISMS), or the type(s) of business conducted within the scope. A wide range of requirements – for example from ISO/IEC 27006 or the IAF MD documents 1, 2 or 5 – mean that the effort can vary considerably. To be able to estimate the costs, we have designed specific basic-data enquiries that allow us to estimate this effort as accurately as possible. We are fundamentally transparent about our effort calculation and also explain, among other things in joint discussions, how the effort is made up in each case.
A distinction between a Stage 1 and a Stage 2 audit formally exists only in an initial certification. The reason is that a Stage 1 audit is intended solely to assess certification readiness – i.e. the question: in terms of documentation, are you ready to plan and carry out the certification audit (Stage 2)? A large part of the total effort of an audit therefore lies in the Stage 2 audit. Purely in terms of requirements, a distinction is made between an audit part and a documentation part, whereby the audit part must comprise at least 70% (e.g. for ISO/IEC 27001 audits) or at least 80% (for ISO 9001 audits). Of this time, roughly 15–20% is again attributable to a Stage 1 audit.
For sensible and reliable planning on all sides, we would like a lead time of approximately 4–6 months. However, the postponement of audits can repeatedly open up shorter-term opportunities to carry out an audit after all. So please get in touch with us directly to discuss your requirements personally.
Your QMS and ISMS can be audited and certified in combination with a wide range of standards. On the one hand, ISO/IEC 27001 has the extensions within the ISO/IEC 27000 family itself, such as ISO/IEC 27005, ISO/IEC 27017, ISO/IEC 27018 or ISO/IEC 27019, with which it can be audited in combination. On the other hand, ISO/IEC 27001 and ISO 9001 can be audited together, but can also be extended with further standards from the same family, for example: energy management systems (ISO 50001); environmental management systems (ISO 14001).