The TQM Journal

Management systems audit in the annex SL context

Cristinel RONCEA
Article information:
To cite this document:
Cristinel RONCEA , (2016),"Management systems audit in the annex SL context", The TQM Journal, Vol. 28 Iss 5 pp. -
Permanent link to this document:
http://dx.doi.org/10.1108/TQM-10-2015-0129
Downloaded on: 16 July 2016, At: 02:16 (PT)
References: this document contains references to 0 other documents.
To copy this document: permissions@emeraldinsight.com
The fulltext of this document has been downloaded 11 times since 2016*
Users who downloaded this article also downloaded:
(2016),"Guest editorial", The TQM Journal, Vol. 28 Iss 5 pp. -
(2016),"Employees factors importance in lean six sigma concept", The TQM Journal, Vol. 28 Iss 5 pp. -
Downloaded by University of South Florida At 02:16 16 July 2016 (PT)

(2016),"Intelligent approaches for an organisation’s management system change", The TQM Journal, Vol. 28 Iss 5 pp. -

Access to this document was granted through an Emerald subscription provided by emerald-srm:216876 []
For Authors
If you would like to write for this, or any other Emerald publication, then please use our Emerald for Authors service
information about how to choose which publication to write for and submission guidelines are available for all. Please
visit www.emeraldinsight.com/authors for more information.
About Emerald www.emeraldinsight.com
Emerald is a global publisher linking research and practice to the benefit of society. The company manages a portfolio of
more than 290 journals and over 2,350 books and book series volumes, as well as providing an extensive range of online
products and additional customer resources and services.
Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the Committee on Publication
Ethics (COPE) and also works with Portico and the LOCKSS initiative for digital archive preservation.

*Related content and download information correct at time of download.

 MANAGEMENT SYSTEMS AUDIT IN THE ANNEX SL CONTEXT

1. INTRODUCTION

How to perform and report an audit has not changed much in recent years, despite the best intentions of auditors,
certification bodies and organizations that provide training. Of course, there are differences between courses,
trainers and audit methods used, but they are mainly performed by the same type of professionals.
We should ask the question "what has to offer classical approach to audit practice to help organizations
interested in becoming, more than improving their own performance?” If you look at some audit reports you
immediately get the answer. Most of them:
• provide descriptions of the site audit findings;
• use standard expressions difficult to understand for those who do not know in detail the reference standards ;
• deal with compliance rather than effectiveness;
• contain only a few recommendations for improvement and generally, do not refer to solutions/measures which
can be taken for effectiveness improvement.
Of course, not all the auditors are the same, some of them try to do their audits effectiveness and improvement
oriented..
Downloaded by University of South Florida At 02:16 16 July 2016 (PT)

Top managers of companies work with numbers, values, graphs, money and budgets. They are concerned with
organizational performance and strategic management and require information that reflect their need to effectively
manage and control risk. Benchmarking and evaluation of the organization’s level of maturity are necessary data in
decision making and business improvement, not just information confirming compliance. (Roncea, C., 2006)
The information needed by managers should refer to high management levels and business strategy, while audit
reports resulted from classical approach refer at best at middle management and assessment only conformity.
After analysing the reports of audit most of the managers ask themselves: “What do I actually get with these
costs?".
In order to support these ideas, many certification bodies worldwide come with data regarding the fact that a
large number of organizations have completely given up of classic standards and certification of management
systems in accordance with them. This happened because present certification does not offer what they need and
current methods of external audit are not a great deal to managers. It is obvious that it requires a major change in
how audits are performed and reported and minor changes are not currently viable options to solve the problem.
We cannot blame for this situation only the auditors. The whole audit systems of management systems is
obsolete and it is focused onlyon compliance.
Accreditation bodies, and, unfortunately, the regulating bodies - EA, IAF, ILAC - proved in documents, issued
in recent years, despite statements, still classical approach and even encourage hyper documentation and increasing
the number of records.
The only ones, who try to focus management systems audit toward effectiveness and remove it as much as
possible from compliance audit, are some auditors from accreditation bodies and certification bodies. However, as
long as the basis for granting a certificate of compliance will be the audit, it will always be an important part of
conformity assessment.
It is true and desirable that this audit oriented to compliance to be for certification purpose. But, once compliance
demonstrated, during the following surveillance audits the focus on compliance is no longer interesting for top
managers of the auditee, because these audits say almost nothing about their organization.

