Why Misunderstanding ISO/IEC 17021-1 Still Costs Certification Bodies
In my experience working with certification bodies, most audit headaches don’t come from missing procedures — they come from misunderstanding ISO language. I’ve lost count of how many times I’ve heard, “Our accreditation body interprets it differently,” or “We thought impartiality committees were optional.”
Here’s the truth: ISO/IEC 17021-1 isn’t as mysterious as it sounds. The problem is that too many people rely on hearsay instead of actually reading and applying the clauses. So in the next few minutes, we’ll bust the most common myths I’ve seen during real accreditation projects — and show you how to stay compliant without the confusion.
Myth #1 – ISO/IEC 17021-1 Is Only for ISO 9001 Certification Bodies
Here’s what I’ve noticed — people often assume ISO/IEC 17021-1 applies only to ISO 9001 certification. That’s not true. This standard sets the framework for any management-system certification body. Whether you certify ISO 14001, ISO 45001, or ISO 22000, you’re still bound by 17021-1.
Pro Tip: Map each certification scheme to the same clauses — especially those covering competence, impartiality, and audit process. It keeps your system consistent and makes accreditation smoother.
Common Pitfall: Restricting your procedures to ISO 9001 requirements only. I’ve seen bodies fail surveillance visits because they didn’t apply impartiality reviews across all standards they certified.
Example: One small certification body expanded from ISO 9001 to ISO 45001 but never updated its impartiality committee charter. The assessor flagged it immediately. Lesson learned — 17021-1 applies to the system, not just the scheme.
Myth #2 – Accreditation Bodies Interpret ISO/IEC 17021-1 Differently, So You Can’t Prepare
I hear this all the time. “We’ll just wait and see what the assessor wants.” That mindset creates avoidable nonconformities.
Yes, each accreditation body has its own assessment style — but they all use the same clauses from ISO/IEC 17021-1 and align through IAF MD documents.
Pro Tip: Cross-reference your procedures with IAF MDs like MD1, MD5, and MD11. These clarify global expectations.
Common Pitfall: Assuming that because one assessor didn’t ask for something, it’s not required. Accreditation isn’t about individual preferences — it’s about objective evidence.
Example: A certification body I supported reduced their findings by more than half after building a simple “ISO/IAF cross-reference matrix.” Preparation beats assumption every time.
Myth #3 – Impartiality Committees Are Optional
They’re not. Impartiality isn’t just a clause — it’s the backbone of trust in certification. ISO/IEC 17021-1 requires certification bodies to demonstrate that decisions are made objectively and without bias.
Pro Tip: Build a committee that includes external members. Record minutes, review risks, and document actions. Auditors love seeing evidence of impartiality in practice.
Pitfall: Treating the committee as a checkbox. I once worked with a body whose “committee” never met. During assessment, the accreditation body called it out — and they lost their accreditation until it was fixed.
Impartiality isn’t optional because credibility isn’t optional.
Myth #4 – Competence Is Proven by Qualifications Alone
It’s tempting to think a diploma equals competence. But under ISO/IEC 17021-1, competence includes skills, behavior, and experience, not just certificates.
Pro Tip: Develop a competence matrix that tracks qualifications, training, and witnessed audits. Make competence a living record — not a dusty folder.
Pitfall: Hiring auditors based on paper credentials without observing them in action. Accreditation bodies now look for performance evidence — actual audit results and peer reviews.
Example: One certification body I trained introduced witnessed audits and peer-review scoring. Their next accreditation report praised it as a “best-practice model.”
Competence is what people do, not what they own.
Myth #5 – Surveillance Audits Are Just Mini Audits
Surveillance audits aren’t smaller versions of stage 2. They’re risk-based follow-ups meant to ensure the management system still works effectively.
Pro Tip: Use client data and previous audit results to plan your surveillance scope. Focus on risk, not repetition.
Common Pitfall: Copy-pasting the same audit checklist each year. It wastes time and misses opportunities for improvement.
Example: A certification body I advised tailored its surveillance plans using trend data — complaints, nonconformities, changes. They cut audit duration by 20% while improving coverage quality.
Surveillance means monitoring intelligently, not repeating mechanically.
Myth #6 – Nonconformities Mean Failure
Let’s be honest — nobody likes seeing “NC” in an audit report. But nonconformities aren’t failures; they’re feedback.
Pro Tip: Use them to strengthen your processes. Analyze trends, identify root causes, and show continual improvement. That’s what accreditation bodies want to see.
Pitfall: Treating NCs as isolated issues instead of patterns. When the same finding repeats, it signals a systemic problem — or a weak corrective-action process.
Example: One certification body turned recurring NCs about report reviews into a quarterly training topic. Within a year, they had zero repeats.
Nonconformities expose opportunities — if you’re brave enough to use them.
FAQs – Quick Clarifications on ISO/IEC 17021-1 Myths
Q1. Do small certification bodies still need impartiality committees? Yes. You can scale the structure, but the function must exist. Even two-person committees are acceptable if conflicts are managed and documented.
Q2. Can consultants help design a certification body’s QMS? Yes — but consultants can’t audit or make certification decisions for the same client. That’s a direct impartiality breach.
Q3. Is ISO/IEC 17021-1 updated frequently? Not very often, but IAF MD documents and interpretations evolve. Stay tuned to ISO and IAF bulletins for updates.
Get the Facts Straight and Strengthen Your Certification System
Most ISO/IEC 17021-1 myths come from shortcuts and assumptions. The truth is simple: the standard isn’t your enemy — it’s your framework for credibility.
In my consulting experience, certification bodies that treat ISO/IEC 17021-1 as a living system — not a binder — build stronger reputations and sail through accreditation audits.
If you’d like a quick reference, download our “ISO/IEC 17021-1 Myth vs Fact Sheet” or book a short consultation to review your system before your next accreditation visit.
Three minutes of clarity now can save you three months of corrective actions later.
Melissa Lavaro is a seasoned ISO consultant and an enthusiastic advocate for quality management standards. With a rich experience in conducting audits and providing consultancy services, Melissa specializes in helping organizations implement and adapt to ISO standards. Her passion for quality management is evident in her hands-on approach and deep understanding of the regulatory frameworks. Melissa’s expertise and energetic commitment make her a sought-after consultant, dedicated to elevating organizational compliance and performance through practical, insightful guidance.
