FAQs

We all procrastinate on things we know need to get done.   Many companies tend to put off getting their ISO/CMMI till the last minute not leaving enough time to properly implement the system.  Not only it may get difficult to find a good consultant at the last minute but also expect to pay premium charges which can be around 1.5 – 2 times the consulting cost for expediting it later.  Additionally, it can get challenging to find a certifying body to meet your certification deadlines.

The regulatory bodies have started to identify that and are changing the rules slowly. For e.g.  Up until a few months ago, CMMI could be completed within a month on the expedited path but now CMMI Appraisal bodies won’t’ be able to appraise companies who are unable to show few months of implementation time.

It is recommended that for any management system to be properly implemented, you must plan a minimum of 4-6 months in advance.

Want to know the duration, cost, and process to get your ISO/CMMI completed? Get our no-obligation Gap Assessment Report.

Well, if you are well versed with the specific ISO standards, are keeping up with new versions as applicable, feel comfortable doing it yourself, it should be just fine to go for a Certification Audit when needed.  If for any reason, you feel stuck or would like to have an unbiased opinion, an internal audit conducted by a consultant can certainly help. You can contact us when ready.

We have heard these a few times. However, it is a conflict of interest to take the consulting and certification from the same company. ANAB and SEI, regulatory bodies of ISO and CMMI respectively have started to track down such companies who are trying to follow unethical practices and have been canceling their accreditation. If you are certified by such a Certifying Body, you will lose your certification.

As an informed buyer, next time you are given such an option, you must always ask yourself, how can a company help build a quality management system and also conduct a certification audit at the same time?

ISO or CMMI doesn’t have any tangible ROI like you usually have for Marketing or Sales. However, look at it this way, like a well-lubricated machine improves the efficiency and throughput of a machine,  a well-implemented management system improves the efficiency of business processes, reduces wastage, reduces personnel time, in short, reduces your operating costs.  To learn more about the benefits of ISO, check out this article on ISO Certification Benefits.

With globalization and increasing competition, many customers are now seeking suppliers/vendors who are ISO certified or CMMI appraised. For some industries, in order to do business, ISO is a mandatory requirement. It won’t be long before it will start applying to almost all industry verticals. Also, it will impact the entire supply chain at some point. If you do not have ISO or CMMI, ask yourself, what does the cost of lost opportunities look like to you?

With globalization, companies are constantly vetting suppliers based on a number of factors, ISO certification being one of them. The reason is that customers can be working with domestic as well as global suppliers and ISO Certification can offer a sense of assurance to them.

US Federal Govt has started to mandate ISO and CMMI in many of their RFP. Many large commercial clients have also started to include in their supplier qualification. It is just a matter of time when the entire supply chain will be required to get certification in order to continue doing business with the same set of customers.

It depends on the scope of the project, number of locations, type & number of standards, resource availability, skills, etc.  But for a simple one standard and one location project, it should typically take up to 6 months. To determine the time and cost for your ISO project, take the opportunity of our no-obligation High Level Gap Assessment.

It is a myth that ISO or CMMI is disruptive for your business. In fact, it is the other way around. Any quality management system should seamlessly fit into your existing business processes and add value to your business in the long run. A good consultant will be able to understand your existing business and should be able to implement the system without changing any processes. Start with no obligation high level gap assessment report for your business to see if we are a good fit.

In today’s day and age, with so much of technological advancement, many services can be performed and delivered remotely. We have done several remote consulting projects using Zoom, Skype for business, Phone, Email, Share Drives, etc. for seamless collaboration. Here is an article on.  An internal audit can be also performed remotely with ease.

In real-world, bad experiences do happen sometimes when consultants are not a good fit for the project or organization. The experience can be painful.  But be assured that there are several great consultants out there who can be an asset to your team.  If you would like to find out if we are a good fit, please setup a discovery call with one of our experts.

In today’s gig economy, you may be able to find almost any type of skilled resource online through some kind of portals like freelance.com, fiverr.com, etc. To know if they are the right fit for your project, you must know what to look for.  Here is an article that can help to

If your company is small and doesn’t have many processes or multiple locations, hiring a Quality Manager just for the purpose of creating and maintaining a quality management system doesn’t make sense. Most Consultants should be able to help build you a robust QMS that can be easily maintained in-house with the least time and effort. However, if you feel that you need continual help with maintenance, a consultant should be able to review your QMS once quarterly or semi-annually and keep you on track. If you have a specific need, our experts can help you find out if we are able to help.

