How Nimblechapps acquired ISO Certification?


Kalrav Vaidya


Why did we want to get certified?

The International Organization for Standardization (ISO) certification creates credibility and confidence among clients, stakeholders, and other business partners. ISO certification ensures that the organization complies with global business norms, especially in trade situations. Apart from this business decision for us, it was a bit of a sentimental thing to get recognized internationally by ISO to validate our business processes. Other than clients, stakeholders, and other business partners, we so wanted to get certified for our team too. We believed that the team that could do miraculous things should be rewarded in some way, and we couldn't think of a better reward than rewarding the team with the certification that certified their standard practices, which are recognized and followed internationally by most ISO-certified companies. Today, when a member of our team identifies their company as an ISO Certified Company, we are filled with enormous pleasure. Therefore, for us, this was never just another document or certificate. It goes much beyond that. This certification might provide us with a plethora of chances in the global and local markets. Finally, it will greatly aid us in standing out from and well ahead of our adversaries.

How did we choose the right certification body for our certification?

When it comes to choosing the certification body to acquire the ISO certification, there are lots of different bodies available out there in the market that can get you the certification but choosing the correct one amongst all the options available could be a task. After doing some research, we have found that different organizations place different values on different aspects. To be able to obtain more value than merely a certificate stating that you are qualified, we took into account the following factors when choosing a certification organization.


We looked for reputed certification providers who follow the actual audit processes and then provide the certification. There are quite a few providers out there that just provide the certification for the sake of providing it. But we have chosen the certification body with a solid reputation.


There are ‘n’ numbers of the certification body that are providing the certification paper, but not everyone is accredited to do so; therefore, we decided to get certified by the certification body that is licensed by the IAF (i.e., International Accreditation Forum).


We looked for an experienced certification body and an auditor, as we did not want to get by quickly. We chose an experienced auditor because we wanted the audit to be completed thoroughly and did not want to miss out on some valuable insights from the audit. So we clearly asked the organization about the experience of the auditor and reviewed their CV and the list of companies that they have audited.

Integrated audit:

We started with ISO9001 & ISO27001 and are planning to acquire ISO14001. So we have asked our organization body to do an integrated audit, so instead of hiring two different auditors, we have hired an auditor who was capable of conducting the audit for both certifications. By doing so, we made the process a little smoother and faster, and at the same time, we saved a bit of cost there.

ISO certificates that IT companies must have and why?

From the research, we have concluded that to start with “ISO9001” & “ISO27001” are two certificates that any IT company must have. So we decided to start our ISO certification journey by acquiring these two certifications. ISO9001 is to ensure company products & services meet customer expectations and enhance customer satisfaction, and ISO27001 is for best practices of companies who are involved in the information security management system (ISMS).

What is the difference between chosen certificates?

ISO9001 focuses on consistently providing products and services that meet customer requirements and comply with the relevant regulations. In addition, the standard focuses on the continual improvements of the management system and aims to improve customer satisfaction.

ISO27001 focuses on establishing, implementing, maintaining, and continually improving the security management system. It is designed to assist the organization in managing the risks relating to information security, in turn providing confidence to interested parties that risks are managed. It considers risks relating to information security, such as mobile devices, the disposal of media, and network access.

Prerequisites to apply for each certification?

Here are the steps we followed when we applied for the certificates.

1. We developed our management system.

2. Implemented the management system that we have developed.

3. Conducted the audit and reviewed the process and its effectiveness.

4. Finally, registered the system by selecting the appropriate auditing body.

Related Post


Update multiple components on props change in react js

What are Props? The value of a tag's attributes is kept in the props type of object in ReactJs. The name "props" indicates "properties,"...


Hemal Halapani


Setting up redux thunk in react.js

What is Thunk? The past tense of thought is thunk. Hahaha, 😁 Jokes apart. Your redux operations, such as API requests, can...


Anjali Agnihotri


Top 3 free alternatives of Postman

The very first question we raise here is, What is a Postman actually? As we all know, Postman is an API platform for building and testing...


Kavita Purohit