+31 (0)73 220 2000 | info@brandcompliance.com
English
  • Dutch
  • English
  • Français
  • België
  • Dutch
  • English
  • Français
  • België
Brand Compliance
  • Certify
    • ISO 9001
    • ISO 22301 (BCM)
    • ISO 19770-1 (IT-assets)
    • ISO 27001
    • ISO 27017 and ISO 27018
    • BIO
    • ISO 27701 (Privacy)
    • NEN 7510
  • IT Assurance
    • SOC 2
  • Vacancies
  • Knowledge base
  • BC Academy
Discuss your situation
  • Information security
    • ISO 27001
    • NEN 7510
    • ISO 27799
    • ISO 27017 and ISO 27018
    • BIO
    • ISO 19770-1
  • Privacy
    • BC 5701
    • ISO 27701
    • GDPR standard BC 5701:2024 EN
  • IT assurance
    • SOC 2
    • ISAE 3402
    • ISAE 3000
  • Quality & continuity
    • ISO 9001
    • ISO 14001
    • ISO 22301
  • Knowledge & news
    • Knowledge articles
    • News
  • Academy
    • All training courses
    • NIS2 & CyFun
    • ISO 27001
  • About us
    • Accreditations
    • Careers
    • Compliment, complaint or tip
    • Locations
    • Privacy Statement
    • Contact

Preparing for certification

6
  • Certification checklist: how to prepare for certification
  • Do you have your first certification audit soon?
  • The certification process step by step
  • How long does ISO certification take?
  • How to conduct an internal audit
  • Describing the scope of certification: tips and examples

Audit process & certification cycle

7
  • Initial audit Stage 1
  • Initial audit Stage 2
  • What is a certification cycle?
  • Nonconformities within the management system
  • What should you know about certificate suspension or revocation?
  • Transfer of certification
  • The use of certification logos

Management systems & key concepts

6
  • Whitepaper management system audits
  • Quality Management: best practices for success
  • The Brand Compliance glossary
  • What is a management system?
  • Internal or external audit?
  • Accreditation versus certification

Information security

3
  • Excelling in information security: best practices
  • Operational Capabilities: The Backbone of Information Security
  • The Traffic Light Protocol (TLP): what does it mean for you?

NEN 7510 & healthcare

4
  • Transition to NEN 7510-1:2024
  • NEN 7510 without healthcare institution?
  • How to expand with NEN 7510
  • The differences between ISO 27001 and NEN 7510

NIS2 & CyberFundamentals

5
  • ISO 27001 in a NIS2 context in Belgium
  • Transition CyberFundamentals 2023 to 2025
  • Self-assessment & CyFun verification: best chance of success
  • NIS2 liability for board members
  • CyberFundamentals Framework in Belgium: what is the relationship with NIS2?

Privacy & data protection

8
  • Transition to ISO/IEC 27701:2025
  • GDPR compliance best practices
  • Data breach: What is it and how do you prevent it?
  • Your Data Protection Officer and the GDPR
  • Your record of processing activities and the GDPR
  • Checklist for your BC 5701 certification
  • BC 5701 certification: where do you start?

Assurance audits

1
  • ISAE 3402 vs SOC 2: what is the difference?
View Categories

Do you have your first certification audit soon?

Do you have your first certification audit soon and would you like to know what to expect? A certification audit is a systematic assessment carried out by an independent party to determine whether an organization meets the requirements of an applicable standard. This article provides a brief overview of how an audit generally proceeds, from preparation and the opening meeting to the audit activities, closing meeting and follow-up.

Preparation #

Before the audit, the lead auditor may request documents for preparation. Examples include an organization chart, a management review, relevant procedures or an overview of your management system. The lead auditor also prepares an audit plan. This plan describes, among other things, which parts of the organization will be assessed, who will be interviewed and when the audit activities will take place. The audit plan will be shared with you before the audit.

If the audit is an initial certification audit, it usually consists of a stage 1 audit and a stage 2 audit.

Opening meeting #

The audit starts on the agreed date with an opening meeting with the organization’s management and the employees involved. During this meeting, the lead auditor explains how the audit will proceed. Topics such as the audit objective, audit scope, audit plan, reporting language, confidentiality and the opportunity to ask questions are usually discussed.

For smaller organizations, the audit is often carried out by one lead auditor. For larger organizations, the lead auditor may manage an audit team. This allows the audit activities to be divided efficiently and helps the audit process run smoothly.

Audit activities #

first certification audit activities

After the opening meeting, the audit activities begin. The auditor assesses whether the organization meets the requirements of the applicable standard and the organization’s own management system. This assessment is performed using various audit methods, such as interviews, observations and review of documents and records. Audit evidence is collected and verified in order to establish audit findings.

For many organizations, the internal audit is an important part of the preparation. It enables the organization to assess in advance whether the management system has been implemented effectively and meets the applicable requirements.

Closing meeting and follow-up #

At the end of the audit, the findings are summarized and presented during the closing meeting. The auditor explains the audit conclusion and discusses any points for attention or nonconformities. If nonconformities have been identified, the organization will be given time to address them within a defined period. A nonconformity means that a requirement of the standard or the organization’s own management system has not been met.

After the audit and any required follow-up have been completed, the audit results are reviewed. If the certification decision is positive, Brand Compliance can issue the certificate. The certification cycle then starts, with periodic surveillance audits taking place during the validity period of the certificate.

Share This Article :

  • Facebook
  • X
  • LinkedIn
Updated on 3 July 2026
Certification checklist: how to prepare for certificationThe certification process step by step
Contents
  • Preparation
  • Opening meeting
  • Audit activities
  • Closing meeting and follow-up

Accreditation

RvA C548Brand Compliance B.V. has accreditation (C548) to certify ISO 27001, ISO 27701 NEN 7510 and ISO 9001 technical area 33 information technology and 35 other services.

View our accreditations

Contact

Have a question about certification, verification or assurance?

info@brandcompliance.com
+31 (0)73 220 2000

Prefer local contact details?
View our locations

Our locations

‘s-Hertogenbosch, The Netherlands

Antwerp, Belgium

Ottignies-Louvain-la-Neuve, Belgium

Stockholm, Sweden

Dublin, Ireland

Luxembourg, coming soon

Practical information

Privacy statement

Terms and conditions

Company details

Feedback and complaints

 

© Copyright 2026 Brand Compliance