This is true with most Small Business with lean processes. They are understaffed, working on multiple business-critical roles, don’t have a dedicated and skilled resource for ISO. For such companies, the best route to consider is investing in a consultant who can save time and cost.  If you would like to learn how we can help you with your ISO project, use our no obligation high level gap assessment report.

In today’s day and age, the requirement for ISO is growing because customers want to work with vetted and approved suppliers not only domestically but globally.  ISO, a globally recognized certification, ensures that a supplier is more qualified than others in a similar niche. Even if you let go of one customer asking for an ISO certification today, it won’t be surprising if another customer would also ask for it at some point.  Also, many companies who are trying to grow their client-base will come across ISO Certification being one of their customer RFP/RFQ.  Here is an article that can help you evaluate ISO Certification Benefits.

You don’t know what you don’t know. This is true with any industry. That is why we offer a no-obligation high level Gap Assessment and a complementary 30 mins call with our ISO Expert to answer any questions you may have about the project.

For most ISO projects, the time and cost depend on several factors like specific ISO standards, Industry vertical, number of processes, number of locations, previous ISO certifications, Skilled resources, etc. In short, the certification scope needs to be identified in order to determine the time and cost regardless of your choice to complete it in-house or take the help of a consultant.  Download the ISO Project Toolkit to get an idea of time and cost. If you still need help, feel free to speak to one of our experts and they can help you determine the scope.

You are not alone. Many companies have similar dilemma.  ISO 9001 usually applies to all industries and serves as a foundation for many advance ISO Standards. Specific ISO Standards apply to different industry verticals, product or services provided, customer requirement.  For e.g.  ISO 17025 specifically applies to Testing and Calibration Labs, ISO 13485 applies to Medical Device manufacturers and so on. Some industries will require more than one ISO standards.  If you are still not sure which ISO applies specifically to your industry, setup a discovery call with one of our experts.

Local consultants can save you the overhead cost of travel only if they need to be onsite. But did you know that, nowadays, most ISO projects can be completed remotely with aid of technology? A seasoned consultant should be able to interview you, understand your business, train your resources, and help execute ISO projects remotely. We have done many of them to know for sure. Can’t wrap your mind around it? Feel free to speak to one of our experts.

Sure, that’s a great idea if you have

1. The required Expertise and Skills
2. Dedicated Resource to implement and maintain ISO / CMMI
3. Time to execute the project

While considering ISO certification it is very critical to understand the various costs incurred.

These costs include:

1^st Year Cost

• Create and Charter ISO project (Quality Manager)
• External Registrar Cost+ Logistic Cost
• Consultant Support( if external consultant used)

2^nd Year Cost

• Surveillance Audit and Logistics cost.
• Soft Cost associated with Internal Audit, Reporting and Maintenance of the QMS

Recertification cost ( every 3 years)

Yes, certification is not tied to the duration of an Organizations’ existence. Any organization having defined processes, meeting the compliance requirements of ISO 27001, and adequate resources ( personnel & finance) for implementation can achieve certification.

ISO standard can be purchased from ANSI stores, ISO website, and authorized vendors only. Printed/electronic copies are managed per the Terms and Agreement as well as IEC and ISO copyright requirements.

https://webstore.ansi.org/standards/iso/isoiec2700127002security

https://www.iso.org/standard/54534.html

The database/list can exist based on the country and its regulations. In the USA there is no such list, but all certificates are issued by Accredited Registrars.

ISO 27001 is a Management system for Information Security. Keeping information secure is not the task of IT department but of each individual of the Organization. Becoming more aware of existing threats will help the organization to manage the risks and place effective controls. That is the true benefit of the ISMS certification.

Stage 1:  Discovery

• GAP Analysis to identify the gaps as compared to standard requirements
• Awareness Training

Stage 2: Documentation & Implementation

• Documentation

Documenting  Management System procedures and WI based on document structure most suitable and value add to the Organization.

