Address
149, Ground Floor, Yamuna Vihar, Delhi 110053
Monday to Friday: 8AM - 8PM
Weekend: 10AM - 5PM
Process we follow for ISO Certifications
ISO Certification Process Of Management System Conforming To ISO 9001, ISO 14001, And ISO 45001 As Operated By CMMI Consultants
W3LABZ ISO Certification Process.
MD/QM
W3LABZ shall require an authorized representative of the applicant organization to provide the necessary information
W3LABZ shall conduct a review of the application and supplementary information for certification
An audit programme for the full certification cycle is developed to clearly identify the audit activities required to demonstrate that the client’s management system fulfils the requirements for certification to the selected standard or other normative document like IAF mandatory documents. The audit programme for the certification cycle shall cover the complete management system requirements.
The audit programme for the initial certification shall include a two-stage initial audit, surveillance audits in the first and second years following the certification decision, and a recertification audit in the third year prior to the expiration of certification. The first three-year certification cycle begins with the certification decision. Subsequent cycles begin with the recertification decision
The initial certification audit of a management system shall be conducted in two stages: stage 1 and stage 2.
Stage 1
Planning shall ensure that the objectives of stage 1 can be met and the client shall be informed of any “on site” activities during stage-1.
NOTE: Stage 1 does not require a formal audit plan
The objectives of stage 1 are to:
— the client’s site(s);
— processes and equipment used;
— levels of controls established (particularly in case of multisite clients);
— applicable statutory and regulatory requirements
NOTE: If at least part of stage-1 is carried out at the client’s premises, this can help to achieve the objectives stated above.
Documented conclusions with regard to fulfilment of the stage-1 objectives and the readiness for stage-2 shall be communicated to the client, including identification of any areas of concern that could be classified as nonconformity during stage 2.
NOTE: The stage 1 output does not need to meet the full requirements of a report
In determining the interval between stage-1 and stage-2, consideration shall be given to the needs of the client to resolve areas of concern identified during stage
1. W3LABZ may also need to revise its arrangements for stage
2. If any significant changes which would impact the management system occur, W3LABZ shall consider the need to repeat all or part of stage-1. The client shall be informed that the results of stage 1 may lead to postponement or cancellation of stage 2.
Stage 2
The purpose of stage 2 is to evaluate the implementation, including effectiveness, of the client’s management system. The stage 2 shall take place at the site(s) of the client. It shall include the auditing of at least the following:
Initial certification audit conclusions
The audit team shall analyses all information and audit evidence gathered during stage-1 and stage-2 to review the audit findings and agree on the audit conclusions.
Reference:
Sr. No. | Document Title | Doc No | Rev No. |
01 | CONDUCTING ONSITE AUDIT
| W3LABZ-PRC-10-COA | 00 |
09 | REPORT REVIEW AND CERTIFICATION DECISION | W3LABZ-PRC-09-RCD | 00 |
Conducting audits
General
W3LABZ shall have a process for conducting on-site audits. This process shall include an opening meeting at the start of the audit and a closing meeting at the conclusion of the audit. Where any part of the audit is made by electronic means or where the site to be audited is virtual, W3LABZ shall ensure that such activities are conducted by personnel with appropriate competence. The evidence obtained during such an audit shall be sufficient to enable the auditor to take an informed decision on the conformity of the requirement in question.
NOTE: “On-site” audits can include remote access to electronic site(s) that contain(s) information that is relevant to the audit of the management system. Consideration can also be given to the use of electronic means for conducting audits.
Conducting the opening meeting
A formal opening meeting, shall be held with the client’s management and, where appropriate, those responsible for the functions or processes to be audited. The purpose of the opening meeting, usually conducted by the audit team leader, is to provide a short explanation of how the audit activities will be undertaken. The degree of detail shall be consistent with the familiarity of the client with the audit process and shall consider the following:
Opening Closing Meeting Attendance
Communication during the audit
During the audit, the audit team shall periodically assess audit progress and exchange information. The audit team leader shall reassign work as needed between the audit team members and periodically communicate the progress of the audit and any concerns to the client.
Where the available audit evidence indicates that the audit objectives are unattainable or suggests the presence of an immediate and significant risk (e.g. safety), the audit team leader shall report this to the client and, if possible, to the W3LABZ to determine appropriate action. Such action may include reconfirmation or modification of the audit plan, changes to the audit objectives or audit scope, or termination of the audit. The audit team leader shall report the outcome of the action taken to the W3LABZ .
The audit team leader shall review with the client any need for changes to the audit scope which becomes apparent as on-site auditing activities progress and report this to the W3LABZ .
