Ask most businesses how their ISO certification went and the honest ones will tell you the same thing: the biggest pain points were either skipping the gap analysis or rushing through it.
A gap analysis is the foundational diagnostic step of any ISO implementation. Done properly, it gives you a precise map of where you are, where you need to be, and the work required to close the distance. Done poorly — or skipped entirely — it means you discover the gaps during your certification audit. That's the expensive way to find out.
What a proper gap analysis involves
- A clause-by-clause review of the standard's requirements against your current documentation and practices
- Interviews with key staff to understand what actually happens vs. what's documented
- An assessment of existing processes that may already meet requirements (many organisations have more in place than they realise)
- A prioritised list of gaps with effort estimates for closing each one
- A realistic project plan for the implementation phase
Why companies skip it
Usually it's one of three things: cost consciousness ("let's just start building"), impatience ("we need to be certified by Q3"), or overconfidence ("we already have processes, we just need the certificate"). All three are understandable — and all three make the overall project longer and more expensive.
What good looks like
A good gap analysis report should give you a clear view of your compliance percentage by clause, a prioritised action plan, and a realistic timeline to certification. At Havaya, we include a full gap analysis report as the first deliverable in every engagement — before a single procedure is written.
Book a discovery call to talk about what a gap analysis would involve for your organisation.