• Implementation

Once documents are drafted, reviewed, and approved, process owners, will implement the documented processes.

Stage 3: Audit (Internal and External)

• Internal Audit of the implemented ISMS and Management Review is a mandatory requirement. Internal Audit program with Internal Audit schedule and plan is required. Internal audit needs to be conducted by Trained Internal Auditors or External Contracted Auditors.
• After Internal Audit, External Audit can be scheduled and conducted.

This entire process can take up to 6-8 months depending on the number of locations, employees, scope, number of processes, and resource commitment by organization.

The various cost incurred in the process of securing ISO certification are distributed over a 3-year cycle:

1. 1^st Year Cost

   • Create and Charter ISO project (Quality Manager)
   • External Registrar Cost+ Logistic Cost
   • Consultant Support( if external consultant used)

2. 2^nd Year Cost

   • Surveillance Audit and Logistics cost.
   • Soft Cost associated with Internal Audit, Reporting and Maintenance of the QMS

3. Recertification cost( every 3 years)

Identify and assign a designated management representative (MR) in your team to coordinate with SME during the entire process and provide the necessary information that SME requires to complete their task. Based on the Gap analysis, a timeline roadmap needs to be created with the end goal of the certification audit. This helps to maintain the appropriate timeframe as defined in the RoadMap.

A most important reason to get any certification is always for Business growth, Customer Requirement, Entry into Newmarket, build confidence, and consistent product/process/service delivery to the customer.

Stage 1:  Discovery

• GAP Analysis to identify the gaps as compared to standard requirements
• Awareness Training

Stage 2: Documentation & Implementation

• Documentation

Documenting  Management System procedures and WI based on document structure most suitable and value add to the Organization.

• Implementation

Once documents are drafted, reviewed, and approved, process owners, will implement the documented processes.

Stage 3: Audit (Internal and External)

• Internal Audit of the implemented ISMS and Management Review is a mandatory requirement. Internal Audit program with Internal Audit schedule and plan is required. Internal audit needs to be conducted by Trained Internal Auditors or External Contracted Auditors.
• After Internal Audit, External Audit can be scheduled and conducted.

This entire process can take up to 6-8 months depending on the number of locations, employees, scope, number of processes, and resource commitment by organization.

Certification can be achieved by utilizing internal resources.  The best way is to have a person or team with ISO implementer training/previous relevant experience to charter the project.

While considering ISO certification it is very critical to understand the various costs incurred.

These include the cost for the first year :

• Create and Charter ISO project (Quality Manager)
• External Registrar Cost+ Logistic Cost
• Consultant Support (if external consultant used)

2nd-year cost: Surveillance Audit and Logistics cost

Soft Cost associated with Internal Audit, Reporting and Maintenance of the QMS

Recertification cost: External Audit and Logistics cost.

ISO standard can be purchased from ANSI stores, ISO website, and authorized vendors only. Printed/electronic copies are managed per the  Terms and Agreement as well as IEC and ISO copyright requirements.

If you are limited in internal resources or have time constraints or not familiar with ISO standard it is best to engage a consultant. Once the need for ISO certification is defined, it’s the right time to start identifying consultants. It is important to know that the consultant may not be local.

It will be critical to check if the consultant has relevant experience in a similar industry and can provide a customized solutions based on your unique requirements. Apart from mandatory requirements, the QMS for a Medium size company vs CNC Machine shop will be tailored to each organization requirement.

Stage 1:  Discovery

• GAP Analysis to identify the gaps as compared to standard requirements
• Awareness Training

Stage 2: Documentation & Implementation

• Documentation

Documenting  Management System procedures and WI based on document structure most suitable and value add to the Organization.

• Implementation

Once documents are drafted, reviewed, and approved, process owners, will implement the documented processes.

Stage 3: Audit (Internal and External)

• Internal Audit of the implemented ISMS and Management Review is a mandatory requirement. Internal Audit program with Internal Audit schedule and plan is required. Internal audit needs to be conducted by Trained Internal Auditors or External Contracted Auditors.
• After Internal Audit, External Audit can be scheduled and conducted.

This entire process can take up to 6-8 months depending on the number of locations, employees, scope, number of processes, and resource commitment by organization.