2. ANNEX SL AND NEW CHALLENGES FOR AUDITORS

Many auditors have already begun to be concerned with a new approach and to promote it in various ways.
Fortunately, the new ISO Annex SL approach, imposed by new standards for management systems, come in support
quitting classical approach to auditing.
Therefore, for auditing the new clauses, “Understanding the organization and its context” and “Understanding
the needs and expectations of interested parties”, auditors will have to allow additional time to prepare for audits in
order to establish their understanding of the context that auditee organisations are operating in.
They will need to understand the internal and external issues, typically experienced in organisations of that type,
and must be prepared and able to challenge an organisation if they believe the organisation’s interpretation of their
context is deficient or incorrect.
Also, auditors will need additional time to prepare for audits in order to establish their opinion onthe relevant
interests of relevant interested parties. If this differs from the organisation’s perception, then auditors must be
prepared to change this.
Auditors will need to ensure that the organisation has been through a process initially to identify these groups
and then to identify their requirements that are relevant to the organisation’s management system. (ISO, 2014),
(IRCA, 2014)
 In this context, it is necessary for auditors to properly understand, the significance of the expression "relevant
requirements" of "relevant stakeholders". It should be kept in mind that there is no requirement to consider
stakeholders who were determined by the organization, as not relevant to the management system.
Also, there is no requirement to address a specific requirement of the relevant stakeholders if the organization
considers that this requirement is not relevant.
Relevance depends on the impact on the organization's ability to consistently provide products and services that
meet customer’s requirements and applicable regulatory and legal requirements or the organization’s objective to
enhance customer’s satisfaction. (ISO, 2014)
For the evaluation of determining the scope of the management system, auditors will need to verify that the
organisation’s scope exists as documented information. They must gather evidence that it has been produced in
consideration of the organisation’s context, products and services.
Auditors should review any exclusions applied under management standard for ongoing suitability. They will
need to ensure legacy issues, where an organisation has previously sought to limit its scope and excluded activities
that can affect its ability or responsibility to ensure conformity of products or services, are not perpetuated.
Auditors should have a clear and concise list of objective evidence, to identify and confirm. It will include the
organisation’s goals and intended outcomes, internal and external issues, the relevant stakeholders and their
requirements and the management system scope. Collectively, this will provide a key insight into the organisation.
This should not be just a tick-list, but the entirety will provide a key insight into the organisation - it should provide
illumination and clarity. (IRCA, 2004)
Downloaded by University of South Florida At 02:16 16 July 2016 (PT)

