How long does a transfer audit take from start to finish?

The timeline varies depending on how quickly the new certification body can review your existing documentation and schedule the audit, but most transfers are completed within four to twelve weeks from initial contact. If your audit history is well documented and there are no outstanding nonconformities, the process moves faster. Delays usually occur when previous audit reports are poorly written, when corrective action records are incomplete, or when there are scheduling conflicts with the auditor.

Do I need to tell my current certification body before I transfer?

You are generally not required to seek permission from your current certification body, but you should review your contract for any notice period obligations. Most certification body agreements include a clause requiring 30 to 90 days written notice of termination. Failing to observe this may result in a fee or a dispute. Once you have formally notified them, they are obligated to cooperate with the transfer process, including providing copies of your audit records to the new body if requested.

Will a transfer audit affect my certification dates?

It depends on the new certification body's policy and where you are in your current certification cycle. Many bodies will honour the remaining term of your existing certificate, meaning your surveillance and recertification dates carry over. Others may reset the cycle from the date of the transfer audit. This is an important question to ask upfront before you commit to the transfer, as it affects your audit schedule and costs for the next three years.

Can I transfer my ISO certification if I have an open major nonconformity?

Most accredited certification bodies will not accept a transfer if there is an unresolved major nonconformity on your record. The reason is straightforward: a major nonconformity means your system is not currently conforming to the standard, and the new body would be inheriting a compromised certification. You will generally need to resolve the major nonconformity with your current body and obtain documented evidence of closure before a new body will agree to proceed with the transfer.

Is a transfer audit the same as a recertification audit?

No. A transfer audit is typically scoped similarly to a surveillance audit rather than a full recertification audit. It focuses on verifying that your system is conforming and that your audit history is sound, rather than conducting a complete end-to-end assessment of your entire management system. However, if significant time has passed since your last full audit, or if your system history raises concerns, the new body may choose to conduct a more thorough assessment. The scope of the transfer audit should be discussed and agreed upfront.

How do I find a reputable certification body to transfer to?

Start by confirming that any body you consider is accredited by a recognised accreditation body such as JAS-ANZ in Australia or UKAS in the UK. Then assess their industry experience, auditor qualifications, and client service approach. Getting multiple quotes allows you to compare not just price but also the quality of the information each body provides and how responsive they are. CertBetter makes this process straightforward by connecting businesses with up to three verified, accredited certification bodies through a single enquiry form, so you can compare your options without spending weeks on research.

What Is a Transfer Audit and How Does It Work?

What Is a Transfer Audit?

A transfer audit is the process a certification body uses to take over your existing ISO certification from another certification body. It is not a full recertification from scratch. Instead, it is a structured review that allows a new certification body to assess whether your management system is genuinely conforming before they agree to issue a certificate under their name.

On this page

If you have ever felt stuck with a certification body that provides poor service, charges fees you cannot justify, or simply does not understand your industry, a transfer audit is your exit route. Businesses transfer their ISO certifications more often than most people realise, and the process is far more straightforward than starting over.

To understand where a transfer audit fits in the broader certification landscape, it helps to first understand the common types of audits that certification bodies conduct throughout a three-year certification cycle.

Why Businesses Transfer Their ISO Certification

Before getting into the mechanics of how a transfer audit works, it is worth understanding why businesses choose to switch certification bodies in the first place. The reasons are usually practical rather than dramatic.

Poor Service and Communication

The most common reason businesses transfer is dissatisfaction with how their current certification body handles communication. Audit reports that take weeks to arrive, account managers who do not respond promptly, and auditors who seem unfamiliar with the industry all contribute to frustration. If you have experienced this, you are not alone. The problem is widespread enough that it has been well documented across the industry.

Cost Increases

Certification body fees can creep up significantly over a three-year certification cycle. Some bodies lock clients in with a low initial quote and then apply substantial annual increases. When the renewal comes around, the gap between what you originally budgeted and what you are now being asked to pay can be significant. A transfer audit gives you the opportunity to move to a provider with more transparent pricing.

Change in Business Needs

Your business may have grown, diversified, or entered a new sector. A certification body that was perfectly adequate for a small operation may not have the technical expertise or geographic reach to support you effectively as you scale. Some industries, such as aerospace, defence, or medical devices, require auditors with very specific sector knowledge, and not every certification body can provide that.

