1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Becoming ISO 9001 compliant

Discussion in 'HTML, Graphics & Programming' started by D.P., Aug 13, 2018.

  1. D.P.


    Joined: Oct 18, 2002

    Posts: 29,160

    Does anyone have experience with this? I have been tasked with formulating a plan and calculating costs as a quick draft, ideally within the next few days. There is a project we might want to bid on but it requires ISO certification.

    The hope would be to become complaint within 1 years, ideally 6 months. My proposal is to hire a consultant to aid the process, but cost estimates online vary widely (5-50k?. I am interested in ball-park costs that are more likely a slightly over-estimate. We have a QA guy, he is pretty junior so would hire a more experienced manager to work with the consultant.

    I am doing plenty of reading on the subject, but would appreciate if anyone could create some pointers. We have some QA processes in place but it is best to simply assume there are 10 software developers that concentrate on producing results rather than formal processes, a necessity of a start up.

    Some questions I can't find answers to include the expected time costs on developers in documenting and reporting etc. It is on thing to say a consult costs X, but if all 10 staff becomes 15% less productive in advancing functionality that is a big cost (I know you gain with more robust code but that has a different value to investors).

  2. Hades


    Joined: Oct 19, 2002

    Posts: 21,247

    Location: Surrey and London

    I don't have the answer to your question. But one approach may be to pa a consultant a couple of days time to come in and explain the typical costs, benefits, pitfalls and also how he would approach the project.
  3. Steeps


    Joined: Nov 8, 2003

    Posts: 4,744

    Location: Bedfordshire

    Most of these standards are designed more around data handling and form filling rather than actual output so making sure your admin is all up to scratch and processes are documented in easy to find folders. Another thing to remember is there are no standards with some of the certificate issuers, you can ask two different companies the same question and get different answers with how to implement a process (sometimes even two people in the same company will give different answers). Whoever handles your back office (accounts/contract discussions/emails/general admin) will be the person most under the microscope.

    BSI were frustrating to work with, always changing their standards and not clear enough with their documentation, a previous place used QMS (loved going for the cheapest so must have been affordable) and seemed to have everything running within a couple of months. One of the issuers once signed up should be able to send you documentation with what you need to do, implement yourself or get a consultant in (easier yourself if your admin has time) then have the processes audited when all the files/folders are in place.
  4. Stelly


    Joined: Oct 5, 2005

    Posts: 10,981

    Location: Liverpool

    We employed someone that is just an ISO officer to do this in our software house, its not easy and everything needs to be documented and logged, things like server access, access to buildings, we moved most of our on premise infrastructure to cloud to be completely complaint... it isnt easy and it is alot of pain and I wouldn't do it without having someone dedicated to getting you through it...

  5. Throrik

    Wise Guy

    Joined: Sep 15, 2009

    Posts: 1,195

    Location: Manchester

    We've just passed the new versions of 9001 and 27001 - seriously, get a 3rd party in to help you if necessary. They're a bleeding nightmare lol.