The ISO certification process can be challenging to deal with.
You need to collaborate with certification auditors, which are usually perceived as prejudiced people that will probably insist on unnecessary details and make the process even more difficult for you. The truth is that things can get easier; all you need to do is understand how the brain of an ISO certification auditor works.
At 27001 Academy, an online learning center where you can get training for ISO 27001 implementation, we created an infographic that explains what to expect during a certification audit:
First thing you need to know is how to choose a certification auditor so that you can leverage his knowledge, experience and skills in order to help you choose the most suitable standards for your business.
Following that, know what the auditor will be looking for. He must assess whether: you have all the documents in order, your activities and documentation comply with the standard, your activities comply with your own documentation.
Certification auditors are also people and they will get annoyed by things that will prevent them from doing their job. In order to prevent this from happening, simply answer their questions frankly, don’t lie and do not waste their time.
It’s very easy to keep a certification auditor happy; all you need to do is give clear and timely answers that can be supported with facts, admit if you have a problem and ask for his opinion.
When he visits you again, make sure your system works properly and your documentation is maintained. Basically, the more you help the auditor do his job, the more you help your business.