An ISO (International Standards Organization) Stage 1 audit determines whether a company is ready for its ISO Stage 2 Certification Audit. It is the first stage in the certification audit process.
The certification audit determines if an organization’s management system complies with the requirements of the standard, e.g., ISO 9001, ISO 14001, ISO 45001, and can be certified in the standard. The certification body’s auditor conducts the certification audit.
During the Stage 1 ISO audit, the auditor reviews the documented information the organization has about its management system, evaluates the conditions at the site, and has discussions with personnel.
The auditor checks that the company’s objectives and key performance indicators are in place and that staff members understand them. The auditor also reviews the scope of the management system and gathers data on the company’s processes and operations, the equipment it uses, the levels of control the organization has established, as well as any applicable regulatory or statutory requirements.
In addition, as part of the ISO Stage 1 audit, the auditor evaluates the company’s internal audits and management reviews to ensure they’re being planned and performed. The auditor also assesses the overall level of implementation of the company’s management system to determine if it’s ready to move forward with the ISO Stage 2 Certification Audit.
How long does an ISO Stage 1 audit take?
An ISO Stage 1 audit usually takes place in one or two days.
The certification body, also known as the registrar, will use the ISO Stage 1 audit to complete the planning for the ISO Stage 2 audit, including a review of the allocation of resources and details for the next phase of the audit.
ISO Stage 1 and Stage 2 audit
The auditor will give the organization documented conclusions outlining whether the company is ready to move to the ISO Stage 2 audit. The auditor will also outline areas of concern that could be classified as non-conformances during the ISO Stage 2 audit.
During the ISO Stage 2 audit, the certification body, also known as a registrar, will determine the degree of compliance with the requirements of the applicable standard. The audit report will also identify non-conformances or potential non-conformances that the company has to correct before it can issue the certification. If the Stage 2 audit is successful, the certification body will certify the company’s management system.
ISO 9001, the standard for quality management systems (QMS), for example, requires that organizations complete this two-stage registration audit to become certified. If both the ISO Stage 1 audit and the ISO Stage 2 audit are successful, then an organization will be certified to ISO 9001.
If the auditor identifies any major non-conformances in the ISO Stage 2 audit, the certification body cannot issue the certification until the company takes corrective action and that action is verified.
Thank you for subscribing to the Risk Insiders newsletter!
Why sign up for the Risk Insiders newsletter?
To stay in the know! Get new blogs, resources, CPE opportunities, industry research & more — direct to your inbox.