ISO OS | Advanced Audit Management System for Certification Bodies

Streamlining Conformity Assessment through Intelligent Automation and IAF MD Alignment

The AuditOne ISO OS is a specialized ERP solution engineered specifically for Certification Bodies (CBs). Our platform is designed to automate the high-volume, non-judgmental phases of the ISO audit lifecycle, ensuring your technical experts can dedicate their focus to high-level risk assessment and quality-driven decision-making.

Unlike generic project management tools, AuditOne is built with deep-coded adherence to IAF Mandatory Documents (MD) and ISO/IEC 17021-1 requirements. We provide the structural framework necessary to maintain your Accreditation Status while scaling operations:

IAF MD Guidelines Integration: Automated workflows for audit duration calculations (MD 5), multi-site sampling (MD 1), and competence management (MD 7).
End-to-End Audit Lifecycle Automation: From initial Application Review and Contract Review to Stage 1/Stage 2 Planning, and final Certification Decision workflows.
Integrated Management System (IMS) Support: Seamlessly manage complex, multi-standard audits with unified Audit Evidence collection.

All Standard modules and functions are included in every ISO OS subscription unless otherwise agreed in writing.

Basic Modules

Module 1 — Applications

Client Onboarding & Sales

End-to-end intake flow from first client contact through signed contract. Covers the full sales and onboarding cycle.

Function / Feature

Description

Tier

Application Overview

Centralised dashboard of all incoming and active applications with status tracking, filtering, and quick navigation.

✓ Standard

Audit Day & Duration Calculation

Automated calculation of required audit days based on employee count, number of locations, applicable standards, complexity factors, and adjustable overrides. Supports multi-site and multi-standard audits.

✓ Standard

Availability Scheduling

Auditee availability and duration planning. Clients can select which weeks they are available for an audit.

✓ Standard

Pricing & Offer Calculation

Automated price calculation based on audit days, registration fees, auditor rates, and configurable discounts. Supports multi-stage inclusions and exclusions.

✓ Standard

Quote Generation

Automatic generation of a quote document from a certification body-provided template, shareable directly from the application.

✓ Standard

Contract Generation

Automatic generation of the client contract from a certification body-provided template, directly linked to application data.

✓ Standard

In-App Contract Signing

Clients can review, request revisions of, and digitally sign the contract and quote without leaving the portal.

✓ Standard

Contract Revision & Version History

Full revision tracking with version history, audit trail of changes, and revision requests between the certification body and client.

✓ Standard

PDF Export

Export signed contracts and quotes as PDF directly from the application.

✓ Standard

Client Application Portal

Dedicated client-facing intake form verified via OTP. Client can submit details about their company, specify availability and preferred or blocked weeks, and sign contract.

✓ Standard

Multi-Language Client Portal

The client portal supports language switching to accommodate international clients.

✓ Standard

Secure Link Management

Application links use expiring tokens. A certification body can extend link validity. Clients can request a new link via email verification after expiry.

✓ Standard

Draft Revert

Revert a submitted application back to draft so the client can amend data (e.g. add locations, standards, employees). Previously entered data is retained.

✓ Standard

Deal Status Management

Mark deals as lost or reactivate them. Permanently delete applications as required.

✓ Standard

Module 2 — Audits: Planning

Auditor Assignment & Audit Plan Generation

All pre-audit logistics: sourcing auditors, building the team, and generating the detailed audit plan.

Function / Feature

Description

Tier

Audit Overview

Dashboard of all upcoming, ongoing, and completed audits with key metadata and quick access.

✓ Standard

Certification Plan

High-level view of the full certification cycle. Manages which standards, locations, and controls are in or out of scope across all audit stages.

✓ Standard

Audit Listing (Auditor Marketplace)

Publish an audit to the internal or external auditor network so auditors can indicate availability and interest in participating.

✓ Standard

Auditor Assignment

View availability, qualifications, and conflicts of interest. Assign auditors in defined roles: Lead Auditor, Auditor, Technical Expert, and others.

✓ Standard

Audit Plan Generation

Automatic generation of a detailed day-by-day audit plan based on template, clauses/controls, auditor assignments, locations, working hours, lunch breaks, and rounding preferences.

✓ Standard

Multi-Stage & Multi-Standard Planning

Supports Stage 1 and Stage 2 audits, surveillance, recertification, and other audit types as defined in the certification plan.

✓ Standard

Plan Editing & Bulk Edits

Full manual editing of the generated audit plan. Bulk edit capabilities with validation checks for gaps, overlaps, and maximum daily audit hours.

