17021-1-2015 - Checklist - Final

UNITED ACCREDITATION FOUNDATION
CHECKLIST ON ISO/IEC 17021-1:2015 Effective 15th June 2016.

CONFORMITY ASSESSMENT – REQUIREMENTS FOR BODIES PROVIDING AUDIT & CERTIFICATION OF MANAGEMENT SYSTEMS-Part 1
Legend: C – Complies, O – Observation, T – To Address at office Assessment , N – Nonconformity, N/A – Not Applicable, F – Further information required
Clause Requirement Comments by CAB Findings by UAF

of 17021 Manual and/or Procedures reference
5 General Requirements Has been addressed
5.1 Legal and contractual matters As shown below
5.1.1 Legal responsibility
Is the certification body a legal entity, or a QCS Management is a Pvt. Ltd. Company registered in the year 2012 with
defined part of a legal entity, such that it can the Registrar of Companies, govt of India, in West Bengal under the
be held legally responsible for all its Companies act 1956 having 2 Directors with (50% : 50%) Share in the
certification activities? company having its registered office at 37E/1 ( 310)2 nd street, Modern Park,
Santoshpur, Kolkata- 700075. Possesses all statutory licenses like
certificate of incorporation, PAN, GST
A governmental certification body is deemed
to be a legal entity on the basis of its QCS is not a governmental certification body
governmental status.
5.1.2 Certification agreement
Does the certification body have a legally Covered under 5.1.2 and contractual agreement Annexure13. QCS has
enforceable agreement for the provision of Corporate office in Kolkata. All certification activities are dealt with by the
certification activities to its client? Corporate office.
Where there are multiple offices of a Not applicable for QCS
certification body or multiple sites of a client,
does the certification body ensure that there is
a legally enforceable agreement between the
certification body granting certification and
issuing a certificate, and all the sites covered
by the scope of the certification?
Page 1 of 74
ISO 17021:2011 Checklist for all CBs

5.1.3 Responsibility for certification decisions
Is the certification body responsible for its Covered under section 5.1.3 of the manual, Yes, same has been
decisions relating to certification, including the addressed in the certification contract. Refer the same under article 10 of
granting, refusing, maintaining of certification, the certification audit contract
expanding or reducing the scope of
certification, renewing, suspending or
restoring following suspension,, or
withdrawing of certification ?
5.2 Management of impartiality
5.2.1 Conformity assessment activities shall be Covered under 5.2.1 of the Manual. Top Management commitment is stated
undertaken impartially. The CAB shall be to be available on web-site of the CB website: www.qcspl.com
responsible for the impartiality of its
Unbiased audit is emphasized upon
conformity assessment activities and shall not
allow commercial, financial or other pressures
to compromise impartiality
5.2.2 The CAB shall have top management The analysis is referred in 5.2.2 of Manual and requirements covered in
commitment to impartiality in management Annexure 17 and Annexure 3 and 17 has been amended accordingly. Form
system certification activities. The CAB shall for conflict of interest and confidentiality agreement is available and
have a policy that it understands the maintained
importance of impartiality in carrying out its
management system certification activities,
manages conflict of interest and ensures the
objectivity of its management system
certification activities.
NOTE: A relationship that threatens the impartiality of The same has been addressed in article 7 of the certification audit contract
the certification body can be based on and the conflict of interest form. same are followed during deputation of an
ownership, governance, management, auditor for a particular audit.
personnel, shared resources, finances,
contracts, marketing and payment of a sales
commission or other inducement for the
referral of new clients, etc.


5.2.3 The CAB shall have a process to identify, The same has been addressed in the section 5.2.3 of the manual.The
analyse, evaluate, treat, monitor, and residual risks have been addressed in the certification audit contract. It is
document the risks related to conflict of ensured the audits are carried in an impartial manner. Refer annex 13 of the
interests arising from provision of certification certification audit contract.
including any conflicts arising from its
relationships on an ongoing basis. Where
there are any threats to impartiality, the CAB
shall document and demonstrate how it
eliminates or minimizes such threats and
document any residual risk. The
demonstration shall cover all potential threats
that are identified, whether they arise from
within the CAB or from the activities of other
persons, bodies or organizations. When a
relationship poses an unacceptable threat to
impartiality (such as a wholly owned
subsidiary of the CAB requesting certification
from its parent), then certification shall not be
provided.
Record Ref: Annex 17 - Risk analysis – QCS Also addressed in
Top management shall review any residual section 5.2.3 of DOC NO:QCS/M/01, ISSUE – 02, REV - 04
risk to determine if it is within the level of
acceptable risk.
The risk assessment process shall include Record Ref: Annex 17 - Risk analysis – QCS Also addressed in
identification of and consultation with section 5.2.3 of DOC NO:QCS/M/01, ISSUE – 02, REV - 04
appropriate interested parties to advise on
matters affecting impartiality including
openness and public perception. The
consultation with appropriate interested
parties shall be balanced with no single
interest predominating.
5.2.4 A CAB shall not certify another CAB for its Has been addressed in section 5.2.4 of the Quality manual.QCS no way
quality management system. caters to the needs of certifying another CAB


5.2.5 The CAB and any part of the same legal entity Addressed in section 5.2.5 of the Quality manual. It is also reflected in the
and any entity under the organizational control conflict of interest format and management of impartiality section
of the CAB [see 9.5.1.2, bullet b)] shall not
offer or provide management system
consultancy. This also applies to that part of
government identified as the CAB.
5.2.6 The carrying out of internal audits by the CAB
and any part of the same legal entity to its
certified clients is a significant threat to Addressed in section 5.2.6 of the Quality manual and also covered in the
impartiality. Therefore, the CAB and any part conflict of interest form to be signed by the auditor.
of the same legal entity and any entity under
the organizational control of the CAB [see
9.5.1.2, bullet b)] shall not offer or provide
internal audits to its certified clients. A
recognized mitigation of this threat is that the
CAB shall not certify a management system
on which it provided internal audits for a
minimum of two years following the
completion of the internal audits.
5.2.7 Where a client has received management Has been addressed in section 5.2.7 of the Quality manual impartiality
systems consultancy from a body that has a section
relationship with a CAB, this is a significant
threat to impartiality. A recognized mitigation
of this threat is that the CAB shall not certify
the management system for a minimum of two
years following the end of the consultancy.
NOTE 1 Allowing a minimum period of two years to Noted in the conflict of interest format of QCS to ensure that audit is
elapse following the end of the management unbiased and impartiality is maintained. Refer QCS/COI/02/F
system consultancy is one way of reducing
the threat to impartiality to an acceptable
level.
5.2.8 Does the certification body outsource audits to Covered under 5.2.8 of Manual. It is never done to ensure impartiality
a management system consultancy
organization?


5.2.9 Is the certification body's activities marketed QCS does not market certification services along with any
or offered as being linked with the activities of consultancy organisation. Refer section 5.2.9 of the manual.
an organization that provides management
system consultancy?
Does the certification body take action to QCS does not market certification services along with any
correct inappropriate claims by any consultancy organisation. Refer section 5.2.9 of the manual.
consultancy organization stating or implying
that certification would be simpler, easier,
faster or less expensive if the certification
body were used?
Does the certification body state or imply that QCS does not market certification services along with any
certification would be simpler, easier, faster or consultancy organisation. Refer section 5.2.9 of the manual.
less expensive if a specified consultancy
organization were used?
5.2.10 In order to ensure that there is no conflict of QCS ensures the same via Conflict of Interest & Confidentiality
interests, personnel who have provided Agreement (QCS/COI/02/F) signed by the auditors for every
management system consultancy, including organization audited by them separately.
those acting in a managerial capacity, shall
not be used by the CAB to take part in an
audit or other certification activities if they
have been involved in management system
consultancy towards the client. A recognized
mitigation of this threat is that personnel shall
not be used for a minimum of two years
following the end of the consultancy.
5.2.11 Does the certification body take action to Addressed in section 5.2.11 of the quality manual.
respond to any threats to its impartiality
arising from the actions of other persons,
bodies or organizations?
5.2.12 How does the certification body ensure that all QCS ensures the same via Conflict of Interest & Confidentiality
personnel, either internal or external, or Agreement (QCS/COI/02/F) signed by the auditors for every
committees, who could influence the organization audited by them separately. Also addressed in section
certification activities, act impartially and not 5.2.12 of the manual
allow commercial, financial or other pressures
to compromise impartiality?


5.2.13 CABs shall require personnel, internal and QCS will gather information which may cause threat to impartiality
external, to reveal any situation known to from all personnel- internal and external persons and this
them that can present them or the CAB with a information will be used in the conflict of interest analysis by the
conflict of interests. CABs shall record and ICM members together with MD/QM. It is a synopsis of the section
use this information as input to identifying 5.2.13 of the manual
threats to impartiality raised by the activities of
such personnel or by the organizations that
employ them, and shall not use such
personnel, internal or external, unless they
can demonstrate that there is no conflict of
interest.
5.3 Liability and financing
5.3.1 Can the certification body demonstrate that it QCS has done the analysis of the risk associated with the
has evaluated the risks arising from its certification activities and adequate arrangements have been done
certification activities? to cover the liabilities.
Ref Doc no: Annex 18
Does the certification body have adequate QCS has done the analysis of the risk associated with the
arrangements (e.g. insurance or reserves) to certification activities and adequate arrangements have been done
cover liabilities arising from its operations in to cover the liabilities.
each of its fields of activities and the Ref Doc no: Annex 18
geographic areas in which it operates?
5.3.2 Does the certification body evaluate its DOC NO:QCS/M/01, ISSUE – 02, REV - 04 section 5.3.2
finances and sources of income and addresses the same
demonstrate to the committee specified in 6.2
that initially, and on an ongoing basis,
commercial, financial or other pressures do
not compromise its impartiality?


6 Structural requirements DOC NO:QCS/M/01, ISSUE – 02, REV - 04 section 6
6.1 Organizational structure and top Has been shown

management
6.1.1 Has the certification body documented its 6.1.1 Organisational Structure is as per the Annex-1
organizational structure, showing duties, Has been shown in the Quality Manual
responsibilities and authorities of
management and other certification personnel
and any committees?
When the certification body is a defined part QCS is not a defined part of a legal entity and only some marketing
of a legal entity, does the structure include the locations are there who are doing branding, liaison. All the certification
line of authority and the relationship to other functions are controlled from QCS only Addressed in section 6.1.1 of the
parts within the same legal entity? manual.
6.1.2 Certification activities shall be structured and Details of impartiality management have been defined in QCS
managed so as to safeguard impartiality. website also the impartiality policy has been stated clearly.
6.1.3 The CAB shall identify the top management Addressed as shown below
(board, group of persons, or person) having
overall authority and responsibility for each of
the following:
a) development of policies and establishment of Annex-1
processes and procedures relating to its Has been shown in the Quality Manual
operations;;
b) supervision of the implementation of the Annex-1
policies and procedures; Has been shown in the Quality Manual
c) Details of impartiality management has been defined in QCS
ensuring impartiality;
website also the impartiality policy has been stated clearly.
d) Annex-1
supervision of the finances of the body
Has been shown in the Quality Manual
e) development of management system Annex-1
certification services and schemes; Has been shown in the Quality Manual
f) performance of audits and certification, and Annex-1
responsiveness to complaints; Has been shown in the Quality Manual


g) Annex-1
decisions on certification;
Has been shown in the Quality Manual
h) delegation of authority to committees or Annex-1
individuals, as required, to undertake defined Has been shown in the Quality Manual
activities on its behalf;
i) contractual arrangements; Certification audit contract Annexure 13 covers the same
j) Provision of adequate resources for List of auditors maintained
certification activities?
6.1.3 Does the certification body have formal rules QCS have formal rules for the appointment, terms of reference and
for the appointment, terms of reference and operation of any committees that are involved in the certification
operation of committees involved in the activities. Section 6.1.3 of the manual
6.2 Operational control
6.2.1 The CAB shall have a process for the DEFINED IN MANUAL UNDER SECTION 6.2.1
effective control of certification activities
delivered by branch offices, partnerships,
agents, franchisees, etc., irrespective of their
legal status, relationship or geographical
location. The CAB shall consider the risk that
these activities pose to the competence,
consistency and impartiality of the CAB.
6.2.2 The CAB shall consider the appropriate level
and method of control of activities undertaken
including its processes, technical areas of
CABs’ operations, competence of personnel, DEFINED IN MANUAL UNDER SECTION 6.2.2
lines of management control, reporting and
remote access to operations including
records.
7 Resource requirements Refer Quality manual section 7
7.1 Competence of management and Refer Quality manual section 7
personnel
7.1.1 General considerations Refer Quality manual section 7


7.1.1 The CAB shall have processes to ensure that QCS ensures that the personnel have the relevant knowledge and expertise
personnel have appropriate knowledge and in the respective state/regions and they have the relevant qualification
skills relevant to the types of management for the respective management standard for the certification process
systems (e.g. environmental management Addressed in section 7.1.1 of the manual.
systems, quality management systems,
information security management systems)
and geographic areas in which it operates.
Has the certification body determined the QCS ensures that the personnel have the relevant knowledge and expertise
competence required for each technical area in the respective state/regions and they have the relevant qualification
(as relevant for the specific certification for the respective management standard for the certification process
scheme), and for each function in the Addressed in section 7.1.1 of the manual.
certification activity?
Has the certification body determined the Their credentials are verified before they are put on the jobs. The specific
means for demonstrating competence prior to criteria for the management personnel is also addressed in the
carrying out specific functions? Criteria is defined in details in annex 5
7.1.2 Determination of competence criteria

7.1.2 Does the certification body have a Covered under 7.1.2 of Manual & refer Annexure-2, Annexure-5 &
documented process for determining the Annexure-6
competence criteria for personnel involved in
the management and performance of audits Annexure-2- Responsibility &
and certification? Authority
Annexure-5– Qualification Criteria
Annexure-6 Selection of (Auditors
and Experts)
Has the certification body determined the Refer minimum code competence document maintained for all IAF codes
competence criteria for each type of
management system standard or
specification, for each technical area, and for
each function in the certification process?


