Home » Guides » Certification



to ISO management system standards

Organizations and companies often want to get certified to ISO’s management system standards (for example ISO 9001 or ISO 14001) although certification is not a requirement. The best reason for wanting to implement these standards is to improve the efficiency and effectiveness of company operations.

A company may decide to seek certification for many reasons, as certification may:

  • be a contractual or regulatory requirement
  • be necessary to meet customer preferences
  • fall within the context of a risk management programme, and
  • help motivate staff by setting a clear goal for the development of its management system.

ISO does not perform certification

ISO develops International Standards, including management system standards such as ISO 9001, ISO 14001 and ISO 31000. However, it is not involved in the certification to any of the standards it develops. Certification is performed by external certification bodies, which are largely private. Therefore a company or organization cannot be certified by ISO.

When a company or organization is certified to an ISO standard they will receive a certificate from the certification body. Even though the name of the ISO standard appears on this certificate, it is not ISO that has issued it.

Although ISO does not perform certification, its Committee on Conformity Assessment (CASCO) has produced a number of standards that relate to the certification process. The voluntary criteria contained in these publications are an international consensus on good practice relating to certification. Companies and organizations usually operate their certification activities in accordance with these international standards. More information can be found by accessing the full list of CASCO Standards .

Certification – the provision by an independent body of written assurance (a certificate) that the product, service or system in question meets specific requirements.

Registration – certification is very often referred to as registration in North America.

Accreditation – the formal recognition by an independent body, generally known as an accreditation body, that a certification body is capable of carrying out certification. Accreditation is not obligatory but it adds another level of confidence, as ‘accredited’ means the certification body has been independently checked to make sure it operates according to international standards.

ISO Survey – 2012

Every year ISO performs a survey of certifications to its management system standards. The latest edition shows a significant increase in certificates for ISO 27001 (information security) and ISO 22000 (food safety management) as well as for energy and environmental management.

Choosing a certification body

Check out this article