We’re pleased to share that we have passed our annual surveillance audits and continue to be certified to ISO27001 for an Information Security Management System and ISO9001 for a Quality Management System. Given our business needs and the industry we are in, we find these management systems to be the most beneficial to our organization.
We have now received our certificates and happy to share them on our website footer for all to see. One of the key benefits of certifying to an ISO standard is to share the certificate with clients, customers, and other stakeholders to increase trust. This is why we always recommend certifying with an accredited certification body (here in the UK, it would be a UKAS accredited auditor, however if you’re elsewhere in the world you can find your accreditor here via the IAF directory).
CertiKit’s Managing Director and primary toolkit author Ken Holmes, says “I am delighted that both of our certifications, ISO9001 and ISO27001, have been successfully renewed with BSI. A lot of work goes into doing things correctly within the CertiKit team, and it’s good to have external recognition of all that effort. Given what we do, we believe very strongly that we should show to our customers that certification is both achievable, and beneficial.”
As ISO standards are what our team at CertiKit know best and we’ve been certified for seven years now, we’d like to share three tips for a successful annual surveillance audit.
1) Book your surveillance audit within good time and make sure you have everything in place for the day, this will include everything from having relevant documentation ready to making sure the appropriate staff are available to speak to the auditor if required.
2) Ensure you meet your internal audit schedule. In line with the requirements clause 9.2, the certification audit requires evidence of a completed internal audit, but this isn’t the only reason you should be completing internal audits. They’re an opportunity to ensure that the organization is still running to the requirements of the management system and to highlight any improvements that can be made too.
3) Ensure continuous staff training and awareness. ISO standards aren’t just something you implement once and then leave, they are about continuous improvement and need to be embedded within the organization. Making sure all staff members are aware of the management system and what is required of them is key to ensuring requirements are still met year on year.