Now this is a mandatory and explicit requirement for a process-based management system.
On the other hand, an organization operates through its business processes that actually give its performance.
Together, they constitute business management system.
In a management system based on process approach, each business process must be defined and even "mapped".
Sometimes, there is confusion between a business process and procedure describing the process, or between a
process and an activity.
When the business processes are audited it is necessary for the auditor to know what process is in assembly of
the organization processes. But many auditors often, go into details and therefore, usually, lack the overview
(perspective) that management must have and understand.
Conventionally, a process is defined as a series of activities that transform inputs into outputs. The audit should
follow the conduct of these activities vis-a-vis the objectives set for the audit.
If an organization has to deal with the management of a process, it is necessary to understand the results and how
the results are used to improve the performance of that process.
But there are a number of factors, including constraints, which influence the effectiveness of a process. Their
influence on process performance varies depending on the purpose of that process. They have developed a model of
the process also more realistic and thus, to have a comprehensive list of issues that need to be assessed, in order to
add more value to the audit.
What is interesting in the management process is that many of the factors affecting the performance of the
process cannot be described. They are like motivation, culture and teamwork. (Olaru.M, Roncea.C, 2000)
Do not forget, that any representation of a process is only an interpretation of the real world and not the "real
world" to be audited and then improved. One of the most important issues in an audit is overlooking the general
picture and focus on the component parts.
The auditors should evaluate the use of the performance indicators to control and monitor processes and the
effectiveness of these indicators. (IRCA&CQI, 2014)
The new requirement for processes to be assessed from a risk and opportunity perspective will have to find a
new answer. In effect, auditors will need to review how the organisation has designed its process-based management
system.
In order to review the new requirements related to actions to address risks and opportunities, the role of the
auditor is not to carry out their own determination of risks and opportunities, but to ensure that the organisation is
applying their methodology consistently and effectively.
This new clause is related to several other clauses within the standard with regards to its outcomes (i.e. what are
the risks and opportunities for the organisation, and how they are to be addressed?).
Consequently, organisations truly need to understand it and apply it effectively. It is clear that wrong assessment
will not result in a suitable quality management system, and hence not effective.
However, where the auditor’s knowledge of the context of the organisation reveals that the organisation has
failed to identify a familiar known risk or opportunity, they may call into question the organisation’s approach.
Auditors should be familiar with risk - the consequences of an event and the associated likelihood of occurrence
- and how to avoid, eliminate, minimise or mitigate it. They also, need to focus on the positive aspect - opportunities
for the business and how to optimize them. The identified risks and opportunities will lead to policies and
objectives. Auditors should be able to identify and follow a clear path from issues and requirements through risks
and opportunities, policies and objectives. (ISO, 2014), (IRCA&CQI, 2014)
Auditors must ensure that they are equipped to challenge top management, in respect of their commitment to
their management systems. Auditing at this level is to be a new experience for many. To be effective and gain the
respect of top management, auditors will need to have a good understanding of management activities, be able to
 engage with top management on a range of subjects, and speak the language of top management. For many auditors,
this will involve developing new and enhanced competences.
Auditors will need to seek evidence that top management ensure that any risks and opportunities with potential
impacts on organisation’s ability to supply products and services that conform to customer’s requirements and
applicable statutory or regulatory requirements, or that may affect customer satisfaction, are identified and addressed
by the organisation. Auditors should expect to find a focus on risks, but, should note that opportunities must also be
considered.
Giving up all references to the role of "management representative" strengthens the desire to see management
systems integrated into routine business operations, rather than operating as an independent self-contained, with its
own dedicated management structure. (IRCA, 2014)
Another aspect is now, evaluation of compliance with the legal and other requirements that are applicable for
management system. For that, auditors should have updated knowledge on various areas of law such as: making
products available on the market, environment, occupational health and safety, information security, energy
efficiency.
The organisation must consider the need for both internal and external communications, relevant to the
management system – what, when and with whom it will communicate.
The new requirement for “documented information” is going to generate a lot of heat but not much light. The
terms documents, documentation and records are history. Auditors will need to understand and use the term
“documented information”.
Downloaded by University of South Florida At 02:16 16 July 2016 (PT)

New standards for management systems have no requirement for organizations to:
• have a manual or documented procedures
• recode existing management system documentation to meet new clauses
• Restructure management system documentation to meet the requirements of this standard order.
These issues combined with “documented information” requirement could create problems for some auditors to
assess whether management systems meet the requirements of reference standards evaluated

