Why Your Capability Statement Needs More Than a Certificate Number
If you have ISO certification and you are not using it properly in your capability statement, you are leaving real commercial opportunity on the table. A lot of businesses earn their certification, scan the certificate, drop the logo into a PDF, and call it done. That approach does almost nothing for the person reading your capability statement.
On this page
Procurement officers, tender evaluators, and supply chain managers are not impressed by a certificate number sitting in a footer. What they actually want to know is what your certification means in practice, what it covers, and whether it is current and verifiable. Presenting ISO certification evidence well is a skill, and this article walks you through exactly how to do it.
Whether you hold ISO 9001 for quality management, ISO 45001 for safety, ISO 27001 for information security, or any other standard, the principles here apply across the board.
What a Capability Statement Actually Is
Before getting into the specifics of presenting certification evidence, it helps to be clear about what a capability statement is and who reads it.
A capability statement is a short document, typically one to four pages, that summarises what your business does, who you have done it for, and why you are qualified to deliver. It is used in government procurement, private sector tendering, supplier prequalification, and general business development. It is often the first document a buyer reads about your company.
The goal of a capability statement is not to tell the full story of your business. It is to answer one question quickly: can this supplier actually deliver what we need, at the standard we require? ISO certification is directly relevant to that question, but only if you present it in a way that answers it clearly.
The Difference Between Listing Certification and Evidencing It
There is a meaningful difference between saying you are ISO certified and actually evidencing it. Most businesses only do the former.
Listing looks like this:
ISO 9001:2015 Certified
Evidencing looks like this:
ISO 9001:2015 Certified by Bureau Veritas (JAS-ANZ Accredited), Certificate No. XXXXXX, covering design, manufacture and delivery of industrial components from our Brisbane facility. Current until March 2027. Independently verified at bureauveritas.com.
The second version tells the reader who certified you, under what accreditation, what the scope covers, when it expires, and where to verify it. That is what procurement teams actually need. The first version tells them almost nothing they can act on.
This distinction matters even more when you understand what procurement teams actually do with your ISO certificate. They check it. They verify the scope. They confirm the accreditation body is recognised. If your capability statement gives them the information to do that quickly, you stand out from competitors who make them do the legwork themselves.
The Six Elements of Strong ISO Certification Evidence
When presenting ISO certification in a capability statement, include all six of the following elements. Missing even one can create doubt in the reader's mind.
1. The Correct Standard Name and Version
Always state the full standard name and the version year. Write ISO 9001:2015, not just ISO 9001. Write ISO 45001:2018, not just ISO 45001. The version year matters because outdated versions of standards exist, and a reader who knows their standards will notice if you are vague about which version you hold.
2. The Certification Body and Its Accreditation
Name the certification body that issued your certificate. Then state the accreditation body that oversees them. In Australia, this is typically JAS-ANZ. In the UK, it is UKAS. This matters because some ISO 9001 certificates are not accepted by clients or government precisely because the issuing body was not accredited by a recognised accreditation authority.
A certificate from an unaccredited body is not worth the paper it is printed on in most procurement contexts. Stating the accreditation body signals that your certificate is legitimate and verifiable.
3. Your Certificate Number
Include the actual certificate number. This allows the reader to verify your certification independently through the certification body's online register. Procurement officers who are doing due diligence will look this up. Make it easy for them by providing the number directly.
4. The Certification Scope
This is the most commonly omitted element, and it is arguably the most important. Your scope defines exactly what activities and locations your certification covers. A certificate that covers one division of your business does not cover the others. A certificate scoped to one geographic site does not automatically extend to another.
If your capability statement does not state the scope, a reader has no way of knowing whether your certification is actually relevant to the work you are bidding for. State it clearly and specifically. If your scope is broad and covers all your operations, say so. If it is narrower, be honest about that rather than leaving it ambiguous.
5. The Certificate Expiry or Next Audit Date
ISO certificates are issued for three-year cycles with annual surveillance audits. A certificate that expired six months ago is not evidence of current compliance. Include the expiry date or the date of your most recent surveillance audit so the reader can see your certification is current.
6. A Verification Link or Method
Tell the reader exactly where they can verify your certificate. Most accredited certification bodies maintain a public register of certified organisations. Provide the URL or explain how to search for your company. This small addition dramatically increases credibility because it shows you have nothing to hide and that the certificate is real.
If you are unsure how to verify your own certificate online, our guide on how to verify your ISO certificate online walks through the process for the major certification bodies.
Where to Place ISO Certification Evidence in Your Capability Statement
Placement matters. Here is how to think about it.
The Credentials or Accreditations Section
Most capability statements have a dedicated section for credentials, accreditations, licences, and memberships. This is the obvious home for your ISO certification evidence. Present each standard as its own entry with all six elements listed above. Do not bundle multiple certifications into a single line.
The Company Overview Section
If your certification is directly relevant to your core value proposition, mention it briefly in your company overview as well. For example, if you are a quality-focused manufacturer, your overview might note that all operations are conducted under an ISO 9001:2015 certified quality management system. This plants the idea early and reinforces it when the reader reaches the credentials section.
The Relevant Experience or Project Examples Section
When describing past projects, you can reference how your certified management system contributed to the outcome. For example, noting that a project was delivered with zero safety incidents under your ISO 45001 certified safety management system connects your certification to real-world results. This is far more persuasive than listing a certificate in isolation.