Accreditation Issues

In rare but serious cases, a certification body may lose its accreditation or have it suspended. This creates an urgent need to transfer because a certificate issued by an unaccredited body is not worth the paper it is printed on for most commercial and regulatory purposes. Understanding what accreditation bodies like JAS-ANZ do and why accreditation matters is essential context here.

Get 3 ISO Quotes. 24 Hours Response

Tell us what you need and compare vetted ISO consultants or certification bodies within 24 hours. Free, no obligation.

Trusted by 400+ businesses like yours

How the Transfer Audit Process Works Step by Step

The transfer process follows a reasonably consistent pattern across most accredited certification bodies. Here is what to expect at each stage.

Step 1: Approach the New Certification Body

You contact the certification body you want to move to and express your interest in transferring your existing certification. They will ask for some basic information: the standard you are certified to, the scope of your certification, the number of employees, the number of sites, and the name of your current certification body.

This information allows the new body to assess whether they can take on your certification and to calculate the effort involved in the transfer audit. Most reputable certification bodies will provide a quote at this stage without any obligation.

Step 2: Document Review

Once you agree to proceed, the new certification body will request copies of your current certification documentation. This typically includes your existing certificate, your most recent audit reports (usually the last full certification cycle), and any corrective action records related to nonconformities raised during previous audits.

The purpose of this review is straightforward. The new body wants to understand the history of your management system. They want to see whether previous audits were thorough, whether nonconformities were properly closed out, and whether there are any patterns of recurring issues that need attention.

If your previous certification body issued sloppy reports with minimal detail, this stage can create delays. The new body may ask for additional evidence or clarification. This is not a red flag about your business. It is a red flag about your previous auditor.

Step 3: Transfer Audit Planning

The new certification body will plan the transfer audit based on their findings from the document review. In most cases, the transfer audit is equivalent to a surveillance audit in scope. It is not as extensive as the original Stage 2 certification audit that you went through when you first achieved certification.

The audit will focus on verifying that your management system is still conforming to the relevant standard, that previous nonconformities have been properly addressed, and that the system is being actively maintained rather than just sitting on a shelf. Checking whether your ISO management system is genuinely working is exactly the kind of assessment a transfer auditor will be making.

Step 4: The Transfer Audit Itself

The audit is conducted on site, remotely, or in a combination of both depending on the nature of your business and the requirements of the standard. The auditor will review your documented information, interview staff, observe processes, and check records. The depth of the audit will reflect the complexity of your management system and the scope of your certification.

One important point: the transfer auditor is not there to redo everything your previous auditor did. They are conducting an independent assessment to satisfy themselves that the system is conforming. They may reach different conclusions than your previous auditor on some points, and that is entirely appropriate. Different auditors bring different perspectives, and a fresh pair of eyes sometimes finds things that were missed before.

Step 5: Findings and Corrective Actions

If the transfer audit identifies nonconformities, you will need to address them before the new certification body will issue a certificate. Major nonconformities require evidence of corrective action and verification before the certificate is issued. Minor nonconformities may be closed out at the next scheduled audit, depending on the body's procedures.

Do not be alarmed if the transfer audit raises findings that your previous auditor never mentioned. This does not mean your previous audits were fraudulent, though in some cases that is a legitimate concern. More often it simply reflects the difference in approach between auditors and the fact that a fresh reviewer will look at your system with different eyes.

Step 6: Certificate Issuance

Once the audit is complete and any major nonconformities are resolved, the new certification body issues your certificate. The certificate will typically be dated from the transfer date, and your surveillance and recertification schedule will be aligned to the new body's cycle. In most cases, the new body will honour the remaining term of your existing certification cycle rather than resetting the clock entirely, though this varies between bodies and should be confirmed upfront.

You should also inform your clients of the transfer. If your clients rely on your ISO certification for supply chain or tender purposes, they will want to know which body now holds your certificate. There is a good guide to how to inform clients about an ISO certification transfer that covers this communication step in detail.

What the New Certification Body Is Actually Looking For

Understanding what the auditor is assessing during a transfer audit helps you prepare more effectively. The focus areas are consistent across most standards and most certification bodies.