3. AUDIT AND ADDED VALUE

“The real value” can be defined only by the final consumer and is significant only when defined in terms that
they use.
If the definition of value is based on the concept of "something useful", "add value" means to make something
more useful and in this context, we talk about "the audit to add value."
Some organizations have used standards to develop a management system that is integrated into their way of
doing business and help them achieve their strategic goals of the business, in other words, management system adds
value to the organization.
The opposite of this case is the other organizations that have simply created a bureaucratic system of procedures
and records that do not reflect the real way in which the organization operates. This system adds costs without being
useful, in other words it does not add value
Basically, it comes down to the approach.
An approach that does not add value is one that starts from the question "what procedures do we have to write to
get the certification?"
An approach that adds value starts with the question "how can we use our management system, based on
management standard chosen, so as to help us improve our business?" (Roncea, C, 2004)
On the other hand, we must consider that the approach "added value" is a proof of the maturity level of
organizational culture in chosen scope management and evidence of maturity own management system to fulfil the
requirements for the management standard (quality, environment , SSO, information security, etc.).
From this point of view we have foursituations:
1) Low level of culture management system and management system immature, not in conformity against the
reference standard
2) High level of culture management system and management system immature, not in conformity compliance,
against the reference standard
3) Low level of culture management system and management system mature, in conformity to the reference
standard
4) High level of culture management system and management system mature, in to the reference standard
It is important to note that in this context:
"Culture management system” refers to awareness, commitment, collective attitude and behaviour of the
organization on the management system.
"Conformity with the reference standard" refers to the maturity of the organization's management system and the
extent to which it meets the requirements of the standard (It is recognized that some minor nonconformities can be
identified also in organizations which demonstrate a high level of maturity and high compliance, but identifying and
solving them contribute to the continual improvement). (Roncea, C, 2004), (Roncea, C, 2014)
For every of these situations the organization's expectations and approach auditor shall be adequate because
adding value is seen differently by stakeholders.
 3.1 Case 1 (low level of culture management system and management system immature)
An organization that has a low level of "culture" and a management system that is not in compliance with the
reference standard, expect from "an audit that adds value" to receive advice on how to implement the management
system and / or how to solve the encountered nonconformities.
Here the auditor must be very careful because in a third party audit such advice would generate certain conflicts
of interest and not meet the requirements for accreditation of certification bodies.
What can the auditor do, however, is to ensure that whenever a nonconformity is identified, the auditee clearly
understands what the standard requirements are and why nonconformity has occurred. If the organization recognizes
that resolving nonconformities can improve performance, then it is more likely to believe and be more involved in
the certification process.
However, it is important that all identified nonconformities to be reported so that the organization clearly
understands what needs to be done to meet the requirements of the reference standard.
Even though, some organizations may not be fully satisfied with the results of an audit after which the
certification is not granted. However, the customers of such organizations (those receiving the products) consider,
this audit as an added value, from their point of view.
From the perspective of the certification body, the audit has not reported any nonconformities and offered
guidance to implement the management system within the organization, is not a value added audit and the credibility
of the audit and certification process are not good. (Roncea, C, 2004), (Roncea, C, 2014)
Downloaded by University of South Florida At 02:16 16 July 2016 (PT)

3.2 Case 2 (high level of culture management system and management system immature)
For an organization that has a high level of "culture", but immature management system that does not meet the
requirements of the reference standard, main expectations from a "value added audit" will probably be similar to
those of the organization in case 1. In addition, however, it is possible that the organization of case 2 expect more
from the auditor.
To be able to add value, the auditor should understand how the organization's existing practices meet the
requirements of the reference standard. In other words, he must understand the business processes in the context of
the reference standard and not, for example, insist that the organization redefine its processes and documentation to
align the structure of the standard.
The organization might, for example, base its management system on business excellence models, or total
quality management methods such as QFD, FMEA method "six-sigma" 5S programs, solve problems
systematically, circles quality, and other.
Auditors that "add value" should, at least, understand the principles of the organization methodology and be able
to see if these methodologies are effective in meeting the requirements of the reference standard for that
organization. (Roncea, C, 2004), (Roncea, C, 2014)
3.3 Case 3 (low level of culture management system and management system mature)
An organization whose management system has been certified for a significant period of time, may be able to
demonstrate a high level of compliance with the reference standard, but also may not have a "culture" really
implemented throughout the organization.
In particular, management system could be implemented under pressure from customers and built on standard
requirements, instead of being built on the needs and expectations of their organization. As a result, management
system can operate in parallel with the way the organization carries out its usual activity, thus, duplication,
inefficiency and lack of efficacy.
The main objective of an "auditor that adds value" in this case is to act as a catalyst for the organization to
develop work-based management system and integrate it into daily operation. The auditor should encourage and
stimulate (but not require!) the organization to meet the standard requirements. (Roncea, C, 2004), (Roncea, C,
2014)
The questions asked by the auditor, and the way he asked it can provide valuable insights on how the organization
management system can become more effective and useful. Identification of "opportunities for improvement" by the
auditor, should include both enhanced effectiveness of the management and efficiency improvement opportunities.
3.4 Case 4 (high level of culture management system and management system mature)
In these cases, management at the highest level becomes an important customer of the certification process. It is
therefore, important for the auditor to clearly understand, the strategic objectives of the organization and be able to
place management system audit in this context.
The auditor should reserve time for detailed discussions with management at the highest level, to define
expectations management system and include these expectations in the audit criteria. (Roncea, C, 2004), (Roncea, C,
2014)

