What documents do I need for ISO 9001:2015 - Quality Management Certification

Document control is more than just filing documents. It is an essential tool used to ensure a business’s efficiency, performance, reliability, traceability, quality and safety. Document control is required to control the distribution, accessibility, preservability, retrieval, management, and usability of documented information. Documented information should be controlled in order to be adequately protected, available and suitable for use at all times.

Regardless of how you may record information, anything deemed necessary for the organisation to operate, or necessary for the effective functioning of the management system, must be controlled. The previous 9001 Standard (2008) used to require a few documents including:

  • Quality policy

  • Quality objectives

  • Quality manual

  • Procedure - Control of documents (clause 4.2.3)

  • Procedure - Control of records (clause 4.2.4)

  • Procedure - Internal audit (clause 8.2.2)

  • Procedure - Control of nonconforming product (clause 8.3)

  • Procedure - Corrective action (clause 8.5.2)

  • Procedure - Preventive action (clause 8.5.3)

 However, under the new 9001 Standard (2015) only four elements are required to be documented, including: a quality policy, quality objectives, scope, and the information needed to support the operational system. These support documents are at the discretion of the company. The new Standard does not require all the procedures mentioned above, nor a quality manual, but any organization which decides to continue to use them can keep them.

How big is your QA System? Is it still current to your operations?

How big is your QA System? Is it still current to your operations?

The 2015 Standard still requires several records to be maintained with the majority of those coming from Clause 8 – Operation, these include:

  • Calibration of monitoring and measuring equipment

  • Conformity of products and services requirement

  • Reviews of requirement for products and services

  • Design and development: inputs, reviews, controls, verification, outputs, validation, change control.

  • Monitoring and measurement activities

  • Results of external provider evaluations, performance, and re-evaluations

  • Unique identification of process outputs (e.g. serial / batch number) if traceability is required

  • Customer property - lost, damaged or found unsuitable for use and communication to the owner

  • Criteria and authorisation for products and services delivery

  • Audit findings and actions

  • Corrective actions raised and the outcome (any action taken on nonconformities)

  • Nonconformities

  • Management reviews

  • Training records

I want to know - how big is your Quality Management System, have you simplified it?

Unregistered ISO Certifiers: Make Sure Your Certificate is Legitimate

Certification audits are there for a reason. Some will argue that auditors are just there to justify their existence, but that is not always the case. They are, rather, there to uncover possible infractions that might be going on with one or more parts of your operations – and such discrepancies could be found in your ISO audits too.

 Have you checked your ISO certificate lately, do they have a JAS-ANZ logo and a registered number?

 JAS-ANZ accreditation sends a clear message. It says your certification or inspection body can be counted on to perform its duties—in an authoritative and impartial way. It flags that you have been approved by an independent third-party as a professional body that acts with integrity when certifying or inspecting for conformity assessment. So, is your company on the JAS-ANZ register? Keeping in mind this is for Australia and New Zealand readers, all other countries should refer to the IAF for a list of Accreditation Members for each country.

According to a new body of research undergone and published at the University of Laval in Quebec, most of these unregistered certification efforts are coming from companies in China however are also being found in Australia as well. With that, they aim to fool any constituted authority which should have otherwise kept them in check, as well as the companies they are supplying services to.

 Beyond the moral discomfort this causes for directors when such companies are found out, it also poses a serious question to the quality and safety of services which would be provided by a company that is not even certified in the first place.

How does it happen?

Many of the companies running around with a unregistered ISO certification go about it in a variety of ways. From the research carried out, some of the most effective ways of getting this done are:

  • Obtaining a certificate from a certifier without the right accreditation. This works in most foreign markets due to limited knowledge of what bodies have the proper accreditation and authority to issue such certificates.

  • Generating a certificate with the aid of photo editing software like Photoshop.

  • Paying their way to a certificate by bribing auditors. When this is the case, the company doesn't even need to implement the management system.

  • Obtaining the certificate fraudulently, for example: the company files for a certificate application with the wrong information about how things are done within the system. This will, of course, earn them the certificate, but not the right practices.


Is your certification legitimate?

 To ensure clients do not just trust vendors touting an ISO certificate on benefit of the doubt, there has to be an increased transparency around the entire process.

 To put that in context, these accredited certified bodies should make their database available for all on their website. That will make it easy to crosscheck the certificate numbers against whatever is present in the database, making it possible to verify or refute the claim of such vendors.

