ISO Readiness

ISO 9001 readiness for growing businesses

We help UK SMEs build audit-ready Quality Management Systems - practical, properly embedded, and aligned to how your business actually operates. Not a shelf-filler.

The Standard Explained

What is ISO 9001?

ISO 9001 is the international standard for Quality Management Systems (QMS). It specifies requirements for an organisation to consistently provide products and services that meet customer and regulatory requirements, and to demonstrate continual improvement.

The current version - ISO 9001:2015 - is built around a risk-based approach to quality. Rather than prescribing specific processes, it requires you to understand your context, identify risks and opportunities, and manage operations in a controlled, documented, and consistently improving way.

For SMEs, the practical focus is on: documenting core processes, managing customer requirements reliably, tracking and addressing non-conformances, and running regular internal audits and management reviews.

The seven principles of ISO 9001

  • Customer focus
  • Leadership
  • Engagement of people
  • Process approach
  • Improvement
  • Evidence-based decision making
  • Relationship management

How does ISO 9001 connect to ISO 27001?

Both standards share the same High Level Structure. Internal audit, management review, corrective actions, and risk-based thinking apply to both - meaning you can build them once and cover both certifications. See combined readiness →

Common Challenges

Sound familiar?

These are the situations we most commonly help businesses navigate on the path to ISO 9001.

We don't know where to start

The standard runs to dozens of clauses. Most SMEs spend weeks trying to understand what actually applies to them before doing anything useful.

We have documents, but nobody uses them

A Quality Manual that lives in a shared drive and is never opened does not constitute a QMS. Many businesses we work with have documentation but no embedded system.

An audit is coming and we are not ready

Certification bodies do not give extensions. Whether you have six months or six weeks, you need a clear, prioritised path to readiness - not a theoretical framework.

We need ISO 9001 to win contracts

ISO 9001 is increasingly a procurement requirement in professional services, healthcare, and the public sector. Without accreditation, you may be excluded from the tender list.

Our Approach

How the engagement works

A structured, five-stage process designed to get you audit-ready without disrupting your day-to-day operations.

01

Gap Assessment

Typical: 1–2 weeks

We review your current operations against each clause of ISO 9001:2015. You receive a scored readiness report showing exactly where you are prepared, where gaps exist, and in what order to address them.

02

Planning & Scope

Typical: 1 week

We define the scope of your QMS, identify the processes that must be documented, and produce a realistic implementation roadmap with milestones. No surprises mid-engagement.

03

Documentation

Typical: 4–8 weeks

We build your Quality Manual, core procedures, and SOPs alongside your team - not in isolation. Documents reflect how you actually work, not a generic template that nobody will follow.

04

Embedding & Training

Typical: 2–4 weeks

We train your team on documented processes, establish your internal audit programme, and set up your management review rhythm. The system must live in your business, not on a shelf.

05

Pre-Certification Review

Typical: 1–2 weeks

Before your Stage 1 or Stage 2 audit with the certification body, we conduct a pre-audit review against the standard. We identify any remaining gaps and support you in resolving them.

Total typical timeline: 3–6 months from initial engagement to pre-certification review. Faster for businesses with existing documentation or a simpler operational scope.

Deliverables

What you get

A complete readiness package - documented, embedded, and ready for audit.

  • Gap assessment report and scored readiness matrix (clause by clause)
  • Quality Manual and documented QMS aligned to ISO 9001:2015
  • Process maps and SOPs for your core operations
  • Internal audit schedule, methodology, and trained internal auditors
  • Management review template, agenda, and evidence guidance
  • Corrective action (CAPA) process embedded in your operations
  • Objectives register and continual improvement log
  • Pre-certification audit readiness review

Included as standard

  • Gap assessment report and scored readiness matrix (clause by clause)
  • Quality Manual and documented QMS aligned to ISO 9001:2015
  • Process maps and SOPs for your core operations
  • Internal audit schedule, methodology, and trained internal auditors
  • Management review template, agenda, and evidence guidance
  • Corrective action (CAPA) process embedded in your operations
  • Objectives register and continual improvement log
  • Pre-certification audit readiness review

Optional add-ons

  • Ongoing retainer support during the certification process
  • Liaison with your chosen certification body on your behalf
  • Stage 1 or Stage 2 audit accompaniment
  • Post-certification annual maintenance programme
  • Integration with ISO 27001 (combined readiness engagement)

Common questions

Not seeing your question? Get in touch

Does Systemantic certify us to ISO 9001?

No. Certification is granted by an accredited third-party certification body (such as BSI, LRQA, or SGS) following a successful audit. Our role is to get you audit-ready: documented, embedded, and able to demonstrate conformance to the standard. We do not conduct certification audits.

How long does ISO 9001 readiness take?

For most SMEs (15–100 people), a realistic timeline is 3–6 months from gap assessment to pre-certification review. The duration depends on your starting point, the complexity of your operations, and team availability for workshops and reviews. Businesses with existing process documentation or a simpler scope can move faster.

Do we need a dedicated Quality Manager?

No. Many SMEs distribute QMS responsibilities across existing roles. The standard requires clear accountability for the QMS, but this does not have to be a full-time position. We help you assign responsibilities sensibly given your headcount and structure.

How disruptive is the engagement?

Less than most people expect, when managed well. The most intensive periods are the gap assessment workshops and documentation reviews. We structure sessions to fit around your operations rather than requiring extended business interruption.

Can we pursue ISO 9001 and ISO 27001 at the same time?

Yes - and there are real efficiency gains in doing both together. The two standards share a common High Level Structure, and elements such as internal audit, management review, risk-based thinking, and corrective actions can be built once and applied to both. See our combined ISO + Operations engagement for more detail.

Which certification body should we use?

We are certification-body agnostic. Common choices for UK SMEs include BSI, LRQA, NQA, SGS, and Bureau Veritas. We can advise on what to consider when choosing (cost, audit style, sector experience), but the decision is yours. We will work effectively alongside whichever accredited body you select.

Related services

ISO 27001 Readiness

Build your Information Security Management System alongside your QMS.

Learn more

ISO + Operations (Combined)

Pursue ISO 9001 and 27001 readiness together using an integrated approach.

Learn more

Business Analysis & Systems

Process mapping, systems design, and operational leadership for growing teams.

Learn more

Ready to begin your ISO 9001 readiness journey?

Book a free 30-minute readiness call. We will discuss where you are now, what certification you are working towards, and outline a realistic path to audit readiness. No sales pressure - just an honest conversation.