✓ Standard

Calendar & Table View

View the audit plan in a table or interactive calendar format. Export to Excel.

✓ Standard

Module 3 — Audits: Execution

Evidence Collection & Fieldwork

Conducting the audit itself — document management, evidence collection, findings recording, and AI-assisted guidance.

Function / Feature

Description

Tier

Document Upload & Management

Upload client-submitted documents. Categorise by type, add name, publication date, and version number.

✓ Standard

Third-Party Source Integration

Connect external sources (e.g. Confluence, compliance platforms) to automatically fetch documents into ISO OS.

✓ Standard

Audit Execution Interface

Timeline-based execution interface aligned with the audit plan. Full clause and control structure visible with status indicators.

✓ Standard

Findings & Evidence Management

Attach evidence, add audit notes, and set conformity status (conformity, nonconformity, opportunity for improvement, etc.) for each clause and control.

✓ Standard

Expected Evidence & Key Questions

Pre-configured guidance per clause: expected evidence, key questions, and auditor notes to streamline fieldwork.

✓ Standard

AI Readiness Check

AI-powered pre-audit document check. Analyses uploaded documents and flags missing policies or evidence before fieldwork begins.

⬡ AI

AI Auditor Guidance (Stage-1 Agent)

AI assistant that processes all uploaded evidence, suggests findings, proposes audit questions for gaps, and recommends evidence attachments per clause and control.

⬡ AI

Module 4 — Audits: Reporting

Document Generation, Signing & Certificate Issuance

Generating, reviewing, signing, and distributing all audit documents and certificates.

Function / Feature

Description

Tier

Document Generation

Pre-fill report forms with organisational and audit data. Auditor reviews, adjusts, and generates the final document.

✓ Standard

Approval Workflow

Configurable approval cycles (e.g. lead auditor and reviewer sign-off) before final document generation. Full audit trail of approvals.

✓ Standard

Document Preview & Download

Preview generated documents in-app and download as formatted files.

✓ Standard

Client Signing Portal

Clients access a secure portal to view, sign, annotate, and process all audit documents without the certification body sending files externally.

✓ Standard

Audit Report (Auto-Generated)

A comprehensive audit report is automatically generated from execution findings, nonconformities, and evidence collected during the audit.

✓ Standard

Nonconformity Management

Track open nonconformities, assign corrective action deadlines, and link closures to evidence within the platform.

✓ Standard

Custom Certificate Issuance

Generate a branded certificate matching the certification body's design. Configurable to exact specifications.

✓ Standard

QR Code & Registry Verification

Generate QR codes and verification links (e.g. IAF database) embedded in certificates for real-time public verification.

✓ Standard

Module 5 — Auditors

Auditor CRM & Credential Management

Centralised auditor relationship management: onboarding, profile management, qualification tracking, and access control.

Function / Feature

Description

Tier

Auditor Profile Management

Create and maintain detailed auditor profiles including sector codes, technical codes, industry focus, certifications held, and languages spoken.

✓ Standard

Auditor Invitation & Onboarding

Invite auditors by email. Auditors activate their account via invitation link and complete their own profile setup.

✓ Standard

Document & Credential Verification

Auditors upload qualification documents. Certification body manually reviews and approves each auditor.

✓ Standard

Access Control per Audit

Define each auditor's access level per audit: Viewer, Auditor, or Lead Auditor.

✓ Standard

Activate / Deactivate Auditors

Enable or disable auditor access to the platform as required.

✓ Standard

Module 6 — Consultants

Partner Portal & Referral Management

Manage consulting partner companies that refer clients and assist with the application process on their behalf.

Function / Feature

Description

Tier

Consultancy Management

Add and manage consulting companies and their associated client relationships.

✓ Standard

Authorised Email Management

Define which email addresses within a consultancy are permitted to create and submit applications on behalf of clients.

✓ Standard

Consultant Portal Access

Consultants log in via a dedicated portal using their authorised email, create applications, share them with clients, and submit completed applications.

✓ Standard

Application Volume Tracking

Track and view the number of applications submitted by each consultancy partner.

✓ Standard

Activate / Deactivate Consultants

Enable or disable individual consultant access at any time.

✓ Standard

Module 7 — Clients

Client CRM

Complete client relationship management with full audit history, billing, contracts, certificates, and contact records.

Function / Feature

Description

Tier

Client Profile & History

Full client profile with all audit orders, history, and linked certification cycle information.

✓ Standard

Billing & Financial Records

Billing information, payment history, and financial documents accessible per client.

