Certification is a declaration, issued after an audit by a certification body, that an organization conforms to the requirements of an ISO management system standard, for example ISO 9001:2015 for its quality management system.

Certification gains for an organization wider market confidence, higher business performance and distinctive reputation. Trade barriers are overcome due to mutual recognition of certificates between countries. Certification enhances the sustainability of the organization as well as its ability to consistently comply, where applicable, with legal requirements. These benefits result from effects of the regular audits by a certification body of the maintenance and continual improvement of disciplines exercised by a certified organization to help meet the needs and expectations of its interested parties.

An organization applies to CIP for certification of its management system to its chosen ISO standard. After contract agreement, the organization undergoes two stages of initial audit. See CIP’s audit process. If these audits conducted by CIP are satisfied that the organization’s management system is established, implemented, maintained and continually improved in accordance with the requirements of the ISO standard, CIP grants the organization a Certificate of Registration, valid for three years, declaring its conformity to the ISO standard. The Certificate remains valid for three years provided the management system is maintained and continually improved as verified by two annual surveillance audits. The Certificate of Registration is product/service- and site-specific.

The audits comprise the initial audits and the annual surveillance audits.

The initial audits have two parts: Stage 1 and Stage 2. After implementing its management system for at least three months with satisfactory results and when it deems ready to undergo Stage 1, the applicant organization notifies CIP and may nominate a schedule for these audits.

Stage 1 is successfully completed after CIP finds the management system adequately planned and documented to support its scope of operations in accordance with the criteria of its chosen ISO standard. On agreed dates, Stage 2 follows. The entire management system is assessed by CIP audits whether it is implemented as planned by the organization against the criteria of the ISO standard. If the management system is found adequately implemented, CIP declares it as such in its audit report, with a recommendation to the CIP technical review and approval board to grant certification to the management system of the organization. Upon approval, the Certificate of Registration is issued to the organization, valid for three years, provided the management system is maintained and continually improved as verified by annual surveillance audits.

The surveillance audits assess the level of maintenance of the certified management system. Satisfactory implementation of the management system, if established by these surveillance audits, leads to the reconfirmation of the validity of the Certificate of Registration.

The cost of the certification process, from initial audits to annual surveillance audits in a three-year period, will depend on the number of audit man-days determined appropriate for the organization under the ISO standard/s it intends to be certified against. A small or medium enterprise has much less audit man-days, and therefore less audit fees, than a large, multi-site company. Organizations with thriving business operations often point to the beneficial effects of their certified management system as a key factor for their success, far outweighing and well worth the cost of gaining and maintaining ISO certification.

Factors such as size of organization, number of sites, manpower count, manufacturing or service processes, risk level and the ISO standard/s as audit criteria are considered by CIP against man-day requirements set by the International Accreditation Forum (IAF) when determining the number of audit man-days applicable to an organization, from initial audits to surveillance audits over a three-year period. This is to ensure CIP’s client organizations that their management systems are thoroughly audited for their adequacy, implementation and effectiveness to support the business performance requirements of their organizations.

The Certificate is valid for three years, subject to satisfactory results of surveillance audits. If surveillance audits find the management system maintained and continually improved, the Certificate is reconfirmed for its validity.

Yes. It is renewable for another three-year period. The organization applies for renewal before the Certificate expires. Under a new three-year contract with CIP, the organization undergoes a reassessment of its entire management system. The audit man-days of this reassessment and the two annual surveillance audits in the next three-year period depend on the changes to the management system over the past three years, for example in terms of its scope, the number of sites and manpower of the organization. A successful reassessment results in a new Certificate of Registration. Its validity during the succeeding three-year period is again subject to satisfactory results of two annual surveillance audits.

Without a functioning management system, the Certificate is cancelled.

Yes. If the Certificate was previously cancelled, the organization needs to re-apply for its restoration. Re-application entails a new contract review that requires Stage 1 and Stage 2 audits again. Successful completion by the applicant of both audit stages results in a new Certificate of Registration, valid for three years.

If the Certificate was suspended and if within a period not exceeding six months the restoration of its validity is formally requested by the organization, a follow up audit is conducted by CIP. If audit results are satisfactory, the Certificate of Registration is restored but its original validity period remains the same, i.e. with no extension.

If the suspension period exceeds six months, the Certificate is terminated. The organization may later request restoration of its Certificate but the management system is subject again to Stage 1 and Stage 2 initial audits under a new contract with CIP. If audit results are satisfactory, a Certificate of Registration is issued but with a new validity date of three years, subject to annual surveillance audits.

