How long does ISO certification suspension typically last?

The duration of a suspension depends on your certification body's policies and the severity of the issues involved. Most certification bodies allow 30 to 90 days for corrective actions to be completed and verified. If you resolve the issues within that window and the follow-up audit or review is satisfactory, the suspension is lifted and your certificate is reinstated. If you fail to act within the timeframe, the certification body can withdraw your certificate entirely, which would require you to start the certification process from scratch.

Can clients see that my ISO certificate is suspended?

Yes. Most accredited certification bodies maintain public registers of their certified clients. When a certificate is suspended, that status is typically reflected in the public register. Procurement teams and clients who verify your certificate will be able to see the suspension, which can affect your ability to win or retain contracts. This is one of the most damaging practical consequences of suspension and a strong reason to act quickly if you receive a suspension notice.

Does suspension affect all my ISO certifications or just one?

Suspension is applied to a specific certificate for a specific standard. If you hold multiple ISO certifications, for example ISO 9001 and ISO 45001, a suspension of one does not automatically affect the other, provided they are separate certificates. However, if the underlying issues that caused the suspension are systemic across your management system, your certification body may choose to review all your certifications. It is always best to address issues comprehensively rather than in isolation.

What is the difference between suspension and withdrawal of ISO certification?

Suspension is a temporary status indicating that your certificate is on hold while you address identified issues. It can be lifted once the issues are resolved. Withdrawal, also called cancellation or revocation, is permanent. A withdrawn certificate means your certification has been formally terminated, and you would need to go through the full initial certification process again to regain it. Withdrawal typically follows a period of suspension where the required corrective actions were not completed within the allowed timeframe.

Can I still use my ISO logo and certificate during a suspension period?

No. During a suspension, you are not permitted to use your ISO certification mark or reference your certificate in any marketing, tenders, or client communications. Continuing to use the mark during suspension would constitute a breach of your certification agreement and could lead to immediate withdrawal of your certificate as well as potential legal consequences. If you are unsure about the specific rules, review your certification agreement or contact your certification body directly.

How do I know when my surveillance audit is due?

Your certification body will typically send reminders, but you should not rely solely on them. When you receive your certificate, note the certification date and the surveillance audit schedule outlined in your certification agreement. Most standards operate on a three-year cycle with annual or biannual surveillance audits. Build these dates into your business calendar and assign a responsible person to manage them. If you are ever unsure of your next audit date, contact your certification body directly and ask them to confirm your current schedule in writing.

Why ISO Certification Gets Suspended (Top Reasons)

ISO Certification Suspension Is More Common Than You Think

Most businesses put enormous effort into achieving ISO certification. The audits, the documentation, the corrective actions, the management reviews. It is a real investment of time and money. So when a certification body suspends a certificate, it comes as a genuine shock to many business owners.

On this page

But here is the thing. Suspension is not a rare event reserved for badly run organisations. It happens to businesses that were once well-prepared but let things slip. It happens to growing companies that outpaced their systems. It happens to organisations that simply did not understand their ongoing obligations after the initial audit.

Having spent years auditing and consulting across Australian businesses, I have seen suspension happen for a surprisingly consistent set of reasons. This article walks through the most common ones, what the suspension process actually looks like, and what you can do to make sure it never happens to your business.

What Does ISO Certification Suspension Actually Mean?

Before we get into causes, it is worth being clear about what suspension means in practice. Suspension is not the same as withdrawal or cancellation. It is a temporary status placed on your certificate by your certification body, indicating that your management system no longer meets the requirements of the standard.

During suspension, you are generally not permitted to use your ISO certificate in marketing, tenders, or client communications. If a client or procurement team checks your certificate status through a public registry, they will see it as suspended rather than active. That can cost you contracts and damage your reputation quickly.

Suspension typically comes with a defined timeframe, often 30 to 90 days, during which you must demonstrate corrective action. If you fail to resolve the issues within that window, the certification body can withdraw your certificate entirely, meaning you would need to go through the full certification process again.