Is the output of the process the documented Addressed in section 7.1.2 of the manual
criteria of required knowledge and skills
necessary to effectively perform audit and
certification tasks to be fulfilled to achieve the
intended results?
Does the certification body apply the Annex A specifies the knowledge and skills that QCS have define for
knowledge and skills for specific functions specific functions. Where additional specific competence criteria
defined in Annex A? have been established for a specific standard or certification
scheme, these shall be applied.
Does the certification body apply any In case required, the competence criteria is defined and necessary
additional specific competence criteria where documents amended.
they have been established for a specific
certification scheme, e.g. ISO/TS 22003
(Food safety management systems).
NOTE The term 'technical area' can be
applied differently depending on the
management system standard being
considered. For any management system, the
term is related to products and processes in
the context of the scope of the management
system standard. The technical areas can be
defined by a specific certification scheme (e.g.
ISO/TS 22003); or can be determined by the
certification body.
See standard for examples of the application
of the term 'technical area' for different types
of management systems.
7.1.3 Evaluation processes


7.1.3 Does the certification body have documented As per cl 7.1.3 of QM , QCS has developed a procedure P 14 for the initial
processes for the initial competence competence evaluation and on-going monitoring of competence and
evaluation, and on-going monitoring of performance of all personnel involved in the management and performance
competence and performance of all personnel of audits and certification.
involved in the management and performance
of audits and certification, applying the
determined competence criteria?
Is the certification body able to demonstrate Done through review of audit reports and witnessing from time to time
that its evaluation methods are effective?
Is the output from these processes being to Competence shall be demonstrated prior to the individual taking the
identify personnel who have demonstrated the responsibility for the performance of their activities within QCS.
level of competence required for the different
functions of the audit and certification
process?
NOTE A number of evaluation methods that
can be used to evaluate knowledge and skills
are described in Annex B.
7.1.4 Other considerations
Does the certification body, in determining the Described in section 7.1.4 of the manual as well as annexures.
competence requirements for its personnel
performing certification, address the functions
undertaken by management and
administrative personnel in addition to those
directly performing audit and certification
activities?
Does the certification body have access to the QCS have access to the necessary technical expertise for advice on
necessary technical expertise for advice on matters directly relating to certification activities for all technical
matters directly relating to certification for areas, types of management systems and geographic areas in which
technical areas, types of management system the CAB operates. Such advice may be provided externally or by
and geographic areas in which the CAB personnel.
certification body operates?


7.2 Personnel involved in the certification Addressed as shown below
activities
7.2.1 The CAB shall have sufficient, competent 7.2.1 QCS has adequate manpower to manage all the relevant
personnel for managing and supporting the management functions to carry
type and range of audit programmes and Out the respective functions as per the needs of the audit
other certification work performed. programmes and manage the jobs of the review of the reports,
approval of auditors, issuance of certificates and monitoring the
certification /surveillance/recertification etc.
Details are defined in the organisation chart (Annex1) and
responsibility chart (Annex 2)
All the personnel involved in the certification activity are ethical, open-
minded, diplomatic, observant, perceptive, versatile, tenacious, decisive,
and self-reliant. All the personnel are trained and examined in the
Orientation Programme to meet the requirement
7.2.2 Does the certification body employ, or have Covered under 7.2.2 of QM QCS has its own auditors to conduct
access to, a sufficient number of auditors, the audits and also access to the empanelled
including audit team leaders, and technical Auditors /Team leaders who are based all over the geographical
experts to cover all of its activities and to areas and are having the competence in the area under the audit.
handle the volume of audit work performed? Also the team of experts is available for the needs of the
certification.
Refer data base of auditors/experts (Annexure 19)
7.2.3 Does the certification body make clear to each Covered under 7.2.3 of QM Responsibilities,authorites and duties
person concerned their duties, responsibilities of concerned persons are explained to them and
and authorities? A copy is also issued to them for ready reference
7.2.4 Does the certification body have defined Covered under 7.2.4 of Manual & refer Annexure-6 & Annexure-9
processes for selecting, training, formally Annexure 20 covers all these
authorizing auditors and for selecting
technical experts used in the certification
activity?
Does the initial competence evaluation of an Done through witness audits.
auditor include a demonstration of applicable
personal attributes and the ability to apply
required knowledge and skills during audits?


NOTE During the selection and training
process described above desired personal
behaviours can be considered. These are
characteristics that affect an individual's ability
to perform specific functions. Therefore,
knowledge about the behaviours of individuals
enables a certification body to take advantage
of their strengths and to minimize the impact
of their weaknesses. Desired personal
behaviours that are important for personnel
involved in certification activities are described
in Annex D.
7.2.5 Does the certification body have a process to Covered under cl 7.2.5 of QM Auditor is initially appointed through the
achieve and demonstrate effective auditing, questionnaire filling followed by interview and then performance reports
including the use of auditors and audit team during the audits. An auditor with experience/no experience of auditing is
leaders possessing generic auditing skills and under observer category. And normally he has to do 5 nos of audits before
knowledge, as well as skills and knowledge being given the independent auditor role unless otherwise he has the 1 st/2nd
appropriate for auditing in specific technical party audit experience and can demonstrate extraordinary performance and
areas? being recommended by the team leader. Auditors are monitored throughout
the process of the audit by the team leader and they are also being sent to
various technical processes audits with the team leader/technical experts
and they gain the different technical area experiences. Also the
performance of team leaders is being monitored and inputs provided by the
experts/Impartiality members.(Ref Annex 6)
7.2.6 Does the certification body ensure that

auditors (and, where needed, technical Covered under cl 7.2.6 of QM All auditors /experts (as per the need) are
experts) are knowledgeable of its audit issued with the QCS auditor guidelines and they are made
processes, certification requirements and aware about the audit process and guidelines by the team leader.
other relevant requirements? Any revisions/updation on the documentation and guidelines are
issued to all the auditors. Also they can see the audit process as
defined in the website under the head of certification process
www.QCSPL.com


Does the certification body give auditors and As shown above.
technical experts access to an up-to-date set
of documented procedures giving audit
instructions and all relevant information on the
7.2.7
7.2.7 Of QM While deciding the allocation of auditor, QM refers to their
The CAB shall identify training needs and demonstrated competence
shall offer or provide access to specific By reviewing the databank of auditors/experts in consultation with
training to ensure its auditors, technical the industry codes allotted and the performance feedback given by
experts and other personnel involved in the team leader/feedback from the customers. Also a review of the
certification activities are competent for the schedules is done by CM/CEO to further ascertain that the right
functions they perform. selection of auditor has been done with respect to the
activities/scope of the client organisation.
7.2.8 The group or individual that takes the decision Defined in manual under section - Personnel involved in the certification activities
on granting, refusing, maintaining, renewing, under clause – 7.2.8
suspending, restoring, or withdrawing
certification, or on expanding or reducing the
scope of certification, shall understand the
applicable standard and certification
requirements, and shall have demonstrated
competence to evaluate the outcomes of the
audit processes including related
recommendations of the audit team.


7.2.9 The CAB shall ensure the satisfactory All the persons involved in the above process are
performance of all personnel involved in the having adequate understanding of the standards and
audit and other certification activities. There they have demonstrated the capabilities to evaluate the
shall be a documented process for monitoring audit processes and related recommendations of the
competence and performance of all persons audit team Whose Competence criteria is defined in the
involved, based on the frequency of their Annex 5
usage and the level of risk linked to their
activities. In particular, the CAB shall review
QCS review and record the competence of its personnel
and record the competence of its personnel in in the light of their performance in order to identify
the light of their performance in order to training needs.
identify training needs.
7.2.10 The CAB shall monitor each auditor Addressed in 7.2.10 of the manual
considering each type of management system
to which the auditor is deemed competent.
The documented monitoring process for Witnessing of auditors are done as well as technical review of the reports
auditors shall include a combination of on-site submitted to evaluate the adequacy.
evaluation, review of audit reports and
feedback from clients or from the market.
This monitoring shall be designed in such a
way as to minimize disturbance to the normal
processes of certification, especially from the
client’s viewpoint.
Are there documented procedures and criteria
for monitoring and measurement of the
performance of all persons involved, based on
the frequency of their usage and the level of
risk linked to their activities?
Does the certification body review the
competence of its personnel in the light of
their performance in order to identify training
needs?
7.2.11 The CAB shall periodically evaluate the Addressed in 7.2.11Performance of auditors is monitored by
performance of each auditor on-site. The using a combination of the:
frequency of on-site evaluations shall be Onsite reports from the team leaders
Feed back from QM/TC after the review of reports


based on need determined from all monitoring Feedback from the clients
information available. These reviews are done so that the normal certification
process is not disturbed and
7.3 Use of individual external auditors and Addressed as shown below

external technical experts
The CAB shall require external auditors and Defined in manual under section Use of individual external auditors and external
external technical experts to have a written technical experts – clause no. 7.3
agreement by which they commit themselves
to comply with applicable policies and
implement processes as defined by the CAB.
The agreement shall address aspects relating
to confidentiality and impartiality and shall
require the external auditors and external
technical experts to notify the CAB of any
existing or prior relationship with any
organization they may be assigned to audit.
7.4 Personnel records
Does the certification body maintain up-to- Covered under 7.4 of Manual and Updates records once in six months
date personnel records, including relevant All personnel records maintain in Kolkata office Evident
qualifications, training, experience, affiliations,
professional status, competence and any
relevant consultancy services that may have
been provided?
Does this include management and Yes
administrative personnel in addition to those
performing certification activities?
7.5 Outsourcing
7.5.1 Does the certification body have a process in Covered under 7.5.1 of Manual and QCS does not outsource any
which it describes the conditions under which certification activities
outsourcing (which is subcontracting to
another organization to provide part of the
certification activities on behalf of the
certification body) may take place?