Continuity of the Management System

The auditor wants evidence that your management system has been actively maintained. This means documented procedures are current, records are being kept, internal audits are being conducted on schedule, and management reviews are happening. A management system that looks like it was set up three years ago and never touched again will raise serious concerns.

Nonconformity History

Every nonconformity raised in your previous audit reports needs to have a documented corrective action and evidence of closure. If your previous body raised a nonconformity and then never followed up, that is a problem. The new body will want to see that the underlying issue was genuinely fixed, not just acknowledged.

Competence of People

The auditor will check that the people responsible for operating the management system are competent to do so. This means reviewing training records, qualifications, and evidence that staff understand their roles within the system. Understanding what competence means in an ISO context and how to prove it is directly relevant here.

Scope Accuracy

The auditor will verify that your current operations match the scope stated on your certificate. If your business has changed significantly since the original certification and the scope has not been updated to reflect that, it needs to be addressed as part of the transfer.

Timing: When Should You Initiate a Transfer?

The timing of a transfer matters more than most businesses realise. There are better and worse points in the certification cycle to make the move.

The ideal time to initiate a transfer is after a surveillance audit has been completed and any findings have been closed. This gives the new body a clean, current audit record to review and means there are no outstanding actions hanging over the transfer. Transferring immediately before a recertification audit can create complications, as the new body may want to conduct their own recertification rather than inheriting an audit that is already due.

Avoid initiating a transfer when you have open major nonconformities with your current body. The new body will be inheriting a problem, and some bodies will decline to accept the transfer until the major finding is closed. Sort out any outstanding issues with your current body before making the move.

It is also worth noting that some certification body contracts include notice periods. Check your agreement before you commit to a transfer timeline, as you may be required to give 30 to 90 days notice before leaving.

How to Choose the Right Certification Body for the Transfer

Transferring to the wrong certification body defeats the purpose of leaving the first one. Take the time to evaluate your options properly rather than simply going with whoever quotes the lowest price.

Key factors to assess include the body's accreditation status with a recognised accreditation body such as JAS-ANZ for management systems certification in Australia, their experience auditing businesses in your specific industry, the qualifications and sector experience of the auditors they would assign to your account, their audit report quality, and their responsiveness during the sales process as a proxy for how they will treat you as a client.

If a certification body cannot clearly explain their transfer process, cannot tell you who your auditor will be, or cannot provide references from clients in your sector, those are warning signs. There is a detailed breakdown of how to select the best ISO certification body that applies equally to transfers as it does to initial certification.

Common Mistakes Businesses Make During a Transfer

Having guided businesses through this process many times, there are a handful of mistakes that come up repeatedly.

Not Reviewing Their Own Audit History First

Before approaching a new body, pull out your last two or three audit reports and read them carefully. Note every nonconformity that was raised and check that you have documented evidence of corrective action for each one. If you cannot find the closure evidence, locate it or recreate it before the transfer audit. Walking into a transfer audit without this evidence prepared is a common and avoidable problem.

Assuming the Transfer Will Be Seamless

A transfer audit is a genuine audit. It requires preparation. Do not assume that because you have been certified for several years, the new body will simply rubber stamp the transfer. They have a professional and accreditation obligation to verify your system independently, and they will do so.

Failing to Update Scope Documentation

If your business has changed since your last audit, update your scope documentation before the transfer. This includes your quality manual or equivalent documented information, your list of processes, and any site or employee count changes. Presenting outdated documentation to a new auditor creates unnecessary complications.

Choosing Based on Price Alone

The cheapest transfer quote is not always the best outcome. A certification body that offers a significantly lower price than competitors may be cutting corners on audit time, auditor qualifications, or both. The certificate you get at the end needs to be credible and defensible, not just cheap.

What Happens to Your Certificate Number During a Transfer?

Your certificate number will change when you transfer to a new certification body. Each body issues certificates under their own numbering system. This is normal and expected. What matters is that the new certificate accurately reflects your scope, the standard you are certified to, and the effective dates.

Make sure you update any references to your old certificate number across your website, marketing materials, tender documents, and supplier registrations. If you display your ISO certificate on your website or include it in proposals, replace it with the new certificate as soon as it is issued.