The ISO9001 certificate is valid for 3 years, starting from the date of issuance. During the validity period, a supervisory audit is required at least once a year, typically every 12 months, hence the term 'annual audit'. Some certification bodies may require annual audits every 6 or 10 months. ISO certification audits are usually announced in advance, with some being surprise 'fly-by' inspections that can occur without notice at any time. To maintain the validity of the certificate, certified companies can ensure the additional points for certification in tenders and bids.
The procedure files are the next level of documents below the Quality Manual in the ISO9001 quality management system certification, outlining the general process for a particular task. The next level down is the work instruction. The procedure files store programs, including source and executable programs. Here, the term "program" is different from that in computer technology; it refers to the methods prescribed to complete a specific activity.

ISO9001 procedures and procedure documents. Procedures are the methods specified for completing an activity; documents that describe procedures are called procedure documents; the procedure documents store the procedures, including source code and executable programs.
ISO9001 Quality System Procedure Documents. These documents specify activities affecting quality; they are supporting documents to the Quality Manual; should include all requirements and provisions of the elements adopted in the quality system; each quality system procedure document should be tailored to a logically distinct activity within the quality system.

During the implementation of ISO45001 certification, senior management should review the organization's occupational health and safety management system at planned intervals to ensure its ongoing suitability, adequacy, and effectiveness.
The Management Review should consider the following matters:
Previous status of actions taken in management reviews; Changes in internal and external issues related to the ISO 45001 Occupational Health and Safety Management System, including: stakeholders' needs and expectations; legal and regulatory requirements; and organizational risks and opportunities.

Quality is controlled by humans, and humans are bound to make mistakes of one kind or another. How to prevent mistakes, reduce them, or give you as few opportunities to make them as possible is the essence of the ISO9000 family of standards. Preventive measures are an important improvement activity. They are spontaneous and proactive. One could say: An organization's ability to implement preventive measures is a manifestation of its management strength. Some organizations have no preventive measures record sheet after five or ten years of audits.
Of course, the ISO9000 series standards are viewed from the customer's perspective. Customers expect the ability of a company to prevent issues from occurring, so this is a consideration for customers when selecting suppliers.
Organizations are required to establish a documented procedure for preventive measures. Many, particularly small and medium-sized enterprises, merge this procedure with the corrective action procedure. This does not violate the standard requirements.
Purpose of ISO 9001 Certification
Supplier confirms that its quality system complies with the specified quality system requirements. Under contract terms, the supplier must verify to the specific customer that its quality system meets the requirements outlined in the contract. In the case of third-party certification, the supplier should confirm to the certifying body that its quality system satisfies the requirements of the applied quality assurance model.