What Not to Do
Do not put your ISO logo in the footer and assume that is sufficient. Do not include a scanned image of your certificate as an attachment without any explanation in the body of the document. Do not list your certification without the scope, especially if your scope is narrow. And do not include an expired certificate hoping nobody will notice. They will.
Tailoring ISO Evidence to Different Audiences
A capability statement is not a one-size-fits-all document. The way you present your ISO certification evidence should shift depending on who is reading it.
Government Procurement
Government buyers, particularly in Australia, often have specific requirements around which standards are acceptable and which accreditation bodies they recognise. Many Commonwealth and state government procurement frameworks explicitly require JAS-ANZ accredited certification for quality and safety standards. When submitting to government buyers, emphasise the accreditation status prominently and make the verification path as simple as possible.
If you are unsure which ISO certifications are required for government tenders, our detailed guide on which ISO certification is required for government tenders covers this by sector and jurisdiction.
Large Private Sector Buyers
Large corporations often have supplier prequalification systems that require you to upload your certificate and scope document directly. In your capability statement, note that your full certificate and scope document are available on request or already uploaded to their preferred prequalification portal. This shows you understand their process.
International Buyers
If you are targeting overseas clients, note whether your certification body is a member of the International Accreditation Forum Multilateral Recognition Arrangement (IAF MLA). This arrangement means that certificates issued by IAF MLA member accreditation bodies are mutually recognised across participating countries. The IAF MLA signatory list is publicly available and worth referencing if you are pitching to international buyers who may not be familiar with JAS-ANZ.
Using ISO Certification Evidence to Tell a Quality Story
The most effective capability statements do not just list credentials. They use credentials to support a narrative about why the business is a reliable, low-risk choice for the buyer.
ISO certification fits naturally into that narrative when it is presented with context. Here is a practical example of how to do this.
Instead of writing:
We are ISO 9001:2015 and ISO 45001:2018 certified.
Write something like:
Our operations are certified to ISO 9001:2015 for quality management and ISO 45001:2018 for occupational health and safety, both certified by SAI Global under JAS-ANZ accreditation. These certifications are maintained through annual surveillance audits and cover all project delivery activities conducted from our Sydney and Melbourne offices. Our quality management system has supported consistent on-time delivery across 47 infrastructure projects over the past four years, with a client satisfaction score of 94 percent across independently surveyed engagements.
Notice what that version does. It names the certifications and the certifier. It states the accreditation. It defines the scope. It connects the certification to actual performance outcomes. It gives the reader a reason to care about the certification beyond the fact that it exists.
Attaching Supporting Documents
Your capability statement may be accompanied by supporting attachments. When ISO certification is a key differentiator, consider including the following as attachments or making them available on request.
- A copy of your current certificate: The actual certificate document, not a scan of a framed wall copy. Make sure it is the current version and not one that has been superseded.
- Your certification scope document: Many certification bodies issue a separate scope document alongside the certificate. This provides more detail on what is covered and is useful when your scope is complex.
- Your most recent surveillance audit summary: Some businesses include a brief summary of their last audit outcome, particularly if it was clean with no nonconformances. This demonstrates ongoing compliance, not just initial certification.
- Your quality or safety policy: A one-page policy document signed by your leadership demonstrates that certification is embedded at the top of the organisation, not just managed by a compliance officer somewhere in the middle.
Do not overwhelm the reader with attachments. Choose the ones that are most relevant to the buyer and the work being pursued.
Keeping Your Capability Statement Current
A capability statement with outdated certification information is worse than one with no certification information at all. It signals to a careful buyer that you are not paying attention to detail, which is precisely the opposite of what ISO certification is supposed to demonstrate.
Set a calendar reminder to review your capability statement at each of the following points: when your annual surveillance audit is completed, when your certificate is renewed at the three-year mark, and any time your certification scope changes. If your business grows into new service lines or locations, your scope may need to be updated and your capability statement should reflect that.
Understanding how to update your ISO 9001 scope when your business grows is worth reading if you are in a period of expansion, because a scope that no longer reflects your actual operations creates problems both in audits and in commercial documents like this one.
Common Mistakes to Avoid
After reviewing hundreds of capability statements over the course of my auditing and consulting career, these are the mistakes I see most often.
- Listing a certification that has lapsed: Always check your expiry date before submitting any capability statement.
- Overstating the scope: Claiming your whole business is certified when only one division is covered is a misrepresentation. Buyers do check.
- Using an unaccredited certificate: If your certification body is not accredited by JAS-ANZ or another IAF MLA member, your certificate will not be accepted in many procurement processes.
- Using the ISO logo incorrectly: The ISO logo belongs to ISO the organisation, not to certified companies. Using it without authorisation can create legal issues. Use your certification body's mark instead, and only in accordance with their usage rules.
- Not updating after a scope change: If your certified scope changed at your last audit, your capability statement needs to reflect the current scope, not the old one.
How CertBetter Can Help
If you are reading this and realising your certification is not quite where it needs to be to support your business development goals, whether that means your certificate has lapsed, your scope is too narrow, or you have not yet achieved certification at all, CertBetter can connect you with verified ISO consultants and accredited certification bodies who can help you get there.
CertBetter is a free platform for businesses seeking ISO certification. You submit one form, and you receive up to three competing quotes from vetted providers. There is no cost to you, no obligation, and no sales pressure. It is a practical way to understand what certification would actually cost and how long it would take before you commit to anything.
If your capability statement is the document that wins or loses contracts, having the right ISO certification behind it is worth the investment.
