Basic Requirements Of Iso/iec 17021 Implementation

By Author: niha
Total Articles: 68
Comment this article

ISO 17021 is an International Standard that delivers Certification Bodies with a set of requirements that will allow them to confirm that their management system certification process is carried out in a capable, constant and impartial manner. ISO/IEC 17021 Conformity assessment Requirements for bodies providing audit and certification of management systems, as it is officially called, was organized by the ISO Committee on conformity assessment (CASCO) in 2006. It was established to fulfil the necessity to have an International Standard that could facilitate the recognition of bodies that were performing conformity assessments and the acceptance of their certifications on a national and international basis, making it easier to recognize management system certification in the interests of international trade.
This International Standard delivers a set of requirements for management systems auditing at a generic level, aimed at providing a dependable determination of conformism to the appropriate requirements for certification, conducted by a capable audit team, with adequate resources and following a constant process, with ...
... the results reported in a constant manner. An experience ISO 17021 consultancy for the implementation and certification of ISO/IEC 17021 for all types of system certification. It is intended for use by certification body that carry out audit and certification of management systems. It gives general requirements for such CBs performing audit and certification in the field of quality, environmental and other forms of management systems. These CBs can be non-governmental or governmental and they do not want to offer all types of management system certification.
ISO 17021-1 Requirements:
A significant ISO 17021 document for both CB users as well as their clients, because it spells out the official rules for the conduct of CBs, and how they must operate. These rules include:
• Impartiality: The Certification Bodies must have controls that confirm it can accomplish its certifications fairly and impartially. This then rolls into control of conflicts of interest, risk management of COIs, and the essential to have objective parties make final certification decisions. Readers of this site know we run into problems here often, as the ISO 9001 CBs often ignore these rules entirely, handing out certifications like candy to anyone who pays. But a hard reading of the standard shows it puts in place controls to prevent this. So, the ISO 17021 standard itself is fine, and I often say don’t need a new set of rules to bring CBs into compliance, we merely essential proper enforcement.
• Confidentiality: Certification Bodies have access to confidential information related to their certified clients. As a result, the CB must have controls in place to confirm the management of confidentiality. Such rules must spread through the CB organization to all who might touch such confidential information. Here, the problem is that many CBs use “confidentiality” as an excuse to hide records of bad behavior, such as cronyism, favoritism, auditor malpractice, and complaints. That’s not the intent here, and when Oxbridge helps to implement ISO 17021.
• Competence: This is one of the heaviest lifts for new CBs trying to implement ISO 17021. The standard lays out requirements for classifying competence requirements, and these must be heavily documented. The Certification Bodies must then work to confirm its staff including auditors, report reviewers, technical experts, etc., all fulfil with these requirements.
• Resources: Resource management for Certification Bodies is typically easy as it pertains to equipment and facilities, since there’s not much of an infrastructure overhead requirement for such companies. The big lift here is that ISO 17201 needs the CB have “sufficient” staff and audit personnel to accomplish its work. For new Certification Bodies, this can be a challenge — finding auditors to populate its initial auditor pool and often leads to delays in finishing their implementation of ISO 17021.
• Complaints & Appeals: CBs must have a healthy method to manage both complaints and appeals. The standard differentiates between the two as follows: “complaints” are received from any party, and can be related to anything. “Appeals” are specific contests of CB decisions, coming from its clients.
• Defining certification activities: By far the most work essential for implementing ISO 17021-1 falls within this bucket. The Certification Bodies must define its procedures for conducting audits, writing reports, reviewing the reports, determining the end certification decision, and all other related activities.
• QMS requirements: ISO 17021 demands a minimum quality management system be executed alongside all the other requirements. Like many standards within the conformity assessment family, they allow two options: implementing ISO 9001 in full, or implementing key QMS elements. Specially, the minimum QMS requirements to be implemented are policies & objectives, Document control, Record control, Control of nonconforming service, Corrective action, Internal Audits, Management Review, Constant improvement.