In This Guide
- ISO 55001 certification follows a two-stage audit process: Stage 1 (documentation review) and Stage 2 (implementation verification).
- The certification cycle is 3 years, with annual surveillance audits in years 2 and 3.
- Auditors place heavy emphasis on "line of sight" from organizational objectives through SAMP to asset-level activities.
- Choose an accredited certification body with specific ISO 55001 and asset management sector experience.
- Typical timeline from Stage 1 to certificate issuance is 8-16 weeks, depending on findings and organizational responsiveness.
The Certification Journey
ISO 55001 certification demonstrates to regulators, customers, and stakeholders that your organization has implemented a structured, internationally recognized Asset Management System (AMS). The certification process follows the same two-stage approach used for all ISO management system standards, but with specific focus areas unique to asset management.
The full certification lifecycle spans three years:
- Year 1: Initial certification (Stage 1 + Stage 2 audits), certificate issued
- Year 2: Surveillance Audit 1 -- sample of AMS reviewed
- Year 3: Surveillance Audit 2 -- remaining areas sampled
- Year 4: Recertification audit -- full AMS reviewed, new 3-year cycle begins
Before engaging a certification body, your AMS must have been operational for a sufficient period (typically at least 3-6 months). You must have completed at least one full internal audit cycle covering all ISO 55001 clauses, at least one management review, and have evidence of asset management plan implementation. The SAMP must be documented and approved by top management.
Choosing a Certification Body
The choice of certification body (CB) significantly influences your audit experience, certificate credibility, and the value you derive from the certification process. Asset management certification requires specialist auditor competence that not all CBs possess.
Accreditation Requirements
Always verify that the CB holds accreditation for ISO 55001 from a recognized national accreditation body that is a signatory to the IAF Multilateral Recognition Arrangement (MLA):
- IAS -- International Accreditation Service (United States)
- ANAB -- ANSI National Accreditation Board (United States)
- UKAS -- United Kingdom Accreditation Service
- JAS-ANZ -- Joint Accreditation System of Australia and New Zealand
- DAkkS -- Deutsche Akkreditierungsstelle (Germany)
- NABCB -- National Accreditation Board for Certification Bodies (India)
Accreditation ensures auditor competence is assessed, audit processes are consistent, and your certificate is internationally recognized through the IAF MLA.
Selection Criteria
| Criterion | What to Look For |
|---|---|
| ISO 55001 Accreditation | Verify the CB holds specific accreditation for ISO 55001, not just other ISO standards |
| Sector Experience | Has the CB audited organizations in your sector (utilities, transport, mining, etc.)? |
| Auditor Competence | Do auditors have asset management qualifications (e.g., IAM Certificate/Diploma) and industry experience? |
| Geographic Coverage | Can they audit all sites in your scope, including remote or international locations? |
| Integration Capability | If you hold other certifications, can the CB conduct integrated audits? |
| Value-Add Approach | Does the CB provide constructive observations and improvement opportunities beyond conformity assessment? |
| Timeline Flexibility | Can they accommodate your preferred audit dates and delivery timelines? |
Stage 1: Documentation Review
The Stage 1 audit is the first formal step in the certification process. Its primary purpose is to assess whether your AMS documentation is sufficiently developed and whether your organization is ready to proceed to the Stage 2 implementation audit.
Stage 1 Objectives
- Review AMS documentation against ISO 55001 requirements
- Evaluate the scope and context of the AMS
- Assess the organization's understanding of ISO 55001 requirements
- Review the SAMP and its link to organizational objectives
- Verify internal audit and management review have been completed
- Review asset management plans and risk assessment
- Identify any areas of concern that could prevent Stage 2 success
- Plan Stage 2 audit activities, including site visits and interview schedule
Key Documents Reviewed
- AMS Scope Statement: Clear definition of asset portfolio, boundaries, and exclusions
- Asset Management Policy: Approved by top management, linked to organizational purpose
- Strategic Asset Management Plan (SAMP): Organizational objectives translated to AM objectives
- Asset Management Plans: Lifecycle plans for key asset groups
- Risk Assessment: Asset-related risks identified, assessed, and treated
- Asset Register / Portfolio Overview: Asset inventory with hierarchy, condition, criticality
- Roles and Responsibilities: AMS governance structure and role definitions
- Competence Records: Training and competence evidence for key AM personnel
- Internal Audit Records: Audit programme, reports, and findings
- Management Review Minutes: Leadership oversight evidence with inputs and outputs
- Performance Monitoring: KPIs, dashboards, and performance reports
Stage 1 Duration and Format
Stage 1 typically takes 1-3 days depending on organization size and scope complexity. It can be conducted on-site, remotely, or as a hybrid. For asset management, on-site is preferred to allow the auditor to get an initial understanding of the asset portfolio and operating environment.
