Failed an ISO Certification Audit? Here’s your guide on what to do next.

Reading Time: 7 minutes
Published on: August 29, 2023

Facing an ISO Certification audit failure can be disheartening for any business. The meticulous efforts invested in aligning processes, procedures, and practices with rigorous standards can sometimes fall short, leaving a palpable sense of disappointment in its wake. However, amidst the initial sting of failure lies an opportunity for evolution and transformation. 

Whether you failed your ISO Certification audit on the initial attempt, or during a Surveillance or Recertification audit, the journey to recovery requires a comprehensive understanding of what lies ahead. This blog will help you understand what it means to fail a Certification audit, and how you can bounce back.

Why might you fail your ISO Certification Audit? 

During your Certification audit, auditors may raise non-conformances. A non-conformance is a failure to meet a specific requirement, and can be either minor or major. Depending on the severity and/or number of non-conformances, the business can be facing an audit failure.

Understanding the reasons behind possible failures may empower your organisation to strengthen your processes, address weaknesses, and ultimately position yourself for a successful Certification audit. While this list isn’t exhaustive, here are just some of the reasons businesses may fail their audit:  

  • Lack of Documented Processes and Procedures: One of the primary requirements for all ISO Management System Standards is the documentation of all relevant processes, procedures, and business planning. Failure to adequately document key aspects of the management system can lead to non-conformance during the audit. If your organisation cannot demonstrate how it plans, executes, and controls its processes, auditors may find it challenging to assess conformity.
  • Non-Conformance with the organisation’s own requirements and the ISO Standard(s): ISO Management System Standards are designed to establish a framework for organisations to meet specific requirements. Therefore, non-conformances may arise not only from a lack of documentation, but also failure to demonstrate evidence of adherence to processes and procedures.
Did you know? 

All ISO Management System Standards are an actual document developed by the International Organisation for Standardisation (ISO) detailing the standard’s clauses and requirements. We highly recommend that you purchase your chosen standard(s) document, to fully understand the requirements for successful implementation and audit results. Visit Standards Australia to search for and purchase a copy of your chosen standard(s). 

  • Inadequate Training and Awareness: Employees must be trained and aware of their roles and responsibilities within the Management System. Failure to provide adequate training records or ensuring employees understand their obligations may result in major non-conformance during the audit.
  • Poor Internal Auditing and Corrective Actions: As per the ISO Management System Standards requirements, organisations must perform regular Internal Audits to assess the effectiveness of their management systems. Inadequate Internal Auditing, or failing to take appropriate corrective actions based on audit findings, can lead to recurring non-conformance issues and audit failures. 
  • Inconsistent or Incomplete Records: Accurate record-keeping is essential for ISO conformance. Incomplete or inconsistent records may lead to doubts about the organisation’s ability to maintain and adhere to its management system effectively.

What happens when you fail an ISO Certification Audit? 

If your business fails your Certification audit, it can have various consequences depending on the specific circumstances and the severity of the failures. Here are some possible outcomes:

  • Corrective Action Request: The auditors may issue a Corrective Action Request (CAR), or something named similar, highlighting the non-conformances found during the audit. Your business will be required to address these issues within a specified timeframe provided by the auditor, so your processes and systems can meet the standards requirements.
  • Suspension of Certification: If your business is already Certified, and the audit reveals major non-conformances or recurring issues, the Certification Body may suspend your Certification(s). This means your Certification will no longer be valid until the identified problems are adequately addressed and verified through a follow-up audit.
  • Increased Surveillance Audits: The Certification Body may increase the frequency of Surveillance Audits to closely monitor your business’s conformance with your chosen ISO Standard(s). As an example, instead of returning one year after as usual, they may need to return again in 3 or 6 months. This could result in additional audit costs and a subsequent administrative burden for your organisation.
  • Loss of Market Opportunities: Some tenders, contracts, grants, or business opportunities may require your business to have ISO Certification as a prerequisite. Failure to achieve or maintain your Certification may disqualify you from participating in certain markets or bidding on specific projects and contracts.
Case Study

One of our clients faced a significant challenge when they lost all three of their certifications (Quality, Safety, and Environmental) during their Surveillance Audit. This suspension happened due to a combination of major non-conformances and inadequate system management caused by changes in key personnel and lack of understanding of the standards’ requirements.

The client’s predicament was urgent, as ISO 9001:2015 Certification was pivotal also for a Product Certification they had in place, an essential prerequisite for selling their products. Furthermore, their insurance premiums and major client relationships hinged on the three certifications. The absence of Certifications not only jeopardised their financial stability but also cast a shadow on their reputation and their ability to operate.