After the initial certification award, regular surveillance audits are required and mandatory. Every 3 years recertification audits are conducted. The validity of the certificate is for 3 years based on the above-defined cycle. If any organization fails to comply with 3^rd party registration requirements/certification body Audit program, there can be repercussions.

ISO, International Organization for Standardization released the framework for the Quality Management system that can be used by masses as ISO 9001:1987. ISO 9001 is applicable to various industries for product, service and processes. Since then every 7-8 years this standard is updated, and the current updated version is 2015 which was released on year 2015. ISO 9000 is a family of standards, of which only ISO 9001 is a certifiable standard.

Gone are the days where the mythical figure was its going to be in range of 50,000 and its upkeep is 25,000 per year. The time and cost will be determined considering factors such size of company, pre-assessment and GAP analysis, various locations, complexity of manufacturing facilities and number of employees.

Yes, we will be present during the external audit and as per our service model is we will also provide a complimentary free internal audit visit after certification. If you want to retain our services we will be able to plan and schedule to do periodical audits and all the non conformance will be addressed promptly.

No extra charge. All the related concerns and queries will be covered under the pre-decided fee.

You can find more information about ISO on our Blog.

We all procrastinate on things we know need to get done.   Many companies tend to put off getting their ISO/CMMI till the last minute not leaving enough time to properly implement the system.  Not only it may get difficult to find a good consultant at the last minute but also expect to pay premium charges which can be around 1.5 – 2 times the consulting cost for expediting it later.  Additionally, it can get challenging to find a certifying body to meet your certification deadlines.

The regulatory bodies have started to identify that and are changing the rules slowly. For e.g.  Up until a few months ago, CMMI could be completed within a month on the expedited path but now CMMI Appraisal bodies won’t’ be able to appraise companies who are unable to show few months of implementation time.

It is recommended that for any management system to be properly implemented, you must plan a minimum of 4-6 months in advance.

Want to know the duration, cost, and process to get your ISO/CMMI completed? Get our no-obligation Gap Assessment Report.

Well, if you are well versed with the specific ISO standards, are keeping up with new versions as applicable, feel comfortable doing it yourself, it should be just fine to go for a Certification Audit when needed.  If for any reason, you feel stuck or would like to have an unbiased opinion, an internal audit conducted by a consultant can certainly help. You can contact us when ready.

We have heard these a few times. However, it is a conflict of interest to take the consulting and certification from the same company. ANAB and SEI, regulatory bodies of ISO and CMMI respectively have started to track down such companies who are trying to follow unethical practices and have been canceling their accreditation. If you are certified by such a Certifying Body, you will lose your certification.

As an informed buyer, next time you are given such an option, you must always ask yourself, how can a company help build a quality management system and also conduct a certification audit at the same time?

ISO or CMMI doesn’t have any tangible ROI like you usually have for Marketing or Sales. However, look at it this way, like a well-lubricated machine improves the efficiency and throughput of a machine,  a well-implemented management system improves the efficiency of business processes, reduces wastage, reduces personnel time, in short, reduces your operating costs.  To learn more about the benefits of ISO, check out this article on ISO Certification Benefits.

With globalization and increasing competition, many customers are now seeking suppliers/vendors who are ISO certified or CMMI appraised. For some industries, in order to do business, ISO is a mandatory requirement. It won’t be long before it will start applying to almost all industry verticals. Also, it will impact the entire supply chain at some point. If you do not have ISO or CMMI, ask yourself, what does the cost of lost opportunities look like to you?

With globalization, companies are constantly vetting suppliers based on a number of factors, ISO certification being one of them. The reason is that customers can be working with domestic as well as global suppliers and ISO Certification can offer a sense of assurance to them.

US Federal Govt has started to mandate ISO and CMMI in many of their RFP. Many large commercial clients have also started to include in their supplier qualification. It is just a matter of time when the entire supply chain will be required to get certification in order to continue doing business with the same set of customers.

It depends on the scope of the project, number of locations, type & number of standards, resource availability, skills, etc.  But for a simple one standard and one location project, it should typically take up to 6 months. To determine the time and cost for your ISO project, take the opportunity of our no-obligation High Level Gap Assessment.