Does the certification body have a legally All empanelled auditors need to sign a conflict of interest and confidentiality
enforceable agreement covering the agreement with QCS
arrangements, including confidentiality and
conflict of interests, with each body that
provides outsourced services?
NOTE 1 This can include outsourcing to other
certification bodies. Use of auditors and
technical experts under contract is addressed
in 7.3.
NOTE 2 For the purposes of this International
Standard, the terms “outsourcing” and
“subcontracting” are considered to be
synonyms.
7.5.2 How does the certification body ensure that Refer clause 7.5.2 of QM which clearly states that Decisions for granting,
the decisions for granting, refusing, maintaining, renewing, extending, reducing, suspending or withdrawing Of
the certificates are never outsourced. Also addresse4d in annexure 15 scheme
maintaining of certification, expanding or
regulation.
reducing the scope of certification, renewing,
suspending or restoring,or withdrawing
certification are not outsourced?
7.5.3 Does the certification body 7.5.3 of QM QCS currently does not outsource any activity to another body
BUT in case if decides to do so, followings will be done
a) take responsibility for all activities outsourced a) Will take Responsibility of all the activities in case of
to another body, outsourcing
, RF: cl 7.5.3 of QM
c) shall ensure that the body that provides outsourced services, and the individuals
that it uses, is not involved, either directly or through any other employer, with an
organization to be audited, in such a way that impartiality could be compromise
b) ensure that the body that provides outsourced RF: cl 7.5.3 of QM Will ensure that the body that provides outsourced services,
services, and the individuals that it uses, and the individuals that it uses, conform to requirements of the certification body
conform to requirements of the certification and also to the applicable provisions of this International Standard, including
body and also to the applicable provisions of competence, impartiality and confidentiality
this International Standard, including
competence, impartiality and confidentiality,
and


c) Ensure that the body that provides outsourced RF: cl 7.5.3 of QM shall ensure that the body that provides outsourced services,
services, and the individuals that it uses, is and the individuals that it uses, is not involved, either directly or through any other
not involved, either directly or through any employer, with an organization to be audited, in such a way that impartiality could be
other employer, with an organization to be compromise
audited, in such a way that impartiality could
be compromised?
7.5.4 Does the certification body have a process for QCS currently does not outsource any activity to another body BUT in case
the approval and monitoring of all bodies that if decides to do so the procedures will be the same as followed for the own
provide outsourced services used for staff/contracted staff/Technical experts/Auditors.
Does the certification body ensure that Yes, all auditors and technical experts documents are maintained.
records of the competence of auditors and
technical experts are maintained?
8 Information requirements As shown below
8.1 Publicly accessible information Refer Quality manual section 8.1
8.1.1 Does the certification body maintain (through QCS has made all the information on the website:
publications, electronic media or other www.ecspl.com which is informed to all clients during contract
means), and make public, without request, in period without request and is made publicly accessible i.e.
all the geographical areas in which it Information describing its audit processes and certification
operates, information about? processes for granting, maintaining, extending, renewing,
reducing, suspending or withdrawing certification, and about
the certification activities, types of management systems and
geographical areas in which it operates.
Information available on website and also Kolkata office time to time inform
a) audit processes;
his customer about current information through email and website
processes for granting, refusing, maintaining, Information available on website and also Kolkata office time to time inform
renewing, suspending, restoring or his customer about current information through email and website and also
b)
withdrawing certification or expanding or in scheme regulation vide annexure 15.
reducing the scope of certification;
types of management systems and Information available on website and also Kolkata office time to time inform
c)
certification schemes in which it operates; his customer about current information through email and website


the use of the CAB’s name and certification
d) his customer about current information through email and website and also
mark or logo;
in scheme regulation vide annexure 15.
processes for handling requests for
e) his customer about current information through email and website and also
information, complaints and appeals;
f) policy on impartiality. his customer about current information through email and website and also
8.1.2 Does the certification body ensure that they QCS ensures that Information provided to any client or to the
information about ? marketplace, including Website, advertising, are accurate and not
misleading.
a) geographical areas in which it operates; Specified in the relevant section of the manual
b) the status of a given certification;
his customer about current information through email and website
the name, related normative document, Addressed in section 8.1.2 of the manual and also on the certificates issued
c) scope and geographical location (city and and on the website.
country) for a specific certified client.
8.1.3 Information provided by the CAB to any client QCS updates the website and is publicly accessible information
or to the marketplace, including advertising, about certifications Issued, granted, suspended or withdrawn on
shall be accurate and not misleading. regular basis (once in a week).
8.2 Certification documents

8.2.1 The CAB shall provide by any means it QCS provides the offers, invoices, reports, certificates and other
chooses certification documents to the related documents to clients as per the mutual agreed norms by
certified client mail/courier etc.
8.2.2 The certification document(s) shall identify the Addressed in section 8.2.2 of the manual
following:


The certification document also include the scope of
the name and geographical location of each certification with respect to t he type of activities, products
certified client (or the geographical location of and services as applicable at each site in case of multi site
a)
the headquarters and any sites within the certification.
scope of a multi-site certification);
the effective date of granting, expanding or All are detailed clearly on the certificate issued and covered in the annexure
reducing the scope of certification, or 15 scheme regulation.
b) renewing certification which shall not be
before the date of the relevant certification
decision;
the expiry date or recertification due date All are detailed clearly on the certificate issued. Refer section 8.2.2 of the
c)
consistent with the recertification cycle; manual and covered in the annexure 15 scheme regulation.
All are detailed clearly on the certificate issued. Refer section 8.2.2 of the
d) a unique identification code;
manual
the management system standard and/or All are detailed clearly on the certificate issued. Refer section 8.2.2 of the
other normative document, including manual
e)
indication of issue status (e.g. revision date or
number) used for audit of the certified client;
the scope of certification with respect to the All are detailed clearly on the certificate issued. Refer section 8.2.2 of the
type of activities, products and services as manual It is also enssured that there is no misleading information or
f)
applicable at each site without being ambiguity.
misleading or ambiguous;
QCS has the terms and conditions for the usage of the certification
mark including QCS and the accreditation board. These logos and
terms clearly specify the standards and the certification body and
the name, address and certification mark of Accreditation board. Also it clarifies that the mark is not to be used
the CAB; other marks (e.g. accreditation so as to indicate that this is product /packaging certification in any
g)
symbol, client’s logo) may be used provided way and this is only a system certification
they are not misleading or ambiguous; Reference: Annex 12.


Refer annexure 12 QCS has the terms and conditions for the usage
of the certification mark including QCS and the accreditation
board. These logos and terms clearly specify the standards and the
certification body and Accreditation board. Also it clarifies that the
any other information required by the mark is not to be used so as to indicate that this is product
h) standard and/or other normative document /packaging certification in any way and this is only a system
used for certification; certification
Reference: Annex 12.
in the event of issuing any revised The number is amended accordingly to maintain the uniqueness of the
certification documents, a means to certificate issued.
i)
distinguish the revised documents from any
prior obsolete documents.
8.3 Reference to certification and use of marks Addressed in section 8.3
A CAB shall have rules governing any 8.3.1 QCS has the terms and conditions for the usage of the
management system certification mark that it certification mark including QCS and the accreditation board.
8.3.1
authorizes certified clients to use. These rules These logos and terms clearly specify the standards and the
shall ensure, among other things, traceability certification body and Accreditation board. Also it clarifies that the
back to the CAB. There shall be no ambiguity, mark is not to be used so as to indicate that this is product
in the mark or accompanying text, as to what /packaging certification in any way and this is only a system
has been certified and which CAB has certification
granted the certification. This mark shall not Reference: Annex 12
be used on a product nor product packaging
nor in any other way that may be interpreted
as denoting product conformity.
A CAB shall not permit its marks to be applied Addressed in section 8.3.2. QCS has clearly addressed in the Annex
by certified clients to laboratory test, 12 that the Certification marks cannot be used on laboratory test,
8.3.2 calibration or inspection reports.
calibration or inspection reports or
certificates.


QCS have rules governing the use of any statement on product
packaging or in accompanying information that the certified client
has a certified management system. Product packaging is
A CAB shall have rules governing the use of
considered as that which can be removed without the product
any statement on product packaging or in
accompanying information that the certified disintegrating or being damaged. Accompanying information is
client has a certified management system. considered as separately available or easily detachable. Type labels
Product packaging is considered as that or identification plates are considered as part of the product. The
which can be removed without the product statement shall in no way imply that the product, process or service
disintegrating or being damaged. is certified by this means.
8.3.3 The statement shall include reference to:
Accompanying information is considered as
separately available or easily detachable.  identification (e.g. brand or name) of the certified client;
Type labels or identification plates are  the type of management system (e.g. quality, environment)
considered as part of the product. The and the applicable standard;
statement shall in no way imply that the
product, process or service is certified by this All the responsibilities and obligations of the clients as expected by
means. QCS are addressed in details in the Contract agreement form –
Annex 13 (8.5 to 8.10 page 4 of 6)
The statement shall include reference to: All the responsibilities and obligations of the clients as expected by
QCS are addressed in details in the Contract agreement form –
— identification (e.g. brand or name) of the
Annex 13 (8.5 to 8.10 page 4 of 6)
certified client;
— the type of management system (e.g.
quality, environment) and the applicable
standard;
— the CAB issuing the certificate.
The CAB shall through legally enforceable Addressed in section 8.3.4 of the manual
8.3.4
arrangements require that the certified client:
QCS has legally enforceable arrangements by getting the contract
conforms to the requirements of the CAB documents signed by all the clients (Annex 13) which specifies
when making reference to its certification action to deal with incorrect references to certification status or
a) status in communication media such as the misleading use of certification documents, marks or audit reports
internet, brochures or advertising, or other and necessary corrective and preventive actions to Be taken taken
documents; to deal with such situations


does not make or permit any misleading Addressed in section 8.3.4 and ensured that no misleading statement is
b)
statement regarding its certification; provided.
does not use or permit the use of a Addressed in section 8.3.4
c) certification document or any part thereof in a
misleading manner;
upon withdrawal of its certification, Addressed in section 8.3.4
discontinues its use of all advertising matter
d)
that contains a reference to certification, as
directed by the CAB (see 9.6.5);
amends all advertising matter when the Addressed in section 8.3.4
e)
scope of certification has been reduced;
does not allow reference to its management Addressed in section 8.3.4
system certification to be used in such a way
f)
as to imply that the CAB certifies a product
(including service) or process;
does not imply that the certification applies to Addressed in section 8.3.4
g) activities and sites that are outside the scope
of certification;
does not use its certification in such a manner Addressed in section 8.3.4
h) that would bring the CAB and/or certification
system into disrepute and lose public trust.
The CAB shall exercise proper control of Addressed in section 8.3.4
ownership and shall take action to deal with
8.3.5 incorrect references to certification status or
misleading use of certification documents,
marks or audit reports.
8.4 Confidentiality Addressed in 8.4


8.4.1 QCS ensures that all its staff, auditors sign the
The CAB shall be responsible, through legally confidentiality and Conflict of interest agreement
enforceable agreements, for the management before they are a part of certification process which is
of all information obtained or created during legally enforceable and all the information collected
8.4.1 the performance of certification activities at all during the audit process is kept strictly confidential
levels of its structure, including committees (Ref. conflict of interest and confidentiality
and external bodies or individuals acting on agreement)
its behalf.
8.4.2If any information regarding the operations and

activities of a particular client is required to be
disclosed to the Govt. / Legal Authorities the same will
be brought to the attention of the client prior to the
disclosure to the Legal Authorities / Govt. When
confidential information is made available to other
The CAB shall inform the client, in advance, bodies (e.g. accreditation body, agreement groups of a
of the information it intends to place in the paper assessment scheme), the certification body shall
public domain. All other information, except inform its clients of this action. Other third parties
8.4.2
for information that is made publicly information about a particular client shall not be
accessible by the client, shall be considered disclosed to a third party.
confidential. .
Information about the client from sources other than
the client (e.g. complainant, regulators, legal etc) shall
be treated as confidential, consistent with the QCS
policy
Except as required, information about a particular client or

Except as required in this part of ISO/IEC
individual shall not be disclosed to a third party without the written
17021, information about a particular certified
consent of the client or individual concerned. Where QCS is
8.4.3 client or individual shall not be disclosed to a
required by law to release confidential information to a third party,
third party without the written consent of the
the client or individual concerned shall, unless regulated by law, be
certified client or individual concerned.
notified in advance of the information provided


When the CAB is required by law or Information about the client from sources other than
authorized by contractual arrangements the client (e.g. complainant, regulators, legal etc) shall
(such as with the AB) to release confidential be treated as confidential, consistent with the QCS
8.4.4 policy
information, the client or individual concerned
shall, unless prohibited by law, be notified of
the information provided.
When confidential information is made available tother
Information about the client from sources bodies (e.g. Accreditation body, Agreement group of
other than the client (e.g. complainant, a peer assessment scheme), QCS body shall inform it’s
8.4.5 client of this action as applicable to their certification
regulators) shall be treated as confidential,
consistent with the CAB’s policy. process records etc. Refer section 8.4.5
Personnel, including any committee Refer 8.4.6 of the manual

members, contractors, personnel of external
bodies or individuals acting on the CAB’s
8.4.6 behalf, shall keep confidential all information
obtained or created during the performance
of the CAB’s activities except as required by
law.
QCS ensures that all hardware/software files and records are used
The CAB shall have processes and where in way that the Confidentiality of the documents and records kept
applicable equipment and facilities that maintained by use of password protection and restricted access to
8.4.7
ensure the secure handling of confidential the documents.
information.
Information exchange between a CAB and Addressed as shown below