Obtaining and verifying information
During the audit, information relevant to the audit objectives, scope and criteria (including information relating to interfaces between functions, activities and processes) shall be obtained by appropriate sampling and verified to become audit evidence.
Methods to obtain information shall include, but are not limited to:
Identifying and recording audit findings
Audit findings summarizing conformity and detailing nonconformity shall be identified, classified and recorded to enable an informed certification decision to be made or the certification to be maintained.
Opportunities for improvement may be identified and recorded, unless prohibited by the requirements of a management system certification scheme. Audit findings, however, which are nonconformities, shall not be recorded as opportunities for improvement.
A finding of nonconformity shall be recorded against a specific requirement, and shall contain a clear statement of the nonconformity, identifying in detail the objective evidence on which the nonconformity is based. Nonconformities shall be discussed with the client to ensure that the evidence is accurate and that the nonconformities are understood. The auditor however shall refrain from suggesting the cause of nonconformities or their solution.
The audit team leader shall attempt to resolve any diverging opinions between the audit team and the client concerning audit evidence or findings, and unresolved points shall be recorded.
Preparing audit conclusions
Under the responsibility of the audit team leader and prior to the closing meeting, the audit team shall:
Conducting the closing meeting
A formal closing meeting, where attendance shall be recorded, shall be held with the client’s management and, where appropriate, those responsible for the functions or processes audited. The purpose of the closing meeting, usually conducted by the audit team leader, is to present the audit conclusions, including the recommendation regarding certification. Any non-conformities shall be presented in such a manner that they are understood, and the timeframe for responding shall be agreed.
NOTE: “Understood” does not necessarily mean that the nonconformities have been accepted by the client.
The closing meeting shall also include the following elements where the degree of detail shall be consistent with the familiarity of the client with the audit process:
Opening Closing Meeting Attendance
The client shall be given opportunity for questions. Any diverging opinions regarding the audit findings or conclusions between the audit team and the client shall be discussed and resolved where possible. Any diverging opinions that are not resolved shall be recorded and referred to the W3LABZ.
Audit report
W3LABZ shall provide a written report for each audit to the client. The audit team may identify opportunities for improvement but shall not recommend specific solutions. Ownership of the audit report shall be maintained by the certification body.
The audit team leader shall ensure that the audit report is prepared and shall be responsible for its content. The audit report shall provide an accurate, concise and clear record of the audit to enable an informed certification decision to be made and shall include or refer to the following:
audited and the time of the audit;
The report shall also contain:
— the capability of the management system to meet applicable requirements and expected outcomes;
— the internal audit and management review process;
Sr. No. | Document Title | Doc No | Rev No. |
01 | Audit Report (Stage-1)-QMS | W3LABZ-TMP-11 | 00 |
02 | Audit Report (Stage-2)-QMS | W3LABZ-TMP-12 | 00 |
Cause analysis of nonconformities
W3LABZ shall require the client to analyse the cause and describe the specific correction and corrective actions taken, or planned to be taken, to eliminate detected nonconformities, within a defined time.
Effectiveness of corrections and corrective actions
W3LABZ shall review the corrections, identified causes and corrective actions submitted by the client to determine if these are acceptable. W3LABZ shall verify the effectiveness of any correction and corrective actions taken. The evidence obtained to support the resolution of nonconformities shall be recorded. The client shall be informed of the result of the review and verification. The client shall be informed if an additional full audit, an additional limited audit, or documented evidence (to be confirmed during future audits) will be needed to verify effective correction and corrective actions.
NOTE: Verification of effectiveness of correction and corrective action can be carried out based on a review of documented information provided by the client, or where necessary, through verification on-site. Usually this activity is done by a member of the audit team.
Reference:
Sr. No. | Document Title | Doc No | Rev No. |
01 | Conducting Onsite Audit | W3LABZ -PRC-15 | 00 |
02 | Audit Finding Action Report | W3LABZ-TMP-10 | 00 |
03 | Corrective Action | W3LABZ-TMP-37 | 00 |
Certification decision
General
W3LABZ shall ensure that the persons or committees that make the decisions for granting or refusing certification, expanding or reducing the scope of certification, suspending or restoring certification, withdrawing certification or renewing certification are different from those who carried out the audits. The individual(s) appointed to conduct the certification decision shall have appropriate competence.
The person(s) [excluding members of committees (see 6.1.4)] assigned by the W3LABZ to make a certification decision shall be employed by, or shall be under legally enforceable arrangement with either the W3LABZ or an entity under the organizational control of the W3LABZ. A W3LABZ’s organizational control shall be one of the following:
The persons employed by, or under contract with, entities under organizational control shall fulfill the same requirements of this part of ISO/IEC 17021 as persons employed by, or under contract with, the W3LABZ.