It is a myth that ISO or CMMI is disruptive for your business. In fact, it is the other way around. Any quality management system should seamlessly fit into your existing business processes and add value to your business in the long run. A good consultant will be able to understand your existing business and should be able to implement the system without changing any processes. Start with no obligation high level gap assessment report for your business to see if we are a good fit.

In today’s day and age, with so much of technological advancement, many services can be performed and delivered remotely. We have done several remote consulting projects using Zoom, Skype for business, Phone, Email, Share Drives, etc. for seamless collaboration. Here is an article on.  An internal audit can be also performed remotely with ease.

In real-world, bad experiences do happen sometimes when consultants are not a good fit for the project or organization. The experience can be painful.  But be assured that there are several great consultants out there who can be an asset to your team.  If you would like to find out if we are a good fit, please setup a discovery call with one of our experts.

In today’s gig economy, you may be able to find almost any type of skilled resource online through some kind of portals like freelance.com, fiverr.com, etc. To know if they are the right fit for your project, you must know what to look for.  Here is an article that can help to

If your company is small and doesn’t have many processes or multiple locations, hiring a Quality Manager just for the purpose of creating and maintaining a quality management system doesn’t make sense. Most Consultants should be able to help build you a robust QMS that can be easily maintained in-house with the least time and effort. However, if you feel that you need continual help with maintenance, a consultant should be able to review your QMS once quarterly or semi-annually and keep you on track. If you have a specific need, our experts can help you find out if we are able to help.

This is true with most Small Business with lean processes. They are understaffed, working on multiple business-critical roles, don’t have a dedicated and skilled resource for ISO. For such companies, the best route to consider is investing in a consultant who can save time and cost.  If you would like to learn how we can help you with your ISO project, use our no obligation high level gap assessment report.

In today’s day and age, the requirement for ISO is growing because customers want to work with vetted and approved suppliers not only domestically but globally.  ISO, a globally recognized certification, ensures that a supplier is more qualified than others in a similar niche. Even if you let go of one customer asking for an ISO certification today, it won’t be surprising if another customer would also ask for it at some point.  Also, many companies who are trying to grow their client-base will come across ISO Certification being one of their customer RFP/RFQ.  Here is an article that can help you evaluate ISO Certification Benefits.

You don’t know what you don’t know. This is true with any industry. That is why we offer a no-obligation high level Gap Assessment and a complementary 30 mins call with our ISO Expert to answer any questions you may have about the project.

For most ISO projects, the time and cost depend on several factors like specific ISO standards, Industry vertical, number of processes, number of locations, previous ISO certifications, Skilled resources, etc. In short, the certification scope needs to be identified in order to determine the time and cost regardless of your choice to complete it in-house or take the help of a consultant.  Download the ISO Project Toolkit to get an idea of time and cost. If you still need help, feel free to speak to one of our experts and they can help you determine the scope.

You are not alone. Many companies have similar dilemma.  ISO 9001 usually applies to all industries and serves as a foundation for many advance ISO Standards. Specific ISO Standards apply to different industry verticals, product or services provided, customer requirement.  For e.g.  ISO 17025 specifically applies to Testing and Calibration Labs, ISO 13485 applies to Medical Device manufacturers and so on. Some industries will require more than one ISO standards.  If you are still not sure which ISO applies specifically to your industry, setup a discovery call with one of our experts.

Local consultants can save you the overhead cost of travel only if they need to be onsite. But did you know that, nowadays, most ISO projects can be completed remotely with aid of technology? A seasoned consultant should be able to interview you, understand your business, train your resources, and help execute ISO projects remotely. We have done many of them to know for sure. Can’t wrap your mind around it? Feel free to speak to one of our experts.

Sure, that’s a great idea if you have

1. The required Expertise and Skills
2. Dedicated Resource to implement and maintain ISO / CMMI
3. Time to execute the project

Certification can be achieved by utilizing internal resources.  The best way is to have a person or team with ISO implementer training/previous relevant experience to charter the project.

While considering ISO certification it is very critical to understand the various costs incurred.

