ISO certification step by step - Complete guide for ISO 9001

ISO 9001 certification can feel like a rollercoaster for companies doing it for the first time. Where do you start? How long does it take? What documents do you need? This guide takes you through the entire journey from decision to certificate - step by step.

This article is the broad roadmap. If you already know you want a more product-focused overview, go to our ISO 9001 page or the wider ISO certification hub. If you are comparing systems rather than reading the full journey first, start with AmpliFlow’s management system platform.

What is ISO 9001?

ISO 9001 is the world’s most widely used standard for quality management systems. Over a million companies in 189 countries use it to improve their processes, increase customer satisfaction, and demonstrate their commitment to quality.

The standard builds on seven quality management principles:

1. Customer focus - Strong relationships with customers
2. Leadership - Active engagement from management
3. Engagement of people - Everyone involved in quality work
4. Process approach - Focus on efficient processes
5. Improvement - Continuous development of operations
6. Evidence-based decision making - Decisions based on data and analysis
7. Relationship management - Manage relationships with suppliers and partners

ISO 9001 fits all industries and company sizes - from startups to global corporations. If your company delivers products or services to customers, you can get certified.

Why certify to ISO 9001?

Certification brings concrete benefits. BSI reports that their customers experience:

• 66% improved products and services
• 60% fewer errors
• 65% increased customer confidence

Other benefits:

• Customer trust - The certificate shows you have working quality control
• More efficient processes - Find and eliminate inefficiencies
• Clearer responsibilities - Everyone knows what to do
• Better risk management - Identify and handle risks systematically
• Competitive advantage - Many procurements require ISO 9001

Step 1: Decision phase (week 1-2)

Why should you certify?

Start by answering: Why does your company need ISO 9001 certification?

Common reasons:

• Customer requirements - Customers demand certification for continued cooperation
• Public procurement - Many tenders include ISO 9001
• Export market - International customers expect certification
• Internal improvement - You want to structure quality work
• Competitive advantage - Your competitors are certified

Which standard fits you?

ISO 9001 is the most common quality standard, but there are others:

• ISO 9001 - Quality management (fits all industries)
• ISO 14001 - Environmental management
• ISO 45001 - Occupational health and safety
• ISO 13485 - Medical devices
• ISO 27001 - Information security

Many companies combine ISO 9001 with other standards. They share the same structure, saving time and resources. If you are still deciding which route fits your business, compare the standards in our ISO certification hub.

Get management commitment

ISO 9001 requires management to actively participate in quality work. Without CEO support, certification is difficult.

Checklist - Decision phase:

• Document why you want to certify
• Choose which standard to certify against
• Get decision and budget from management
• Appoint a project manager for the certification work
• Communicate the decision to the entire organization

Time required: 1-2 weeks

Step 2: Gap analysis - Map your current state (week 3-6)

A gap analysis means comparing how you work today with what ISO 9001 requires. It shows which areas need improvement.

What does ISO 9001 require?

The standard covers the entire business - from strategy to daily work. Think of it as seven areas you need to have in order.

Context and strategy is about understanding your company in a broader context. What external factors affect you - economic conditions, legal requirements, competitors? What internal factors matter - your culture, your competence, your systems? Which stakeholders care about what you do - customers, authorities, employees - and what do they expect?

Leadership is the core of ISO 9001. The standard requires management not just to nod approval but to actively drive quality work. That means establishing a quality policy, allocating responsibilities, and making quality part of everyday work - not a side project.

Planning is about risks and objectives. What could go wrong and how do you handle it? What quality objectives do you have and how will you achieve them? It’s about thinking ahead instead of just reacting.

Support is the resources required: staff with the right competence, facilities and equipment that work, and documentation that people can actually find and understand.

Operation is the daily work - your processes for delivering to customers. How do you handle customer requirements? How do you control quality? How do you make sure your suppliers deliver?

Performance evaluation is about measuring and reviewing. Are the processes working? Are you meeting objectives? Internal audits and management review are mandatory tools for keeping track.

Improvement is what makes ISO 9001 a living system. When something goes wrong, you don’t just fix it - you understand why and prevent it from happening again. Continual improvement is not a slogan but a systematic approach.

Conduct the gap analysis

Go through each clause and assess:

• What do we already do? (Green)
• What do we partly do? (Yellow)
• What are we completely missing? (Red)

Gap analysis examples:

• Quality policy - Current state: Does not exist (Red). Action: Create policy.
• Process descriptions - Current state: Partly documented (Yellow). Action: Complete documentation.
• Internal audits - Current state: Not performed (Red). Action: Train internal auditors.
• Customer satisfaction - Current state: Measured annually (Green). Action: Continue.