✓ Standard

Contract & Document Repository

All contracts, quotes, and generated audit documents linked to and accessible from the client record.

✓ Standard

Certificate Overview

View all issued certificates per client with validity periods and associated audit records.

✓ Standard

Contact Management

Manage multiple contacts per client organisation with roles and contact details.

✓ Standard

Module 8 — Analytics

Business Intelligence & Performance Monitoring

Business intelligence and performance monitoring across the certification body's operations.

Function / Feature

Description

Tier

Audit Volume & Activity

Monitor audit activity over time with lifetime and monthly views. Track open, ongoing, and completed audits.

✓ Standard

Standards & Certification Analytics

Breakdown of audits by ISO standard, certification type, and scheme.

✓ Standard

Revenue & Financial Analytics

Revenue tracking, billing summaries, and financial performance indicators.

✓ Standard

Conversion Analytics

Sales funnel analysis from application submissions through to signed contracts and completed certifications.

✓ Standard

Efficiency Metrics

Operational efficiency indicators including audit duration, planning time, and document turnaround.

✓ Standard

Consultancy Analytics

Track and compare referral and application volumes per consultancy partner.

✓ Standard

Module 9 — Configuration: Organisation Profile

Branding, Signatories & Operational Defaults

Central settings for the certification body's identity, branding, and operational defaults.

Function / Feature

Description

Tier

Organisational Details

Company name, registration details, address, and official organisational information.

✓ Standard

Branding & Whitelabelling

Upload logos and configure brand colours used across client-facing portals, documents, and communications.

✓ Standard

Authorised Signatories

✓ Standard

Operational Defaults

Configure default currency, time zones, support contacts, and system-wide defaults.

✓ Standard

Module 10 — Configuration: ISO Standards & Rates

Standard Portfolio & Fee Management

Manage the portfolio of offered certification standards and all associated financial and accreditation settings.

Function / Feature

Description

Tier

Standard Management

Add, activate, and deactivate ISO standards. Active standards are selectable in the client application form.

✓ Standard

Audit Type Configuration

Define which audit types are available per standard: initial certification, surveillance, recertification, transfer audit, and others.

✓ Standard

Fee & Rate Configuration

Set audit day fees, registration fees, and default or promotional discounts per standard and currency.

✓ Standard

Auditor Payment Rates

Define payment rates by auditor role: Lead Auditor, Auditor, Technical Expert, and others.

✓ Standard

Accreditation Details

Store accreditation numbers, validity dates, accreditation body links, and related documentation per standard.

✓ Standard

Module 11 — Configuration: Audit Plan Templates

Session Structure & Effort Allocation

Define the structure and time allocation for audit sessions by ISO standard to enable automated plan generation.

Function / Feature

Description

Tier

Session Template Builder

Define audit sessions per ISO standard (e.g. opening meeting, HR review, access control review) with associated clauses, controls, and story-point effort allocations.

✓ Standard

Fixed & Scaled Sessions

Set sessions to a fixed duration or scaled proportionally to total audit days using story points.

✓ Standard

Multiple Templates per Standard

Create multiple plan templates per ISO standard selectable during audit planning.

✓ Standard

Module 12 — Configuration: Execution Configuration

Rating Scales, Clause Guidance & AI Training

Customise the audit execution environment: rating scales, clause-level guidance, and AI assistant configuration.

Function / Feature

Description

Tier

Custom Rating Scale

Define the conformity rating scale used during execution (e.g. conformity, minor nonconformity, major nonconformity, opportunity for improvement) per standard or globally.

✓ Standard

Clause & Control Configuration

For each clause and control, configure expected evidence, key questions, audit phase mapping, and rating criteria.

✓ Standard

AI Assistant Configuration

Clause-level expectations and evidence requirements feed directly into the AI assistant to enable automated evidence analysis and rating suggestions.

⬡ AI

Module 13 — Configuration: User Management

Roles, Permissions & User Lifecycle

Manage internal team users, roles, permissions, and access across the ISO OS platform.

Function / Feature

Description

Tier

Role Management

Create custom roles with granular permission assignments across modules, sub-modules, and individual functions.

✓ Standard

Default Role Templates

Load pre-configured permission sets as a starting point. Fully editable by the certification body.

✓ Standard

Role-Based Access Control (RBAC)

Assign one or more roles to each user to govern their access across the platform.

✓ Standard

Discretionary Access Control (DAC)

Override or fully customise permissions at the individual user level, independent of assigned roles.

✓ Standard

User Invitation & Onboarding

Invite users by email. Users activate via invitation link and complete profile setup.