 The interesting thing is that the above model is what was supposed to be in place, but the system is not big followed through as much as it should be. JAS-ANZ has such a register which can be openly accessed by the public. http://www.jas-anz.org/our-directory/certified-organisations

 Likewise, companies could stop trusting these certificates coming from the likes of China and Pakistan. Although cases of fakes have been spotted in other regions too, it is not as serious as what we are seeing in these two areas.

 Finally, businesses should complete their due diligence before they award projects to any other company with an ISO certificate. At the end of the day, these firms will be the one to bear the brunt of it all, should it be discovered that their vendors are failing to comply with standards and proper specifications.


Check your certificates, does it have either of these logo’s on them?

Check your certificates, does it have either of these logo’s on them?

How can we help?

 Before applying for certification, get in touch with us to ensure your using an accredited body. We can point you in the direction of reputable certification companies such as companies like:

Oversight are also offering free assessments of your current certifier, ensuring they’re legitimate. Simply send us a copy of your certificate and we do the digging for you, so you don’t get caught on the wrong side of the law. There are a lot of poor services out there already, and we wouldn’t like for any company to drag your name through the mud.

 Has your company ever found out the hard way, that they were operating under an unregistered ISO certificate/certifier? We want to know your stories, post it in the comments section or send us a message - we would love to hear more.

Additional resources and references:

  • https://advisera.com/9001academy/blog/2018/05/23/how-to-know-whether-iso-9001-certificate-is-valid/

  • https://www.bestpracticecertification.com.au/single-post/Rates-of-Fake-ISO-Certificates-Booming-Worldwide-led-by-China-report-says

  • https://www.chinacheckup.com/blogs/articles/iso-china

How to Beat an Audit.

That time of year again? Your Health, Safety, Environmental or Quality Audit has come around? I take a look at how to be prepared, here’s how.

 No matter what industry or niche your business specializes in, one of the things you and your competitors share is auditing. For companies and business that find themselves in the production, construction or manufacturing sector, one of the most dreaded times of the year is when the auditors come to play.

 Truth be told, these auditors are not always out to have your head. In fact, at the end of the day, they are just doing the job which pays their bills too. Even though it may look like they are poking for your mistakes. And for all our auditor’s who are reading this, I know some of you are in fact friendly and make the process very easy!

 However back to the stereotypical auditor, as a business owner you can work against this. When you allow enough time to prepare for that audit, the auditors can only huff and puff. That’s how to make them all bark and no bite at the end of the day.


Getting Prepared for The Audit

The biggest mistake a lot of companies make when they are preparing for an audit is to hope for the best. They think they have everything in place already and so, push on to the next stage.

 With this in mind, they are just being hopeful that they have not left anything to chance, rather than being sure. It is, thus, not surprising that when the worst comes, they scramble to cover their bases.

 For me, I don’t believe a company should be put on its heels after an auditor finds something out. In fact, you should have ensured all loose ends were handled before the auditor came in. This would generally mean that you are applying your processes 100% of the time.

That, and that only, is the way to ensure you are always bold in the face of any auditor or a team of them.


Building Up the Right Team

Depending on your industry and the niche of your company, you would have different quality, environmental or safety standards that you are supposed to follow. Some are to be implemented while others are simply to have been provided for.

 The challenge that comes with the daily running of a business can easily make you lose track of some of the most important things. Trust me when I say an auditor who is worth their salt will probe till they get to that very last thing you left out, or totally forgot about.

 ‘What to do, then?’

Ensure your team has an advisor or expert when it comes to knowing these standards.

 In fact, I recommend ensuring that this person is the head of the team. Rather than ask why, I think you should ask why not. After all, it is their job to crawl into the head of the auditor and prepare for each and everything they might want to tackle in your company.

 A trusted consultant of advisor will help you put everything in place, leveraging their experience in the industry to exceed even the toughest auditors expectations.

 They will also be able to help you ensure your business is being run the right way for your employees and the environment, much after the audit is done with.

 Such services are offered at Oversight Consulting where we work with a lot of businesses to ensure they never leave a stone on ground for auditors to turn when they do decide to come around.

 Proper Handling of The Audit

You would want to give yourself as little liability in the auditing process as possible. That is why you should hand over the main task of facing the auditor to your advisor or consultant.

 Of course, you will still be involved – but only in the capacity of furnishing your advisor with the information they need to answer certain questions.