8.5
its clients
Information on the certification activity Refer section 8.5.1 of the manual
8.5.1
and requirements


8.5.1 QCS updates its clients regularly on the followings:
- Certification process (initial audits, surveillance audits,
and the process for granting, refusing, maintaining of
The CAB shall provide information and certification, expanding or reducing the scope of certification,
update clients on the following: renewing, suspending or restoring, or withdrawing of
certifications) described in the website www.qcspl.com
a detailed description of the initial and Addressed in relevant section of the manual.
continuing certification activity, including the
application, initial audits, surveillance audits,
and the process for granting, refusing,
a)
maintaining of certification, expanding or
reducing the scope of certification, renewing,
suspending or restoring, or withdrawing of
certification;
b) the normative requirements for certification; Has been shown in the manual’s relevant section.
information about the fees for application, Has been addressed in the quotation sent to client after receipt of
c)
initial certification and continuing certification; application form
the CAB’s requirements for clients to: Refer to the quality manual section 8.5.1 and also the same is addressed in
1) comply with certification requirements; the audit plan issued to the clients. The audit team comprising of Team
2) make all necessary arrangements for Leader/auditor/TE/Observer etc. Are clearly addressed.
the conduct of the audits, including
provision for examining documentation
and the access to all processes and
d) areas, records and personnel for the
purposes of initial certification,
surveillance, recertification and
resolution of complaints;
3) make provisions, where applicable, to
accommodate the presence of observers
(e.g. accreditation assessors or trainee
auditor);


documents describing the rights and duties of Has been addressed in the relevant section.
certified clients, including requirements, when
e) making reference to its certification in
communication of any kind in line with the
requirements in 8.3;
information on processes for handling Indicated in the certification contract with the client vide Annexure 13
f)
complaints and appeals.
8.5.2 Notice of changes by a CAB
The CAB shall give its certified clients due MD and QM of QCS has the responsibility to inform its certified
notice of any changes to its requirements for clients well in advance of any changes to its requirements for
certification. The CAB shall verify that each certification and shall verify that each certified client complies with
certified client complies with the new the new requirements during the subsequent audits.
requirements.
8.5.3 Notice of changes by a client As shown below
QCS gets into a legally enforceable agreement with clients as
per Annex 13
The CAB shall have legally enforceable Para 8.3 Page 4 of 6 addresses the responsibilities with
arrangements to ensure that the certified respect to the notice of changes. And these changes may be
client informs the CAB, without delay, of related to:
matters that may affect the capability of the Legal status, Organisation and management, address and
management system to continue to fulfil the sites, scope, major changes to management system and
requirements of the standard used for processes,
certification.
the legal, commercial, organizational status As shown above and has been described in the relevant section.
a)
or ownership;
organization and management (e.g. key As shown above
b) managerial, decision-making or technical staff
);
c) contact address and sites; As shown above
scope of operations under the certified As shown above
d)
management system;


major changes to the management system As shown above
e)
and processes.
9 Process requirements Addressed in section 9 of the Quality manual
9.1 Pre-certification activities As shown below
Refer Application form QCS/AF/F/01

9.1.1 Application
The CAB shall require an authorized QM ensures that an authorized representative (MR) of the
representative of the applicant organization to applicant organization providing the necessary information to
provide the necessary information to enable it enable it to establish the following:
to establish the following:
Refer Application form QCS/AF/F/01, The scope is specified
a) the desired scope of the certification; there.
relevant details of the applicant organization Detailed in the application form QCS/AF/F/01
as required by the specific certification
scheme, including its name and the
b) address(es) of its site(s), its processes and
operations, human and technical resources,
functions, relationships and any relevant legal
obligations;
identification of outsourced processes used by Detailed in the application form QCS/AF/F/01
c) the organization that will affect conformity to
requirements;
the standards or other requirements for which Detailed in the application form QCS/AF/F/01
d) the applicant organization is seeking
certification;
Detailed in the application form, name and details of consulting
whether consultancy relating to the Organization.
e) management system to be certified has been
provided and, if so, by whom.


9.1.2 Application review As shown below
The CAB shall conduct a review of the QM in supporting with TRC shall conduct a review of the application
9.1.2.1 application and supplementary information for and supplementary information for certification to ensure that:
certification to ensure that:
the information about the applicant Mentioned in the application review form QCS/AR/F/01, In case
organization and its management system is insufficient same is resolved mutually with the client.
a)
sufficient to develop an audit programme (see
9.1.3);
any known difference in understanding Mentioned in the application review form QCS/AR/F/01, has been
b) between the CAB and the applicant detailed there in
organization is resolved;
the CAB has the competence and ability to Mentioned in the application review form QCS/AR/F/01
c)
perform the certification activity;
the scope of certification sought, the site(s) of Mentioned in the application review form QCS/AR/F/01
the applicant organization’s operations, time
required to complete audits and any other
d)
points influencing the certification activity are
taken into account (language, safety
conditions, threats to impartiality, etc.).
Following the review of the application, the Mentioned in the application review form QCS/AR/F/01
CAB shall either accept or decline an
application for certification. When the CAB
9.1.2.2 declines an application for certification as a
result of the review of application, the
reasons for declining an application shall be
documented and made clear to the client.
Based on this review, the CAB shall Mentioned in the application review form QCS/AR/F/01
determine the competences it needs to
9.1.2.3
include in its audit team and for the
certification decision.
9.1.3 Audit Program Refer section 9.1.3 of the Quality manual


9.1.3.1 Does the certification body develop an audit An audit programme for the full certification is developed to clearly
programme for the full certification cycle shall identify the audit activity/activities required to demonstrate that the
be developed to clearly identify the audit client’s management system fulfils the requirements for certification
activity/ activities required to demonstrate that to the selected standard(s) or other normative document(s). The
the client’s management system fulfils the audit programme for the certification cycle covers the complete
requirements for certification to the selected management system requirements.
standard(s) or other normative document(s).
The audit programme for the certification
cycle shall cover the complete management
system requirements.?
9.1.3.2 Does the audit programme for the initial The audit programme for the initial certification shall include a two-
certification shall include a two-stage initial stage initial audit, surveillance audits in the first and second years
audit, surveillance audits in the first and following the certification decision, and a recertification audit in the
second years following the certification third year prior to expiration of certification. The first three-year
decision, and a recertification audit in the third certification cycle begins with the certification decision. Subsequent
year prior to expiration of certification. The cycles begin with the recertification decision
first three-year certification cycle begins with
the certification decision. Subsequent cycles
begin with the recertification decision (see
9.6.3.2.3). The determination of the audit
programme and any subsequent adjustments
shall consider the size of the client, the scope
and complexity of its management system,
products and processes as well as
demonstrated level of management system
effectiveness and the results of any previous
audits.
Surveillance audits shall be conducted at least Shown in the audit programme
once a calendar year, except in recertification
years. The date of the first surveillance audit
9.1.3.3
following initial certification shall not be more
than 12 months from the certification decision
date.


Where the CAB is taking account of Has been referred in the application form as transfer of certificate
certification already granted to the client and
to audits performed by another CAB, it shall
obtain and retain sufficient evidence, such as
reports and documentation on corrective
actions, to any nonconformity. The
9.1.3.4 documentation shall support the fulfilling of
the requirements in this part of ISO/IEC
17021. The CAB shall, based on the
information obtained, justify and record any
adjustments to the existing audit programme
and follow up the implementation of corrective
actions concerning previous nonconformities.
Where the client operates shifts, the activities Referred in the application form and substantiated in the review stage to
that take place during shift working shall be finalise audit man days.
9.1.3.5
considered when developing the audit
programme and audit plans.
9.1.4 Determining audit time As shown below.
The CAB shall have documented procedures QCS have documented procedures for determining audit time. For
for determining audit time. For each client the each client the QCS determine the time needed to plan and
9.1.4.1 CAB shall determine the time needed to plan accomplish a complete and effective audit of the client’s
and accomplish a complete and effective audit management system.
of the client’s management system.
In determining the audit time, the CAB shall Refer section 9.1.4.2 of the manual
9.1.4.2 consider, among other things, the following
aspects:
the requirements of the relevant management Refer the application review form
a)
system standard;
complexity of the client and its management Refer the application review form
b)
system;
c) technological and regulatory context; Refer the application review form
any outsourcing of any activities included in Refer the application review form
d)
the scope of the management system;


e) the results of any prior audits; Refer the application review form
size and number of sites, their geographical Refer the application review form
f)
locations and multi-site considerations;
the risks associated with the products, Refer the application review form
g)
processes or activities of the organization;
whether audits are combined, joint or Refer the application review form
h)
integrated.
Where specific criteria have been established Refer the application review form
for a specific certification scheme, e.g. ISO/TS
22003 or ISO/IEC 27006, these shall be
applied.
The duration of the management system audit Has been shown
9.1.4.3
and its justification shall be recorded.
The time spent by any team member that is Has been addressed in the same section
not assigned as an auditor (i.e. technical
experts, translators, interpreters, observers
9.1.4.4
and auditors-in-training) shall not count in the
above established duration of the
management system audit.
The duration of the management system audit It is in the application review form itself.
9.1.4.3
and its justification shall be recorded.
9.1.5 Multi-site sampling


Where multi-site sampling is used for the audit Has been addressed in section 9.1.5 of the Quality manual covering the
of a client’s management system covering the sampling statistical techniques and also in the procedure for the same
same activity in various geographical based on ISO 17021, MD-1
locations, the CAB shall develop a sampling
programme to ensure proper audit of the
management system. The rationale for the
sampling plan shall be documented for each
client. Sampling is not allowed for some
specific certification schemes, and where
specific criteria have been established for a
specific certification scheme, e.g. ISO/TS
22003, these shall be applied.
9.1.6 Multiple management system standards
When certification to multiple management When certification to multiple management system standards is
system standards is being provided by the being provided by the QCS, the planning for the audit shall ensure
CAB, the planning for the audit shall ensure adequate on-site auditing to provide confidence in the certification.
adequate on-site auditing to provide
confidence in the certification.
9.2 Planning audits Addressed in section 9.2 of the Quality Manual.
Determining audit objectives, scope and Has been addressed.
9.2.1
criteria
The audit objectives shall be determined by QCS determines the audit objectives. Any changes into the audit
the CAB. The audit scope and criteria, scope and criteria, including any changes is done after the approval
9.2.1.1 from the client.
including any changes, shall be established
by the CAB after discussion with the client.
QCS ensures that the audit objectives to be covered in the audit
The audit objectives shall describe what is to shall include the following:
9.2.1.2 be accomplished by the audit and shall
include the following:
determination of the conformity of the client’s i) Determine the conformity of the client's management system, or
a) management system, or parts of it, with audit parts of it, with audit criteria
criteria;


determination of the ability of the ii) Determination of the ability of the management system to ensure
management system to ensure the client the client organization meets applicable statutory, regulatory and
b) contractual requirements
meets applicable statutory, regulatory and
contractual requirements;
determination of the effectiveness of the iii) Determination of the effectiveness of the management
management system to ensure the client can system to ensure the client organization is continually meeting
c) its specified objectives
reasonably expect to achieving its specified
objectives;
as applicable, identification of areas for iv) As applicable, identification of areas for potential
d) potential improvement of the management improvement of the management system
system.
The audit scope shall describe the extent and Has been addressed in section 9.2.1.3 of the Quality manual
boundaries of the audit, such as sites,
organizational units, activities and processes
to be audited. Where the initial or re-
certification process consists of more than
9.2.1.3
one audit (e.g. covering different sites), the
scope of an individual audit may not cover the
full certification scope, but the totality of audits
shall be consistent with the scope in the
certification document.
The audit criteria shall be used as a reference Has been documented in section 9.2.1.4 of the Quality Manual.
against which conformity is determined, and
shall include:
9.2.1.4 — the requirements of a defined normative
document on management systems;
— the defined processes and
documentation of the management
system developed by the client.
9.2.2 Audit team selection and assignments Addressed
9.2.2.1 General


The CAB shall have a process for selecting QCS has a Procedure P15 for selecting and appointing the audit team,
and appointing the audit team, including the including the audit team leader & technical experts considering the
audit team leader and technical experts as competence needed to achieve the objectives of the audit. In case if there
necessary, taking into account the is only one auditor, QCS ensures that the auditor has the competence to
competence needed to achieve the objectives perform the duties of an audit team leader applicable for that audit. The
of the audit and requirements for impartiality. audit team shall have the totality of the competences identified by the CAB
9.2.2.1.1 as set out in 9.1.2.3for the audit.
If there is only one auditor, the auditor shall
have the competence to perform the duties of
an audit team leader applicable for that audit.
The audit team shall have the totality of the
competences identified by the CAB as set out
in 9.1.2.3for the audit.
In deciding the size and composition of the Has been addressed as above.
9.2.2.1.2 audit team, consideration shall be given to the
following:
audit objectives, scope, criteria and estimated Has been addressed as above. Also in the audit plan
a)
audit time;
whether the audit is a combined, joint or Has been addressed as above.
b)
integrated;
the overall competence of the audit team Has been addressed as above.
c) needed to achieve the objectives of the audit
(see Table A.1);
certification requirements (including any Addressed.
d) applicable statutory, regulatory or contractual
requirements);
e) language and culture. In the application form same is addressed
The necessary knowledge and skills of the Has been taken care of in the plan and in the relevant section of the
audit team leader and auditors may be manual.
supplemented by technical experts,
translators and interpreters who shall operate
9.2.2.1.3
under the direction of an auditor. Where
translators or interpreters are used, they shall
be selected such that they do not unduly
influence the audit.