4. NEW APPROACHES TO MANAGEMENT SYSTEMS AUDITING

 Audit of conformity assessment is not complicated and is used for many years. But does compliance with the
rules and provision of relevant evidence (usually completing of records) mean that a process is effective?
Top managers of organizations believe that the correct answer is "no", and hence their concern that after using
the usual methods of audit, the added value of their business is minimal.
Process management in real world involves many factors that need to be audited. Therefore understanding and
competence for auditors to audit the successful process of "real world" requires knowledge covering the following:
• management systems terminology,
• principles, practices and techniques in the field of quality, environment, security information, occupational
health and safety, energy efficiency
• management system standards
• normative documents
• legal requirements
• business management practices
• the product life cycle
• client business sector
• client products, processes and organization
What should be done in this context? It requires a complete rethinking of the audits. We must find answers to
some questions in order to develop a methodology
Downloaded by University of South Florida At 02:16 16 July 2016 (PT)

4.1 Why do audits?

To audit compliance, this question has a simple answer: to check if the affirmations really happen in reality and
meet the requirements of the audit criteria. This audit can be carried out mainly following records and comparing
them with those who are running business or those affected by it, to build a picture of conformity to a referential
choice. For certification bodies this is enough. They may grant certificates. At first it may be sufficient for many
organizations, to obtain a certificate to be able to start a business.
But having passed the first surveillance audit is still sufficient? Managers of audited firms begin to say “no”.
Business managers are not really interested in the effectiveness of a single activity, they are interested in the
effectiveness of the entire set of business processes.
To do an audit of effectiveness, the auditor should seek performance criteria and aspects of processes whose
improvement could increase their performance.
The followed performance criteria could be a combination of terms of reference standard, business principles
and objectives of the organization's top management. (Roncea, C, 2006), (Roncea, C, 2014)
4.2 How to collect the necessary information?
All sources, both internal and external, organization or process , should be taken into account to have a clear
picture of what is happening in reality.
Both people working in the audit (traditional audit), people working in the organization should be interviewed as
they are influenced by process and desirable process and influenced people working outside the organization.
There are many ways to do this. A great number of auditors can be expensive and inevitably, leads to
inconsistency in the audit process. Many processes include various locations, departments and involving people in
leadership positions at different levels of organization, so whatever it takes, auditors must be able to collect
information from a wide range of sources. (Roncea, C, 2006), (Roncea, C, 2014)
Perhaps the most critical problem is the evaluation of the issues with an important contribution to the
performance of the process, because, this requires information from an appropriate sample size in statistical terms.
Often, auditors are constrained by the time available to them, during the audit. In the classical approach the
auditor can speak in general with 4-5 people form 8-10 compartments in a day, which is not a sufficient sample size,
if for example there are 250 people in an organization. The used audit methods must allow to collect information
from a much larger number of people.
Technology, especially IT&C technology can be helpful and auditors should not hesitate to use technical
solutions that help them get what they actually asks the audited organization.
On the other hand, auditors must follow the processes in the context of the organization and how business is
conducted. This approach leads to the following set of questions:
• Is the purpose of process clear?
• Are the required inputs defined?
• What skills are needed to process?
• How to carry out the process, how is driving controlled and is consistent?
• Are the Required outputs defined?
• What records must be collected and maintained?
• How is the process monitored and measured?
• Is the purpose of the process achieved effectively?
But the auditor should also follow the requirements of the reference standard.
 An alternative to traditional questionnaire is the so called “mind map”. This „map” may indicate all the
requirements of the reference standard, the interconnections between them and their links with the identified
processes within the organization.
But what is a mind map? After Tony Buzan, mind map inventor, this is a graphic technique which provides an
universal key to open and use the potential of the brain. This is because it uses a series of representations - words,
pictures, numbers, logic, rhythm, colour and spatial representation, to achieve a unique and very suggestive image.
Like a conventional road-map, a mind map is designed for:
• give an overview of a topic or larger areas;
• allow identification of which were touched and those that may be affected;
• collect and maintain large amounts of data;
• encourage solving problems by presenting new creative ways;
• to perform tasks efficiently;
• be a pleasure to watch, to read and to remember it;
• attract and retain the attention of the eye / brain;
• allow viewing while both the big picture and details
A good mind map indicates the "form" of the subject, the relative importance of individual points and how they
are interconnected. (Roncea, C, 2004)
Mind maps are more compact than traditional notes, usually taken on a sheet of paper.
This allows to make different combinations easier.
Downloaded by University of South Florida At 02:16 16 July 2016 (PT)