Prioritize gaps

Not all gaps need to be addressed at once. Prioritize:

1. Critical gaps - Must be addressed (completely missing mandatory requirements)
2. Important gaps - Should be addressed soon (partially met requirements)
3. Minor gaps - Can wait (small improvement areas)

Checklist - Gap analysis:

• Get the ISO 9001 standard (purchase from ISO or national standards body)
• Review clauses 4-10
• Document what you do today
• Identify all gaps
• Prioritize gaps by criticality
• Estimate resources needed to close gaps

Time required: 3-4 weeks for the first gap analysis

Tip: Use an external consultant for your first time. An experienced consultant spots gaps you miss and saves time.

Step 3: Planning - Create a project plan (week 7-8)

Now you know what needs to be done. Next is planning how and when.

Create a project plan

A typical ISO 9001 implementation takes 6-12 months depending on:

• Company size
• What is already in place
• Available resources
• Complexity of operations

Sample timeline:

1. Phase 1: Gap analysis (week 1-4) - Responsible: Project manager
2. Phase 2: Documentation (week 5-16) - Responsible: Quality manager
3. Phase 3: Implementation (week 12-20) - Responsible: Process owners
4. Phase 4: Training (week 16-20) - Responsible: HR + Quality
5. Phase 5: Internal audit (week 21-24) - Responsible: Internal auditors
6. Phase 6: Certification audit (week 25-26) - Responsible: Certification body

Allocate resources

Who is needed?

• Project manager (20-50% of their time) - Drives the certification work
• Quality manager (50-100%) - Builds and maintains the system
• Process owners (10-20%) - Document and improve their processes
• Internal auditors (training + 5-10 days/year) - Audit the system

Estimate budget

ISO 9001 certification costs:

• Standard document: 2 000-3 000 SEK (ISO 9001 from SIS)
• External consultant: 50 000-200 000 SEK (optional, depending on scope)
• Training: 10 000-30 000 SEK (internal auditor training, ISO 9001 course)
• Certification body: 30 000-100 000 SEK first year (depending on company size)
• Internal time: Biggest cost - expect 200-500 hours for smaller companies

Tip: Read more about cost savings in the article 5 ways to reduce the cost of ISO certification.

Choose a certification body

The certification body conducts the audit and issues the certificate. Choose an accredited body recognized by your national accreditation authority.

Common certification bodies:

• DNV
• Bureau Veritas
• TUV Rheinland
• Intertek
• Lloyd’s Register
• BSI

Compare price, industry experience, and geographic presence.

Checklist - Planning:

• Create a detailed project plan with milestones
• Assign roles and responsibilities
• Estimate budget and get approval
• Book resources (staff time)
• Select and contact certification body
• Book preliminary audit dates

Time required: 1-2 weeks

Step 4: Documentation - Build the quality management system (week 9-20)

ISO 9001 doesn’t require heavy filing cabinets, but certain documents must exist. This is why this guide stays broad: here you get the full sequence from decision to audit, while narrower articles can go deep on one issue at a time, such as clause 4 groundwork, process mapping, internal audit, or how much documentation you actually need.

What documents are required?

Required documented information:

1. Quality policy - Management’s commitment to quality (1 page)
2. Quality objectives - Measurable targets for quality work
3. Scope of the quality management system - What the certification covers
4. Documented information showing:
   • Control of nonconforming outputs
   • Corrective actions
   • Internal audits
   • Management review results

Supporting documents (optional but recommended):

• Organization chart with roles and responsibilities
• Risk register
• Process descriptions
• Checklists for various activities
• Templates for different processes
• Work instructions for specific tasks

If documentation is what feels overwhelming, read You probably only need to write 20% of the documents you think before ISO certification before you start writing more than you need.

Write the quality policy

The quality policy is management’s commitment. It should:

• Be appropriate to the organization’s purpose and context
• Provide a framework for setting quality objectives
• Include a commitment to continual improvement
• Include a commitment to fulfill applicable requirements

Quality policy example:

“We at [Company Name] deliver products and services that meet our customers’ requirements and expectations. We continually improve our processes by involving employees, measuring results, and acting on facts. We follow applicable laws, regulations, and standards. Every employee is responsible for quality in their daily work.”

