I set aside my disappointing contacts with FXXP and RTTP and begin crawling the internet again for companies which cover all three standards and who look like they might not take a massive corporate scale approach to things. There aren’t (obviously at least) that many of these.
I have decided to make experience of ISO 27001 the focus of my search for a consultant. ISO 27001 is much larger and more complex than ISO 9001 and ISO 14001 and requires more detailed expertise.
I have learnt by now the difference between a UKAS accredited ISO auditor and a self-certified or on UKAS auditor. The difference is very important but very few people understand it.
All auditors issue kite marks to companies they audit. UKAS approved auditors are third party monitored and certified by UKAS itself. Other ISO Auditors are not independently assessed. The kitemarks issues by each type of auditor look very similar but they are not of the same value.
Public sector bodies and larger companies for the most part who know their stuff will look for the UKAS kite mark. The UKAS ISO kitemark has a crown in it. In fact, one of the companies on the Supply London course did not learn the difference between the UKAS and non UKAS audit until after they had completed self-certification (under the non UKAS route) and found it to be not be good enough for local councils. They had to reaccredit under UKAS.
There are several companies which offer self-certification (non- UKAS route). Probably the best known of these is QMA – of whom I am aware because of the years I have been the recipient of several of their mailers. They offer ISO 9001 for £1,900 or something similar. What they are doing is coaching you on interpreting the ISO and confirming for yourself that you meet the standards. You are then permitted to use a QMA Kitemark. This has a big tick in it like other kitemarks but does not have the UKAS Crown.
On the BSI site I find a list of approved auditors for ISO 27001. The auditors I am reviewing on the BSI website are all going to be UKAS accredited. However, I am aware that the non-UKAS consultants may well have material that is useful to me in interpreting the ISOs. So I phone BSI, NQA, LRQA (all UKAS accredited) and also QMA for an information pack to to see what I get through and how useful it is.
Based on notes from my diary and other records