W3LABZ shall record each certification decision including any additional information or clarification sought from the audit team or other sources.
Actions prior to making a decision
W3LABZ shall have a process to conduct an effective review prior to making a decision for granting certification, expanding or reducing the scope of certification, renewing, suspending or restoring, or withdrawing of certification, including, that
Information for granting initial certification
The information provided by the audit team to the certification body for the certification decision shall include, as a minimum:
If the W3LABZ is not able to verify the implementation of corrections and corrective actions of any major nonconformity within 6 months after the last day of stage-2, W3LABZ shall conduct another stage 2 prior to recommending certification.
When a transfer of certification is envisaged from one certification body to W3LABZ, W3LABZ shall have a process for obtaining sufficient information in order to take a decision on certification.
NOTE Certification schemes can have specific rules regarding the transfer of certification.
Information for granting recertification
W3LABZ shall make decisions on renewing certification based on the results of the recertification audit, as well as the results of the review of the system over the period of certification and complaints received from users of certification.
Maintaining certification
General
W3LABZ shall maintain certification based on demonstration that the client continues to satisfy the requirements of the management system standard. It may maintain a client’s certification based on a positive conclusion by the audit team leader without further independent review and decision, provided that:
Reference:
Sr. No. | Document Title | Doc No | Rev No. |
01 | Report Review and Certification Decision | W3LABZ-PRC-09 | 00 |
Surveillance activities
General
The certification body shall develop its surveillance activities so that representative areas and functions covered by the scope of the management system are monitored on a regular basis, and take into account changes to its certified client and its management system.
Surveillance activities shall include on-site auditing of the certified client’s management system’s fulfillment of specified requirements with respect to the standard to which the certification is granted. Other surveillance activities may include:
Surveillance audit
Surveillance audits are on-site audits, but are not necessarily full system audits, and shall be planned together with the other surveillance activities so that the W3LABZ can maintain confidence that the client’s certified management system continues to fulfill requirements between recertification audits. Each surveillance for the relevant management system standard shall include:
Reference:
Sr. No. | Document Title | Doc No | Rev No. |
01 | CONDUCTING ONSITE AUDIT | W3LABZ-PRC-15 | 00 |
Recertification
Recertification audit planning
The purpose of the recertification audit is to confirm the continued conformity and effectiveness of the management system as a whole, and its continued relevance and applicability for the scope of certification. A recertification audit shall be planned and conducted to evaluate the continued fulfillment of all of the requirements of the relevant management system standard or other normative document. This shall be planned and conducted in due time to enable for timely renewal before the certificate expiry date.
The recertification activity shall include the review of previous surveillance audit reports and consider the performance of the management system over the most recent certification cycle.
Recertification audit activities may need to have a stage 1 in situations where there have been significant changes to the management system, the organization, or the context in which the management system is operating (e.g. changes to legislation).
NOTE: Such changes can occur at any time during the certification cycle and the W3LABZ might need to perform a special audit (see 9.6.4), which might or might not be a two-stage audit.
Recertification audit
The recertification audit shall include an on-site audit that addresses the following:
For any major nonconformity, the certification body shall define time limits for correction and corrective actions. These actions shall be implemented and verified prior to the expiration of certification.
When recertification activities are successfully completed prior to the expiry date of the existing certification, the expiry date of the new certification can be based on the expiry date of the existing certification. The issue date on a new certificate shall be on or after the recertification decision.
If the W3LABZ has not completed the recertification audit or the W3LABZ is unable to verify the implementation of corrections and corrective actions for any major nonconformity (see 9.5.2.1) prior to the expiry date of the certification, then recertification shall not be recommended and the validity of the certification shall not be extended. The client shall be informed and the consequences shall be explained.
Following expiration of certification, W3LABZ can restore certification within 6 months provided that the outstanding recertification activities are completed, otherwise at least a stage 2 shall be conducted. The effective date on the certificate shall be on or after the recertification decision and the expiry date shall be based on prior certification cycle.
Reference:
Sr. No. | Document Title | Doc No | Rev No. |
01 | CONDUCTING ONSITE AUDIT | W3LABZ-PRC-15 | 00 |
Special audits
Expanding scope
W3LABZ shall, in response to an application for expanding the scope of a certification already granted, undertake a review of the application and determine any audit activities necessary to decide whether or not the extension may be granted. This may be conducted in conjunction with a surveillance audit.
Short-notice audits
It may be necessary for the W3LABZ to conduct audits of certified clients at short notice or unannounced to investigate complaints, or in response to changes, or as follow up on suspended clients. In such cases:
Suspending, withdrawing or reducing the scope of certification
W3LABZ shall have a policy and documented procedure(s) for suspension, withdrawal or reduction of the scope of certification, and shall specify the subsequent actions by the W3LABZ .