Auditors-in-training may participate in the QCS may utilise Auditors under training in the audit team as
audit, provided an auditor is appointed as an participants and an auditor is appointed as an evaluator for the
evaluator. The evaluator shall be competent to audit. QCS ensures that the evaluator is competent to take over the
9.2.2.1.4 duties and has the final responsibility for the activities and findings
take over the duties and have final
responsibility for the activities and findings of of the auditor in training.
the auditor-in-training.
The audit team leader, in consultation with the Has been considered following ISO 19011 and addressed.
audit team, shall assign to each team member
responsibility for auditing specific processes,
functions, sites, areas or activities. Such
assignments shall take into account the need
for competence, and the effective and efficient
9.2.2.1.5
use of the audit team, as well as different
roles and responsibilities of auditors, auditors-
in-training and technical experts. Changes to
the work assignments may be made as the
audit progresses to ensure achievement of
the audit objectives.
9.2.2.2 Observers, technical experts and guides
QCS identifies observers for training, witnessing purposes during
the time of Contract Review and communicate to the organization
via Intimation Letter and Audit Schedule (QCS/IL/01/F &
9.2.2.2.1 Observers QCS/AS/01/F) for confirmation. QCS ensures that the observer
does not influence of interfere in the audit process or outcome of the
audit.
The presence and justification of observers As above

during an audit activity shall be agreed to by
the CAB and client prior to the conduct of the
audit. The audit team shall ensure that
observers do not unduly influence or interfere
in the audit process or outcome of the audit.


9.2.2.2.2 Technical experts
The role of technical experts during an audit Has been addressed and let known to the auditee in the audit plan itself
activity shall be agreed to by the CAB and
client prior to the conduct of the audit. A
technical expert shall not act as an auditor in
the audit team. The technical experts shall be
accompanied by an auditor.
9.2.2.2.3 Guides
Each auditor shall be accompanied by a The same has been addressed in the relevant section of the Quality manual
guide, unless otherwise agreed to by the audit
team leader and the client. Guide(s) are
assigned to the audit team to facilitate the
audit. The audit team shall ensure that guides
do not influence or interfere in the audit
process or outcome of the audit.
9.2.3 Audit Plan Addressed in section 9.2.3 of the Quality Manual
9.2.3.1 General As shown below
Does the certification body ensure that an Yes, for each audit a plan is issued prior to the audit having all the details.
audit plan is established prior to each audit Further details are explained in Auditor Guiding document Section
identified in the audit programme to provide A (Auditor Guideline)
the basis for agreement regarding the conduct
and scheduling of the audit activities.?
9.2.3.2 Preparing the audit plan
The audit plan shall be appropriate to the There is provision to address the scope and audit objectives in the audit
objectives and the scope of the audit. The plan.
audit plan shall at least include or refer to the
following:
The audit plan covers all these areas depending upon the respective
a) the audit objectives;
stage of audit
b) the audit criteria; The audit plan covers the criteria of the audit


the audit scope, including identification The audit plan covers all these areas
c) of the organizational and functional
units or processes to be audited;
the dates and sites where the on-site The audit plan covers all these areas
audit activities will be conducted,
d) including visits to temporary sites and
remote auditing activities, where
appropriate;
the expected duration of on-site audit The audit plan covers all these areas
e)
activities;
the roles and responsibilities of the The audit plan covers all these areas
audit team members and
f)
accompanying persons, such as
observers or interpreters.
9.2.3.3 Communication of audit team tasks Has been addressed in the auditing guidelines based on ISO 19011
The tasks given to the audit team shall Has been addressed. Refer section 9.2.3.3. of the Quality manual
be defined, and require the audit team
to:
examine and verify the structure, Has been addressed. Refer section 9.2.3.3. of the Quality manual and also
policies, processes, procedures, in the audit schedule.
a) records and related documents of the
client relevant to the management
system standard;
determine that these meet all the Has been addressed. Refer section 9.2.3.3. of the Quality manual and also
b) requirements relevant to the intended the audit plan stage wise
scope of certification;
determine that the processes and Has been addressed. Refer section 9.2.3.3. of the Quality manual
procedures are established,
implemented and maintained
c)
effectively, to provide a basis for
confidence in the client’s management
system;


Communicate to the client, for its Has been addressed. Refer section 9.2.3.3. of the Quality manual
action, any inconsistencies between
d)
the client’s policy, objectives and
targets.
9.2.3.4 Communication
The audit plan shall be communicated TC/QM forwards the audit plan to client and the dates of the audit
and the dates of the audit shall be are agreed upon, in advance, with the client organization. It is
agreed upon, in advance, with the ensured the plan is forwarded to the client well in advance
client.
Communication concerning audit team Addressed.
9.2.3.5
members
The CAB shall provide the name of and, when QCS send the name of auditors and, when requested, make
requested, make available background available background information on each member of the
information on each member of the audit audit team, with sufficient time for the client/ organization
team, with sufficient time for the client to to object to the appointment of any particular auditor or
object to the appointment of any particular technical expert and TC can reconstitute the team in
audit team member and for the CAB to response to any valid objection received from the client
reconstitute the team in response to any valid
objection.
9.3 Initial certification Addresed
9.3.1 Initial certification audit
9.3.1.1 Is the initial certification audit of a Yes, shown in application review and audit plan doc and explained to the
management system conducted in two client in the application stage and certification agreement.
stages: stage 1 and stage 2?
9.3.1.2 Stage 1
Planning shall ensure that the objectives of QCS ensures that the objectives of stage 1 can be met and the
stage 1 can be met and the client shall be client are informed about on site audit during stage 2 only for
informed multi site/temporary site.
9.3.1.2.1 of any “on site” activities during stage 1.
NOTE Stage 1 does not require a formal

audit plan (see 9. 2.3).


The objectives of stage 1 are to: Same is addressed in the audit plan for stage 1 as well as the stage 1 audit
a) review the client’s management system report. QCS conducts the stage 1 audit at the clients premises
documented information; with the following objectives:
b) evaluate the client’s site-specific conditions a) to audit the client's management system documentation
and to undertake discussions with the client’s
(Manuals, procedures and related documentation)
personnel to determine the preparedness for
stage 2; b) To evaluate the client's location and site-specific conditions
c) review the client’s status and understanding and to undertake discussions with the client's personnel to
regarding requirements of the standard, in determine the preparedness for the stage 2 audit;
particular with respect to the identification of c) To review the client's status and understanding regarding
key performance or significant aspects, requirements of the standard, in particular with respect to the
processes, objectives and operation of the identification of key performance or significant aspects,
management system; processes, objectives and operation of the management
d) obtain necessary information regarding the system;
scope of the management system, including:
—the client’s site(s);
d) To collect necessary information regarding the scope of the
—processes and equipment used; management system, processes and location(s) of the client,
—levels of controls established (particularly in — levels of controls established (particularly in case of
case of multisite clients); multisite clients);and related statutory and regulatory aspects
9.3.1.2.2
—applicable statutory and regulatory and compliance (e.g. quality, environmental, legal aspects of
requirements; the client's operation, associated risks, etc.);
e) review the allocation of resources for stage e) To review the allocation of resources for stage 2 audit and
2 and agree the details of stage 2 with the agree with the client on the details of the stage 2 audit
client;
f) to provide a focus for planning the stage 2 audit by gaining
f) provide a focus for planning stage 2 by
gaining a sufficient understanding of the a sufficient understanding of the client's management system
client’s management system and site and site operations in the context of management system
operations in the context of the management standard or other normative document; possible significant
system standard or other normative aspects;
document; g) To evaluate if the internal audits and management review
g) evaluate if the internal audits and are being planned and performed, and that the level of
management reviews are being planned and implementation of the management system indicates and the
performed, and that the level of
auditor can decide that the client is ready for the stage 2
implementation of the management system
substantiates that the client is ready for stage audit.
2. h) The OHSAS management system includes adequate
processes to identify the organizations OHS hazards and
NOTE If at least part of stage 1 is carried determine their significances as well.
out at the client’s premises, this can help to

Documented conclusions with regard to
fulfilment of the stage 1 objectives and the
readiness for stage 2 shall be communicated
to the client, including identification of any
areas of concern that could be classified as a
9.3.1.2.3
nonconformity during stage 2.
NOTE The stage 1 output does not need to

meet the full requirements of a report (see
9.4.8).
In determining the interval between stage 1 In determining the interval between stage 1 and stage 2 audits, team
and stage 2, consideration shall be given to Leader considers the needs of the client to resolve areas of concern
the needs of the client to resolve areas of identified during the stage 1 audit carried onsite. Based upon the reports
concern identified during stage 1. The CAB and recommendations of stage 1 audit QCS may also need to revise its
may also need to revise its arrangements for arrangements for stage 2.
9.3.1.2.4 stage 2. If any significant changes which If any significant changes which would impact the management system
would impact the management system occur, occur, QCS shall consider the need to repeat all or part of stage 01
the CAB shall consider the need to repeat all The client shall be informed that the results of stage 1 may lead to
or part of stage 1. The client shall be informed postponement or cancellation of stage 2.
that the results of stage 1 may lead to
postponement or cancellation of stage 2.


Stage 2 Has been addressed in section 9.3.1.3 of the Quality manual. And has also
The purpose of stage 2 is to evaluate the been addressed in the quality Manual. Same has been addressed.
implementation, including effectiveness, of the
client’s management system. The stage 2
shall take place at the site(s) of the client. It
shall include the auditing of at least the
following:
a) information and evidence about conformity
to all requirements of the applicable
management system standard or other
normative documents;
b) performance monitoring, measuring,
reporting and reviewing against key
9.3.1.3
performance objectives and targets
(consistent with the expectations in the
applicable management system standard or
other normative document);
c) the client’s management system ability and
its performance regarding meeting of
applicable statutory, regulatory and
d) operational control of the client’s
processes;
e) internal auditing and management review;
f) management responsibility for the client’s
policies.
Initial certification audit conclusions The team of auditors/experts will analyse all information and
The audit team shall analyse all information audit evidence gathered during the stage 1 and stage 2 audits
and audit evidence gathered during stage 1 to review the audit findings and agree on the audit
9.3.1.4 and stage 2 to review the audit findings and
conclusions and make necessary recommendations as a
agree on the audit conclusions.
result of the audit


Stage 2
The purpose of stage 2 is to evaluate the
implementation, including effectiveness, of the
client’s management system. The stage 2
shall take place at the site(s) of the client. It
shall include the auditing of at least the
following:
a) information and evidence about conformity
to all requirements of the applicable
normative documents;
b) performance monitoring, measuring,
reporting and reviewing against key
9.3.1.3
performance objectives and targets
(consistent with the expectations in the
applicable management system standard or
other normative document);
c) the client’s management system ability and
its performance regarding meeting of
applicable statutory, regulatory and
d) operational control of the client’s
processes;
e) internal auditing and management review;
f) management responsibility for the client’s
policies.
Initial certification audit conclusions
The audit team shall analyse all information
9.3.1.4 and audit evidence gathered during stage 1
and stage 2 to review the audit findings and
agree on the audit conclusions.
9.4 Conducting audits


General QCS has a process for conducting on-site audits addressed in
The CAB shall have a process for conducting Annexure A9 Auditor guideline Document. The onsite
on-site audits. This process shall include an auditing may include remote access to electronic sites that
opening meeting at the start of the audit and a
may contain some relevant information to the audit of the
closing meeting at the conclusion of the audit.
management system.
Where any part of the audit is made by Where any part of the audit is made by electronic means or
electronic means or where the site to be where the site to be audited is virtual, the QCS shall ensure
audited is virtual, the CAB shall ensure that that such activities are conducted by personnel with
such activities are conducted by personnel appropriate competence. The evidence obtained during such
with appropriate competence. The evidence an audit shall be sufficient to enable the auditor to take an
9.4.1
obtained during such an audit shall be informed decision on the conformity of the requirement in
sufficient to enable the auditor to take an question.
informed decision on the conformity of the
requirement in question.
NOTE “On-site” audits can include remote

access to electronic site(s) that contain(s)
information that is relevant to the audit of the
management system. Consideration can also
be given to the use of electronic means for
conducting audits.


