How ISO certification actually works, who is authorized to issue it, why accreditation matters, and exactly how to choose a certification body you can trust.
Affiliate Disclosure: Some links in this article are affiliate links. If you purchase through them, The Standards Navigator may earn a commission at no additional cost to you.
The Most Misunderstood Part of ISO Certification
Most organizations pursuing ISO certification spend the majority of their time thinking about implementation — building their quality management system, writing procedures, training personnel, and preparing for their audit. The certification body selection often gets treated as an afterthought.
That’s a mistake.
The certification body you choose determines whether your certificate is accepted by customers, recognized by procurement agencies, and valid across international supply chains. A certificate from an unaccredited or poorly regarded certification body can be rejected outright — leaving you with the cost of full implementation and nothing usable to show for it.
This guide explains exactly who can issue ISO certification, how the accreditation system works, what to look for when choosing a certification body, and the red flags that should send you elsewhere.
In This Guide
- Who actually issues ISO certification — and who doesn’t
- What accreditation is and why it matters
- The difference between accredited and unaccredited certification bodies
- How the full certification structure works
- How to choose the right certification body
- Questions to ask before signing a certification contract
- Red flags to watch for
- How much certification bodies charge
- Combined audits for integrated management systems
- Where to get trained and certified
Table of Contents
👉 Start Here (Top Resources)
👉 Get ISO 9001, ISO 14001, and ISO 45001 certified → ISOQAR ISO Certification — accredited certification body with manufacturing industry experience
👉 Get ISO training before your certification audit → BSI Group ISO Training
👉 Purchase the official ISO standard before implementation begins → ISO Standards — ANSI Webstore — use coupon CC2026 for 5% off through December 31, 2026
👉 Deploy a ready-to-use ISO 9001 documentation system → 9001Simplified Documentation Kits
👉 Save up to 50% buying ISO standards as a bundle → ISO Standards Packages — ANSI Webstore
Who Issues ISO Certification?
ISO itself does not certify organizations.
This is the most common misconception in the entire certification process — and it leads to real mistakes in how organizations select their certification partner.
Here’s how it actually works:
ISO — the International Organization for Standardization — develops and publishes standards. ISO 9001, ISO 14001:2026, ISO 45001, ISO 27001. ISO writes the requirements. ISO does not audit organizations. ISO does not issue certificates.
Accreditation bodies — national organizations that evaluate and accredit certification bodies. In the United States, this is ANAB (ANSI National Accreditation Board). In the UK, it is UKAS (UK Accreditation Service). Accreditation bodies verify that certification bodies are competent, impartial, and consistent in how they conduct audits.
Certification bodies (also called registrars) — the organizations that actually audit your management system and issue your ISO certificate. Certification bodies must be accredited to operate with credibility.
Your organization — implements the management system requirements, operates the system, completes internal audits and management review, and undergoes the two-stage certification audit.
The chain is: ISO sets the requirements → Accreditation bodies verify the auditors → Certification bodies audit you → You receive a certificate.
Understanding this structure prevents one of the most expensive certification mistakes — choosing a certification body that looks legitimate but isn’t recognized by the accreditation framework your customers require.
For a complete overview of how the certification process works from start to finish, see What Is ISO Certification? and the ISO 9001 Certification Guide.
What Is an Accredited Certification Body?
An accredited certification body is one that has been formally evaluated by a recognized national accreditation body and confirmed to be competent, consistent, and impartial in conducting management system audits.
Accreditation is not self-declared. It is granted by an independent organization — ANAB in the United States, UKAS in the UK, DAkkS in Germany, JAS-ANZ in Australia and New Zealand, and others. These accreditation bodies themselves operate under the oversight of the International Accreditation Forum (IAF) — which coordinates mutual recognition agreements between national accreditation bodies worldwide.
What accreditation means in practice:
Audit quality is verified. The accreditation body has evaluated the certification body’s auditors, processes, and impartiality requirements. Audits conducted by accredited bodies follow consistent, standardized methodology.
Your certificate carries recognized weight. Certificates issued by IAF-recognized accredited certification bodies are accepted by customers, procurement agencies, and regulatory bodies across more than 100 countries through mutual recognition agreements.
The certification body is regularly evaluated. Accreditation is not a one-time event — certification bodies are re-evaluated by their accreditation body on a regular cycle to maintain their accredited status.
