ISO/IEC 17021-1:2015, Conformity assessment – Requirements for bodies providing audit and certification of management systems, Part 1: Requirements, relates to the competence of certification bodies themselves and their auditors. It applies to the auditing and certification of all types of management systems in order to increase their value to public- and private-sector organizations worldwide. The just-published ISO/IEC 17021-1:2015 replaces the second edition of ISO/IEC 17021:2011.
Providing effective tools
Audits and certifications to management system standards (MSS) are a major asset to international trade and essential to the long-term health of the world economy. Attesting the conformity to MSSs, certificates are widely used in global markets to establish confidence between business partners and between organizations and their customers, to qualify suppliers in supply chains, and as a requirement to tender for procurement contracts.
Certification bodies that use the new ISO/IEC 17021-1 will be able to ensure competent audit teams, with adequate resources, following a consistent process and reporting audit results in a consistent manner. It will also help create confidence among regulators, consumers, suppliers and other stakeholders that certificates granted by one certification body are effectively equivalent to that offered by another.
What’s new?
But how does the new ISO/IEC 17021-1:2015 differ from its predecessor (ISO/IEC 17021:2011)? In concrete terms, ISO/IEC 17021-1:2015 has been updated to focus more on how certification services are delivered by a certification body, and as such, the improvements are intended to:
- Bolster the effectiveness of operational and organization control by certification bodies of remote offices, regardless of their organizational structure
- Enhance an additional risk management approach
- Define audit time and audit duration, and then focus requirements for justification on audit duration, which is the time from the opening to the closing meeting
So what does this mean to a certification body currently accredited to ISO/IEC 17021:2011? According to Randy Dougherty and Alister Dalrymple, the co-convenors of the team of experts that developed the standard, there are quite a lot of improvements users will experience. “In our opinion, it will be easier for any current certification body to conform to the changes. Very few certification bodies will need to make any significant changes to their processes. But we also think nearly all of the changes are improvements and will add to the credibility and integrity of certification.”
Part of a growing range
ISO/IEC 17021-1 is the latest in the certification of the MSS family of standards, which includes six more standards for specific types of management systems:
- ISO/IEC TS 17021-2 for environmental management systems
- ISO/IEC TS 17021-3 for quality management systems
- ISO/IEC TS 17021-4 for event sustainability management systems
- ISO/IEC TS 17021-5 for asset management systems
- ISO/IEC TS 17021-6 for business continuity management systems
- ISO/IEC TS 17021-7 for road traffic safety management systems
ISO and the International Accreditation Forum (IAF) – the association of national accreditation bodies – have agreed on a two-year transition period from the date of publication of ISO/IEC 17021-1:2015 for certification bodies to bring their operations and processes in line with the requirements of the new standard.
A joint ISO-IAF Informative Document giving details is available here.