Stage 1 Outcomes
- Proceed to Stage 2: Documentation is adequate and organization is ready
- Proceed with Observations: Minor areas to address; Stage 2 can proceed as planned
- Delay Stage 2: Significant documentation gaps or readiness concerns require remediation before Stage 2
The interval between Stage 1 and Stage 2 is typically 4-8 weeks. This allows time to address any Stage 1 observations while maintaining audit momentum. The gap should not normally exceed 6 months.
Stage 2: Certification Audit
Stage 2 is the main certification audit. It verifies that your AMS is not just documented but is implemented, operational, and effective across the organization.
Stage 2 Objectives
- Confirm the AMS conforms to all ISO 55001 requirements
- Verify policies, SAMP, and asset management plans are implemented and followed
- Assess the effectiveness of asset management processes
- Evaluate line of sight from organizational objectives to operational activities
- Review asset data quality and its use in decision-making
- Verify internal audit and management review effectiveness
- Confirm awareness and competence of personnel at all levels
- Assess continual improvement and preventive action mechanisms
Audit Methods
- Interviews: Discussions with top management, asset managers, maintenance teams, planners, finance representatives, and operational staff. Auditors test understanding and engagement at all levels.
- Document and Record Review: Examination of the SAMP, asset management plans, maintenance records, work orders, investment decisions, risk registers, and performance reports
- Site Visits and Observation: Walking asset sites to observe condition, maintenance practices, signage, safety arrangements, and operational procedures. For utilities, this may include visiting treatment works, substations, or network infrastructure.
- Line of Sight Testing: Auditors select specific assets or activities and trace the decision chain: Why is this maintenance done? Which plan does it support? How does the plan link to the SAMP? What organizational objective does the SAMP reference?
- Sampling: Selecting samples of work orders, investment decisions, competence records, and risk assessments to verify consistent application across the portfolio
What Auditors Focus On
| Focus Area | What Auditors Look For |
|---|---|
| Line of Sight | Can operational staff explain how their work connects to organizational objectives? Is the SAMP-to-plan-to-activity chain traceable? |
| SAMP Quality | Is the SAMP a living document that drives decisions, or a shelf document? Does it cover appropriate planning horizons? |
| Risk-Based Decision-Making | Are asset investment and maintenance decisions informed by risk assessment? Is there evidence of risk-based prioritisation? |
| Asset Data | Is the asset register accurate and complete? Is condition data current? Is data used to inform decisions? |
| Lifecycle Management | Do plans cover the full lifecycle? Are acquisition, renewal, and disposal decisions made within a lifecycle framework? |
| Performance Measurement | Are KPIs meaningful and linked to objectives? Is performance data acted upon? Are trends analysed? |
| Leadership Engagement | Does top management demonstrate genuine understanding and commitment? Is there evidence beyond signed policies? |
Stage 2 Duration
Audit duration is calculated based on organization size, number of sites, and asset portfolio complexity:
| Organization Size | Stage 2 Days (approx.) | Total Initial Audit Days |
|---|---|---|
| 1-25 employees | 3 days | 4 days |
| 26-85 employees | 4-5 days | 5-7 days |
| 86-175 employees | 6-7 days | 8-9 days |
| 176-425 employees | 8-10 days | 10-13 days |
| 426-625 employees | 10-12 days | 13-15 days |
| 626+ employees / multi-site | 12-20+ days | 15-25+ days |
Multi-site organizations require additional audit days for site sampling. Not every site is visited during the initial audit, but a representative sample must be covered, with the remainder addressed during surveillance audits.
Certification Decision
After the Stage 2 audit, the process moves to the certification decision:
- Audit Report: The lead auditor prepares a detailed audit report documenting findings, observations, and a recommendation
- Corrective Actions: If nonconformities were raised, the organization must submit corrective action plans (and evidence of implementation for major NCs) within agreed timescales
- Technical Review: The CB's independent reviewer examines the audit report and corrective actions
- Certification Committee: The CB's certification committee makes the formal decision to grant, defer, or decline certification
- Certificate Issuance: Upon positive decision, the ISO 55001 certificate is issued, typically valid for 3 years
Types of Findings
- Major Nonconformity: Absence or complete breakdown of a required AMS element. Must be resolved and verified before certification can be granted. Examples: no SAMP, no evidence of management review, complete absence of risk assessment.
- Minor Nonconformity: A single instance or isolated lapse in conformity. Corrective action plan is accepted at Stage 2; implementation verified at the first surveillance audit. Examples: one asset group without a maintenance plan, incomplete training records for a specific role.