 The importance of this is that the advisor can always claim they don’t know one or more things when the auditor starts asking heated questions.

They will be in the best position to diffuse the heat by asking to know what information the auditor would like to have. The advisor would then be able to gather this information and provide it to the auditor in the most harmless way possible.

 Should a client have been the one in the room, they would be put on the spot. Not being able to answer the questions, or provide a convincing argument in the moment, which could lead to a negative result.

 Now that you know just what you should do, how about hiring an advisor to take the stress out of your next audit? I would love to know about some of your experiences with auditors - shoot us a message!

The secret behind business owners having more time off.


Most business owners all have similar problems when it comes to trying to take time off. As we see more and more business owners working ‘in’ the business, spending very little time ‘on’ the business how do you expect to grow or more importantly take time off?.

To come up with a solution to the above problem, the idea of systematic management was invented. Systematic management is the approach whereby the focus is mainly on the process as opposed to the result. In systematic management, there is breakdown of specific tasks, which are assigned to individuals or a group of individuals. It gives both the management and the employees the opportunity to see all the small processes that are part of the major activity or operation whilst holding someone accountable. Systematic management is preferred and has been adopted by many of the big companies because it helps in making activities such as planning, budgeting as well as forecasting more efficient and simpler. Systematic management enables business owners to have more time to do what they like to do. Additionally, employees have specific guidelines and procedures outlined to follow and the business operates the way the business owner wants it run.

To achieve systematic management, procedures must be developed and implemented. In order to achieve this, we need to establish how you want the business to be ran. Secondly, we establish the consequences if employees do not follow procedures. Then, we come up with a set of tools that will be used to help achieve an effective systematic management. This may include adopting specific and fussier processes and procedures or involving employees at the development phase. Another common tool used in systematic management is ensuring that the business has adequate staff and resources. As employees will be assigned a specific task that is part of the business or the operational process, employees should be held accountable for ensuring their responsibilities are met.

Adopting a systematic management approach is not only beneficial to the company, but also to their customers, it’s a win-win for both. The processes are streamlined, this means that there is more production to satisfy the needs of the customers. Having every staff member aware of their requirements and roles gives them a chance to look at the customer’s needs in a more close and specific way, which is again more efficient. Additionally, this also helps to ensure that customers are not misused and that their issues are well taken care of as disciplinary actions are taken to employees who do not follow the specific process. And lastly, the business operates in the way it should be and you as a business is left satisfied. This then allows owners to take a look at the customers’ needs in a closer and more efficient manner, or if you’re like most business owners I know – would take time off to do what ‘they’ want to do, whether it be holidays, fishing or a regular game of golf!


Why is safety management so important in the construction space?

In 2017 a total of 190 fatalities were recorded in workplaces throughout Australia. With 30 of these deaths occurring on construction sites throughout Australia, I take a look at why this safety is such an important player when working in construction.


Accidents are a part of life and are bound to happen at places such as the job site, especially when there is no real safety management system applied. There was never a building that was constructed without any incidents and or mishaps. This is why you need a Safety Management System (SMS) and why it is necessary for every construction project.

Every construction company is legally obligated to comply with the Workplace Health and Safety Act and Regulations that govern your particular state or territory in which you operate. Protection of your workers and sub-contractor should always be the topmost priority. To take complete care for such purpose, safety consultants or people are engaged, these people or tools as I call them can be very helpful, however they need to grasp legislation.


All high-risk construction work on any site requires a safe work method statement (SWMS), without one you could be liable to penalties and imprisonment I have identified some of the core reasons why safety management at the construction site is vital:

Practical Perspective

If the situation is considered from a practical perspective, it is obvious that the amount of time, money, effort and power spent on the restoration after the accident is not very ideal. It is a better option to stay careful to avoid such accidents in the first place. Care is better than cure, after all. Just in case the accident occurs, a safety management team would be able to handle the situation much professionally.

Governmental Laws

Another reason why a safety management in construction work in Australia and other countries of the world is very necessary is because of the laws, rules, and regulations the government has set for the companies to follow in order to provide a safe working environment for the workers and employees. Then it legally becomes a responsibility for the construction companies to ensure safety for everyone at all costs.

Sense of Responsibility

This is the basic reason why safety management must be a part of the construction plan as it is unethical to risk the lives of others just for the sake of construction work. A safety management team ensures that the construction work continues without any accidents. Construction companies should make the life safety of people associated with the construction plan a priority instead of work.