How does the certification process work?
The whole management system certification process has the following basic phases:
Communication with the customer
In the initial phase, we verify the necessary documents, respectively. we examine the requirements in accordance with the standard STN EN ISO/IEC 17021 – receipt of a request for certification, processing and sending a specific offer, signing a contract for system certification with the customer, negotiation of pre-certification resp. certification audit.
The second phase is conducted in the spirit of the contractually agreed terms. The Head of the ELBACERT® Certification Body shall appoint the Lead Auditor and the other members of the audit team and send the above to the customer for approval.
Preparation of the audit programme
The lead auditor requests the customer’s management system documentation necessary to prepare for the audit and, based on the known information, prepares an audit programme to be sent to the customer for approval.
Performance of the audit itself
Conducting the relevant audit – initial certification audit, surveillance audit, recertification audit, special audit, additional audit.
Completion and evaluation of the audit
On the basis of the audit results, the Head of ELBACERT® shall verify the conclusions of the lead auditor as stated in the record of the final meeting and the subsequently prepared audit report – audit report. On the basis of the above, it shall decide whether or not to grant the certificate (retention, suspension, withdrawal of the certificate in the event of a surveillance, special or additional audit).
Types of audits during the certification process
Overview of audits carried out:
Initial certification audit
The aim of the initial two-stage certification audit is a detailed verification of the compliance of the established management system with the requirements of the relevant standard.
The first stage of the initial certification audit focuses on auditing the customer’s management system documentation, reviewing the conditions of the customer’s site, their understanding of the requirements of the standard. It shall assess whether internal audits, management reviews and whether the level of implementation of the management system creates the prerequisites for the customer to be ready for the second stage of the audit are planned and carried out. Based on the documented findings, the Stage 2 audit programme will be confirmed/modified. The first stage may/may not be carried out at the customer’s site. If held on site the procedure is the same as the flow chart for the second stage.
The second stage of the initial certification audit is to assess the implementation of the client’s management system, including its effectiveness in its overall scope and in accordance with the relevant standard, on-site at the customer under assessment.
The surveillance audit reviews selected parts of the customer’s management system, with particular emphasis on reviewing actions taken in respect of non-conformities identified in the previous audit, handling of complaints, review of any changes, use of marks and/or any references to certification, overall assessment of the effectiveness of the management system and its maintenance (internal audits and management review).
The surveillance audit is carried out on-site at the client’s premises, and the procedure for this on-site audit is similar to the above flow chart.
A total of 2 surveillance audits are carried out within the 3-year cycle
Three years after the initial certification, a so-called recertification audit, the purpose of which is to verify the overall effectiveness of the management system with respect to internal and external changes, its continued relevance and applicability to the subject of certification, demonstrated commitment to maintaining the effectiveness and improvement of the management system throughout the scope of the standard.
If a complaint is received, ELBACERT® may conduct an extraordinary audit to investigate the validity of the complaint or conduct an extraordinary audit in response to changes, transfer of certification, or as a continuation of certification for clients with suspended activity.
An additional audit is the process of reviewing and evaluating indicators of a company or organisation that have been previously reviewed by an auditor. This type of audit is often carried out on the basis of doubts about records that were identified during the original audit or after the financial results have been published.
Its purpose is to provide further independent checking and verification of records and facts that have been previously checked. The results of the additional audit are usually presented in a written report containing recommendations and suggestions for improving procedures and internal controls. Based on these recommendations, an organisation or company can take action to improve its processes and ensure greater transparency and accountability in its operations.