The rules governing how certification bodies handle suspension are set out in ISO/IEC 17021-1, the international standard for certification body operations. Your certification body is required to follow these rules consistently.

Get 3 ISO Quotes. 24 Hours Response

Tell us what you need and compare vetted ISO consultants or certification bodies within 24 hours. Free, no obligation.

Trusted by 400+ businesses like yours

The Most Common Reasons ISO Certification Gets Suspended

1. Missing a Surveillance Audit

This is the single most common cause of suspension I have seen. ISO certificates are not issued once and forgotten. They operate on a three-year certification cycle, with surveillance audits typically required annually or every six months depending on your certification body and the standard involved.

If you miss a scheduled surveillance audit without rescheduling it promptly, your certification body has grounds to suspend your certificate. Sometimes this happens because the business lost track of the schedule. Sometimes a key person left and nobody picked up the responsibility. Sometimes the business simply decided to delay because things were busy.

Whatever the reason, the outcome is the same. Your certificate goes into suspension until the audit is completed and any findings are addressed. The fix is simple in theory but requires prompt action. Contact your certification body immediately, reschedule the audit, and make sure you are prepared.

If you want to understand what is involved in staying audit-ready, our guide on how to check if your ISO management system is actually working covers the key indicators to monitor between audits.

2. Failure to Close Out Corrective Actions

After every audit, whether it is a surveillance audit or a recertification audit, any nonconformances raised must be addressed through a documented corrective action process. Your certification body will set a deadline for you to submit evidence that the root cause has been identified, the issue has been corrected, and steps have been taken to prevent recurrence.

If you miss that deadline, or if the evidence you submit is inadequate, the certification body can suspend your certificate. This happens more often than it should, usually because the business treats the corrective action as a paperwork exercise rather than a genuine fix.

A common scenario I have seen is a business that submits a corrective action response that says something like “staff have been reminded of the procedure.” That is not a corrective action. That is a note. Auditors are trained to spot the difference, and when the same issue reappears at the next audit, suspension becomes very likely.

Understanding what a proper corrective action looks like is essential. It requires root cause analysis, a documented fix, and objective evidence that the fix has been implemented and is working.

3. Major Nonconformances Found During Audit

Not all audit findings are equal. Minor nonconformances can usually be resolved within the normal corrective action timeframe. Major nonconformances are a different matter. A major nonconformance indicates a significant failure in your management system, such as a complete absence of a required process, a systematic breakdown across multiple areas, or a situation that poses serious risk to your customers, employees, or the environment.

When a major nonconformance is raised, certification bodies typically do not issue or continue a certificate until it is resolved. If the major nonconformance is found at a surveillance audit, suspension is often the immediate outcome while you work through the corrective action.

The types of issues that commonly lead to major nonconformances include a management review that has not been conducted in over 12 months, internal audits that have not been completed as planned, documented information that is completely out of date or missing, and legal compliance obligations that have been ignored entirely.

4. Significant Changes to the Business That Were Not Reported

Your ISO certificate is issued for a specific scope, covering defined activities, locations, and processes. When your business changes significantly, those changes can affect whether your existing certificate remains valid.

Common changes that require notification to your certification body include moving to a new facility, acquiring another business or merging with one, significantly expanding or reducing the scope of your operations, losing key certified personnel, or changing your legal structure.

Many businesses simply do not realise they have an obligation to notify their certification body when these changes occur. The certification body finds out at the next audit, and by that point the certificate may have been invalid for months. Suspension follows while the scope is reassessed and any gaps are addressed.

If your business is going through a restructure, our article on what happens to ISO certification when you restructure your business explains your obligations in detail.

5. Failure to Pay Certification Fees

This one might seem obvious, but it happens more than you would expect. Certification bodies charge annual fees for maintaining your certificate, separate from the audit fees. If invoices go unpaid, particularly after reminders have been sent, the certification body can suspend your certificate on administrative grounds.

This sometimes happens during periods of financial difficulty, when a business is cutting costs and the ISO fees get deprioritised. It also happens when the person responsible for paying the invoices leaves the organisation and nobody else picks it up.