Conducting the opening meeting QCS has a defined the requirements for conducting the
A formal opening meeting, shall be held with
opening meeting in QCS Auditors Guideline Annex 3 para 1.
the client’s management and, where
appropriate, those responsible for the QCS ensures that a formal opening meeting is held with the
functions or processes to be audited. The clients management systems including the personals who will
purpose of the opening meeting, usually be audited for process verification and the attendance of the
conducted by the audit team leader, is to participants in the opening meeting is recorded on
provide a short explanation of how the audit QCS/AST/02/F.
activities will be undertaken. The degree of
detail shall be consistent with the familiarity of
the client with the audit process and shall
consider the following:
a) introduction of the participants, including an
outline of their roles;
b) confirmation of the scope of certification;
c) confirmation of the audit plan (including
type and scope of audit, objectives and
criteria), any changes, and other relevant
arrangements with the client, such as the date
and time for the closing meeting, interim
meetings between the audit team and the
client’s management;
d) confirmation of formal communication
channels between the audit team and the
client;
e) confirmation that the resources and
facilities needed by the audit team are
9.4.2 available;
f) confirmation of matters relating to
confidentiality;
g) confirmation of relevant work safety,
emergency and security procedures for the
audit team;
h) confirmation of the availability, roles and
identities of any guides and observers;
i) the method of reporting, including any
grading of audit findings;
j) information about the conditions under
which the audit may be prematurely

9.4.3 Communication during the audit
During the audit, the audit team shall (refer QCS Auditor Guideline Annex A7)
periodically assess audit progress and QCS ensures that during the audit the audit team shall
exchange information. The audit team leader periodically assess audit progress and exchange information.
shall reassign work as needed between the
9.4.3.1 The audit team leader shall reassign work as needed between
audit team members and periodically
communicate the progress of the audit and the audit team members and periodically communicate the
any concerns to the client. progress of the audit and any concerns to the client.
Where the available audit evidence indicates Has been addressed in relevant section of the quality manual.
that the audit objectives are unattainable or
suggests the presence of an immediate and
significant risk (e.g. safety), the audit team
leader shall report this to the client and, if
possible, to the CAB to determine appropriate
9.4.3.2
action. Such action may include
reconfirmation or modification of the audit
plan, changes to the audit objectives or audit
scope, or termination of the audit. The audit
team leader shall report the outcome of the
action taken to the CAB.
The audit team leader shall review with the Section 9.4.3.3 addresses the same. The same has ben addressed in the
client any need for changes to the audit scope relevant section of the manual.
9.4.3.3
which becomes apparent as on-site auditing
activities progress and report this to the CAB.
9.4.4 Obtaining and verifying information Has been addressed in the Quality manual section 9.4.4
During the audit, information relevant to the QCS ensures that information relevant to the audit objectives, scope
audit objectives, scope and criteria (including and criteria (including information relating to interfaces between
information relating to interfaces between functions, activities and processes) shall be obtained by appropriate
9.4.4.1
functions, activities and processes) shall be sampling and verified to become
obtained by appropriate sampling and verified
to become audit evidence.
Methods to obtain information shall include, Has been addressed in section 9.4.4.2 of the Quality manual.
but are not limited to:
9.4.4.2 a) interviews;
b) observation of processes and activities;
c) review of documentation and records.


9.4.5 Identifying and recording audit findings As shown below
Audit findings summarizing conformity and QCS ensures audit findings summarizing conformity and detailing
detailing nonconformity shall be identified, nonconformity identified, classified and recorded and reported in the audit
9.4.5.1 classified and recorded to enable an informed report of the applicable management system report to enable an informed
certification decision to be made or the certification decision to be made or the certification to be maintained.
certification to be maintained.
Opportunities for improvement may be Has been addressed in the audit report form.
identified and recorded, unless prohibited by
the requirements of a management system
9.4.5.2
certification scheme. Audit findings, however,
which are nonconformities, shall not be
recorded as opportunities for improvement.
A finding of nonconformity shall be recorded Refer Nonconformity report form with corrective action suggested and
against a specific requirement, and shall auditor’s comments.
contain a clear statement of the
nonconformity, identifying in detail the
objective evidence on which the
nonconformity is based. Nonconformities shall
9.4.5.3
be discussed with the client to ensure that the
evidence is accurate and that the
nonconformities are understood. The auditor
however shall refrain from suggesting the
cause of nonconformities or their solution.
The audit team leader shall attempt to resolve QCS ensures that the audit team leader shall attempt to
any diverging opinions between the audit resolve any diverging opinions between the audit team and
team and the client concerning audit evidence the client concerning audit evidence or findings and
9.4.5.4 or findings, and unresolved points shall be
unresolved points shall be recorded in the audit report.
recorded.


Preparing audit conclusions Has been addressed in the section 9.4.6 of the Quality manual.
Under the responsibility of the audit team
leader and prior to the closing meeting, the
audit team shall:
a) review the audit findings, and any other
appropriate information obtained during the
audit, against the audit objectives and audit
criteria and classify the nonconformities;
9.4.6 b) agree upon the audit conclusions, taking
into account the uncertainty inherent in the
audit process;
c) agree any necessary follow-up actions;
d) confirm the appropriateness of the audit
programme or identify any modification
required for future audits (e.g. scope of
certification, audit time or dates, surveillance
frequency, audit team competence).
9.4.7 Conducting the closing meeting
A formal closing meeting, where attendance The same has been addressed in the section 9.4.7.1 of the Quality manual.
shall be recorded, shall be held with the QCS has a process of preparing audit conclusions prior to the closing
client’s management and, where appropriate, meeting, the same is addressed in the QCS Auditors Guideline Section A7
those responsible for the functions or para 3.7.
processes audited. The purpose of the closing
meeting, usually conducted by the audit team
leader, is to present the audit conclusions,
9.4.7.1 including the recommendation regarding
certification. Any nonconformities shall be
presented in such a manner that they are
understood, and the timeframe for responding
shall be agreed.
NOTE “Understood” does not necessarily
mean that the nonconformities have been
accepted by the client.


The closing meeting shall also include the The same has been addressed in the section 9.4.7.2 of the quality manual.
following elements where the degree of detail
The same is adequately addressed in the Quality manual
shall be consistent with the familiarity of the
client with the audit process:
a) advising the client that the audit evidence
obtained was based on a sample of the
information; thereby introducing an element of
uncertainty;
b) the method and timeframe of reporting,
including any grading of audit findings;
9.4.7.2 c) the CAB’s process for handling
nonconformities including any consequences
relating to the status of the client’s
certification;
d) the timeframe for the client to present a
plan for correction and corrective action
for any nonconformities identified during the
audit;
e) the CAB’s post audit activities;
f) information about the complaint and appeal
handling processes.
The client shall be given opportunity for The same has been addressed in section 9.4.7.3 of the Quality manual
questions. Any diverging opinions regarding
the audit findings or conclusions between the
9.4.7.3 audit team and the client shall be discussed
and resolved where possible. Any diverging
opinions that are not resolved shall be
recorded and referred to the CAB.
9.4.8 Audit Report
The CAB shall provide a written report for QCS team will provide a written report for each audit. The
each audit to the client. The audit team may
report shall be based on relevant guidance provided in QCS
identify opportunities for improvement but
9.4.8.1 shall not recommend specific solutions. Auditor Guideline and the ownership of the report lies with
Ownership of the audit report shall be QCS. The audit team may identify opportunities for
maintained by the CAB. improvement but shall not recommend specific solutions.


The audit team leader shall ensure that the
audit report is prepared and shall be
responsible for its content. The audit report
shall provide an accurate, concise and clear
record of the audit to enable an informed
certification decision to be made and shall
include or refer to the following:
a) identification of the CAB;
b) the name and address of the client and the
client’s representative;
c) the type of audit (e.g. initial, surveillance or
recertification audit or special audits);
d) the audit criteria;
e) the audit objectives;
f) the audit scope, particularly identification of
the organizational or functional units or
processes audited and the time of the audit;
g) any deviation from the audit plan and their
reasons;
h) any significant issues impacting on the
audit programme; QCS Lead Auditor ensures that the audit report is prepared
i) identification of the audit team leader, audit and is responsible for the contents of the report. QCS further
team members and any accompanying ensures that the audit report provide an accurate, concise
persons; and clear record of the audit to enable an informed
9.4.8.2
j) the dates and places where the audit certification decision to be made
activities (on site or offsite, permanent or
temporary sites) were conducted;
k) audit findings (see 9.4.5), reference to
evidence and conclusions, consistent with the
requirements
of the type of audit;
l) significant changes, if any, that affect the
management system of the client since the
last audit took place;
m) any unresolved issues, if identified;
n) where applicable, whether the audit is
combined, joint or integrated;
o) a disclaimer statement indicating that
auditing is based on a sampling process of

The report shall also contain:
a) a statement on the conformity and the
effectiveness of the management system
together with a summary of the evidence
relating to:
—the capability of the management system to
meet applicable requirements and expected
outcomes; The audit report contains a statement on the conformity and
—the internal audit and management review the effectiveness of the management system together with a
9.4.8.3 process; summary of the evidence relating to:
b) a conclusion on the appropriateness of the - The internal audit of the organization.
certification scope; — the capability of the management system to a
c) confirmation that the audit objectives have conclusion on the appropriateness of the
been fulfilled. certification scope;
a) confirmation that the audit objectives have been
fulfilled.
Cause analysis of nonconformities

The CAB shall require the client to analyse
the cause and describe the specific correction
9.4.9
and corrective actions taken, or planned to be
taken, to eliminate detected nonconformities,
within a defined time.


Effectiveness of corrections and corrective QCS audit team leader/QM reviews the corrections and
actions
corrective actions submitted by the client to determine if
The CAB shall review the corrections,
identified causes and corrective actions these are acceptable as per the status of the audit
submitted by the client to determine if these recommendation by the team leader.
are acceptable. The CAB shall verify the The same are detailed in the Non conformance report.
effectiveness of any correction and corrective
actions taken. The evidence obtained to
support the resolution of nonconformities shall
be recorded. The client shall be informed of
the result of the review and verification. The
client shall be informed if an additional full
9.4.10
audit, an additional limited audit, or
documented evidence (to be confirmed during
future audits) will be needed to verify effective
correction and corrective actions.
NOTE Verification of effectiveness of

correction and corrective action can be carried
out based on a review of documented
information provided by the client, or where
necessary, through verification on-site.
Usually this activity is done by a member of
the audit team.
9.5 Certification decision Addressed in section 9.5 of the Quality manual
9.5.1 General As shown below.
The CAB shall ensure that the persons or QCS MD makes the certification decisions for granting or
committees that make the decisions for
refusing certification, expanding or reducing the scope of
granting or refusing certification, expanding or
reducing the scope of certification, certification, suspending or restoring certification,
suspending or restoring certification, withdrawing certification or renewing certification is different
9.5.1.1 from those who carried out the audits. In case MD does the
withdrawing certification or renewing
certification are different from those who audit or in his absence the decision of granting the
carried out the audits. The individual(s) certification decision is taken by QM
appointed to conduct the certification decision
shall have appropriate competence.