After the realisation of how important their Certifications were, they engaged ISO Certification Experts to navigate their journey to restoration. The team devised a plan, prioritising the closure of non-conformances based on their impact and complexity, starting with ISO 9001:2015, before addressing the issues with ISO 45001:2018 and ISO 14001:2015.

With a short deadline provided by their Certification Body, our client’s Quality Certification was reinstated after 3 months, and within 6 months, they were back on track with their Safety and Environmental Certifications as well. 

This case exemplifies the challenges posed by fragmented systems, unresolved non-conformances, and personnel gaps in maintaining your Certification. Through planning, focused efforts, and system integration, the business successfully regained its Certifications, improved operational efficiency, and upheld its reputation among stakeholders. This experience underscores the value of proactive system management and the benefits of experienced ISO Consultants.

How to recover from a failed ISO Certification Audit? 

Failed an ISO Certification Audit? Here's your guide on what to do next.

It’s important to note that the recovery after failing an ISO audit will vary for every business, depending on what type of ISO audit your business is going through (i.e. Initial Certification, Surveillance Audit, or a Re-Certification Audit), how severe the non-conformances are, and the approach your Certification Body takes. Below is a generalised step-by-step guide on what to do next. 

  1. Review the audit findings: Carefully review the audit report and understand the areas where your organisation did not conform with the ISO standard’s requirements. This will help you gain insights into the specific issues that need to be addressed.
  2. Develop a corrective action plan: Create a comprehensive plan to rectify the identified non-conformances. The plan should include specific actions, responsible parties, timelines, and resources required for each corrective measure.
  3. Implement corrective actions: Begin executing the corrective action plan, ensuring that each step is followed as scheduled. It may involve updating procedures, improving processes, providing additional training, or making organisational changes.
  4. Schedule a re-audit (if applicable): If the certification body allows for a re-audit, schedule it as soon as your organisation is ready to demonstrate conformance with the ISO standard. Be prepared to present evidence of the implemented corrective actions.
  5. Engage with Expert ISO Consultants: Professional ISO Management System Consultants will help you address the changes that need to be made, and how to go about implementing them more effectively and within the given timeframe. They will help you with your corrective action report, and can conduct an internal audit to ensure that your ISO Management System is now meeting your chosen standards requirements before your next external audit.  

ISO Management System Consultants are professionals who assist businesses develop, implement, and maintain a Management System meeting the requirements of one or more ISO Standards. Consultants will assess the organisation’s current state and provide advice on the best way forward.

Some benefits that a business can enjoy when engaging a Consultant are:

  • They have an unbiased opinion and fresh perspective on your current processes;
  • Consultants bring their knowledge and expertise about ISO Standards;
  • Disruption to “business as usual” is minimised, allowing your people to continue focusing on their primary business roles;
  • The right Consultants will ensure that you develop bespoke solutions that reflect the business operations, and drive continual improvement; and
  • Experienced Consultants can bring knowledge and insights with best-practice initiatives and effective solutions that have worked for other organisations in your industry.

Navigating a setback such as failing an ISO Certification audit can be a challenging endeavour. However, we are here to help! Our team of consultants are experts in developing effective management systems, and are passionate about helping businesses achieve, maintain and improve their Certifications. Since we started the business in 2007, every business that has followed our recommendations has achieved certification first time, and, as a result, we offer a Certification Readiness Guarantee – by following our proven planning process and advice, supported by our extensive industry experience, we can get you certified first time – Guaranteed!

With over 15 years of experience and a 5-Star Google Rating, our Consulting team can help you achieve and maintain your Certifications to the main ISO Management System Standards. Call us now on 1300 614 897, email us, or book your online FREE Strategy Session to solve any further questions about the Certification Process, or to discuss a tailored solution for your business.

About the author

Managing Director at ISO Certification Experts

Erica is the Managing Director of ISO Certification Experts and ICExperts Academy. She has been helping businesses with their ISO Certification needs for over 20 years. Erica is also a Certified trainer, implementer and auditor for the ISO 9001, ISO 14001, ISO 45001 and ISO 27001 standards. Erica primarily heads up the day-to-day operations of the businesses, and is also a current member of the Standards Australia Committees: QR-008 Quality Systems and ISO 9001 Quality Management Brand Integrity.

All information on this blog site is for informational purposes only. As this information is based on our professional experience, opinion, and knowledge, we make no representations as to the suitability of this information for your individual business circumstances. Especiality Pty Ltd trading as ISO Certification Experts and all related businesses and brands will not be liable for any errors, omissions, legal disputes or any damage arising from its display or use. All information is provided as is, with no warranties and confers no rights.

We will not be responsible for any material that is found at the end of links that we may post on this blog site. The advice, ideas, and strategies should never be used without first assessing your own personal business situation or seeking professional and/or legal advice. Information may also change from time to time to suit industry and business needs, requirements and trends.