If additional information is discovered after the map has been drawn, they can be easily integrated into the rest of
the map.
Mind maps can be checked quickly because the memory can be refreshed from a glance.
4.3 How to analyse the collected information and how to report it?
After gathering the information, the next step is to analyse it. This allows the report prepared should present the
estimated maturity level performance for criteria considered (desirable as an expression in numbers or percentages if
possible). There are many ways to do this, but to get the desired result, an auditor should work on clearly defined
methods.
During the analysis the trends, risks and opportunities for improvement should be identified
Once the analysis is done, reporting follows. Managers of organizations live in a world of numbers, the results of
the benchmarking process and money and in their view in audit report should reflect this.
Audit reports will need to refer in particular, to the following:
• the organization's maturity,
• level of trust in management system,
• the risks and opportunities that may occur,
• the auditee's attitude and commitment in relation to the management system,
• the auditee's attitude and commitment in relation to processes audited and then to objectives of the organization.
(Roncea, C, 2006), (Roncea, C, 2014)

5. CONCLUSION

Changes will be needed for these new, different and extensive audit approaches. It will use the facilities of the
very strong development of the IT&C industry and hence, the current role of the auditor will change.
Our audit methods will increase, allowing auditors to use various methods combined, based on audit purposes
and the needs of the audited organization. But, while there will be fear of change.
Some of the questions that we need to find answers as soon as possible, are:
• How will auditors react to this new approach?
• And how will certification bodies and accreditation bodies react?
• Will they accept changes or will fight against them?
• Will auditors, certification and accreditation bodies have the courage not adapt to these changes?
But anyway, it is clear that the share of compliance assessment will decrease and will increase the share of
identifying improvement opportunities which will increased value of audit.
For auditors, this might mean:
• understanding the business context of the organization and discuss issues that are critical to the business,
organization managers at levels as high as possible,
• design audit plans so as to involve as many of the people who have an interest in the success of the process or in
the subject covered by the audit,
• focus on the risk analysis, opportunities and prevention,
• focus on improving their key processes and less on procedures,
• focus more on results and less on records,
• new methods of collecting useful data and more analysis of them,
 • general approach to evidence collected data instead of concentrating on individual terms of reference standards,
• focus on meeting legal requirements,
• root cause analysis, with focus on important issues,
• achievement of significant reports for top managers of audited organizations,
• achieving significant audit reports for managers of the audited organizations.
For certification bodies this new approach will increase the credibility of third-party certification process.

REFERENCE

1. Olaru.M, Roncea.C. (2000), Techniques and instruments used in quality management, pp 443-462, Ed.
Economica, Bucharest, 2000
2. Roncea, C.(2004), „QMS audit and the added value”, Quality and Management, No.6, pp.15-19
3. Roncea, C.(2004), „Mind map a tool in the service of QMS auditors”, Quality and Management, No.10, pp.15-
19
4. Roncea, C.(2006), „Auditor future - from tactical to the strategic audit”, Quality and Management, No.2, pp.19-
25
5. ISO/DIS 9001:2014 - Quality management systems - Requirements, ISO/TC176/SC2/WG24/N 112, 2014-05-13,
Geneva
6. IRCA (2014), „IRCA briefing note Annex SL”, IRCA Report
Downloaded by University of South Florida At 02:16 16 July 2016 (PT)

7. IRCA&CQI (2014), „DIS 9001:2014 – Understanding the DIS”, CQI Report

8. Roncea, C. (2014), „Audit Management Systems in the Context of Economic Development in the Early Decades
of the XXI Century”, CCF 2014, Proceeding of the 14th International Conference on Quality and Dependability,
pp.400-407

About the author

PhD eng Cristinel Roncea is aviation engineer and doctor in quality management, with numerous books, articles and
scientific papers published in the field of management systems. He works of 18 years in accredited certification
bodies for management systems and product conformity in the voluntary and regulated field (with the application of
CE Marking). He led 12 years the product certification department within a great Romanian certification body and 8
years the National Register of Auditors of Romania - QMS auditors certification body. He held courses in
management systems in the Polytechnic University of Bucharest and Academy of Economic Studies of Bucharest
for 8 years. He is certified EOQ lead auditor for QMS, EMS, OH & SMS and ISMS from 1997 and can be contacted
at: cristinel.roncea@srac.ro. He is now technical director of SRAC. SRAC is the leader of the certification and
conformity assessment market in Romania for over 20 years and it is one of the important certification bodies from
Central and Eastern Europe.