An organization needs to first understand the requirements of ISO 9001:2015 and how they are made applicable to their operations. Conducting a gap analysis can provide useful findings to what extent an organization’s current management system meets ISO 9001:2015 requirements. Resources need to be invested in the effort: trainings, team work across the organization, persons to plan and lead the development and maintenance of the QMS, budget, time, policy issuances, evaluations, corrective actions. Top management leadership is key to communicating to the entire organization the value of instituting a quality management system. Top management after all is the one that needs the system to help rally the whole organization to achieve its strategic goals through the path of customer satisfaction. Without a customer there is no business.

The criteria of ISO 9001:2015 need to be understood in order for them to be interpreted and tailored fit to the specific circumstances of an organization. In many cases, organizations may already have in place various processes and controls that meet, either in full or in part, specific requirements of the standard. At the start, doing a gap analysis between existing management practices and ISO 9001:2015 requirements may reveal to an organization that it has more ISO 9001 requirements already in place than previously thought. Where gaps are found in some functions or processes, these would be the areas that need to be addressed how best to meet applicable criteria of the standard. Where there are no gaps, no further actions might be needed unless the organization decides to enhance these areas as part of its continual improvement practices.

Understanding the requirements of ISO standards involve self-study, group study, readings, formal training, learning from experienced users of ISO standards, including those found in ISO’s Auditing Practices Group website. Experienced consultants in ISO management systems may also be helpful. It should also be understood that instituting a Management System, whether for Quality, Food Safety, Occupational Health and Safety, Environment or whatever field is chosen by top management, does not mean setting up an additional or parallel management system to what might already be existing within the organization. There should be only one management system in any organization. The existing management system may simply need some continual improvements by bringing its processes into alignment with requirements of the chosen ISO standard.

Copies may be obtained from the Bureau of Philippine Standards under the Department of Trade and Industry, as well as from the official ISO website.

A certification body, like CIP, can demonstrate the competence and independence of its certification schemes and its auditors if it is accredited under ISO/IEC 17021-1-2015 and other standards in the ISO/IEC 17021 series by the Philippine Accreditation Bureau (PAB) of the Dept. of Trade and Industry.

There is no international accreditation body.

That is a wrong notion. There are no internationally accredited certification bodies.

In all countries, accreditation bodies are national organizations. In the Philippines, it is the Philippine Accreditation Bureau (PAB), which was created by the Dept. of Trade and Industry as the national authority for the accreditation of management system certification bodies in the Philippines. Other countries have their own national accreditation bodies: for example the United Kingdom Accreditation Service (UKAS) in the United Kingdom which is appointed by the UK government to perform accreditation of management system certification bodies in UK; in Japan the national accreditation authority recognized by the Japanese Government is the Japan Accreditation Bureau (JAB); in the United States it is the ANSI National Accreditation Board (ANAB).

Yes. Nearly all national accreditation bodies (such as PAB) are members of the International Accreditation Forum (IAF). A mutual recognition agreement is administered by IAF under which accredited certificates issued, for example, in the Philippines by a PAB-accredited certification body is recognized in other member countries.

To uphold their agreements as IAF members and to facilitate mutual recognition of accredited certificates they issue, PAB and all its foreign counterparts use the same ISO standards and IAF mandatory documents to perform audits and accreditation of management system certification bodies in their respective territories. These national accreditation bodies undergo audits by regional accreditation bodies (such as the Asia Pacific Accreditation Cooperation in the case of PAB), also affiliated with IAF, for mutual recognition of their competencies and of the equivalence of their accreditation work.

Yes. CIP has a long standing working relationship with QSCert, a leading certification body in Slovakia. CIP and QSCert collaborate in serving the certification requirements of Philippine companies such as for FSSC and Energy Management System. QSCert is accredited by the Slovak National Accreditation Service (SNAS), an IAF member.

Not necessarily. Commonly foreign buyers deal with numerous global sources in their search for varied products, competitive prices, consistent product quality and supplier reliability. Consequently they want their incoming product inspection and supplier evaluation processes to be more efficient, less costly, transparent, non-repetitive. One way to achieve these goals is to require their sources to be certified to ISO 9001:2015. Certified once, certified everywhere. This is a widely-accepted standard in global trade, used in no less than 160 countries.

Consultancy is not provided by CIP. Certification bodies must be independent and have no conflict of interest with any of their clients.

Trainings on ISO standards are publicly available. The subjects of these trainings are strictly treated in a generic manner and do not in any way provide specialized or unique guidance to participants. The Philippine Accreditation Bureau (PAB) is at liberty to examine the independence of CIP’s training materials and training proceedings.

Yes. Transfers are subject to regulations under IAF MD2:2023.