Document processes

Start with your main processes:

• Sales and marketing
• Product development
• Production/service delivery
• Purchasing
• Customer service
• Quality assurance

For each process, document:

• Purpose - Why does the process exist?
• Scope - Where does the process start and end?
• Input/Output - What goes in and what comes out?
• Owner - Who owns the process?
• Activities - What steps are included?
• Measurement - How do you measure if the process works?

Tip: Use flowcharts to visualize processes. They are easier to understand than text. For a deeper practical walkthrough, see What is process mapping in ISO 9001?.

Create the quality manual

Many companies collect all documentation in a quality manual. It is not mandatory per ISO 9001:2015, but it helps.

Typical quality manual structure:

1. About the company
2. Scope of the quality management system
3. Quality policy
4. Organization chart and responsibilities
5. Process descriptions
6. Procedures for mandatory requirements
7. Supporting documents (checklists, templates)

Document management tools

Small companies can start with:

• Word/PDF documents in a shared folder
• Simple cloud services (Google Drive, Dropbox)

As the system grows, consider dedicated document management:

• AmpliFlow - Swedish system adapted for ISO 9001
• SharePoint
• Other management system tools

If you want to compare the software-first path in more detail, see the management system platform page.

[IMAGE: AmpliFlow document management interface showing version control and approval workflow]

Checklist - Documentation:

• Write quality policy (approved by CEO)
• Set measurable quality objectives
• Define scope of quality management system
• Map and document main processes
• Create procedures for nonconformity management
• Create procedure for corrective actions
• Create procedure for internal audits
• Create procedure for management review
• Collect all documentation in an accessible location
• Train staff on where to find documents

Time required: 8-12 weeks (depending on company size)

Step 5: Implementation - Put the system into practice (week 12-24)

Having documents is not enough - the system must be used in daily work.

Communicate to the organization

Tell all employees:

• Why you are implementing ISO 9001
• What it means for their work
• How they contribute to quality work
• Where to find documentation
• Who to ask if they have questions

Tip: Hold short information meetings per department. Avoid long presentations - focus on the practical.

Train employees

Different roles need different depths of training.

Management team needs to understand their role in quality work - not the details of the standard, but how management review works, what the quality policy means, and why their engagement is critical. Count on half a day.

Process owners need more - they should be able to document and measure their processes, understand the process approach, and drive continual improvement. Two days is reasonable.

All employees need the basics: What is ISO 9001? Where do I find our documents? How do I report when something goes wrong? Keep it short - a couple of hours - and focus on the practical.

Internal auditors are your quality experts and need thorough training: the standard in detail, audit techniques, how to ask the right questions and write audit reports. Send them on a certified internal auditor training course (2-3 days). It’s an investment that pays off - good internal auditors find problems before the external auditor does.

Start with simple processes

Don’t try to implement everything at once. Pick 1-2 processes and get started:

1. Train affected employees
2. Test the process for a few weeks
3. Collect feedback
4. Adjust documentation
5. Move to the next process

Start measuring

Quality is about measurement. Start collecting data:

• Customer satisfaction - Send surveys, call customers, collect feedback
• Process performance - Measure lead times, costs, quality
• Nonconformities - Register errors, complaints, problems
• Suppliers - Evaluate delivery quality

Handle nonconformities

When something goes wrong, document:

• What happened?
• When did it happen?
• What was the consequence?
• What did we do immediately? (correction)
• Why did it happen? (root cause analysis)
• What will we do to prevent recurrence? (corrective action)

Tip: Use the 5 Whys method for root cause analysis:

• Why did this happen?
• Why did that cause occur?
• Why did the underlying cause occur?
• … continue until you find the root cause

Read more in the article Deviation management - the key to continuous improvement.

Conduct management review

Management must regularly review the quality management system (at least once a year).

Management review agenda:

Input:

• Status of actions from previous reviews
• Results from internal audits
• Customer satisfaction and feedback from interested parties
• Process performance and quality objectives
• Nonconformities and corrective actions
• External provider performance
• Adequacy of resources
• Improvement suggestions
• Changes in external and internal factors

Decisions:

• Is the policy still appropriate?
• Should we adjust quality objectives?
• Do we need more resources?
• Which improvements should we prioritize?

Output:

• Decisions on improvements and changes to the system
• Assigned responsibilities and deadlines
• Resource needs
• Follow-up at the next review

Read more about management team work at AmpliFlow - Management team work.