- Observation / Opportunity for Improvement (OFI): An area where the AMS meets minimum requirements but could be enhanced. Not a conformity issue; no corrective action required but the organization may choose to act.
Corrective Action Timeframes
- Major NC: Must be closed within 90 days. Evidence of implementation reviewed and verified by the audit team before certification decision.
- Minor NC: Corrective action plan accepted. Implementation verified at the first surveillance audit (within 12 months).
Surveillance Audits
Annual surveillance audits ensure your AMS continues to operate effectively and conform to ISO 55001 requirements.
Surveillance Scope
Each surveillance audit covers a sample of the AMS, typically including:
- Internal audits and management review (every surveillance)
- Actions on previous nonconformities
- SAMP review and update status
- Asset management plan implementation progress
- Risk register currency and treatment progress
- Performance monitoring results and trend analysis
- Changes to the organization, assets, or context
- Continual improvement activities
- Selected clauses and asset groups (rotated to ensure full coverage over the cycle)
Surveillance Duration
Typically 30-40% of the initial audit duration per surveillance visit. Over the 3-year cycle, all ISO 55001 clauses and a representative sample of the asset portfolio are covered.
Certification can be suspended or withdrawn if: surveillance audits are not completed within the required timeframe, major nonconformities are not resolved, or the organization significantly changes its AMS scope without notifying the CB. Maintain regular communication with your CB and plan surveillance dates well in advance.
Recertification
Before the 3-year certificate expires, a recertification audit is required to continue certification.
Recertification Scope
- Complete AMS review against all ISO 55001 clauses
- AMS performance over the entire certification cycle
- SAMP evolution and strategic alignment
- Asset management plan outcomes vs. objectives
- Changes to scope, organisation, regulatory environment, or asset portfolio
- Previous audit findings and their long-term resolution
- Maturity development and continual improvement evidence
Planning Recertification
Plan recertification 3-4 months before certificate expiry. If the certificate expires before recertification completes, certification lapses and the organization may need to undergo a full initial certification process again. Most CBs will issue reminders, but the responsibility lies with the organization.
Recertification Duration
Typically equivalent to 60-70% of the initial audit duration. If significant changes have occurred (new sites, expanded scope, major organizational restructuring), additional audit time may be required.
Typical Certification Timeline
The following table shows a typical timeline from the start of the audit engagement to certificate issuance:
| Phase | Duration | Key Activities |
|---|---|---|
| CB Selection & Contract | 2-4 weeks | Request proposals, evaluate CBs, sign contract, agree audit schedule |
| Pre-Audit Preparation | 4-8 weeks | Finalize documentation, complete internal audit cycle, conduct management review, prepare staff |
| Stage 1 Audit | 1-3 days | Documentation review, readiness assessment, Stage 2 planning |
| Gap Closure (Stage 1 to Stage 2) | 4-8 weeks | Address Stage 1 observations, finalize any remaining implementation, prepare teams for audit |
| Stage 2 Audit | 3-20+ days | Implementation verification: interviews, site visits, evidence review, line of sight testing |
| Corrective Actions | 2-12 weeks | Resolve nonconformities, submit evidence to CB |
| Technical Review & Decision | 2-4 weeks | CB technical review, certification committee decision |
| Certificate Issuance | 1-2 weeks | Certificate produced and issued |
Total elapsed time from Stage 1 to Certificate: Typically 8-16 weeks for organizations with a well-implemented AMS. Organizations with significant findings may take longer.
From AMS implementation start to certification, most organizations should plan for 12-24 months depending on starting maturity and available resources. The audit process itself (Stage 1 to certificate) adds 2-4 months on top of implementation time.
How to Prepare for Your ISO 55001 Audit
Thorough preparation is the single most important factor in audit success. Organizations that prepare well achieve certification faster with fewer findings.
