CERTIFICATION ROLES
TUV ROYAL – Certification Services
CERTIFICATION ROLES INSTRUCTION
- SCOPE AND FIELD OF APPLICATION
This Regulation describes the service of Certification of Management Systems by TUV ROYAL, in accordance with the requirements of the UNI CEI EN ISO/IEC 17021-1 Standard for Certification Bodies and with the rules for accreditation.
The requirements stated in this regulation are integral part of the agreement stipulated with TUV ROYAL. These requirements refer solely to the aspects specifically connected with the scope of the requested certification.
The agreement expressly excludes any form of consultancy to the Customer that could jeopardize the nature of independence of the carried-out assessments.
- GENERAL PRINCIPLES AND GUARANTEES FOR THE CUSTOMER
In its certification activity, as well as the General Terms and Conditions, TUV ROYAL applies the following principles:
Absence of discrimination: access to certification services is allowed to any Organization requesting them, in accordance with this Regulation, without any discrimination of commercial or financial nature or regarding membership of particular associations.
- b) Impartiality and independence: ensured through the following measures:
-Certification activities are assigned to personnel with no interests in the Organization subject to certification, bound to observe the rules of conduct and independence set by TUV ROYAL; regarding this aspect TUV ROYAL undertakes to accept any justified concerns of the Customer concerning the existence of incompatibility of the duty assigned, which could compromise the impartiality or independence of judgment;
-Precise application of formalized rules and procedures used by all the personnel of certification services and periodic consultation with suitable certification stakeholders;
-Clear separation between the personnel carrying out the audit activity and the personnel responsible for the certification decision;
Total absence of any kind of assistance in defining and applying the requirements for obtaining the Certification of Management Systems.
- c) Prompt management of complaints, appeals and disputes.
- d) Confidentiality: As well as set out in the General Terms and Conditions and in the Regulation for Certification, TUV ROYAL requires all its personnel, including Auditors, to sign a confidentiality agreement as well as a document in which personnel commit to treat any information that comes into their possession in accordance with the provisions of the Privacy Act.
- e) Accreditations: TUV ROYAL undertakes to inform the Customer of any rejection, suspension or withdrawal of the accreditation (in case of a service covered by accreditation), as well as to support the Customer during the transition to another accredited Body; in such cases TUV ROYAL will not be in any way responsible for any damage caused to the Customer by rejection, suspension or withdrawal of the accreditation; in the aforementioned cases, the Customer has the right to opt out of the contractual relationship with TUV ROYAL, without prior notification and without any additional cost.
- REGULATORY REQUIREMENTS AND LIMITS OF LEGALITY CONTROL
All conformities of the Management System, product and inspection services to which the certification refers shall be considered by TUV ROYAL an essential pre-requirement for issuing the certification.
The certification issued by TUV ROYAL does however only regard the conformity to the reference standard(s), and so it does not constitute a guarantee of compliance with the mandatory requirements. Such compliance is the specific competence of the Customer Organization, which retains responsibility, towards itself and towards others, for the legal obligations involved in the activities object to certification.
In this regard, the audit activities of TUV ROYAL shall not be considered as a form of waiver of responsibility with regard to possible assessments carried out by the Competent Authorities.
Also, TUV ROYAL can not guarantee their services and all certificates will be issue according to ISO 17021, ISO 17020 and ISO 17065 requirements with respect to international and legal roles. Although, all responsibility lies with the customer (auditee) and TUV ROYAL has not responsibility.
For some schemes of Certification of Management Systems, with significant risks related to the legal conformity, the Customer may be asked to provide TUV ROYAL also with a written statement, signed by the Legal Representative of the Organization, in which it has to subscribe a declaration of awareness that the conformity with legal requirements is the pre-requirement for obtaining and maintaining the certification in accordance with the standard of the management system being certified, and that this conformity is a responsibility of the Organization itself. TUV ROYAL shall inform the Customer that it needs to receive such statement.
- ACCESS REQUIREMENTS FOR THE CERTIFICATION
4.1 General requirements
Before starting the Certification process with TUV ROYAL, the Organization must meet the following requirements:
– Have a Management System that fulfills the requirements of the Reference Standard and apply fully the Management System;
– Accept the conditions set out in this Regulation;
– Authorize access to premises, plants, areas and information necessary to carry out the Audit;
– Appoint an own Representative as main contact person of the Audit Team and guarantee that any consultant present during the audit maintains the role of observer;
-Accept, without additional costs, the possible presence of auditor from the accreditation /control body as observers during the audit. TUV ROYAL will inform the Organization with regard to the possible presence of these auditors with a clear introduction of roles. Their presence has the aim of assessing that the evaluation methods used by TUV ROYAL are in accordance with the requirements for accreditation.
– For Commercial Credit Management Systems: have a management system active for at least 3 months. For Management Systems for which a risk analysis is required, the Organization must:
– Adopt a method of risk assessment in accordance with the best practices and techniques available (for example those that may be derived from the reference standards on Risk management, laws or guidelines issued by the Competent Authorities if any), and which must be applied systematically and involve as man.
– Demonstrate systematic use of the risk assessment procedure, which must take into account any risk situations observed (for the workplace health and safety scheme, it must also take into account reports of near misses and actual accidents with statistics (from proven and validated source) by geographic area.
In addition, for the accredited certifications, in order to ensure that the assessment procedures adopted by TUV ROYAL comply with the applicable standards, the Accreditation Body may require to carry out a visit, called Market Surveillance Visit, at the certified Organization, directly through the use of its personnel.
This possible visit is communicated by the Accreditation Body to TUV ROYAL with 7 working days’ notice. Upon receipt of such communication TUV ROYAL will inform the Organization.
If the Organization does not grant its approval, the validity of the certificate is suspended until it has not accepted the visit for a maximum period of 3 months. Expired 3 months, in the absence of consent to the visit, the certification is withdrawn.
The Organization shall make available to the Accreditation Body the documentation that TUV ROYAL has taken as reference during the previous audits. The Market Surveillance Visit does not replace the normal maintenance certification audit provided by the Audit Program.
The Market Surveillance Visit procedures are indicated in the document IAF ID 04 (free download from IAF website: http://www.iaf.nu).
Other methods of control can be adopted by the accreditation Body, in order to verify the activities of TUV ROYAL, e.g. Unannounced audit at the premises of certified subjects, request of information to Organizations or Consulting Companies, or other methods of control established by the accreditation body.
4.2 Applicability and Exclusions
Management System standards may be usually applied to any type of Organization, of any size and nature, unless otherwise regulated by the standard itself, or by the rules of the specific scheme. The non-applicability of specific requirements of the reference standard may be accepted for the requirements of individual reference standards, provided it is adequately documented and justified. It shall be in any case verified by TUV ROYAL, which may assess whether it is relevant or not.
- It is not possible to exclude the application of the standard to some sites or processes in the same Country. The certification is issued to an only legal entity and it includes all the sites, subsidiaries, branch offices, activities and processes carried out actually by the Organization. Exclusions to processes/functions carried out in a same Country are not allowed.
- It is possible to limit the application to specific Countries, but the scope has to consider always the significant processes and activities carried out abroad when they are carried out under the responsibility and the direct control of the Organization (e.g. representative offices or branch offices, representatives or intermediaries). This aspect will be mentioned in the certificate.
Prepared by:
Angela Tobert
Approved by:
Tobias Felix
Document No: UWI.04