✓ Standard

User Lifecycle Management

Activate, deactivate, and reactivate users. Resend invitations. Reset passwords.

✓ Standard

User Activity Logs

Full activity log per user with timestamps, IP addresses, and action records. Exportable as CSV.

✓ Standard

Module 14 — Security & Platform

Authentication, Encryption & Data Residency

Platform-wide security controls and authentication mechanisms.

Function / Feature

Description

Tier

Two-Factor Authentication (2FA)

All users authenticate with password plus a one-time password (OTP) delivered by email.

✓ Standard

Automatic Session Expiry

Users are automatically logged out after inactivity or when access is detected from a new IP address.

✓ Standard

Data Encryption

All data encrypted in transit and at rest using industry-standard protocols.

✓ Standard

EU Data Residency

Data stored within the European Union to support GDPR and data sovereignty requirements.

✓ Standard

Comprehensive Audit Logs

Platform-wide action logging for oversight, compliance, and security monitoring.

✓ Standard

Advanced Modules

Advanced modules are optional add-ons. Inclusion in the contract is subject to separate agreement and pricing. AI-tagged functions require the Advanced tier.

Advanced Module A1 — AI Readiness Check

Pre-Audit Document Gap Analysis

Pre-audit AI agent that reviews all uploaded client documents and flags missing or insufficient evidence before fieldwork begins.

Function / Feature

Description

Tier

Document Gap Analysis

Automatically scans all uploaded documents against required evidence and policies per standard. Flags missing items.

⬡ AI

Readiness Report

Generates a structured readiness summary with identified gaps, enabling the certification body to notify the client before the audit.

⬡ AI

Advanced Module A2 — AI Auditor Guidance

AI Auditor Assistant & Evidence Analysis

AI assistant embedded in the audit execution interface to accelerate evidence review, question generation, and finding suggestions.

Function / Feature

Description

Tier

Evidence Extraction & Tagging

Processes all uploaded documents and automatically tags relevant content to corresponding clauses and controls.

⬡ AI

Advanced Module A3 — Phishing Simulator

Security Awareness Training

Built-in phishing simulation tool to run security awareness training exercises for clients.

Function / Feature

Description

Tier

Phishing Campaign Management

Design and launch phishing simulation campaigns targeting client employees to test security awareness.

★ Advanced

Results & Reporting

Track click rates, reporting rates, and employee behaviour. Generate reports for awareness training programmes.

★ Advanced

Advanced Module A4 — KYC / KYB Services

Identity & Business Verification

Integrated Know Your Customer and Know Your Business verification services.

Function / Feature

Description

Tier

Identity Verification (KYC)

Digital identity verification for individual contacts, integrated into the client onboarding workflow.

★ Advanced

Business Verification (KYB)

Corporate entity verification to confirm legitimacy and ownership structure of client organisations.

★ Advanced

Advanced Module A5 — Blockchain Certificate Publishing

Immutable, Publicly Verifiable Certification Records

Publish issued ISO certificates to the blockchain for immutable, publicly verifiable proof of certification.

Function / Feature

Description

Tier

On-Chain Certificate Record

Issue a cryptographic record of the certificate on the blockchain. Immutable and tamper-proof.

★ Advanced

Advanced Module A6 — Single Sign-On (SSO)

Enterprise Identity Federation

Enterprise identity federation allowing users to authenticate via your organisation's existing identity provider.

Function / Feature

Description

Tier

SSO Integration (SAML / OIDC)

Connect ISO OS to your corporate identity provider (e.g. Okta, Azure AD, Google Workspace) using SAML 2.0 or OpenID Connect.

★ Advanced

Automated User Provisioning

Automatically provision and deprovision user access based on identity provider group membership.

★ Advanced

Advanced Module A7 — Self-Hosted Deployment

On-Premises & Private Cloud

Deploy ISO OS on your own infrastructure for maximum data control and sovereignty.

Function / Feature

Description

Tier

On-Premises / Private Cloud Deployment

Full deployment of ISO OS on the certification body's own servers or private cloud environment.

★ Advanced

Dedicated Support & Maintenance

Dedicated technical support, update management, and SLA package for self-hosted instances.

★ Advanced

Advanced Module A8 — Custom Development & Integrations

Bespoke Features & White-Label Configuration

Bespoke features, custom integrations, and tailored configurations developed specifically for the certification body.

Function / Feature

Description

Tier

Custom API Integrations

Connect ISO OS to third-party systems (ERP, HRMS, billing, compliance tools) via custom API development.