The person(s) [excluding members of Addressed in section 9.5.1.2 of the manual. The person(s)
committees (see 6.1.4)] assigned by the CAB
[excluding members of committees assigned by the QCS to
to make a certification decision shall be
employed by, or shall be under legally make a certification decision shall be employed by, or shall be
enforceable arrangement with either the CAB under legally enforceable arrangement with either the QCS or
or an entity under the organizational control of an entity under the organizational control of the QCS
the CAB. A CAB’s organizational control shall
be one of the following:
a) whole or majority ownership of another
entity by the CAB;
9.5.1.2 b) majority participation by the CAB on the
board of directors of another entity;
c) a documented authority by the CAB over
another entity in a network of legal entities
(in which the CAB resides), linked by
ownership or board of director control.
NOTE For governmental certification

bodies, other parts of the same government
can be considered to be “linked by ownership”
to the CAB.
The persons employed by, or under contract Has been addressed in section 9.5.1.3 of the Quality manual.
with, entities under organizational control shall
9.5.1.3 fulfil the same requirements of this part of
ISO/IEC 17021 as persons employed by, or
under contract with, the CAB.
The certification body shall record each Has been addressed in the certification issue check list covering the overall
certification decision including any certification decision.
9.5.1.4
additional information or clarification sought
from the audit team or other sources.


Actions prior to making a decision Has been addressed in section 9.5.2 of the Quality Manual.
The CAB shall have a process to conduct an
effective review prior to making a decision for
granting certification, expanding or reducing
the scope of certification, renewing,
suspending or restoring, or withdrawing of
certification, including, that
a) the information provided by the audit team
9.5.2 is sufficient with respect to the certification
requirements and the scope for certification;
b) for any major nonconformities, it has
reviewed, accepted and verified the
correction and corrective actions;
c) for any minor nonconformities it has

reviewed and accepted the client’s plan for
correction and corrective action.
9.5.3 Information for granting initial certification Has been addressed in section 9.5.3 of the Quality manual
The information provided by the audit team to The information provided by the audit team to QCS Head
the CAB for the certification decision shall office-QM/TC for the certification decision will include, as a
include, as a minimum: minimum,
a) the audit report;
a) The audit reports,
b) comments on the nonconformities and,
where applicable, the correction and b) Comments on the nonconformities and, where
corrective actions applicable, the correction and corrective actions taken
taken by the client; by the client,
9.5.3.1 c) confirmation of the information provided to c) Confirmation of the information provided to the
the CAB used in the application review (see certification body used in the application review (scope,
9.1.2); address, justified exclusions, no of employess
d) confirmation that the audit objectives have d) Confirmation that the audit objectives have been
been achieved; achieved;
e) a recommendation whether or not to grant
certification, together with any conditions or A recommendation whether or not to grant certification,
observations. together with any conditions or observations


If the CAB is not able to verify the If QCS is not able to verify the implementation of corrections
implementation of corrections and corrective and corrective actions of any major nonconformity within 6
actions of any major nonconformity within 6 months after the last day of stage 2, QCS shall conduct
9.5.3.2 months after the last day of stage 2, the CAB
another stage 2 prior to recommending certification.
shall conduct another stage 2 prior to
recommending certification.
When a transfer of certification is envisaged The same has been envisaged during the review of accreditation and thye
from one CAB to another, the accepting CAB same has been followed through.
shall have a process for obtaining sufficient
information in order to take a decision on
9.5.3.3 certification.
NOTE Certification schemes can have

specific rules regarding the transfer of
certification.
Information for granting recertification The same has been adopted that the old line of materials have been takem
The CAB shall make decisions on renewing care of.
certification based on the results of the
9.5.4 recertification audit, as well as the results of
the review of the system over the period of
certification and complaints received from
users of certification.
9.6 Maintaining certification


General
The CAB shall maintain certification based on
demonstration that the client continues to
satisfy the requirements of the management
system standard. It may maintain a client’s
certification based on a positive conclusion by
the audit team leader without further
independent review and decision, provided
that:
a) for any major nonconformity or other
situation that may lead to suspension or
9.6.1
withdrawal of certification, the CAB has a
system that requires the audit team leader to
report to the CAB the need to initiate a review
by competent personnel (see 7.2.8), different
from those who carried out the audit, to
determine whether certification can be
maintained;
b) competent personnel of the CAB monitor its
surveillance activities, including monitoring
the reporting by its auditors, to confirm that
the certification activity is operating effectively.
9.6.2 Surveillance activities
9.6.2.1 General
The CAB shall develop its surveillance
activities so that representative areas and
functions covered by the scope of the
9.6.2.1.1 management system are monitored on a
regular basis, and take into account changes
to its certified client and its management
system.


Surveillance activities shall include on-site
auditing of the certified client’s management
system’s fulfilment of specified requirements
with respect to the standard to which the
certification is granted. Other surveillance
activities may include:
a) enquiries from the CAB to the certified
client on aspects of certification;
9.6.2.1.2
b) reviewing any certified client’s
statements with respect to its operations
(e.g. promotional material, website);
c) requests to the certified client to provide
documented information (on paper or
electronic media);
d) other means of monitoring the certified
client’s performance.


Surveillance audit
Surveillance audits are on-site audits, but are
not necessarily full system audits, and shall
be planned together with the other
surveillance activities so that the CAB can
maintain confidence that the client’s certified
management system continues to fulfil
requirements between recertification audits.
Each surveillance for the relevant
management system standard shall include:
a) internal audits and management review;
b) a review of actions taken on
nonconformities identified during the previous
9.6.2.2
audit;
c) complaints handling;
d) effectiveness of the management system
with regard to achieving the certified client’s
objectives and the intended results of the
respective management system (s);
e) progress of planned activities aimed at
continual improvement;
f) continuing operational control;
g) review of any changes;
h) use of marks and/or any other reference to
certification.
9.6.3 Recertification
9.6.3.1 Recertification audit planning


The purpose of the recertification audit is to
confirm the continued conformity and
effectiveness of the management system as a
whole, and its continued relevance and
applicability for the scope of certification. A
recertification audit shall be planned and
9.6.3.1.1 conducted to evaluate the continued fulfilment
of all of the requirements of the relevant
normative document. This shall be planned
and conducted in due time to enable for timely
renewal before the certificate expiry date.
The recertification activity shall include the

review of previous surveillance audit reports
9.6.3.1.2 and consider the performance of the
management system over the most recent
certification cycle.
Recertification audit activities may need to
have a stage 1 in situations where there have
been significant changes to the management
system, the organization, or the context in
which the management system is operating
(e.g. changes to legislation).
9.6.3.1.3
NOTE Such changes can occur at any time
during the certification cycle and the CAB
might need to perform a special audit (see
9.6.4), which might or might not be a two-
stage audit.
9.6.3.2 Recertification audit


The recertification audit shall include an on-
site audit that addresses the following:
a) the effectiveness of the management
system in its entirety in the light of internal and
external changes and its continued relevance
and applicability to the scope of certification;
b) demonstrated commitment to maintain the
9.6.3.2.1
effectiveness and improvement of the
management system in order to enhance
overall performance;
c) the effectiveness of the management
system with regard to achieving the certified
client’s objectives and the intended results of
the respective management system (s).
For any major nonconformity, the CAB shall
define time limits for correction and corrective
9.6.3.2.2 actions. These actions shall be implemented
and verified prior to the expiration of
certification.
When recertification activities are successfully
completed prior to the expiry date of the
existing certification, the expiry date of the
9.6.3.2.3 new certification can be based on the expiry
date of the existing certification. The issue
date on a new certificate shall be on or after
the recertification decision.
If the CAB has not completed the
recertification audit or the CAB is unable to
verify the implementation of corrections and
corrective actions for any major nonconformity
(see 9.5.2.1) prior to the expiry date of the
9.6.3.2.4
certification, then recertification shall not be
recommended and the validity of the
certification shall not be extended. The client
shall be informed and the consequences shall
be explained.


Following expiration of certification, the CAB
can restore certification within 6 months
provided that the outstanding recertification
activities are completed, otherwise at least a
stage
9.6.3.2.5
2 shall be conducted. The effective date on
the certificate shall be on or after the
recertification decision and the expiry date
shall be based on prior certification cycle.
9.6.4 Special audits

Expanding scope
The CAB shall, in response to an application
for expanding the scope of a certification
already granted, undertake a review of the
9.6.4.1 application and determine any audit activities
necessary to decide whether or not the
extension may be granted. This may be
conducted in conjunction with a surveillance
audit.
Short-notice audits
It may be necessary for the CAB to conduct
audits of certified clients at short notice or
unannounced to investigate complaints, or in
response to changes, or as follow up on
suspended clients. In such cases:
a) the CAB shall describe and make known in
9.6.4.2 advance to the certified clients (e.g. in
documents as described in 8.5.1) the
conditions under which such audits will be
conducted;
b) the CAB shall exercise additional care in
the assignment of the audit team because of
the lack of opportunity for the client to object
to audit team members.
Suspending, withdrawing or reducing the
9.6.5
scope of certification


The CAB shall have a policy and documented
procedure(s) for suspension, withdrawal or
9.6.5.1 reduction of the scope of certification, and
shall specify the subsequent actions by the
CAB.
The CAB shall suspend certification in cases
when, for example:
—the client’s certified management system

has persistently or seriously failed to meet
certification requirements, including
9.6.5.2 requirements for the effectiveness of the
management system;
—the certified client does not allow
surveillance or recertification audits to be
conducted at the required frequencies;
—the certified client has voluntarily requested
a suspension.
Under suspension, the client’s management
9.6.5.3
system certification is temporarily invalid.
The CAB shall restore the suspended
certification if the issue that has resulted in the
suspension has been resolved. Failure to
resolve the issues that have resulted in the
suspension in a time established by the CAB
9.6.5.4
shall result in withdrawal or reduction of the
scope of certification.
NOTE In most cases, the suspension

would not exceed six months.
The CAB shall reduce the scope of
certification to exclude the parts not meeting
the requirements, when the certified client has
persistently or seriously failed to meet the
9.6.5.5
certification requirements for those parts of
the scope of certification. Any such reduction
shall be in line with the requirements of the
standard used for certification.


9.7 Appeals
The CAB shall have a documented process to
9.7.1 receive, evaluate and make decisions on
appeals.
The CAB shall be responsible for all decisions
at all levels of the appeals-handling process.
The CAB shall ensure that the persons
9.7.2
engaged in the appeals-handling process are
different from those who carried out the audits
and made the certification decisions.
Submission, investigation and decision on
9.7.3 appeals shall not result in any discriminatory
actions against the appellant.
The appeals-handling process shall include at
least the following elements and methods:
a) an outline of the process for receiving,
validating and investigating the appeal, and
for deciding what
actions need to be taken in response to it,
9.7.4
taking into account the results of previous
similar appeals;
b) tracking and recording appeals, including
actions undertaken to resolve them;
c) ensuring that any appropriate correction
and corrective action are taken.
The CAB receiving the appeal shall be
9.7.5 responsible for gathering and verifying all
necessary information to validate the appeal.
The CAB shall acknowledge receipt of the
9.7.6 appeal and shall provide the appellant with
progress reports and the result of the appeal.
The decision to be communicated to the
appellant shall be made by, or reviewed and
9.7.7
approved by, individual(s) not previously
involved in the subject of the appeal.


The CAB shall give formal notice to the
9.7.8 appellant of the end of the appeals-handling
process.
9.8 Complaints
The CAB shall be responsible for all decisions
9.8.1 at all levels of the complaints-handling
process.
Submission, investigation and decision on
complaints shall not result in any
9.8.2
discriminatory actions against the
complainant.
Upon receipt of a complaint, the CAB shall
confirm whether the complaint relates to
certification activities that it is responsible for
and, if so, shall deal with it. If the complaint
9.8.3
relates to a certified client, then examination
of the complaint shall consider the
effectiveness of the certified management
system.
Any valid complaint about a certified client
shall also be referred by the CAB to the
9.8.4
certified client in question at an appropriate
time.
The CAB shall have a documented process to
receive, evaluate and make decisions on
complaints. This process shall be subject to
9.8.5
requirements for confidentiality, as it relates to
the complainant and to the subject of the
complaint.