W3LABZ shall suspend certification in cases when, for example:
— the client’s certified management system has persistently or seriously failed to meet certification requirements, including requirements for the effectiveness of the management system;
— the certified client does not allow surveillance or recertification audits to be conducted at the required frequencies;
— the certified client has voluntarily requested a suspension.
Under suspension, the client’s management system certification is temporarily invalid.
W3LABZ shall restore the suspended certification if the issue that has resulted in the suspension has been resolved. Failure to resolve the issues that have resulted in the suspension in a time established by the W3LABZ shall result in withdrawal or reduction of the scope of certification.
NOTE: In most cases, the suspension would not exceed six months.
W3LABZ shall reduce the scope of certification to exclude the parts not meeting the requirements, when the certified client has persistently or seriously failed to meet the certification requirements for those parts of the scope of certification. Any such reduction shall be in line with the requirements of the standard used for certification.
Reference:
Sr. No. | Document Title | Doc. No. | Rev. No. |
01 | Certification Agreement | W3LABZ-TMP-04 | 00 |
02 | Issue of Certificate, Suspension, Reduction and Withdrawal | W3LABZ-PRC-16 | 00 |
Appeals
W3LABZ shall have a documented process to receive, evaluate and make decisions on appeals.
W3LABZ shall be responsible for all decisions at all levels of the appeals-handling process. W3LABZ shall ensure that the persons engaged in the appeals-handling process are different from those who carried out the audits and made the certification decisions.
Submission, investigation and decision on appeals shall not result in any discriminatory actions against the appellant.
The appeals-handling process shall include at least the following elements and methods:
W3LABZ receiving the appeal shall be responsible for gathering and verifying all necessary information to validate the appeal.
W3LABZ shall acknowledge receipt of the appeal and shall provide the appellant with progress reports and the result of the appeal.
The decision to be communicated to the appellant shall be made by, or reviewed and approved by, individual(s) not previously involved in the subject of the appeal.
W3LABZ shall give formal notice to the appellant of the end of the appeals handling process.
Reference:
Sr. No. | Document Title | Doc. No. | Rev. No. |
01 | MANAGEMENT OF APPEAL | W3LABZ-PRC-07 | 00 |
Complaints
W3LABZ shall be responsible for all decisions at all levels of the complaints handling process.
Submission, investigation and decision on complaints shall not result in any discriminatory actions against the complainant.
Upon receipt of a complaint, W3LABZ shall confirm whether the complaint relates to certification activities that it is responsible for and, if so, shall deal with it. If the complaint relates to a certified client, then examination of the complaint shall consider the effectiveness of the certified management system.
Any valid complaint about a certified client shall also be referred by the W3LABZ to the certified client in question at an appropriate time.
W3LABZ shall have a documented process to receive, evaluate and make decisions on complaints. This process shall be subject to requirements for confidentiality, as it relates to the complainant and to the subject of the complaint.
The complaints-handling process shall include at least the following elements and methods:
Whenever possible, W3LABZ shall acknowledge receipt of the complaint, and shall provide the complaint with progress reports and the result of the complaint.
The decision to be communicated to the complainant shall be made by, or reviewed and approved by, individual(s) not previously involved in the subject of the complaint.
Whenever possible, W3LABZ shall give formal notice of the end of the complaints-handling process to the complainant.
W3LABZ shall determine, together with the certified client and the complainant, whether and, if so to what extent, the subject of the complaint and its resolution shall be made public.
Reference:
Sr. No. | Document Title | Doc. No. | Rev. No. |
01 | COMPLAINT HANDLING MANAGEMENT | W3LABZ-PRC-06 | 00 |
Client records
W3LABZ shall maintain records on the audit and other certification activities for all clients, including all organizations that submitted applications, and all organizations audited, certified, or with certification suspended or withdrawn.
Records on certified clients shall include the following:
NOTE: Methodology of sampling includes the sampling employed to audit the specific management system and/or to select sites in the context of multi-site audit.
service, as applicable;
competence of auditors and technical experts;
W3LABZ shall keep the records on applicants and clients secure to ensure that the information is kept confidential. Records shall be transported, transmitted or transferred in a way that ensures that confidentiality is maintained.
W3LABZ shall have a documented policy and documented procedures on the retention of records. Records of certified clients and previously certified clients shall be retained for the duration of the current cycle plus one full certification cycle.
Reference:
Sr. No. | Document Title | Doc No | Rev No. |
02 | Certification Agreement | W3LABZ-TMP-04 | 00 |
03 | Conducting Onsite Audit | W3LABZ-PRC-15 | 00 |