Technical guide · Certification

ISO 9001 Preparation

Find out whether your organization is ready for the ISO 9001:2015 audit — assessed across the 7 requirement clauses of the standard, before hiring a consultancy or booking the certification body.

View the model page

01 · The problemWhat this assessment solves

ISO 9001:2015 doesn't tell you how to do it — it tells you what has to be in place and requires auditable evidence for every requirement. Walking into the audit without knowing where you stand is costly and puts the certificate at risk.

The readiness assessment shows, clause by clause, how much your QMS already meets (as a percentage) and organizes the evidence and the compliance plan before you invest in certification.

02 · What it isWhat the model is

ISO 9001 is the international standard for Quality Management Systems (QMS), maintained by ISO Technical Committee ISO/TC 176 and adopted by more than 1.2 million organizations across over 170 countries. In Brazil it is published as ABNT NBR ISO 9001:2015, and certificates are issued by bodies accredited by INMETRO.

The standard doesn’t prescribe how to do it — it prescribes what must be done and requires objective evidence that it is being done. It is in that gap between "we think we do it" and "we have evidence that we do it" that 90% of the nonconformities in first audits are concentrated.

The structure follows ISO's High-Level Structure (HLS) — the same basis as ISO 14001, 45001, and 27001 — with requirements in the 7 mandatory clauses (4 to 10), covering the full PDCA cycle. The certificate is valid for 3 years, with annual surveillance audits.

03 · Journey to certificationFrom readiness to certificate

The steps your organization goes through — from measuring readiness to achieving and maintaining certification.

1

Readiness Assessment (GPS)

Before any investment, map where you really stand: the assessment evaluates the criteria of the 7 clauses and delivers the real distance to the certificate, with gaps prioritized by audit impact.
2

QMS Compliance

Based on the gaps, the organization documents processes, updates procedures, trains teams, and creates the records that prove the system. It usually takes 3 to 12 months depending on the initial maturity.
3

Internal Audit

The organization runs at least one full internal audit cycle, with auditors who don't assess their own work; nonconformities generate corrective actions to be closed before the external audit.
4

Management Review

Top management meets formally, with minutes, to review indicators and audit findings and decide on resources and improvements — the act that demonstrates the leadership commitment required by the standard.
5

Certification Audit (Stage 1 and Stage 2)

The accredited certification body audits in two stages: Stage 1 (document review, often remote) and Stage 2 (on-site audit of the processes in operation).
Certificate Issued and Maintenance

The certificate is valid for 3 years, with annual surveillance audits and recertification in the third year — the QMS must keep operating and improving.

04 · The structureWhat the assessment evaluates

No critical area is left out. Each dimension brings together the themes evaluated by the assessment.

Context of the organization

Internal and external context, interested parties, documented QMS scope, and a process map with owners and indicators.

Leadership

Top management commitment with concrete evidence, an approved and communicated Quality Policy, and formally assigned responsibilities.

Planning

Addressing risks and opportunities, measurable quality objectives with action plans, and planning of changes to the QMS.

Support

Resources and infrastructure, calibration of instruments, knowledge management, competence, awareness, and control of documented information.

Operation

The most extensive clause: operational planning, customer requirements, design and development, suppliers, and the production cycle through to release.

Performance evaluation

Monitoring of indicators and customer satisfaction, the internal audit program, and management review — the clauses with the highest frequency of nonconformity.

Improvement

Closing the PDCA cycle: identifying improvements, handling nonconformities with root-cause analysis, and evidence of indicator progress.

05 · HighlightsWhy apply this assessment

GPS before you investKnow your readiness score before hiring a consultancy, buying software, or scheduling the audit — with the real gaps weighted by nonconformity risk.

Evidence organized by criterionDocuments, minutes, and records stay linked to the criterion they prove, eliminating the frantic search on the eve of the audit.

AI-generated compliance planEach unmet criterion generates a suggested corrective action, with evidence type, deadline, and owner, prioritized by weight and risk.

From assessment to maintenanceFollow-up continues after certification, with annual audit reminders, pre-recertification re-assessment, and history by clause.

06 · AudienceWho it's for

Quality ManagerPrioritizes the compliance backlog with objective criteria and presents a readiness status in numbers to the board.

Board and Top ManagementAssesses whether investing in ISO 9001 makes sense and the level of commitment required, with the GPS as a percentage by clause.

Management Systems ConsultantEstablishes the documented baseline at the start of the project and tracks the score's progress throughout implementation.

Internal AuditorIdentifies the highest-risk clauses and where the evidence is weakest to prioritize the next audit cycle.

07 · How to applyFrom questionnaire to plan

Set up the assessment: register the organization, select the ISO 9001:2015 pack, and define the scope — answered by one person or distributed by invitation to multiple respondents.

Answer the criteria with evidence: for each one, mark Meets, Does not meet, or Not applicable and attach the document; the GPS is calculated in real time, by section and overall.

Receive the GPS and the compliance plan: overall score and score by clause, gaps prioritized by risk, and suggested actions with deadline and evidence type.

Implement, evidence, and monitor: link documents to each criterion, retake the assessment to measure progress, and arrive at the audit with the dossier organized by clause.

08 · ReferencesBased on international standards

ISO 9001:2015

In practiceWhat the assessment reveals

Fictional case, for illustrative purposes: a mid-sized metal components manufacturer (85 employees) began the journey after losing a bid for not having ISO 9001. The assessment revealed 34% readiness, with clause 9 (Performance evaluation) at just 18% and the internal audit never performed. By prioritizing clauses 9 and 10 before documentation, training an internal auditor, and restructuring the management review, it rose from 34% to 81% in 7 months — with no external consultancy.

The assessment was the first time I saw the real state of our QMS in numbers. I stopped working on what was easy and started with what really mattered for certification.