→ ISOQAR ISO Certification — ISOQAR is an accredited certification body offering ISO 9001, ISO 14001, and ISO 45001 certification services
How the ISO Certification Structure Works
The full certification chain works like this:
| Level | Organization | Role |
|---|---|---|
| Level 1 | ISO | Develops and publishes the standard |
| Level 2 | Accreditation body (ANAB, UKAS) | Evaluates and accredits certification bodies |
| Level 3 | Certification body (e.g., ISOQAR, BSI, Bureau Veritas) | Audits organizations and issues certificates |
| Level 4 | Your organization | Implements requirements and gets certified |
This four-level structure creates a verifiable chain of credibility. When your customer asks for your ISO certificate, they can trace it back through the certification body to the accreditation body to confirm it is legitimate.
The certification process itself follows a two-stage audit model:
Stage 1 — Documentation Review Your certification body reviews your management system documentation, confirms your scope is accurate, and verifies your internal audit and management review have been completed. Stage 1 identifies any major gaps that must be addressed before Stage 2.
Stage 2 — Certification Audit A full on-site audit evaluating whether your documented system is actually implemented and effective. Auditors interview personnel at all levels, walk operations, and sample records. Successful completion results in certificate issuance.
After certification, annual surveillance audits in Years 2 and 3 verify your system continues to operate. A full recertification audit in Year 4 renews your certificate.
Accredited vs Unaccredited Certification Bodies
Technically, any company can claim to certify organizations to ISO standards. No law prevents an unaccredited company from offering “ISO certification.” This is where organizations get burned.
| Factor | Accredited Certification Body | Unaccredited Certification Body |
|---|---|---|
| Oversight | Evaluated by ANAB, UKAS, or recognized accreditation body | No formal oversight |
| Customer acceptance | Accepted by most customers and procurement programs | Frequently rejected |
| Audit quality | Consistent, standardized methodology | Varies widely — often superficial |
| Contract compliance | Meets most supplier qualification requirements | Often fails supplier requirements |
| Global recognition | Recognized across 100+ countries via IAF MLA | May not be recognized outside home country |
| Auditor qualifications | Verified and monitored by accreditation body | Unverified |
| Cost | Typically higher — justified by recognition value | Often cheaper — but with significant risk |
| Risk to your organization | Low | High |
The real-world consequence of choosing wrong: Organizations that certify through unaccredited bodies typically discover the problem when a customer or contract rejects their certificate. At that point, they face the cost of re-implementing, re-auditing, and re-certifying with an accredited body — while having paid for a certificate that produced no business value.
A low-cost or fast certification that isn’t recognized is not a bargain. It is an expensive mistake that delays the market access you were trying to achieve.
How to Choose the Right Certification Body
Certification body selection deserves the same rigor you apply to any significant business decision. Here’s what to evaluate:
1. Verify Accreditation Status
This is non-negotiable. Confirm the certification body is accredited by a recognized national accreditation body — ANAB in the United States, UKAS in the UK, or another IAF member body. You can verify accreditation directly on the accreditation body’s website — ANAB maintains a public directory of accredited certification bodies at anab.ansi.org.
2. Confirm Scope of Accreditation
Accreditation is scope-specific. A certification body may be accredited for ISO 9001 but not for ISO 14001:2026 or ISO 45001. Confirm the certification body’s accreditation covers the specific standard — and industry sector — you need.
3. Evaluate Industry Experience
Auditors who understand your industry deliver more relevant, more valuable audits. A certification body with manufacturing experience understands welding special processes, calibration requirements, and shop floor production controls. One without that experience will audit correctly but may miss context that matters.
Ask specifically: do your auditors have experience in fabrication, machine shops, construction, or whatever your primary operations are?
4. Assess Audit Approach
The best certification bodies conduct audits that evaluate process effectiveness — not just document existence. Ask prospective certification bodies how their auditors approach operational walkthroughs and personnel interviews. An auditor who only checks that procedures exist rather than evaluating whether they work is providing superficial value.
5. Compare Total Cost — Not Just Audit Day Rates
Certification body pricing is based on audit days calculated from IAF guidance. But the total cost includes travel, stage 1 and stage 2 fees, annual surveillance fees, and recertification fees. Get a full three-year cost picture — not just the Stage 2 day rate — before comparing options.
6. Check Global Recognition Requirements
If you supply to international customers or operate across multiple countries, confirm your certification body’s accreditation is recognized in the relevant markets. IAF mutual recognition agreements cover most major markets — but confirm before committing.
