What happens when a company loses ISO 9001 recertification?

[djdust34]

Hello all,

My company received 2 majors during our annual review. I feel as though we have corrected the findings, but want to plan for the worst. What is the impact to the company of the audit goes poorly? What will we have to do? Will we automatically lose customer business? Can the follow-up audit results be challenged if we disagree?

Thank you in advance!

 

[normzone]

Generally all the company employees disappear - rumor has it that the secret program relocates them to an island, where they are used for dangerous experiments.

No, seriously, you'll probably be okay if you've corrected the issues.

>>>What is the impact to the company of the audit goes poorly?

The company will need to address the reasons the audit went poorly.

>>>What will we have to do?

Please see the answer above. You may have to do it rather quickly.

>>>Will we automatically lose customer business?

No, first the customers would have to learn of the impacts of the audit. If you fix the problems that will be minimized.

>>>Can the follow-up audit results be challenged if we disagree?

Any audit can be challenged, but I wouldn't go there unless there was a very good reason to do so, such as the auditor being way off base.

 

[Project Man]

First, as an ISO 9001 company you work with other ISO certified companies. I would have someone you trust review it for you (Or you could hire a consultant). If after that you are still confident you've addressed the issues then you should feel confident.
Second, you hired the auditor. If it feels like they are trying to sink your ship without cause, call the company they work for and ask for a different auditor.
As far as potential impact: If a customer chose you solely because you were certified than you will probably lose them. Past that, it's all how you handle it.

 

[dsanabria]

Hello all,

My company received 2 majors during our annual review. I feel as though we have corrected the findings, but want to plan for the worst. What is the impact to the company of the audit goes poorly? What will we have to do? Will we automatically lose customer business? Can the follow-up audit results be challenged if we disagree?

Thank you in advance!

Just out of curiosity what were the Majors written against or what does the auditor consider a Major.

Hello all,

What is the impact to the company of the audit goes poorly?

Thank you in advance!

Don't Panic - it takes a while and there is a process to remove your certificate.

For now - focus on correcting the issues to the satisfaction of the auditor - send the auditor a preview and ask if you are in the correct path and if there is additional information that is required. Most auditors will provide positive feedback (no consulting) as to meeting the requirements of the standard.

Hello all,

What is the impact to the company of the audit goes poorly?

Thank you in advance!

At this point the audit is over and the purpose of the visit is to close out the open items of the major findings.

Hello all,

What will we have to do?

Thank you in advance!

The registrar will provide you with action items and the next step in getting back your certificate... but you are already drowning and you are not even close to the water... chill

Hello all,

Will we automatically lose customer business?

Thank you in advance!

That depends on positive communication with the customer and depends on the customer requirements... more than likely you won't loose client if the issues are corrected and a positive attitude is taken in meeting the requirements of the standard and the customers.

Hello all,

Can the follow-up audit results be challenged if we disagree?

Thank you in advance!

Yes you can appeal but if you work with the auditor - chances are that this step will not be required. However, if you choose to appeal, the auditor will provide information of how that is done or call the registrar and let them know that you would like to appeal the results of the NCR

 

[rogerpenna]

What happens if I lose my ISO certification for not doing the external audits?

We are not worried about losing clients. Our clients do not demand ISO. And ISO certificate are not approved to be used as some advantage at public contract biddings. (which are our companie's main source of income)


What I want to know is what is the problem of simply doing it again next year? Will it be much lenghtier than if it was just a re-certification?

 

[John C. Abnet]

What I want to know is what is the problem of simply doing it again next year? Will it be much lenghtier than if it was just a re-certification?

This begs the question "why" is your organization ISO 9001 certified? What is top management hoping to achieve with the ISO 9001 certification? Is the certification simply to "fly the flag" or is there benefit intended to be gained (as there should indeed be).

What does "top management" say about the risk of having the certification pulled? Is top management not horrified and intent on ensuring the resources necessary to correct the problem?

