ISO accreditation vs ISO certification
ISO accreditation and ISO certification are frequently mistaken for one another, yet they refer to two separate processes. Understanding the distinction is essential for any organisation aiming to strengthen its quality management systems.
In simple terms, accreditation applies to the third‑party certification bodies themselves. It is a formal recognition that a certifying body is competent to carry out audits and issue certifications.
On the other hand, ISO certification is the confirmation, provided by an accredited third‑party certification body, that an organisation’s management system meets the requirements of a specific ISO standard.
What is an ISO Certification
A management system is essential for any company to function effectively, regardless of its size or sector. While many businesses choose to align their processes with a recognised management standard, not all decide to undergo the formal certification process. Adopting the standard can certainly strengthen internal practices, but without certification, the company cannot present itself as compliant with the standard or communicate this achievement to customers or stakeholders.
Organisations often state that they are ‘ISO certified’, but this is not strictly accurate. They are certified as meeting the requirements of an ISO standard – not certified by ISO itself. The International Organization for Standardization does not carry out certificates, does not issue certifications, and does not allow the use of the ISO logo in connection with certification.
So, what is an ISO certified company? An ISO certification, carried out by independent, external certification bodies, is in essence a third-party attestation that a company operates a management system which conforms to one of the international standards developed and published by ISO.
ISO standards exist for a vast range of management systems covering generic aspects common to all businesses such as Quality management (ISO 9001), Occupational health and safety (ISO 45001), Environmental management (ISO 14001) Energy management (ISO 50001) and Information security management (ISO/IEC 27001), or industry and sector specific aspects such as ISO 22000 for food safety management.
Certification to an ISO standard enables companies to demonstrate to customers and stakeholders throughout the supply chain that they meet the specific requirements set out in the standard. As many organisations seek to protect their reputation, they may choose to work only with partners that hold recognised certifications. In this sense, ISO certification can effectively serve as a “ticket to trade”.
Certification is achieved by successfully completing an initial audit of the management system by a certifying body. To maintain certification, regular audits will need to be conducted by the certifying body to ensure the management system is operating as required.
What is an ISO Accreditation?
An ISO accreditation is a formal recognition, granted by an authorised body, confirming that a certification body operates in accordance with international ISO accreditation standards. In effect, it is a “certification of the certifier”, ensuring that the certification body maintains a consistently high level of quality in its auditing and certification activities.
For management system standards, a CBs can opt to deliver accredited or non-accredited certification. Just as organisations seeking ISO certification need to approach a certifying body, those certifying bodies seeking accreditation need to approach an accreditation body. ISO/IEC 17021-1 is one key accreditation standard that specifies requirements applicable to certification bodies who deliver management system certification.
Accreditation for ISO management systems is typically carried out by recognised national accreditation bodies. Many of these bodies are members of the International Accreditation Forum (IAF), which defines additional requirements that accredited certification bodies must follow. IAF members are required to recognise the equivalence of other members and the certification bodies they accredit. This mutual recognition allows accredited certification bodies to operate internationally rather than being restricted to a single country.
Accreditation may also apply to non‑ISO standards, in which case it is often governed by the individual scheme owners.
Accreditation provides assurance that auditors are competent, that high levels of integrity and quality are maintained, and that all rules governing the certification process are properly followed. As with certification, accreditation audits are typically conducted on an annual basis. A certification body may lose its accredited status if it fails to consistently meet the required standards.
What's the difference between ISO Accreditation and ISO Certification?
The key difference between ISO certification and ISO accreditation lies in the scope of assessment and the entity being evaluated. ISO certification applies to organisations that wish to demonstrate that their management systems conform to the requirements of a specific ISO standard. ISO accreditation, on the other hand, applies to the certification bodies themselves, confirming their competence and integrity in carrying out the certification process.
While ISO certification focuses on the effectiveness and conformity of an organisation’s internal management system, ISO accreditation focuses on the quality, consistency and impartiality of the certification process. Accreditation provides confidence that certifications issued by an accredited body are credible, reliable, and internationally recognised.
Accredited certification bodies are relatively limited in number compared with the large volume of organisations seeking certification. Furthermore, not every certification body is accredited to certify the full range of ISO management system standards or standards owned by other schemes. For this reason, organisations should carefully select a certification body that holds accreditation for both their current and future certification needs.
Working with a certification body recognised for its quality and integrity, such as DNV, can play an important role in building trust both internally and with external stakeholders. A reputable certifying body not only ensures compliance with requirements and any applicable regulations but can also offer valuable training and insights through the audit process, supporting the organisation’s continuous improvement journey.