The complaints-handling process shall include The complaint handling procedure has been formulated as per section 4.0
at least the following elements and methods: of the Quality manual
a) an outline of the process for receiving,
validating, investigating the complaint, and for
deciding Tracking and recording of complaints have been recireded in presceibed
what actions need to be taken in response to formats and the same are being monitored also..
it; All corrective actions are being recirded.
9.8.6 b) tracking and recording complaints,
including actions undertaken in response to
them;
c) ensuring that any appropriate correction
and corrective action are taken.
NOTE ISO 10002 provides guidance for

complaints handling.
The CAB receiving the complaint shall be When a transfer of certification is envisaged from another CAB to
responsible for gathering and verifying all QCS In that case QCS have a process for obtaining sufficient
necessary information to validate the information in order to take a decision on accepting the transfer
9.8.7 complaint. case as per procedure p-13, after go through the pre transfer review
process.
Doc Ref: QCS/PTR/F/01/00
Whenever possible, the CAB shall Has been addressed in the section 9.8.8 of the quality manual
acknowledge receipt of the complaint, and
shall provide the complainant with progress
reports and the result of the complaint.
9.8.8 The decision to be communicated to the Submission, investigation and decision on complaints shall
9.8.9 complainant shall be made by, or reviewed not result in any discriminatory actions against the
9.8.10 and approved by, individual(s) not previously complainant
involved in the subject of the complaint.
Whenever possible, the CAB shall give
formal notice of the end of the complaints-
handling process to the complainant.


The CAB shall determine, together with the QCS receiving the complaint shall be responsible for gathering
certified client and the complainant, whether and verifying all necessary information to validate the
9.8.11 and, if so to what extent, the subject of the complaint.
complaint and its resolution shall be made
public.
Client records
9.9
The CAB shall maintain records on the audit All clients files are maintained with unique Identification
and other certification activities for all clients,
Number. Same has been addressed in section 9.9.1 of the
including all organizations that submitted
9.9.1 Quality manual
applications, and all organizations audited,
certified, or with certification suspended or
withdrawn.


Records on certified clients shall include the All such documents are maintained in respective clients’ files
following:
a) application information and initial,
surveillance and recertification audit reports;
b) certification agreement;
c) justification of the methodology used for
sampling of sites, as appropriate;
NOTE Methodology of sampling includes

the sampling employed to audit the specific
management system and/or to select sites in
the context of multi-site audit.
d) justification for auditor time determination

(see 9.1.4);
9.9.2 e) verification of correction and corrective
actions;
f) records of complaints and appeals, and any
subsequent correction or corrective actions;
g) committee deliberations and decisions, if
applicable;
h) documentation of the certification
decisions;
i) certification documents, including the scope
of certification with respect to product,
process or service, as applicable;
j) related records necessary to establish the
credibility of the certification, such as
evidence of the competence of auditors and
technical experts;
k) audit programmes.
The CAB shall keep the records on applicants Has been addressed in section 9.9.3 of the Quality manual.
and clients secure to ensure that the
information is kept confidential. Records shall
9.9.3
be transported, transmitted or transferred in a
way that ensures that confidentiality is
maintained.


The CAB shall have a documented policy and Retention period for the records are maintained and covers the whole
documented procedures on the retention of certification cycle Plus one full certification cycle. The same has been
records. Records of certified clients and addressed in section 9.9.4 of the Quality Manual.
previously certified clients shall be retained for
the duration of the current cycle plus one full
9.9.4
certification cycle.
NOTE In some jurisdictions, the law

stipulates that records need to be maintained
for a longer time period.
Management system requirements for
10
certification bodies
Options QCS has establish, document, implement and maintain a management
The CAB shall establish, document, system that is capable of supporting and demonstrating the consistent
implement and maintain a management achievement of the requirements of this part of ISO/IEC 17021.
system that is capable of supporting and In addition to meeting the requirements of Clauses 5to 9, QCS has
demonstrating the consistent achievement of implemented a management system in accordance with either:
the requirements of this part of ISO/IEC a) general management system requirements (see 10.2); or
17021. In addition to meeting the b) management system requirements in accordance with ISO 9001
10.1
requirements of Clauses 5 to 9, the CAB (see 10.3).
shall implement a management system in has been addressed in section 10.1 of the Quality manual
accordance with either:
a) general management system requirements
(see 10.2); or
b) management system requirements in
accordance with ISO 9001 (see 10.3).
Option A: General management system
10.2
requirements


General
The CAB shall establish, document,
implement and maintain a management
system that is capable of supporting and
demonstrating the consistent achievement of
the requirements of this part of ISO/IEC
17021.
The CAB’s top management shall establish
and document policies and objectives for its
activities. The top management shall
provide evidence of its commitment to the QCS has established, documented, implemented and
development and implementation of the maintains a management system that is capable of
management system in accordance with the supporting and demonstrating the consistent achievement of
10.2.1
requirements of this part of ISO/IEC 17021. the requirements of this part of ISO/IEC 17021.
The top management shall ensure that the
policies are understood, implemented and
maintained at all levels of the CAB’s
organization.
The CAB’s top management shall assign
responsibility and authority for:
a) ensuring that processes and procedures
needed for the management system are
established, implemented and maintained;
b) reporting to top management on the
performance of the management system and
any need for improvement.
Management system manual Refer the Quality manual established and maintained and
All applicable requirements of this part of
attached with this document.
ISO/IEC 17021 shall be addressed either in a
10.2.2 manual or in associated documents. The CAB
shall ensure that the manual and relevant
associated documents are accessible to all
relevant personnel.


Control of documents QCS has established procedures to control the documents
The CAB shall establish procedures to control (internal and external) that relate to the fulfilment of this part
the documents (internal and external) that of ISO/IEC 17021. The same has also been addressed in
relate to the fulfilment of this part of ISO/IEC
section 10.2.3 of the Quality Manual
17021. The procedures shall define the
controls needed to:
a) approve documents for adequacy prior to
issue;
b) review and update where necessary and
re-approve documents;
c) ensure that changes and the current
revision status of documents are identified;
10.2.3
d) ensure that relevant versions of applicable
documents are available at points of use;
e) ensure that documents remain legible and
readily identifiable;
f) ensure that documents of external origin are
identified and their distribution controlled;
g) prevent the unintended use of obsolete
documents, and to apply suitable identification
to them if they are retained for any purpose.
NOTE Documentation can be in any form

or type of medium.
The CAB shall establish procedures to define QCS has established procedures to define the controls
the controls needed for the identification,
needed for the identification, storage, protection, retrieval,
storage, protection, retrieval, retention time
and disposition of its records related to the retention time and disposition of its records related to the
fulfilment of this part of ISO/IEC 17021. fulfilment of this part of ISO/IEC 17021. Has been addressed
in section 10.2.4 of the manual.
The CAB shall establish procedures for
10.2.4
retaining records for a period consistent with
its contractual and legal obligations. Access to
these records shall be consistent with the
confidentiality arrangements.
NOTE For requirements for records on

certified clients, see also 9.9.


10.2.5 Management review Has been addressed
General Has been addressed in section 10.2.5.1 of the manual. These
The CAB’s top management shall establish reviews shall be conducted at annual interval. All policies and
procedures to review its management system objectives have been addressed.
at planned intervals to ensure its continuing
10.2.5.1 suitability, adequacy and effectiveness,
including the stated policies and objectives
related to the fulfilment of this part of ISO/IEC
17021. These reviews shall be conducted at
least once a year.
Review inputs The same has been addressed in section 10.2.5.2 of the Quality manual.
The input to the management review shall
include information related to:
a) results of internal and external audits;
b) feedback from clients and interested
parties;
c) safeguarding impartiality;
10.2.5.2 d) the status of corrective actions;
e) the status of actions to address risks;
f) follow-up actions from previous
management reviews;
g) the fulfilment of objectives;
h) changes that could affect the management
system;
i) appeals and complaints.
Review outputs The same has been addressed in section 10.2.5.3 of the Quality manual.
The outputs from the management review
shall include decisions and actions related to
a) improvement of the effectiveness of the
management system and its processes;
10.2.5.3 b) improvement of the certification services
related to the fulfilment of this part of ISO/IEC
17021;
c) resource needs;
d) revisions of the organization’s policy and
objectives.


10.2.6 Internal audits
The CAB shall establish procedures for QCS has established procedures for internal audits to verify
internal audits to verify that it fulfils the that it fulfils the requirements of this part of ISO/IEC 17021
requirements of this part of ISO/IEC 17021 and that the management system is effectively implemented
and that the management system is
10.2.6.1 and maintained.
effectively implemented and maintained.
NOTE ISO 19011 provides guidelines for

conducting internal audits.
An audit programme shall be planned, taking An audit programme has been planned, taking into
into consideration the importance of the
consideration the importance of the processes and areas to be
10.2.6.2 processes and areas to be audited, as well as
the results of previous audits. audited, as well as the results of previous audits.
Internal audits shall be performed at least Being planned every 12 months at the minimum. And also the
once every 12 months. The frequency of
same has been addressed.
internal audits may be reduced if the CAB can
10.2.6.3 demonstrate that its management system
continues to be effectively implemented
according to this part of ISO/IEC 17021 and
has proven stability.
The CAB shall ensure that: It is ensured that competent auditors are available. All the
a) internal audits are conducted by competent
paraphernalia are well taken care of. Has been addressed in
personnel knowledgeable in certification,
auditing and the requirements of this part of section 10.2.6.4 of the Quality Manual
ISO/IEC 17021;
b) auditors do not audit their own work;
10.2.6.4
c) personnel responsible for the area audited
are informed of the outcome of the audit;
d) any actions resulting from internal audits
are taken in a timely and appropriate manner;
e) any opportunities for improvement are
identified.


Corrective actions QCS has established procedure for identification and
The CAB shall establish procedures for
management of nonconformities in its operations. QM/TC
identification and management of
nonconformities in its operations. The CAB where necessary, takes actions to eliminate the causes of
shall also, where necessary, take actions to nonconformities in order to prevent recurrence. has been
eliminate the causes of nonconformities in addressed in section 10.2.7 of the Quality manual.
order to prevent recurrence. Corrective
actions shall be appropriate to the impact of
the problems encountered. The procedures
shall define requirements for:
10.2.7 a) identifying nonconformities (e.g. from valid
complaints and internal audits);
b) determining the causes of nonconformity;
c) correcting nonconformities;
d) evaluating the need for actions to ensure
that nonconformities do not recur;
e) determining and implementing in a timely
manner, the actions needed;
f) recording the results of actions taken;
g) reviewing the effectiveness of corrective
actions.
Option B: Management system
10.3 Addressed
requirements in accordance with ISO 9001
General A management system has been established complying with the
The CAB shall establish and maintain a requirements of ISO 9001.
management system, in accordance with the
requirements of ISO 9001, which is capable of
10.3.1
supporting and demonstrating the consistent
achievement of the requirements of this part
of ISO/IEC 17021, amplified by 10.3.2 to
10.3.4.
Scope Has been addressed in section 10.3.2 of the Quality manual
For application of the requirements of ISO
10.3.2 9001, the scope of the management system
shall include the design and development
requirements for its certification services.


Customer focus All interested parties are considered. Has been addressed in section 10.3.3
For application of the requirements of ISO of the Quality manual.
9001, when developing its management
system, the CAB shall consider the credibility
10.3.3
of certification and shall address the needs of
all parties (as set out in 4.1.2) that rely upon
its audit and certification services, not just its
clients.
Management review Has been addressed in section 10.3.4 of the Quality manual
For application of the requirements of ISO
9001, the CAB shall include as input for
10.3.4 management review, information on relevant
appeals and complaints from users of
certification activities and a review of
impartiality.
IAF Mandatory Documents

IAF MD 1 – IAF Mandatory Document for Maintained
the Certification of Multiple Sites Based on
Sampling
the Transfer of Accredited Certification of
Management System
Advanced Surveillance and Recertification
Procedures
the use of Computer Assisted Auditing
Techniques (“CAAT”) for Accredited
Certification of Management Systems
Duration of QMS and EMS Audits

17021-1-2015 - Checklist - Final

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

17021-1-2015 - Checklist - Final

Uploaded by

Copyright:

Available Formats

UNITED ACCREDITATION FOUNDATION

CHECKLIST ON ISO/IEC 17021-1:2015 Effective 15th June 2016.

Clause Requirement Comments by CAB Findings by UAF

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

6.1 Organizational structure and top Has been shown

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

7.1.2 Determination of competence criteria

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

7.2.6 Does the certification body ensure that

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

7.3 Use of individual external auditors and Addressed as shown below

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

8.2 Certification documents

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

8.4.2If any information regarding the operations and

Except as required, information about a particular client or

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

Personnel, including any committee Refer 8.4.6 of the manual

Information exchange between a CAB and Addressed as shown below

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF

ISO 17021:2011 Checklist for all CBs

Clause Requirement Comments by CAB Findings by UAF