To answer your question: If your organization loses its ISO 9001 certification, it will need to start from scratch. Stage 1 audit, Stage 2 audit, initial certification costs, etc...

Not a good place to be.

Hope this helps.
Be well.

 

[rogerpenna]

This begs the question "why" is your organization ISO 9001 certified? What is top management hoping to achieve with the ISO 9001 certification? Is the certification simply to "fly the flag" or is there benefit intended to be gained (as there should indeed be).

1 - the ISO standard helped us achieve reduction in costs and lessen our risks in several areas. We saw it important to organize the company as it grew based on some outdate and disorganized practices. That is the benefit to be gained.

2 - Fly the flag... we do it only for pride. Again, it's completely irrelevant to our customers, because we work 99.9% with government biddings, where you can´t even use ISO as an "advantage". It's usually lowest price + certificates of non debt, certificates that X and Y service in Z and W quantities were already performed by the company, etc.

3 - Over 10 years ago, a brazilian standard for Housing (specially highrises) Quality Construction was created in Brazil. PBQP-H. Having it became a necessity or a helper to get credit lines from a State Bank usually involved with development projects.

The standard was based on ISO 9001 with some extra stuff added in. The standard was later extended to Civil Infrastructure, and there were federal projects to allow Governments (federal, state or municipal level) to require or accept (as extra factors) a PBQP-H certificate in public biddings.

So having an ISO and then getting our PBQP-H certificate was also eyeing that possibility, which would increase our chances in public biddings.

However, due to lobbying and judicial decisions based on Public Biddings Law, PBQP-H was NEVER accepted for public biddings. There are zero public biddings we have ever participated that require it. So without that real use, it ended up being only number 1 and 2.


What does "top management" say about the risk of having the certification pulled? Is top management not horrified and intent on ensuring the resources necessary to correct the problem?

They like the certification for reasons 1 and 2. The risk of having the certification pulled is more about the financial cost of re-doing it again from step 1.

Which will mean that if Top Management think the cost of stopping some departments to do the external audits amid a crucial time (election year, our income is through the roof and nobody has time to spare) is worse than the cost of re-doing the certification, they would opt for re-doing the certification. Plus the pandemic problem and the fact we can´t do online audits at job sites, because they are often remote and with poor internet connection.

 

[John C. Abnet]

- the ISO standard helped us achieve reduction in costs and lessen our risks in several areas. We saw it important to organize the company as it grew based on some outdate and disorganized practices. That is the benefit to be gained.

Based on this response @rogerpenna , then I am at a complete loss as to why Top Management would have allowed the status of the ISO 9001 implementation (the effectiveness of the QMS) fall into such a state as being at risk of having the certification pulled.


Comment "1"...
1 - the ISO standard helped us achieve reduction in costs and lessen our risks in several areas ....

...is contradictory to your later comment...
"Which will mean that if Top Management think the cost of stopping some departments to do the external audits amid a crucial time (election year, our income is through the roof and nobody has time to spare) is worse than the cost of re-doing the certification."

The later comment causes me to believe top management does not really believe/is not committed to comment "1".

Be well.

 

[Big Jim]

The only way that you will loose certification is if you decide not to continue with it. All nonconformances can be overcome unless you don't want to.

 

[John Predmore]

I didn't see anyone else mention this point. One common reason for a major non-conformity is the auditor believed your system had widespread deficiency(s). When resolving the 2 audit non-conformances, it is not enough to correct the few specific examples identified in the audit report - you should re-audit your system to uncover and correct all similar deficiencies which were not uncovered in the limited time-frame of the outside audit. Your root cause investigation must go beyond the specific examples cited - as an example, why was form 1234 missing an approval signature - to the more fundamental question - what is missing from your document control process that forms missing approval got processed and no one noticed, no one questioned the missing approval (just as an example for this comment). In this way, you show leadership in addressing a systemic deficiency, if that is indeed the reason for the major findings.