7. Evaluate Responsiveness and Communication
You will work with this organization for at least three years. How quickly do they respond to inquiries? How clearly do they explain their audit process and findings? A certification body that is difficult to communicate with before you sign is unlikely to improve after.
→ ISOQAR ISO Certification — accredited certification body for ISO 9001, ISO 14001:2026, and ISO 45001
Questions to Ask Before Signing
Before committing to a certification body, ask these questions directly:
About accreditation:
- Which accreditation body accredits you, and what standards are within your accreditation scope?
- Can I verify your accreditation status on the accreditation body’s public directory?
About experience:
- Do your auditors have specific experience in my industry?
- How many organizations in my industry sector have you certified?
About the audit process:
- How do you conduct Stage 1 and Stage 2 audits — on-site, remote, or hybrid?
- How do you handle minor and major nonconformances found at Stage 2?
- How do you determine audit days for my organization?
About costs:
- What is your complete fee schedule — Stage 1, Stage 2, annual surveillance, recertification?
- Are travel costs included or billed separately?
- Do you offer combined audit pricing for integrated management systems?
About scheduling:
- What is your current lead time for Stage 1 scheduling?
- What flexibility exists if my organization needs to adjust the implementation timeline?
Red Flags to Watch For
These warning signs should prompt serious caution or disqualification:
Certification without an audit No legitimate accredited certification body issues ISO certificates without conducting a full two-stage audit process. Any offer of “certification in days” or “guaranteed certification” without a meaningful audit is fraudulent.
Cannot provide accreditation details A legitimate certification body can immediately tell you which accreditation body accredits them and direct you to their public accreditation record. Vague answers or resistance to this question are disqualifying.
Significantly lower cost than competitors ISO audit pricing is governed by IAF audit day calculations. If a certification body’s pricing is dramatically lower than comparable accredited bodies, it usually means fewer audit days, a superficial audit methodology, or absence of accreditation.
No verifiable track record A newly established certification body with no verifiable certified clients or auditor credentials requires significant due diligence before engagement.
Pressure to sign quickly Legitimate certification bodies don’t pressure organizations to sign contracts before completing the evaluation process.
Certificate templates that look unofficial ISO certificates from accredited bodies clearly display the certification body’s name, the standard certified against, the scope of certification, the issue and expiry dates, and the accreditation body logo. Certificates missing these elements are suspect.
How Much Do Certification Bodies Charge?
Certification body pricing is based on audit days — calculated using IAF MD 5 guidance based on your employee count, number of sites, and operational complexity. Day rates typically range from $1,200 to $2,500 depending on the certification body and your location.
Typical certification audit costs:
| Organization Size | Stage 1 | Stage 2 | Total Certification |
|---|---|---|---|
| Small (1–25 employees) | $1,500–$2,500 | $2,500–$5,000 | $4,000–$7,500 |
| Mid-size (26–200 employees) | $2,500–$5,000 | $5,000–$10,000 | $7,500–$15,000 |
| Large (200–1,000 employees) | $5,000–$10,000 | $10,000–$25,000 | $15,000–$35,000 |
Annual surveillance audits typically cost 30–50% of the original certification audit fees. Recertification in Year 4 is similar in cost to the original certification audit.
For a complete cost breakdown including implementation and training costs, see How Much Does ISO Certification Cost? and the ISO Certification Cost Calculator.
Combined Audits for Integrated Management Systems
Organizations implementing ISO 9001, ISO 14001:2026, and ISO 45001 together can request combined audits — a single audit event that evaluates all three standards simultaneously.
Combined audits offer significant practical advantages:
Reduced audit days — shared management system elements (document control, management review, corrective action) are evaluated once rather than three times. Total audit days for a combined audit are typically 30–40% less than three separate audits.
Reduced cost — fewer audit days means lower total fees. Travel costs are also consolidated into a single audit visit.
Reduced operational disruption — one audit visit instead of three separate interruptions to your production schedule.
Single certificate or combined certificate — depending on the certification body, you receive either separate certificates for each standard or a single integrated management system certificate.
Not all certification bodies offer combined audits with equal capability. When evaluating certification bodies for integrated systems, confirm they have experience auditing all three standards simultaneously and that their auditors hold qualifications for each standard within your scope.
→ ISOQAR ISO Certification — combined audit services for ISO 9001, ISO 14001:2026, and ISO 45001
For the full integration guide, see Integrated Management Systems.
Frequently Asked Questions
Does ISO issue ISO certification?
