Search here..
CTRL+K

Understanding ISO Terminology: Guide to Important Terms and Concepts

CertBetter Icon

Team CertBetter

  • 31 reads
Understanding ISO Terminology A Comprehensive Guide to Key Terms and Concepts

In our experience, we’ve observed that navigating the world of ISO (International Organization for Standardization) can be stressful, especially when you’re new to the world of management systems. Terms like NCR, OFI and accreditation can seem like a foreign language at first but not anymore. To help you understand ISO terminology landscape, we’ve compiled a detailed guide to the most commonly used ISO jargons and their meanings, covering ISO IEC 17021-1 as well as certification terms, with examples to clarify their usage.

Let’s start with the basics:

Contents SHOW

Common ISO Terms and Definitions

Understanding specific ISO terminology is crucial for effective communication and management within your organization. For example, ISO certification terms such as certification and accreditation are commonly used terms but they mean very different aspects in the ISO certification world. We’ll also cover the key terms defined according to ISO IEC 17021-1:

Certification

When an organization claims it is “certified” to an ISO standard, it means its management system has been audited by a third-party auditor from an accredited Certification Body (CB). Certification signifies that the organization’s management system complies with the requirements of a specific ISO standard, such as ISO 9001 for quality management or ISO 27001 for information security management.

For example, if a manufacturing company is certified to ISO 9001, it means the company has established a quality management system that meets the standard’s requirements, and this has been verified by an external auditor.

Accreditation

Accreditation is the formal recognition by an authoritative body that a Certification Body (CB) is competent to carry out specific tasks, including the auditing and certification of organizations. Accreditation Bodies (AB) ensure that CBs operate according to international criteria, thus providing assurance of their impartiality and competence.

For instance, the United States’ ANSI National Accreditation Board (ANAB) accredits CBs that certify organizations to various ISO standards. Likewise in Australia, JASANZ (or previously JAS-ANZ) looks after the accreditation of CBs. This accreditation process ensures that the CBs are qualified to perform their duties.

Registration

The term registration is an older term which was used to be synonymous with certification – not anymore. These days when a business registers for certification (not certified yet!) is commonly referred to as registered by certification bodies (CBs). Essentially, if a company says it is “registered” to an ISO standard, it means that they are planning to get certified in the future.

Auditing

It’s pretty simple at first but in our experience we have found that companies often mistake audits for inspections. Auditing is a systematic process of evaluating an organization’s management system to ensure compliance with a specific ISO standard. This involves collecting and analyzing information to determine whether the management system meets the standard’s requirements.

For example, during an ISO 14001 audit (environmental management system), the auditor might review the company’s waste management practices to ensure they align with the standard’s requirements.

Certification Body (CB)

A Certification Body is an accredited organization that conducts audits and issues certificates to companies that meet ISO standards. They ensure that the certification process is impartial and based on internationally accepted criteria.

Example: SAI Global (now Intertek SAI Global) is a well-known CB that certifies organizations to various ISO standards.

Recommended read: Certification Vs Accreditation What’s Difference? With Examples

Accreditation Body (AB)

An Accreditation Body provides formal recognition to CBs, confirming their competence in certifying organizations. ABs ensure that CBs maintain high standards of auditing and certification.

Example: The United Kingdom Accreditation Service (UKAS) accredits CBs that certify organizations to ISO standards.

ISO Consultants:

These are experts who help organizations develop, implement, and maintain their management systems. They provide advice, instructions, and solutions tailored to the organization’s needs. However, they do not conduct certification audits. Example: A consultant might help a company develop its ISO 9001 quality manual.

Did you know?

You can find ISO certification consultants on CertBetter?

Internal Auditors

Employees of the organization who conduct internal audits to assess compliance with ISO standards. Internal audits are a requirement of most ISO standards, but they cannot lead to certification.Example: An internal auditor might conduct a periodic review of the company’s quality management processes to ensure ongoing compliance with ISO 9001.

Third-Party or External Auditors

These auditors work for accredited Certification Bodies and conduct audits to determine if an organization’s management system meets the ISO standard. Their assessments can lead to certification.Example: An external auditor from a CB might audit a company’s information security management system for ISO 27001 certification.

