background image for GxP Lifeline
GxP Lifeline

5 Steps to Pass Your ISO 9001 Audit

A life sciences professional preparing to pass an ISO 9001 audit.

The International Organization for Standardization (ISO) has a plethora of standards, but ISO 9001 — relating to quality management systems (QMS) — is arguably its most popular. It’s also the only standard that can be certified to, which is a process over a million companies worldwide have completed. If you’d like to join their ranks, you have to undergo an audit from a third-party organization.

Audits are never a fun experience, but you can greatly reduce the stress if you prepare beforehand. Passing your ISO 9001 audit is completely doable by following these steps.

#1 Prepare for Your ISO 9001 Audit

If your company operates in an audit-ready state, preparation is minimal. You do need to review your processes and documentation, and ensure that you:

  • Prepare your staff (including subject matter experts). This includes telling them what to say and what not to say. If they’re asked a question, they should only give the exact information to answer that question without embellishing or guessing.
  • Train staff to properly handle proprietary information so it isn’t left unattended.
  • Review all documents so that everything’s in order.
  • Conduct a mock audit.

The use of audit management software can help prepare your documentation, which means you can put most of your focus on preparing your people. That will also give you more time for a mock audit, which takes resources and time, but it’s well worth it. Any issues you discover during a mock audit can be dealt with before the ISO 9001 audit. This is also the best way to prepare your employees for conversations they might have with the auditor.

#2 Be Transparent With Documentation

Document control is among the hardest part of a quality manager’s job — if you use paper. Using audit management software that has built-in document management capabilities makes it much easier to get the documents you need during an audit. You should also be aware that some documents may be requested beforehand. These include:

  • Key business information.
  • Quality manual.
  • Document management procedures.
  • Training procedures.
  • Physical and logical security procedures.
  • High-level organizational chart.

An electronic system lets you retrieve those documents with a simple search. Recent MasterControl research revealed that 24% of quality professionals have significant problems tied to audits and inspections. Further digitizing your quality system goes a long way toward solving those problems.

#3 Maintain an Audit Mindset

Keep in mind that this is an ISO 9001 audit, not a regulatory inspection. Unless aspects of the standard are included in the regulations of the country you’re selling in, nothing about the standard is actually mandatory. It’s important to know the difference between what the standard suggests, what regulations require, and what companies have just been doing because it’s always been done that way.

#4 Employ Risk-Based Thinking

Risk-based thinking is an integral part of ISO 9001. As such, during an ISO 9001 audit risk should be top of mind. This will help you identify any issues in your quality system that might be problematic during the audit. Even if you can’t completely eliminate risk, you can still mitigate it and show the auditor that you’ve given that risk the consideration it merits. Written justification for how you handle risk will help during the audit process.

#5 Begin Remediation During the ISO 9001 Audit

Ideally, an auditor will find no problems with your quality system and issue the ISO 9001 stamp of approval. However, the second-best outcome is to fix problems or at least start to fix them before the audit is technically over. Hold a closing meeting with the auditor to discuss the findings and what you plan to do to resolve them. Ensure that all of this is documented and that you follow through on those plans.

An electronic QMS is your best bet for tracking all the documentation involved in an ISO 9001 audit and ensuring remediation actually happens. This has broader applications than ISO compliance software in that it can be used for any type of audit or inspection. MasterControl’s research into digitization in the life sciences will give you more information on how audits and other quality processes can be improved through the use of audit management software and related system. You can access that research here.


Sarah Beale is a content marketing specialist at MasterControl in Salt Lake City, where she writes white papers, web pages, and is a frequent contributor to the company’s blog, GxP Lifeline. Beale has been writing about the life sciences and health care for over five years. Prior to joining MasterControl she worked for a nutraceutical company in Salt Lake City and before that she worked for a third-party health care administrator in Chicago. She has a bachelor’s degree in English from Brigham Young University and a master’s degree in business administration from DeVry University.

Free Resource
The State of Digital Quality Maturity in Pharma and Medtech

Enjoying this blog? Learn More.

The State of Digital Quality Maturity in Pharma and Medtech

Download Now
[ { "key": "fid#1", "value": ["GxP Lifeline Blog"] } ]