Orion light logo
Orion Dark Logo

Our Process for Certifications & Audits

Man with pen - Our Process for Certifications & Audits​

At Orion, our auditing approach is not a one-way street.

We strive to set and establish mutual goals through an open and transparent process. As a standard practice, we have you meet the auditor in advance to make sure that they are a good fit for your organization. This encourages trust and open two-way communication at all stages of the audit. We also take any feedback very seriously and strive to make sure that your needs are 100% met. As such, not only are our audits extremely thorough, but they also add real value to your organization.

Whether your business needs to implement international standards or establish a plan for an entirely new set of standards for your industry or association, Orion is a fully qualified partner who can help you reach your goals.

book a consultation call
Notepad with check mark

The Benefits of Certification

The deliverables of a successful audit include not only your certificate, but also a comprehensive audit report that details positive aspects, issues for resolution (non-conformances), and areas for improvement. But the benefits of certification are far-reaching. 
book a consultation call

Certification can help you

Minimize mistakes
Reduce waste
Improve efficiency
Boost your marketing and sales
Prevent problems from occurring
Improve customer satisfaction
Improve reporting and communication
Produce quality products and services
Improve employee performance, productivity and culture
Deliver reliable production scheduling and delivery

Certification can help you

Minimize mistakes
Reduce waste
Improve efficiency
Boost your marketing and sales
Prevent problems from occurring
Improve customer satisfaction
Improve reporting and communication
Produce quality products and services
Improve employee performance, productivity and culture
Deliver reliable production scheduling and delivery

Roles & Responsibilities

  • Acting as the main interface with the client and Orion on behalf of the audit team.
  • Plan the audit and prepare the Audit Plan.
  • Prepare the Audit Report and associated records for submission to Orion.
  • Defining each Auditor's role for the Audit. The audit team leader, in consultation with the audit team, shall assign to each team member responsibility for auditing specific processes, functions, sites, areas or activities. Such assignments shall take into account the need for competence (including having the technical area code in order to audit design or operations), and the effective and efficient use of the audit team, as well as different roles and responsibilities of auditors, auditors-in-training and technical experts. Changes to the work assignments may be made as the audit progresses to ensure achievement of the audit objectives.
  • For multi-standard audits, the Lead Auditor is responsible to schedule the auditors only for the standards and sectors for which the auditor is competent.
  • Comply with ORION’s procedural requirements.
  • Plan the Audit, prepare working documents and brief the Audit team.
  • Review Management System documentation for the applicable requirements to determine its adequacy and effectiveness.
  • Review any applicable Statutory and Regulatory requirements as an audit input and audit these requirements as part of the audit.
  • Report nonconformities in accordance with procedural requirements.
  • Report any major obstacles encountered in performing the audit on the Audit Template.
  • Report the audit results clearly and conclusively.
  • During an audit, Auditors are prohibited from providing advice or consultancy. However, they may enhance the audit process by adding value, such as identifying opportunities for improvement, without prescribing specific solutions.
  • Act out the duties and responsibilities and assigned by the Lead Auditor
  • Inform the Lead Assessor if scheduled for an activity where you do not have the certification/competency to conduct the activity.
  • Communicate and clarify the Audit requirements.
  • Plan and carry out assigned responsibilities effectively and efficiently as assigned.
  • Document nonconformities in accordance with procedural requirements.
  • Comply with ORION internal requirements and procedures.
  • Retain and safeguard documents pertaining to the audit in:
    • submitting documents as required,
    • ensuring such documents remains confidential.
    • treating privileged information with discretion.
  • Cooperate with and support the Lead Auditor.
  • During an audit, Auditors are prohibited from providing advice or consultancy. However, they may enhance the audit process by adding value, such as identifying opportunities for improvement, without prescribing specific solutions.
  • Note that guides that guides may not influence or interfere in the audit process or outcome of the audit. 

May not participate in the audit and may only observe.  Observers may not unduly influence or interfere in the audit process or outcome of the audit.

Consultant may only acts as an observer unless they have defined roles and responsibilities under the management system program.

Depending on the standard, sector or companies, a technical expert may be requested on occasion. 

The role of technical expert during an audit activity shall be agreed to by the certification body and client prior to the conduct of the audit. A technical expert shall not act as an auditor in the audit team and shall be accompanied by an auditor.

Unless otherwise agreed by the client and Orion, each Auditor requires a guide to help facilitate the audit.  The Guides do not influence or interfere in the audit process or the outcome of the audit.