Checklist - Implementation:

• Inform the entire organization
• Train management, process owners, and employees
• Train internal auditors (certified course)
• Implement processes step by step
• Start measuring customer satisfaction and process performance
• Register and handle nonconformities
• Conduct first management review
• Let the system run for 2-3 months before internal audit

Time required: 8-12 weeks (plus time for the system to settle)

Step 6: Internal audit - Test the system (week 22-26)

Before the certification body arrives, you conduct an internal audit. It’s a dress rehearsal. If you want the full audit method, examples, and reporting structure, read Internal Audit According to ISO Clause 9.2 - A Practical Guide.

Why internal audit?

Internal audit helps you:

• Find weaknesses before the external auditor arrives
• Verify that the system works in practice
• Give employees practice for the certification audit
• Show that the system is established and being used

Plan the internal audit

1. Create audit plan:

• Which processes/departments will be audited?
• When will the audit take place?
• Who will conduct the audit?
• How long will each part take?

2. Select auditors:

• Auditors may not audit their own work
• Use newly trained internal auditors
• Consider mixing experienced and new auditors

3. Prepare checklist:

• Base on ISO 9001 clauses 4-10
• Add company-specific requirements
• Include previously identified risks

Conduct the audit

Opening meeting (30 min):

• Introduction of auditors
• Purpose and scope
• Schedule for the day
• Who participates from the organization

Audit (3-8 hours depending on company size):

• Review documentation
• Interview employees
• Observe processes
• Verify measurement data
• Document findings

Closing meeting (30-60 min):

• Present results
• Discuss findings (nonconformities and observations)
• Thank participants

Classify findings

Not all findings are equally serious. A major nonconformity means a requirement from ISO 9001 is not met, or the system is not used at all. These must be addressed before the certification audit - otherwise you cannot be certified.

A minor nonconformity is a smaller deficiency: an isolated case where the procedure was not followed, a single event that does not affect the system as a whole. These also need to be addressed but are not showstoppers.

Observations are not nonconformities but improvement areas - things that work but could be better, or risks that could become problems in the future. Good to address, but not required.

Address nonconformities

For each nonconformity:

1. Correct the problem immediately (correction)
2. Analyze the root cause (root cause analysis)
3. Define corrective action
4. Implement the action
5. Verify the action works
6. Document everything

Important: All nonconformities from the internal audit must be resolved before the certification audit.

Checklist - Internal audit:

• Plan internal audit (scope, schedule, auditors)
• Prepare checklists based on ISO 9001
• Inform affected employees
• Conduct opening meeting
• Review documentation and interview
• Document findings (nonconformities and observations)
• Conduct closing meeting
• Address all nonconformities
• Verify that actions work
• Document the internal audit in a report

Time required: 2-4 weeks (including addressing findings)

[IMAGE: AmpliFlow internal audit module showing checklist with findings and corrective actions]

Read more about internal audit at AmpliFlow - Pre-audit crunch.

Step 7: Certification audit - Get the certificate (week 25-28)

Now you are ready for the external audit from the certification body.

Two stages of the certification audit

The certification audit consists of two phases:

Stage 1: Document review (1 day)

The auditor reviews:

• Quality policy and objectives
• Scope of the system
• Process descriptions
• Mandatory procedures
• Internal audit documentation
• Management review documentation

Purpose: Verify that the documentation meets ISO 9001 requirements.

Result: The auditor identifies any deficiencies that must be addressed before Stage 2.

Tip: Stage 1 can often be done remotely (document review without a site visit).

Stage 2: Site audit (1-3 days)

The auditor visits the company and reviews:

• Interviews management and employees
• Observes processes in practice
• Verifies that documentation is followed
• Reviews measurement data and results
• Checks that nonconformities are handled correctly

Purpose: Verify that the system works in practice and is being used.

Stage 2 time required:

• Micro enterprises (1-5 employees): 1 day
• Small companies (6-25 employees): 1-2 days
• Medium companies (26-100 employees): 2-3 days
• Larger companies: Longer

Prepare staff

Tell employees:

• When the auditor is coming
• What the audit involves
• That the auditor will talk to them
• To be honest and show how you really work
• That it’s okay to say “I don’t know” instead of guessing

Tips for interviews:

• Be yourself - act naturally
• Show how you actually work
• Refer to documentation when relevant
• Admit if something isn’t working perfectly
• Talk about improvements you are planning

Possible certification audit results

Approved without nonconformities:

• Certificate issued directly
• Unusual for first certification

Approved with minor nonconformities:

• Certificate issued after you address minor nonconformities
• You normally get 90 days to resolve them
• Send evidence to the certification body
• Most common for first certification

Not approved (major nonconformities):