The solution is straightforward. Set up direct debit or calendar reminders for all certification-related invoices. Make sure at least two people in the business are aware of the payment schedule.

6. Fraudulent Use of the Certification Mark

Using your ISO certification mark in ways that breach your certification body's rules is a serious issue. This includes using the mark after your certificate has lapsed, applying it to products or services that fall outside your certified scope, or misrepresenting your certification status to clients.

Certification bodies take this seriously because it undermines the integrity of the entire certification system. If a complaint is made or an auditor identifies misuse during an audit, suspension can follow quickly.

Our article on the rules around using the ISO certification mark in marketing is worth reading if you are unsure about what is and is not permitted.

7. Loss of Accreditation by the Certification Body

This one is outside your control but worth understanding. If your certification body loses its accreditation, your certificate may be placed in question. Accreditation bodies such as JAS-ANZ in Australia and New Zealand oversee certification bodies to ensure they are operating to the required standard. If a certification body fails a peer evaluation or is found to be issuing certificates improperly, its accreditation can be suspended or withdrawn.

This is one of the reasons why choosing an accredited certification body matters so much. If your certification body is not properly accredited, your certificate could be rendered invalid through no fault of your own.

8. Complaints or Regulatory Actions

If a serious complaint is made against your business that calls into question your compliance with the certified standard, your certification body may initiate a special audit or investigation. For example, if you hold ISO 45001 certification and there is a serious workplace incident, or if you hold ISO 27001 certification and suffer a significant data breach, the certification body may review whether your management system was actually functioning as required.

Similarly, if a regulatory body takes action against your business for breaches related to your certified scope, that can trigger a review by your certification body. Suspension may be imposed while the investigation is underway.

How to Prevent ISO Certification Suspension

Build a Certification Maintenance Calendar

The most effective thing you can do is treat your ISO certification like any other business obligation with hard deadlines. Create a calendar that includes every surveillance audit date, every corrective action deadline, every internal audit cycle, every management review, and every fee payment date. Review this calendar at least monthly and assign clear ownership for each item.

Conduct Meaningful Internal Audits

Internal audits are not just a box-ticking exercise. They are your early warning system. A well-run internal audit program will identify gaps and weaknesses before your certification body does, giving you time to fix them without the pressure of suspension hanging over you. Our guide on how to run ISO internal audits that actually find problems gives you a practical framework for making them useful.

Take Corrective Actions Seriously

Every nonconformance raised by an auditor, whether minor or major, deserves a genuine root cause investigation. Do not submit responses that simply describe what you plan to do. Submit evidence that you have done it. Photographs, updated records, revised procedures, training logs. Give the auditor something concrete to verify.

Notify Your Certification Body About Changes

If anything significant changes in your business, pick up the phone and call your certification body. Ask them whether the change affects your certificate scope or requires a special audit. It is far better to have that conversation proactively than to have an auditor discover the change and raise a major nonconformance.

Keep Your Contact Details Updated

Make sure your certification body always has current contact details for the right people in your organisation. Audit reminders and invoices that go to a former employee's email address are a surprisingly common cause of missed deadlines.

What to Do If Your Certificate Has Already Been Suspended

If you have received a suspension notice, do not ignore it. Act immediately. Contact your certification body, understand exactly what is required to lift the suspension, and put together a realistic action plan with clear timelines.

Be honest with your certification body about what went wrong. Auditors and certification managers are not there to punish you. They want to see your system functioning properly. A transparent, well-documented corrective action response will go a long way toward resolving the situation quickly.

If the issues are complex or you are not sure how to respond, consider engaging an experienced ISO consultant to help you structure your corrective actions and prepare for the follow-up audit. The cost of a few hours of consulting time is insignificant compared to the cost of losing a contract because your certificate is suspended.

If you are unsure where to find a qualified consultant quickly, CertBetter connects businesses with verified ISO consultants who can assist with exactly this kind of situation. You submit one form, receive up to three competing quotes, and the service is completely free for businesses seeking help.

What Are the Most Common Reasons ISO Certification Gets Suspended?