No. ISO develops and publishes the standards but does not certify organizations. Certification is issued by accredited third-party certification bodies — independent organizations that audit your management system against the standard requirements.
What is an accredited certification body?
An accredited certification body is one that has been formally evaluated by a national accreditation body (like ANAB in the U.S. or UKAS in the UK) and confirmed to be competent, consistent, and impartial in conducting management system audits.
How do I verify a certification body is accredited?
Verification is straightforward — visit the website of the relevant national accreditation body and search their public directory of accredited certification bodies. In the U.S., go to anab.ansi.org. Confirm the certification body’s name appears and that their accreditation scope includes the specific standard you need.
What happens if I use an unaccredited certification body?
Your certificate may not be accepted by customers, procurement agencies, or regulators. In supply chain qualification programs, unaccredited certificates are routinely rejected — leaving you with the cost of full implementation and no usable credential. You would then need to re-certify with an accredited body.
How much does ISO certification cost?
Certification body fees range from $4,000–$7,500 for small organizations to $15,000–$35,000 for large organizations for the initial Stage 1 and Stage 2 audit. Total first-year costs including implementation, training, and audit fees range from $8,000–$35,000 for most small to mid-size manufacturers. See How Much Does ISO Certification Cost?
Can one certification body certify me to ISO 9001, ISO 14001, and ISO 45001?
Yes — many accredited certification bodies are accredited across all three standards and offer combined audits for integrated management systems. This is typically the most cost-efficient approach.
How long does certification take after I select a certification body?
Stage 1 is typically scheduled after your internal audit and management review are complete — usually 4–8 months into implementation. Stage 2 follows Stage 1 by 2–6 weeks depending on Stage 1 findings. See ISO Implementation Timeline for Manufacturers for the full sequenced roadmap.
Do I need to buy the ISO standard before contacting a certification body?
Yes. Certification auditors evaluate your system against the official standard — and your procedures must align with its precise language. Purchase the official standard before beginning implementation. See Where to Buy ISO Standards.
Should I contact a certification body before or after
Should I contact a certification body before or after implementation?
Contact your certification body during the early phases of implementation — not after documentation is complete. Early contact allows you to align your implementation timeline with their audit scheduling, understand any documentation preferences, and get a formal cost quote before committing.
📥 Free Resources
- 👉 ISO 9001 Roadmap (Step-by-Step Implementation Guide)
- 👉 Manufacturing Compliance Checklist
- 👉 Supplier Quality Checklist
Not Sure What to Do Next?
🔹 You’re ready to select a certification body and pursue ISO certification → ISOQAR ISO Certification — accredited certification body for ISO 9001, ISO 14001:2026, and ISO 45001
🔹 You need ISO training before your certification audit → BSI Group ISO Training — foundation through lead implementer and internal auditor → ISOQAR ISO Training
🔹 You need the official ISO standard before implementation → ISO 9001:2015 — ANSI Webstore — use coupon CC2026 for 5% off → ISO 14001:2026 — ANSI Webstore — use coupon CC2026 for 5% off → ISO 45001:2018 — ANSI Webstore — use coupon CC2026 for 5% off
🔹 You want to save buying multiple standards together → Save up to 50% on ISO Standards Packages — ANSI Webstore
🔹 You need a documentation system before your certification audit → 9001Simplified Documentation Kits
🔹 You want to understand the full certification process → What Is ISO Certification? → ISO 9001 Certification Guide → ISO 14001:2026 Certification Guide → ISO 45001 Certification Guide → ISO Implementation Timeline for Manufacturers
🔹 You want to understand certification costs → How Much Does ISO Certification Cost? → ISO Certification Cost Calculator
🔹 You want to integrate multiple standards → Integrated Management Systems
Choose Your Certification Body as Carefully as You Choose Your Auditor
The certification body you select will evaluate your system, issue your certificate, and be the name your customers see when they verify your credentials. That decision deserves the same rigor you apply to any other significant business partnership.
Accreditation is the baseline. Industry experience, audit approach, transparent pricing, and responsive communication separate the certification bodies that add genuine value from those that just process paperwork.
At The Standards Navigator, complex standards are translated into practical, real-world guidance you can act on.
👉 Get updates on new standards, implementation strategies, and compliance insights 👉 Be first to access new guides, tools, and checklists
Subscribe below to stay ahead.
2 thoughts on “Who Can Issue ISO Certification? (And How to Choose the Right Certification Body)”