Self-certification

Implementing the requirements of an ISO management system standard and making a self-determination and self-declaration (often referred to as self-certification) involves a structured approach. This process enables an organization to declare conformity to a standard without seeking certification from an external certification body. It is also referred to as a first-party audit.

Follow these steps.

1. Understand the Standard

  • Select the appropriate standard (e.g. ISO 9001 for Quality, ISO 14001 for Environment, ISO 45001 for OH&S).
  • Obtain the latest version of the standard from an official source (e.g. ISO or national standards body).
  • Study the requirements and intent of each clause.
  • Understand definitions, principles, and annexes (especially Annex SL for the high-level structure).

2. Conduct a Gap Analysis

  • Compare your organization’s existing processes and systems with the standard’s requirements.
  • Identify areas where processes, documentation, or controls are lacking.
  • Document findings to guide the implementation plan.

3. Plan the Implementation

  • Define scope of the management system.
  • Secure top management commitment.
  • Establish an implementation project plan with responsibilities, resources, and timelines.
  • Identify interested parties and their relevant needs and expectations.

4. Develop the Management System

  • Establish the necessary documented information (policies, procedures, manuals, records).
  • Define roles, responsibilities, and authorities.
  • Set objectives aligned with the organization’s strategic direction.
  • Implement processes to address risks and opportunities.
  • Integrate legal and other compliance requirements.

5. Train and Raise Awareness

  • Train staff at all levels on the standard’s requirements and the management system’s processes.
  • Ensure awareness of individual roles and how they contribute to conformity and continual improvement.

6. Implement and Operate the System

  • Begin applying the developed policies and procedures in daily operations.
  • Monitor performance against objectives and requirements.
  • Maintain records as evidence of conformity and performance.

7. Evaluate Performance

  • Conduct internal audits to verify the system is effectively implemented and meets standard requirements.
  • Use audits to identify nonconformities, weaknesses, and opportunities for improvement.

8. Conduct Management Review

  • Top management must review the management system at planned intervals.
  • The review should assess the system’s suitability, adequacy, effectiveness, and alignment with strategic direction.

9. Address Nonconformities and Drive Continual Improvement

  • Take corrective actions to address nonconformities.
  • Use results from audits, management reviews, and performance monitoring to identify opportunities for continual improvement.
  • Update processes and documentation accordingly.

10. Make the Self-Declaration

  • When confident the management system meets all applicable requirements of the standard:
    • Prepare a statement of conformity (the self-declaration).
    • Ensure it is supported by objective evidence (e.g., audit records, performance metrics, documented procedures).
    • Optionally, publish or share this self-declaration with stakeholders.

Note

  • Self-declaration is not equivalent to third-party certification, but it can be useful for internal assurance or stakeholder communication.
  • ISO provides guidance on self-declaration in ISO/IEC 17050-1 (general requirements) and ISO/IEC 7050-2 (supporting documentation).
  • Transparency, evidence-based assurance, and accountability are key for credibility.

What the video

Back To Top