Do you really need a Gap Analysis for ISO Certification Readiness?
So, you’re just getting started on your journey to achieving ISO Certification for your business, and come across Gap Analysis as the first step.
First thought: is this really necessary?
Well, you do need to know where you’re starting from, and that’s why a Gap Analysis is conducted. However, we’ve also come across many businesses that were literally starting from scratch, and in these cases, paying for a Gap Analysis can be a waste of time and money.
But first, let’s understand what a Gap Analysis really is.
What is a Gap Analysis?
It’s an initial review of your current Business Management System. It involves reviewing your existing work practices (i.e. the way you operate) and your documented business information, in relation to how you provide your products and/or services. This includes review of policies, procedures, operational processes, software workflows, flowcharts, templates, forms, manuals, reports, etc and all the records that go along with these.
The objective of a Gap Analysis is to gain clarity on how far you are from meeting the requirements for ISO Certification. This review can be conducted against the requirements of one ISO Standard, or multiple ISO Standards simultaneously.
For example, ISO Certification Experts provides the Gap Analysis service to review where you’re at, against one or more of the following standards:
Many consultants or auditors will conduct a Gap Analysis using a “tick box” approach against the listed clauses of the ISO Standards, only identifying in their reports which clauses the gaps are against. However, this approach doesn’t provide information or an explanation as to how you address the identified gaps.
Is a Gap Analysis the right first step for my Business?
If you think that you already have the majority of the required documentation and implementation activities in place, a Gap Analysis is usually a good place to start to identify how well you conform to the requirements of the ISO Standard(s).
How will you know if you have enough in place to justify a Gap Analysis?
If you’re not familiar with the requirements of the ISO Standards you’re planning to work with, you can purchase a copy of the ISO Standard(s) online as a PDF and review these first. Click on the links below to purchase online:
When you go through the Certification process, the auditor will usually check that you have correctly licensed versions in the business, and it’s a good idea to review them now, to give you a better understanding of the requirements, and in preparation for the Gap Analysis process. You can just purchase the pdfs, and they’ll be emailed to you.
However, without experience, it can still be challenging to interpret how much is enough to meet all of the requirements. For this reason, we offer a Free Strategy Session – an online meeting for up to 1 hour, where one of our experts will meet with you to ask a few questions, understand your organisation, and have a look at what you already have in place, in order to advise if a Gap Analysis is the best starting point for your business.
What we often find too, is that this meeting also clarifies many questions people have regarding the Certification readiness process, and can be very helpful to create a tailored plan for your organisation to achieve ISO Certification.
How the Gap Analysis process works
The Gap Analysis will usually only require your team’s involvement for one day remotely, starting with an online meeting with the consultant, where they’ll be asking questions around what you currently have in place that relates to each clause of the ISO Standards (taking an integrated approach if there’s more than one), and asking to see some examples of relevant documentation.
It’s a good idea to provide the consultant with view-only access to your current Business Management System related documents prior to or during the Gap Analysis meeting for easier reference and a more detailed review offline.
The consultant will need to speak with the right people to cover both management and operational aspects of the business, as well as the person who knows the most about the current quality, safety, environmental and/or information security management aspects of the business (as relevant to the ISO Certification you’re working towards).
After the Gap Analysis review, you’ll receive a full report and comprehensive list of “Required Improvements” that need to be actioned to meet all the requirements of the ISO Standard(s). This will pretty much look like a to-do list with cross-references back to the clauses of the ISO Standard(s).
Once you have the report, we’ll have a follow up 1 hour online meeting with you to go through the findings and ensure you understand the recommendations and what needs to be done. You can then request further assistance from us to fill the gaps, or you can address the identified gaps yourself. The benefit of this approach is that you can take care of the items you’re confident to handle, and then select those you’d like a quote to get our help with.
What if a Gap Analysis is not recommended?
Regardless if you start with a Gap Analysis or opt to create your Management System from scratch, we are here to guide you through this process to ensure you will not only achieve your ISO Certification, but create a management system that provides a continuous improvement framework for your business for many years to come!
About the author
Andressa (alias Andy) is the General Manager of ISO Certification Experts and ICExperts Academy, heading our Marketing department and coordinating the internal improvement initiatives and projects. With an MBA in Project Management, and over 10 years of experience in customer service and project management across many industries, she brings valuable knowledge to the business and our operations. Alongside her professional expertise, Andressa holds a genuine passion for sustainability and the environment.
All information on this blog site is for informational purposes only. As this information is based on our professional experience, opinion, and knowledge, we make no representations as to the suitability of this information for your individual business circumstances. Especiality Pty Ltd trading as ISO Certification Experts and all related businesses and brands will not be liable for any errors, omissions, legal disputes or any damage arising from its display or use. All information is provided as is, with no warranties and confers no rights.
We will not be responsible for any material that is found at the end of links that we may post on this blog site. The advice, ideas, and strategies should never be used without first assessing your own personal business situation or seeking professional and/or legal advice. Information may also change from time to time to suit industry and business needs, requirements and trends.