Certified Client

An organization whose management system has been certified by a Certification Body.

Example: A hospital certified to ISO 9001 for its quality management system.

Impartiality

The presence of objectivity, meaning that conflicts of interest do not exist or are resolved so as not to influence the activities of the certification body.

Example: A CB ensuring its auditors do not have personal relationships with the clients they audit.

Technical Expert

A person who provides specific knowledge or expertise to the audit team, particularly for complex or technical areas of the audit.

Example: A technical expert in cybersecurity might assist an audit team during an ISO 27001 audit.

The Audit Process

The audit process involves several stages, each critical to ensuring a thorough and effective evaluation of the management system.

Audit Planning

The audit begins with planning, where the auditor reviews the scope of the audit, the processes to be audited, and any specific areas of focus. This stage sets the groundwork for a successful audit.

Opening Meeting

The audit typically starts with an opening meeting where the auditor outlines the audit plan, objectives, and methods. This meeting ensures that everyone involved understands the process and expectations.

Conducting the Audit

During the audit, the auditor collects and evaluates evidence to determine compliance with the standard. This can include reviewing documents, interviewing employees, and observing processes.

Example: An auditor might check records of training sessions to verify compliance with ISO 9001 requirements for employee competence.

Audit Findings

The auditor documents findings, including nonconformities and opportunities for improvement. These findings are discussed with the organization during the audit process.

Closing Meeting

The audit concludes with a closing meeting where the auditor presents the findings to the organization’s management. This meeting provides an opportunity for the organization to understand the results and ask questions.

Nonconformity (NCR)

The non-fulfillment of a requirement. Nonconformities can be classified as major or minor based on their impact on the management system’s capability to achieve intended results.

Major Nonconformity

A significant issue that affects the capability of the management system. For example, if a company consistently fails to conduct required safety inspections, this would be a major nonconformity in an ISO 45001 audit (occupational health and safety management).

Minor Nonconformity

A less critical issue that does not significantly impact the management system. For instance, a single missing record of a maintenance check might be classified as a minor nonconformity.

Opportunity for Improvement (OFI)

Situations where the auditor identifies areas where additional effectiveness or robustness might be possible with a modified approach. These are suggestions rather than requirements.

Example: An auditor might suggest automating a manual process to improve efficiency and reduce the likelihood of errors.

Follow-Up Audits

After the audit, the organization must address any nonconformities identified. This might involve corrective actions to resolve issues and improve the management system. The auditor may conduct follow-up audits to verify that these actions have been effective.

Conclusion

Understanding ISO terminology is essential for effective management system conformance as well as smooth ISO certification process. By familiarizing yourself with these key terms and processes, you can better navigate the complexities of ISO standards and ensure your organization maintains high standards of quality, safety, and efficiency.

Whether you’re new to ISO or looking to deepen your knowledge, this terms and jargon guide provides a solid foundation. Remember, the journey to certification is not just about meeting standards—it’s about continuous improvement and commitment to excellence.

Let us know if we missed any ISO term on this page!

Post your question about “Understanding ISO Terminology: Guide to Important Terms and Concepts” on the CertBetter Compliance Forum and tap into a wealth of expertise!

Our community of compliance professionals and ISO experts is ready to provide you with insightful answers and practical solutions. Join the discussion now!
  • Recommended Reads
What is Climate Finance Why is it Important for Businesses

What is Climate Finance? Why is it Important for Businesses?

Easy Guide to Implementing ISO Compliance Management System

Easy Guide to Implementing ISO 37301 Compliance Management System

Connect with ISO Certification Consultants

CertBetter makes it easy to find ISO certification consultants and compliance professionals from around the globe.

Filter results
{{ activeFilterCount }}
Standards

More than just a directory — we're a community.

For Companies
For ISO Consultants
Help & Support
Linkedin X-twitter Facebook Instagram

© CertBetter. All rights reserved.

We use cookies to ensure you have the best experience on our website.
Got it!