★ Advanced

Custom Document Templates

Design and implement fully customised document templates aligned with the certification body's brand and legal requirements.

★ Advanced

Custom Workflow Development

Development of tailored workflows, approval chains, or features specific to the certification body's operational needs.

★ Advanced

Full White-Label Configuration

Custom domain, custom email domain, and removal of AuditOne branding. Full white-label deployment.

★ Advanced

PreviousWhat makes us different?NextFree Tools

Last updated 2 days ago

hashtagBasic Modules

hashtagModule 1 — Applications

hashtagClient Onboarding & Sales

hashtagModule 2 — Audits: Planning

hashtagAuditor Assignment & Audit Plan Generation

hashtagModule 3 — Audits: Execution

hashtagEvidence Collection & Fieldwork

hashtagModule 4 — Audits: Reporting

hashtagDocument Generation, Signing & Certificate Issuance

hashtagModule 5 — Auditors

hashtagAuditor CRM & Credential Management

hashtagModule 6 — Consultants

hashtagPartner Portal & Referral Management

hashtagModule 7 — Clients

hashtagClient CRM

hashtagModule 8 — Analytics

hashtagBusiness Intelligence & Performance Monitoring

hashtagModule 9 — Configuration: Organisation Profile

hashtagBranding, Signatories & Operational Defaults

hashtagModule 10 — Configuration: ISO Standards & Rates

hashtagStandard Portfolio & Fee Management

hashtagModule 11 — Configuration: Audit Plan Templates

hashtagSession Structure & Effort Allocation

hashtagModule 12 — Configuration: Execution Configuration

hashtagRating Scales, Clause Guidance & AI Training

hashtagModule 13 — Configuration: User Management

hashtagRoles, Permissions & User Lifecycle

hashtagModule 14 — Security & Platform

hashtagAuthentication, Encryption & Data Residency

hashtagAdvanced Modules

hashtagAdvanced Module A1 — AI Readiness Check

hashtagPre-Audit Document Gap Analysis

hashtagAdvanced Module A2 — AI Auditor Guidance

hashtagAI Auditor Assistant & Evidence Analysis

hashtagAdvanced Module A3 — Phishing Simulator

hashtagSecurity Awareness Training

hashtagAdvanced Module A4 — KYC / KYB Services

hashtagIdentity & Business Verification

hashtagAdvanced Module A5 — Blockchain Certificate Publishing

hashtagImmutable, Publicly Verifiable Certification Records

hashtagAdvanced Module A6 — Single Sign-On (SSO)

hashtagEnterprise Identity Federation

hashtagAdvanced Module A7 — Self-Hosted Deployment

hashtagOn-Premises & Private Cloud

hashtagAdvanced Module A8 — Custom Development & Integrations

hashtagBespoke Features & White-Label Configuration

Basic Modules

Module 1 — Applications

Client Onboarding & Sales

Module 2 — Audits: Planning

Auditor Assignment & Audit Plan Generation

Module 3 — Audits: Execution

Evidence Collection & Fieldwork

Module 4 — Audits: Reporting

Document Generation, Signing & Certificate Issuance

Module 5 — Auditors

Auditor CRM & Credential Management

Module 6 — Consultants

Partner Portal & Referral Management

Module 7 — Clients

Client CRM

Module 8 — Analytics

Business Intelligence & Performance Monitoring

Module 9 — Configuration: Organisation Profile

Branding, Signatories & Operational Defaults

Module 10 — Configuration: ISO Standards & Rates

Standard Portfolio & Fee Management

Module 11 — Configuration: Audit Plan Templates

Session Structure & Effort Allocation

Module 12 — Configuration: Execution Configuration

Rating Scales, Clause Guidance & AI Training

Module 13 — Configuration: User Management

Roles, Permissions & User Lifecycle

Module 14 — Security & Platform

Authentication, Encryption & Data Residency

Advanced Modules

Advanced Module A1 — AI Readiness Check

Pre-Audit Document Gap Analysis

Advanced Module A2 — AI Auditor Guidance

AI Auditor Assistant & Evidence Analysis

Advanced Module A3 — Phishing Simulator

Security Awareness Training

Advanced Module A4 — KYC / KYB Services

Identity & Business Verification

Advanced Module A5 — Blockchain Certificate Publishing

Immutable, Publicly Verifiable Certification Records

Advanced Module A6 — Single Sign-On (SSO)

Enterprise Identity Federation

Advanced Module A7 — Self-Hosted Deployment

On-Premises & Private Cloud

Advanced Module A8 — Custom Development & Integrations

Bespoke Features & White-Label Configuration