Contact Us

ISO 56001 Certification: A 7-Step Guide from Gap Analysis to Final Audit

Ready to get your organization ISO 56001 certified? This comprehensive guide provides a detailed 7-step project plan for the entire journey. We break down every stage, from securing leadership commitment and performing a gap analysis to preparing for the final two-stage audit. More importantly, learn why certification isn’t just about compliance, but about proving you have built an innovation engine that delivers real results.

Two people collaborate on website design, sketching wireframes on a whiteboard.

  • Published on

Key Takeaways

  • Certification is a Project: Approach ISO 56001 certification as a structured project with a clear beginning and end.
  • Internal Work First: A successful external audit requires a thorough Gap Analysis, a rigorous Internal Audit, and a formal Management Review.
  • Proven Evidence is Critical: The audit process relies on evidence. You must have documented processes and records.
  • It's a Two-Stage Process: The external audit includes a Stage 1 readiness review and a Stage 2 implementation audit.

    • Share

    This post is also available in: ไทย (Thai)

    So, you’ve read about the power of an Innovation Management System (IMS) and you see how the ISO 56001 standard can help you transform innovation from chaos into a controllable system. The next logical question is: what does it actually take to get certified?

    The path to ISO 56001 certification can seem daunting, but in reality, it’s a structured and logical journey. This structured journey is not just a theoretical exercise. Major global leaders in highly competitive industries, such as the multinational automotive components manufacturer Gestamp, have successfully achieved ISO 56001 certification, formally demonstrating their commitment to a world-class, systematic approach to innovation.

    Gestamp, a global leader in designing and manufacturing advanced metal components for the automotive industry, has become the first company to receive AENOR certification for its innovation management system under the newly released ISO 56001:2024 standard. This milestone reflects Gestamp’s strategic commitment to innovation as a core driver of excellence, evolution, and future mobility solutions.

    The certification recognizes Gestamp’s robust and structured innovation management system, which is embedded across its global innovation centers. With multidisciplinary teams and a visionary approach, the company ensures that innovation is not a one-off initiative but a continuous, integrated process aligned with its long-term strategy. This system enables Gestamp to deliver competitive, efficient, and sustainable results in a rapidly evolving industry.

    By transitioning from the Spanish UNE 166002 standard to ISO 56001, Gestamp reinforces its leadership in innovation and sends a strong signal of trust and capability to stakeholders. The certification not only validates its internal processes but also enhances its global positioning as a forward-thinking automotive supplier committed to shaping the future of mobility. 

    This guide breaks down the entire process into seven clear, manageable steps. We’ll walk you through the complete journey, from getting initial buy-in to achieving your final certification.

    7-step ISO 56001 implementation process: Leadership Commitment, Implementation, Internal Audit, External Audit, Gap Analysis, Training, Management Review.

    Step 1: Secure Leadership Commitment & Define the Scope

    Before you write a single document, your first step is to get formal commitment from your top management. This is a non-negotiable requirement of Clause 5 of the standard.

    • What to do: Present the business case for an IMS to your leadership. To learn exactly how to structure this argument and calculate tangible ROI, see our complete guide to building a business case for your C-Suite. Explain how it will help the organization achieve its strategic objectives.
    • Key Outcome: A clear, documented commitment from leadership and a defined scope for your IMS. This initial commitment is the most critical function of a “Future-Focused Leader.” To understand the principles behind effective innovation leadership, explore our guide on Strategic Foresight.

    Step 2: Conduct the Gap Analysis

    You can’t plan a journey without knowing your starting point. A gap analysis is a formal assessment that compares your organization’s current processes against the specific requirements of the ISO 56001 standard.

    Step 3: Plan & Implement Your IMS

    This is the “heavy lifting” phase where you close the gaps identified in Step 2. This involves developing and implementing the necessary processes, policies, and documentation to meet the standard’s requirements.

    • What to do: Create a detailed project plan from the Gap Analysis report. Your plan should consist of the following key activities:
      • Writing the official Innovation Policy: which is supported by top management.
      • Defining Core Processes: such as the process for identifying opportunities, creating and validating concepts, and developing solutions (Clause 8).
      • Creating a Measurement Framework: to define the metrics that will be used to evaluate innovation performance (Clause 9).
      • Stakeholder Management: to systematically build alliances and reduce internal resistance.
      • Preparing all necessary Documentation: as required by the standard.
    • Key Outcome: A functional Innovation Management System with all required processes and documentation in place.

    Step 4: Conduct Training & Build Awareness

    A system is useless if no one knows how to use it. Once the IMS is built, you must conduct training to ensure everyone understands their roles, responsibilities, and the new innovation processes.

    Step 5: Perform the Internal Audit

    Before you call in the external auditors, you must first audit yourself. ISO 56001 requires you to conduct an internal audit to verify that your IMS is functioning as intended and conforms to the standard.

    Step 6: Conduct the Management Review

    This is the final checkpoint before the external audit. Top management must formally review the performance of the IMS to ensure it is suitable, adequate, and effective.

    Step 7: The External Certification Audit

    This is the final step, conducted by an accredited, independent Certification Body. The audit is typically conducted in two stages: a Stage 1 (readiness review) and a Stage 2 (implementation audit). If you successfully pass the Stage 2 audit, the Certification Body will recommend you for ISO 56001 certification. This achievement is more than a certificate; it’s the creation of a valuable ‘Intangible Asset’ for your organization, increasing credibility with investors and partners.

    Beyond Compliance: Proving Your Innovation Engine Works

    Achieving ISO 56001 certification is a significant accomplishment. However, the most successful leaders understand that the certificate itself is not the goal. The true goal is to build a powerful, reliable innovation engine that consistently produces tangible outcomes and creates a sustainable competitive advantage.

    An audit can verify that you have a process in place, but the ultimate proof of your system’s capability is its output. The system is not just a checklist; it is a machine that must be able to create high-impact innovations on demand or periodically as the competitive situation requires.

    BOLD Group’s implementation philosophy. We believe the most effective way to ensure your IMS is a true competitive asset—and not just a set of documents—is to stress-test it with a real, high-stakes innovation project during the implementation process.

    Our Build Your Innovation OS service, therefore, includes a crucial “High-Impact Project” phase. We work alongside your team to run a significant innovation initiative through your newly designed system, from insight to launch. This approach doesn’t just prove compliance; it delivers three critical outcomes:

    1. It generates a tangible business result, providing an immediate ROI on the implementation itself.
    2. It trains your team in a real-world scenario, ensuring the new capabilities are deeply embedded.
    3. It guarantees the “machine” you’ve built is a powerful engine for growth, fully capable of meeting the ultimate objectives of the ISO 56001 standard.

    Frequently Asked Questions

      • How long does the entire certification process typically take?
      • While the typical range is 6 to 18 months, the exact timeline depends on factors like company size, process maturity, and the availability of a dedicated team.
      • What is a "Certification Body" and how do we choose one?
      • A Certification Body is an independent organization that conducts the audit. It's crucial to choose one that is "accredited" by a national or international board (like the IAF) to ensure their competence and impartiality.
      • What happens if we "fail" the audit?
      • More commonly, an auditor identifies "non-conformities." You will be given a set period to implement corrective actions. Once resolved, the certification can proceed.