When I picked up ISO 9001, the accreditation had expired and, due to a falling-out with the previous ISO owner (a former employee), most of the ISO documentation had been wiped.

We had existing key clients who required ISO 9001 and more key clients onboarding who also expected it. Processes were being followed loosely, but nothing was properly recorded or kept up to date, and no internal audits had been carried out for some time. Nobody in the company wanted to own the mess, so I stepped in.

I was asked to get the business through ISO 9001 accreditation starting from scratch.

In reality, that meant:

• Rebuilding the entire ISO 9001 framework and documentation

• Aligning it with how we actually operated (and with ISO 27001 where relevant)

• Getting us ready to pass both an external ISO audit and demanding client audits

• Piggybacked on a new platform our CTO had implemented for ISO 27001 (Scrut), which also supported ISO 9001, so we could manage everything in one place.

• Researched and drafted all procedures related to customer-facing elements of the business, using the platform to share documentation where ISO 9001 and 27001 overlapped (e.g. data protection), to avoid duplication.

• Once all SOPs were drafted, I sent them to the relevant owners to review, edit and approve, making sure ownership was clear.

• Held a management review meeting with key stakeholders to walk through the full framework, explain where we were already compliant and where we needed to tighten up, and agreed actions ahead of the audit.

• Worked with department heads to ensure their procedures were aligned, communicated to their teams, and that evidence (records, logs, audit trails) was captured and stored in the platform.

• Prepared for the external audit by mapping likely questions to our documentation and evidence so I could retrieve everything quickly on the day.

• Sat with the auditor for the full day, providing documentation and evidence as requested and explaining how our processes worked in practice.

• We passed the ISO 9001 audit and were awarded certification, with only minor guidance relating to future internal audits.

• Responsibilities and ongoing internal audit rhythms were then formally handed over to the Head of Quality & Training, so the framework had a clear long-term owner.

• We subsequently passed a key client audit, protecting important revenue.

• With documentation, ownership and internal audits embedded in the platform, the company is now set up to remain compliant and consistent in delivering excellent customer service.

• ISO 9001:2015 Quality Management System consultancy

• Business Services