The guides typically:

  • establish contacts and timing for interviews;
  • arrange visits to specific parts of the site or organization;
  • ensure that rules concerning site safety and security procedures are known and respected by the audit team members;
  • witness the audit on behalf of the client;
  • provide clarification or information as requested by an auditor.
Our Process

Overview of the Certification Process

Orion is here to help your standards certifications and audits run smoothly so that you can get back to running your business. The following is a step-by-step overview of our process to help you understand our role in your certification.
book a consultation call
Note: At Orion, we provide ongoing audit services on a one-year or two-year cycle, depending on the accreditation scheme, so that your standards certifications are always maintained. Please view the page for the specific standard you are interested in to determine your audit cycle.

1. Sign the Agreement

Prior to starting your certification journey, the application must be signed and returned to Orion along with any required deposit. 

2. Book Your Audit/ Team Selection

After we have reviewed and accepted your application, our team will reach out to discuss your needs and book a mutually agreeable time with you and your assigned auditor. 

3. Perform GAP Audit (optional)

Prior to your Stage 1 or Stage 2 audit, Orion can perform a gap audit to identify major gaps in meeting the requirements of the standard. This independent review will identify strengths, weaknesses, and opportunities for improvement. Many companies prefer undergoing a preliminary gap audit to ensure they fully understand the standard’s requirements prior to their actual certification audit.

4. Perform Stage 1 Audit: Readiness Review

A Stage 1 audit is typically only needed for management system standards accredited under ISO 17021 such as ISO 9001 / 14001 etc..  

A Stage 1 audit is conducted to determine whether your organization is ready to move to Stage 2 Audit (Certification Audit) by confirming that:

  • The management system addresses all the requirements of the standard.
  • Identify areas of concern that could be classified as a nonconformity during Stage 2
  • The management system has been implemented and the client is ready for the Stage 2 Audit (Certification Audit).

    Most clients tend to allow two to four weeks between the Stage 1 and Stage 2 to allow time to address any deficiencies, however, the time may be adjusted given the outcome of the Stage 1.
View Details

The following items are reviewed for ISO management system standards accredited under ANAB standards.

  1. the documented information appears to meet the requirements of the standard;
  2. review and evaluate site-specific conditions and to discuss the client’s preparedness for stage 2;
  3. review the client’s status and understanding regarding requirements of the standard, in particular with respect to the identification of key performance or significant aspects, processes, objectives and operation of the management system;
  4. obtain necessary information regarding the scope of the management system, including: — the client’s site(s); — processes and equipment used; — levels of controls established (particularly in case of multisite clients); — applicable statutory and regulatory requirements;
  5. review the allocation of resources for stage 2 and agree the details of stage 2 with the client;
  6. provide a focus for planning stage 2 by gaining a sufficient understanding of the client’s management system and site operations in the context of the management system standard, level of integration (if applicable), or other normative document;
  7. evaluate if the internal audits and management reviews are being planned and performed, and that the level of implementation of the management system substantiates that the client is ready for stage 2.
  8. Gain a comprehensive understanding of the design of the Information Security Management System (ISMS) within the client’s organizational context. This includes a thorough assessment and treatment of risks, understanding the determined controls, and analyzing the information security policy and objectives. (ISO 27001 standard only)
Close

5. Perform Stage 2 Audit: Certification Audit

This audit is conducted to ensure that the processes and the requirements of the standard have been effectively implemented.  To do this, our team reviews objective evidence by conducting interviews, observing practices and reviewing documentation such as relevant policies, procedures, work instructions, data and records.

The key deliverables from this stage include:

  • An audit report detailing positive aspects, issues for resolution (non-conformances), and areas for improvement.
  • A recommendation regarding your certification.
View Details

The following items are reviewed for ISO management system standards accredited under ANAB standards.

The purpose of stage 2 is to evaluate the implementation, including effectiveness, of the standards and other requirements. Depending on the standard, industrial sector and other factors, the audit may be on-site or remote.

For ISO management system standards, it shall include the auditing of at least the following:

  1. information and evidence about conformity to all requirements of the applicable standard or other normative documents;
  2. performance monitoring, measuring, reporting and reviewing against key performance objectives and targets (consistent with the expectations in the applicable standard or other normative document);
  3. the client’s ability and its performance regarding meeting of applicable statutory, regulatory and contractual requirements;
  4. operational control of the client’s processes;
  5. internal auditing and management review;
  6. management responsibility for the client’s policies
Close

6. Certification Review / Certificate

The results from the Stage 1 and Stage 2 audits are reviewed to ensure that all Orion accreditation requirements have been met and a proper recommendation made. At this point, approval is given to either certify, seek clarification, or not certify.

Upon successful of our review, a certificate will be issued.

7. Perform Surveillance or Recertification Audit

Certification is based on a 3-year cycle. To maintain your certification, your organization must participate in ongoing audits. 

For ANAB-accredited standards, annual audits are required.  The first two are surveillance audits and only look at a portion of your system, whereas the third-year review (re-certification) is a more comprehensive audit and looks at your overall system for continued effectiveness.

Schedule a Consultation

This field is for validation purposes and should be left unchanged.