These include the cost for the first year :

• Create and Charter ISO project (Quality Manager)
• External Registrar Cost+ Logistic Cost
• Consultant Support (if external consultant used)

     2nd-year cost: Surveillance Audit and Logistics cost

Soft Cost associated with Internal Audit, Reporting and Maintenance of the QMS

Recertification cost: External Audit and Logistics cost

ISO standard can be purchased from ANSI stores, ISO website, and authorized vendors only. Printed/electronic copies are managed per the  Terms and Agreement as well as IEC and ISO copyright requirements.

If you are limited in internal resources or have time constraints or not familiar with ISO standard it is best to engage a consultant. Once the need for ISO certification is defined, it’s the right time to start identifying consultants. It is important to know that the consultant may not be local.

It will be critical to check if the consultant has relevant experience in a similar industry and can provide a customized solutions based on your unique requirements. Apart from mandatory requirements, the QMS for a Medium size company vs CNC Machine shop will be tailored to each organization requirement.

Stage 1:  Discovery

• GAP Analysis to identify the gaps as compared to standard requirements
• Awareness Training

Stage 2: Documentation & Implementation

• Documentation

Documenting  Management System procedures and WI based on document structure most suitable and value add to the Organization.

• Implementation

Once documents are drafted, reviewed, and approved, process owners, will implement the documented processes.

Stage 3: Audit (Internal and External)

• Internal Audit of the implemented ISMS and Management Review is a mandatory requirement. Internal Audit program with Internal Audit schedule and plan is required. Internal audit needs to be conducted by Trained Internal Auditors or External Contracted Auditors.
• After Internal Audit, External Audit can be scheduled and conducted.

This entire process can take up to 6-8 months depending on the number of locations, employees, scope, number of processes, and resource commitment by organization.

After the initial certification award, regular surveillance audits are required and mandatory. Every 3 years recertification audits are conducted. The validity of the certificate is for 3 years based on the above-defined cycle. If any organization fails to comply with 3^rd party registration requirements/certification body Audit program, there can be repercussions.

ISO, International Organization for Standardization released the framework for the Quality Management system that can be used by masses as ISO 9001:1987. ISO 9001 is applicable to various industries for product, service and processes. Since then every 7-8 years this standard is updated, and the current updated version is 2015 which was released on year 2015.ISO 9000 is a family of standards, of which only ISO 9001 is a certifiable standard.

Yes, certification is not tied to the duration of an Organizations’ existence. Any organization having defined processes, meeting the compliance requirements of ISO 27001, and adequate resources ( personnel & finance) for implementation can achieve certification.

ISO standard can be purchased from ANSI stores, ISO website, and authorized vendors only. Printed/electronic copies are managed per the  Terms and Agreement as well as IEC and ISO copyright requirements.

https://webstore.ansi.org/standards/iso/isoiec2700127002security

https://www.iso.org/standard/54534.html

The database/list can exist based on the country and its regulations. In the USA there is no such list, but all certificates are issued by Accredited Registrars.

ISO 27001 is a Management system for Information Security. Keeping information secure is not the task of IT department but of each individual of the Organization. Becoming more aware of existing threats will help the organization to manage the risks and place effective controls. That is the true benefit of the ISMS certification.

Stage 1:  Discovery

• GAP Analysis to identify the gaps as compared to standard requirements
• Awareness Training

Stage 2: Documentation & Implementation

• Documentation

Documenting  Management System procedures and WI based on document structure most suitable and value add to the Organization.

• Implementation

Once documents are drafted, reviewed, and approved, process owners, will implement the documented processes.

Stage 3: Audit (Internal and External)

• Internal Audit of the implemented ISMS and Management Review is a mandatory requirement. Internal Audit program with Internal Audit schedule and plan is required. Internal audit needs to be conducted by Trained Internal Auditors or External Contracted Auditors.
• After Internal Audit, External Audit can be scheduled and conducted.

This entire process can take up to 6-8 months depending on the number of locations, employees, scope, number of processes, and resource commitment by organization.

The various cost incurred in the process of securing ISO certification are distributed over a 3-year cycle:

1. 1^st Year Cost

   • Create and Charter ISO project (Quality Manager)
   • External Registrar Cost+ Logistic Cost
   • Consultant Support( if external consultant used)

2. 2^nd Year Cost

   • Surveillance Audit and Logistics cost.
   • Soft Cost associated with Internal Audit, Reporting and Maintenance of the QMS

3. Recertification cost( every 3 years)