• Certificate not issued
• You must address major nonconformities
• New audit required (parts of Stage 2 repeated)
• Unusual if you did a thorough internal audit

After approval

When everything is done:

1. Certification body issues the certificate
2. Certificate is valid for 3 years
3. You can use the certification body’s logo
4. You are entered into a public certificate database
5. You can market yourself as ISO 9001 certified

Checklist - Certification audit:

• Confirm Stage 1 dates with the certification body
• Ensure all documentation is complete
• Conduct Stage 1 (document review)
• Address any deficiencies from Stage 1
• Confirm Stage 2 dates (site audit)
• Prepare facilities for the audit
• Inform and prepare staff
• Conduct Stage 2 (site audit)
• Address any nonconformities from Stage 2
• Send evidence of actions to the certification body
• Receive certificate
• Communicate certification internally and externally

Time required: 2-4 weeks (including time between Stage 1 and Stage 2)

Total time from decision to certificate: 6-12 months

Step 8: After certification - Maintain and improve

The certificate is not the goal - it’s the starting point. Now the real quality work begins. If you are already certified and your current setup feels too scattered, see Already certified? How to switch from Excel, SharePoint or a limited QMS.

Surveillance audits (annually)

The certificate is valid for 3 years, but the certification body returns each year for a surveillance audit.

What is reviewed:

• That the system is still being used
• That you handle nonconformities
• That you follow up on quality objectives
• That you conduct management reviews
• That you perform internal audits

Scope: Less than the certification audit (normally 0.5-1 day).

Cost: Often included in the 3-year contract with the certification body.

Recertification (every three years)

After 3 years you must recertify. It is a full audit similar to the original certification audit.

Differences from first certification:

• Focus on improvements you have made
• Review of trends over time
• Less extensive (the system is established)

Continual improvement

ISO 9001 requires you to continually improve. Continue:

• Measure customer satisfaction regularly
• Analyze process data
• Handle nonconformities systematically
• Conduct internal audits
• Set new quality objectives when old ones are achieved
• Involve employees in improvement work

Common pitfalls to avoid

Many companies make the same mistakes after certification. Here are the five most common - and how to avoid them.

The system becomes a “binder on the shelf.” You created documentation for the auditor, not for the business. Now the quality manual sits in a folder no one opens, procedures were last updated before the last surveillance audit, and employees work the way they always have. The solution is to integrate quality work into daily work from the start. If a procedure is too complicated to follow, simplify it - or ask whether it is needed at all.

The system is too complicated. Heavy manuals no one reads. Processes with more steps than necessary. Checklists that take an hour to fill in. The result? Employees find shortcuts, and the system loses its purpose. One page that is actually used is worth more than ten pages no one opens.

No one owns the system. The consultant who helped you with certification is gone. The quality manager has a thousand other tasks. No one updates the documentation, no one follows up on nonconformities properly. The solution is to give the quality manager real authority and time - not just a title.

You focus on documentation instead of improvement. Documents are written for documentation’s sake. Processes are described in detail but never improved. Always ask: does this help us deliver better quality to the customer? If the answer is no, cut it.

You are afraid of nonconformities. Problems are hidden. Employees who report errors are seen as troublesome. Improvement opportunities are missed. But nonconformities are gold - they show where you can get better. Create a culture where it is safe to raise problems. Celebrate finding them, not hiding them.

Read more in the article 6 mistakes in ISO certification.

Combine with other standards

Once ISO 9001 is established, you can add other standards:

• ISO 14001 (environmental management) - Reduce environmental impact
• ISO 45001 (occupational health and safety) - Improve safety
• ISO 27001 (information security) - Protect data

The advantage: the standards share the same structure (Annex SL). Many requirements overlap, saving work. If you expect to add more standards over time, start from the broader ISO certification hub rather than treating each standard as a separate system.

Checklist - After certification:

• Communicate certification (website, customers, employees)
• Plan next internal audit
• Book next management review
• Continue measuring and following up quality objectives
• Handle nonconformities continuously
• Improve processes based on data
• Prepare for surveillance audit (year 2 and 3)
• Plan for recertification (year 3)

How AmpliFlow helps you

ISO 9001 certification requires order in documentation, processes, and procedures. AmpliFlow is a Swedish management system built to make certification easier. This guide explains the whole journey. These product pages show the platform and support options behind that journey: ISO 9001 certification with AmpliFlow, the broader ISO certification hub, and the management system platform.