The organization notifies its certification body about its intention to transfer to another certification body. It coordinates with the certification body it wishes to transfer to for audit and administrative arrangements.

Organizations certified by CIP to ISO 9001:2015 that intend to maintain their certified status need to undergo a transition audit against the requirements of ISO 9001:2026. Prior to this transition audit, an organization needs to: 1) understand the requirements in the 2026 edition, 2) do a gap analysis between its current QMS and the requirements under the new edition, 3) address gaps, if any, by incorporating in the QMS the needed actions, 4) implement the QMS as transitioned to the 2026 edition of the standard, 5) assess the adequacy and effectiveness of the performance of the transitioned QMS with internal audits and management reviews, 6) depending on the level of readiness of the QMS and the organization, apply to CIP for a transition audit of the QMS, and 7) undergo the transition audit. A successful transition audit will lead to the issuance by CIP of a new Certificate of Registration under ISO 9001:2026. In the case of other revised ISO management system standards, like ISO 14001:2026 to be released in April 2026, the transition audit process described above applies to ISO 14001:2015 certified organizations.

When an ISO management system standard is revised, a transition audit is required to bring certified management systems to the level of the new edition of the standard. For example: an organization certified to ISO 9001:2015 which intends to remain certified to ISO 9001 needs to undergo a transition audit to ISO 9001:2026 within a three-year transition period, starting from its release date in September 2026. In the case of ISO 14001:2026 edition, its release is expected in April 2026. The exact dates of the transition period from 2026 to 2029 will be announced by ISO and the International Accreditation Forum in due course. These dates will be communicated by CIP to its QMS- and EMS-certified clients.

If by the end of the three-year transition period a certified organization has not undergone, or chooses not to undergo, a transition audit to ISO 9001:2026, its ISO 9001:2015 certificate will expire. Even if it still has a remaining validity period, the ISO 9001:2015 certificate will become void; the reason for this is that the ISO 9001:2015 edition will cease to exist at the end of the transition period. An organization can not be certified to a non-existing standard. The same is true for ISO 14001:2015 certificates. An audit to the 2026 edition of the standard that takes place beyond the three-year transition period is not deemed a transition audit. Instead it is a full initial audit, entailing Stage 1 and Stage 2.

During the three-year transition period, ISO 9001:2015 and ISO 9001:2026 exist side by side. Depending on its situation and business needs, an organization may continue using ISO 9001:2015 as its management framework. If its QMS is certified, the organization may continue its surveillance audits to ISO 9001:2015 to maintain its certified status, provided such audits do not occur beyond the transition period. Moreover, within this period, the transition audit, for practical purposes, is scheduled to coincide with a surveillance audit or reassessment.

It is for the organization to decide when to undergo a transition audit. When it deems its QMS or EMS is fully converted from the 2015 to the 2026 edition of ISO 9001 or ISO 14001 and is ready to undergo a transition audit, an organization needs to formally apply to CIP for this audit. A contract review is conducted by CIP to assess the applicant’s QMS or EMS for any changes in its scope, the number of sites to be audited and any other relevant aspects of the applicant’s management system, all of which are a basis for determining the suitable number of audit man-days. This contract review is followed by a quotation to the applicant organization. To maintain the regular surveillance and reassessment cycle of the organization, the transition audit normally coincides with the organization’s annual surveillance audit or reassessment falling within the transition period. A successful transition audit leads to the issuance of a new certificate under the 2026 edition of the standard.

Yes, the organization may apply for certification at any period it chooses, even after passage of the transition period. The organization however must understand that by that time its ISO 9001:2015 is already expired. It should apply for certification which requires Stage 1 and Stage 2 audits. A successful initial audit will lead to the certification of the QMS or EMS 2026.

Based on the planned revisions to these two standards, no new major requirements are expected. Certified organizations are not expected to experience a burdensome task of, first, aligning their QMS or EMS to the 2026 edition of the standard and then completing the required transition audit . The revised standards are anticipated to be more user-friendly, with simplification of some wordings and minor changes in the order of presentation of requirements described in some sub-clauses. This approach to the revisions will foster clearer understanding of the standards, further benefitting organizations in terms of improved effectiveness of their management systems.

Yes, there is a forum, called Auditing Practices Group (APG). It has a website each for QMS and EMS. The Group comprises experts, auditors and practitioners involved in the Technical Committees of the International Organization for Standardization responsible for the ISO 9000 and ISO 14000 series of standards.

The websites contain a diverse range of topics that can be a source of ideas for those looking to enrich and improve the effectiveness of their own QMS or EMS. Guidance can be obtained too from the informative documents shared in the websites, which aim to foster better understanding of the standards.