Before Stage 1
- Complete all mandatory documentation: AMS scope, policy, SAMP, asset management plans, risk assessment, roles and responsibilities
- Conduct a thorough internal audit: Cover all ISO 55001 clauses. Use auditors who understand asset management (not just management system auditing)
- Complete management review: Ensure all required inputs are covered and outputs (decisions, actions) are documented
- Self-assess line of sight: Pick 5-10 operational activities and trace them back to organizational objectives via asset management plans and the SAMP. If you cannot make the connection, address the gap
- Prepare key staff: Brief all personnel who may be interviewed on AMS awareness, their role in asset management, and key policy and objective information
Before Stage 2
- Address all Stage 1 observations: Do not leave any noted gaps unresolved
- Ensure evidence is accessible: Organise documentation, records, and data so they can be quickly retrieved during the audit. Consider creating an evidence index
- Brief site teams: If site visits are planned, ensure local teams understand the audit process and can demonstrate their asset management activities
- Prepare a management presentation: Auditors often request an opening meeting where management presents an overview of the AMS, objectives, and performance. Have a concise, honest presentation ready
- Test your KPIs: Ensure performance data is current, accurate, and tells a clear story about AMS effectiveness
- Review corrective actions: Ensure all open corrective actions from internal audits are being progressed
During the Audit
- Be honest and open: Auditors appreciate transparency. If something is not yet mature, acknowledge it and explain your improvement plan
- Provide evidence, not explanations: When asked about a process, show the documented procedure, records, and results -- not just verbal descriptions
- Assign a knowledgeable guide: Appoint someone to escort auditors, arrange interviews, and locate evidence efficiently
- Take notes: Record auditor questions and observations. This helps with corrective action planning and future audit preparation
Common ISO 55001 Audit Findings
Based on audit experience across asset-intensive sectors, the following are the most frequently identified nonconformities and observations during ISO 55001 certification audits:
Clause 6 (Planning) -- Most Frequent
- Weak line of sight: Organizational objectives do not clearly connect through the SAMP to asset management plans and operational activities
- SAMP lacks substance: The SAMP exists but does not meaningfully translate strategy to asset management direction. Planning horizons are too short for the asset portfolio
- Asset management objectives are not measurable: Objectives are aspirational statements rather than measurable, time-bound targets
- Risk assessment does not drive decisions: Risk register exists but is not used to prioritise maintenance, investment, or renewal
Clause 5 (Leadership)
- Leadership disengagement: Top management signed the policy but cannot articulate what the AMS means for the organization
- Asset management treated as engineering-only: Finance, HR, and IT are not engaged in asset management governance
Clause 7 (Support)
- Asset data quality: Incomplete asset registers, outdated condition data, missing maintenance history records
- Competence gaps: No formal competence framework for asset management roles
- Financial-technical disconnect: Engineering and finance teams work with different asset data and do not share a common view
Clause 8 (Operation)
- Maintenance not linked to plans: Day-to-day maintenance activities are not traceable to documented asset management plans
- Change management absent: No formal process for managing changes to assets, processes, or the AMS
- Outsourcing not controlled: Contractor activities are not adequately specified, monitored, or evaluated
Clause 9 (Performance Evaluation)
- KPIs measure activity, not outcomes: Metrics track work orders completed rather than asset availability or risk reduction
- Data not acted upon: Performance reports are produced but there is no evidence of management response to trends
Clause 10 (Improvement)
- Reactive only: No evidence of preventive action or proactive improvement
- Root cause analysis is superficial: Corrective actions address symptoms rather than underlying systemic causes
The single most effective way to prepare is to conduct a rigorous internal audit with auditors who understand both ISO 55001 and asset management practice. Address findings before the certification audit. Auditors expect to see a maturing system, not a perfect one -- but they do expect honest self-assessment and genuine improvement actions.
Frequently Asked Questions
What happens in a Stage 1 ISO 55001 audit?
Stage 1 is primarily a documentation review. The auditor reviews your AMS scope, asset management policy, SAMP, asset management plans, risk assessment, internal audit results, and management review evidence. The purpose is to assess whether your AMS documentation is sufficiently developed and your organization is ready to proceed to the Stage 2 implementation audit.
How long does the ISO 55001 Stage 2 audit take?
Stage 2 duration depends on organization size and asset portfolio complexity. Small organizations (1-50 employees) typically require 3-4 days, medium organizations (50-250) need 5-7 days, and large organizations (250+) or multi-site operations may require 8-15+ days. Audit duration is calculated following IAF accreditation guidelines.
What do ISO 55001 auditors focus on?
Auditors focus heavily on line of sight (tracing from organizational objectives through SAMP to asset management plans and activities), SAMP quality and implementation, risk-based decision-making evidence, asset data quality and usage, performance measurement and improvement, and leadership engagement. They verify both documentation and actual implementation through interviews, observation, and evidence sampling.
Can ISO 55001 be audited together with other ISO standards?
Yes, integrated audits are common and efficient. ISO 55001 shares the Annex SL high-level structure with ISO 9001, ISO 14001, ISO 45001, and ISO 27001. Organizations with multiple certifications can schedule combined audits, reducing total audit days, cost, and disruption. Glocert International regularly conducts integrated audits covering multiple management system standards.
How much does ISO 55001 certification cost?
Certification costs vary by organization size, number of sites, and asset portfolio complexity. For a single-site SME, audit fees typically range from USD 8,000 to USD 25,000. Multi-site organizations with complex asset portfolios may incur fees of USD 25,000 to USD 80,000+. Additional costs include implementation resources, training, and any consultancy support used during AMS development.