AmpliFlow helps you with:

• Reusable templates and workflows - Checklists, improvement flows, and other structure that make ISO 9001 work more consistent
• Simple document management - All documents in one place, always updated
• Nonconformity management - Register, analyze, and address nonconformities
• Internal audit - Plan and conduct audits with built-in checklists
• Follow-up - Measure quality objectives and track processes
• Management review - Keep objectives, results, nonconformities, and actions in the same system

Hundreds of Swedish companies use AmpliFlow for their ISO certification. The system saves time and makes quality work easier.

[IMAGE: AmpliFlow dashboard showing connected modules - deviations, risks, documents, and goals in one view]

Want to see how AmpliFlow can help you? Book a free demo and get a walkthrough tailored to your company’s needs.

Read more: AmpliFlow - your best partner for ISO certification.

Frequently asked questions about ISO 9001 certification

How long does certification take?

Expect 6-12 months from decision to certificate. The time depends on how large and complex your company is, how much you already have in place, and how much time you can dedicate. A smaller company with dedicated resources can do it in 4-6 months, while a larger organization with complex processes may need a full year.

What does it cost?

Total cost the first year is typically 100 000 - 300 000 SEK for smaller companies. The biggest items are the certification body’s fee (30 000 - 100 000 SEK depending on company size), possible external consultant (50 000 - 200 000 SEK), training (10 000 - 30 000 SEK), and tools/systems (10 000 - 50 000 SEK/year). But the biggest cost is your own time - expect 200-500 hours to build and implement the system.

Subsequent years are cheaper: 20 000 - 50 000 SEK for surveillance audits and system maintenance.

Can we do it without a consultant?

Yes, absolutely. Many companies certify without an external consultant and often gain stronger internal ownership as a result. You build competence within the organization instead of becoming dependent on external help, and you save money.

The downside is that it takes longer and requires someone to really dive into the standard. If this is your first certification, a consultant can save time during gap analysis and documentation - but let your own staff do the practical work so the knowledge stays in the company.

What happens if we don’t pass the certification audit?

Unusual if you did a proper internal audit, but it can happen. With major nonconformities you must:

1. Address the major nonconformities
2. Undergo parts of the audit again
3. Pay for the extra audit

Tip: Use the internal audit as a dress rehearsal. Address everything you find before the certification body arrives.

How much time does it take to maintain the system?

After certification, a quality manager typically spends 10-30% of their time on the system, depending on company size. Process owners maybe 2-5% - they need to update their processes and follow up on nonconformities. Management gathers for management review 1-2 days per year. Internal auditors need 3-10 days per year to plan and conduct audits.

If the system feels heavy to maintain, you have probably made it too complicated. A good quality management system should deliver more value than it takes time.

Do we lose the certificate if we make mistakes?

Not directly. During surveillance audits, the certification body assesses how well you maintain the system. If they find minor nonconformities, you normally get 90 days to address them. Major nonconformities require an extra audit - you must show that you have solved the problem. Only in very serious cases, such as the system completely ceasing to be used, can the certificate be withdrawn - but that is unusual.

The key is to handle nonconformities systematically and show that you are continually improving. Auditors are not looking for perfection - they are looking for a living system that works.

Summary - Your roadmap to ISO 9001 certification

1. Decision phase (1-2 weeks) - Result: Decision to certify, budget approved
2. Gap analysis (3-4 weeks) - Result: Current state mapped, gaps identified
3. Planning (1-2 weeks) - Result: Project plan, certification body selected
4. Documentation (8-12 weeks) - Result: Quality management system documented
5. Implementation (8-12 weeks) - Result: System used in practice
6. Internal audit (2-4 weeks) - Result: System tested, deficiencies addressed
7. Certification audit (2-4 weeks) - Result: Certificate obtained
8. After certification (ongoing) - Result: System maintained and improved

Total time: 6-12 months from decision to certificate

Success factors:

• Active management engagement
• Clear project manager with time and authority
• Involve employees from the start
• Keep the system simple and practical
• Focus on improvement, not just documentation
• Use internal audit as a dress rehearsal
• See certification as a starting point, not a goal

ISO 9001 certification is a journey that improves your business. With the right preparation, commitment, and tools, you will reach the goal - and continue delivering higher quality to your customers.

Good luck with your certification!

---

Next steps:

• Compare: ISO certification hub
• Read: 10 reasons why you should ISO certify in a recession
• Avoid: 6 mistakes in ISO certification
• Save: 5 ways to reduce the cost of ISO certification
• Deep dive: Internal audit according to ISO clause 9.2
• Tool: AmpliFlow - your best partner for ISO certification