ISO 9001 audit for organisations that want to be demonstrably compliant
An ISO 9001 audit assesses whether your quality management system (QMS) demonstrably works: processes, customer satisfaction, risks, KPIs, nonconformities and continual improvement. An independent auditor assesses whether policy and objectives are alive in practice and whether the PDCA cycle is actually turning. You receive a clear findings report with evidence and points for improvement, so that you move from loose procedures to a demonstrably working quality system that is ready for certification.
What is an ISO 9001 audit?
In an ISO 9001 audit, the auditor assesses whether your QMS meets ISO 9001 and whether it is effective. They look at process control, customer focus, risks and opportunities, performance indicators, internal audits and the management review.
For whom?
For organisations that want to achieve or maintain ISO 9001, that are asked for quality assurance by customers or tenders, or that want to demonstrably improve their processes.
Common problems
- Procedures that do not match the actual way of working.
- KPIs that are not measured or followed up.
- Nonconformities without corrective actions.
- A management review that is missing or merely a formality.
Our approach in 5 steps
- Map the scope and processes.
- Document review against ISO 9001.
- Interviews & sampling on the shop floor.
- Findings report with priorities.
- Improvement plan and follow-up.
Combining with ISO 27001
ISO 9001 and ISO 27001 share the same management system structure (High Level Structure). A combined audit saves time and prevents duplicated work.
ISO 9001 — official standard page (official source).
Frequently asked questions
Short, direct answers — written for people and for AI search features alike.
ISO 9001 is the most widely used quality management standard in the world. It sets requirements for a quality management system (QMS) with which an organisation controls processes, safeguards customer satisfaction, manages risks and opportunities and continually improves through the PDCA cycle. An ISO 9001 certificate demonstrates to customers and partners that quality is safeguarded demonstrably and systematically.
The auditor assesses whether the quality system works in practice. They review the context and scope, process control, customer focus, quality objectives and KPIs, the management of risks and opportunities, the handling of nonconformities and complaints, internal audits and the management review. As with other standards, they look for evidence that policy is actually applied.
The cost depends on the size of the organisation, the number of sites and the maturity of your processes. The certificate cost is set by the certification body. Our role — gap analysis, internal audit and preparation — is usually more limited in scope. Book a no-obligation scan for a tailored estimate.
An internal audit is a mandatory, periodic self-assessment of your QMS, which you may have carried out by an independent external auditor. The aim is to check whether the system meets ISO 9001 and works effectively, and to identify areas for improvement before the certification audit. The results serve as input for the management review.
ISO 9001 focuses on quality management: processes, customer satisfaction and continual improvement. ISO 27001 focuses on information security through an ISMS. Both standards share the same management system structure, which makes them easy to combine. Many organisations run both systems in an integrated way and have them assessed in a single combined audit.
PDCA stands for Plan-Do-Check-Act and is the engine behind continual improvement. Plan: set objectives and processes. Do: carry them out. Check: measure and audit whether it works. Act: adjust based on results, nonconformities and the management review. ISO 9001 is built entirely around this cycle, so that improvement becomes structural and demonstrable.
These include a description of scope and context, the quality policy and objectives, process descriptions, risk and opportunity analyses, records of nonconformities and corrective actions, internal audit reports and the management review. The standard requires fewer mandatory documents than in the past; the emphasis is on demonstrable operation.
ISO 9001 is sector-independent and suitable for organisations of any size — from manufacturing and construction to services and IT. It is particularly valuable when customers, tenders or supply chain partners require quality assurance, or when you want to professionalise processes and structurally reduce errors.
Ready for a stronger quality system?
Book an ISO 9001 audit scan and find out where your QMS stands on the way to certification.
