How to Manage Documentation for ISO 17065

Impartiality and Its Role in ISO 17065 Certification Management

Impartiality is one of the foundational principles embedded in the ISO 17065 standard. Certification bodies are tasked with issuing certifications for products, services, and processes based on objective criteria. To ensure that these certifications are reliable and trusted by stakeholders, certification bodies must operate impartially—without bias, external influence, or any factors that could compromise the credibility of their decisions. This section explores the essential documents and procedures that underpin impartiality within a certification body’s operations, ensuring that all actions and decisions remain free of conflict and influence.

1. Impartiality Policy

The Impartiality Policy is one of the most important documents in the ISO 17065 system. It serves as the formal statement of the certification body’s commitment to impartiality. This document must clearly define how the certification body ensures its activities are carried out without bias or undue external influence. The policy should include the following key components:

• Commitment to Impartiality: The certification body must openly declare that it will not be influenced by any external pressures, personal interests, or financial gain when issuing certifications.

• Preventing Conflicts of Interest: The policy outlines measures that prevent conflicts of interest from arising at any stage of the certification process. This includes defining situations where conflicts may occur, such as when staff members have vested interests in the outcomes of certification, and establishing procedures for managing those situations.

• Procedure for Addressing Impartiality Issues: The policy must also describe how any potential threats to impartiality are identified, reported, and resolved. This includes identifying and mitigating situations where impartiality might be compromised, such as when a certification body’s relationships with clients or other stakeholders create a conflict.

• Transparency: The policy must ensure transparency in the certification process so that stakeholders can have confidence that decisions are based solely on objective, evidence-based criteria.

This document must be readily accessible to all relevant parties, including employees, clients, and external auditors. Certification bodies should regularly review and update their impartiality policies to ensure they continue to reflect current practices and potential challenges in maintaining impartiality.

2. Quality Policy Statement

A strong quality policy statement is essential for defining the certification body’s approach to maintaining high standards throughout its operations. The quality policy must align with ISO 17065 requirements and demonstrate a commitment to quality assurance, continual improvement, and customer satisfaction. The key elements of the quality policy statement should include:

• Commitment to Quality Assurance: The policy should clearly outline how the certification body ensures that all processes and procedures meet high-quality standards. This includes defining the quality management system (QMS) that governs the body’s operations and ensuring that it aligns with ISO 17065 and other relevant standards.

• Focus on Continual Improvement: Certification bodies must have a commitment to ongoing improvement. The policy should emphasize the body’s willingness to assess its processes and identify areas where improvements can be made to increase efficiency and reliability.

• Customer Satisfaction: The policy should underline the importance of client satisfaction and how feedback from clients will be gathered and acted upon. This commitment helps ensure that the body is responsive to stakeholder needs while maintaining impartiality and consistency in its decision-making.

• Effectiveness of Certification Processes: The policy should outline how the certification processes are regularly reviewed to ensure they are effective and in compliance with ISO 17065. This ensures that certification bodies maintain their credibility by issuing certifications based on robust and effective evaluation systems.

The quality policy statement plays a crucial role in ensuring that the certification body operates with integrity, transparency, and a commitment to excellence in all aspects of its certification processes.

3. Statement on Policy for Environmental Quality, Energy Efficiency, and Occupational Health

In the context of ISO 17065, a certification body’s operations must not only adhere to high standards of impartiality and quality but also consider their environmental and social impact. This policy document outlines the body’s commitment to ensuring that its operations align with relevant environmental, energy, and occupational health standards. Key components of this policy include:

• Environmental Responsibility: The certification body must outline how it manages its environmental impact by reducing its carbon footprint, promoting sustainable practices, and minimizing waste. This is particularly important for certification bodies that assess products or services related to environmental sustainability.

• Energy Efficiency: The policy should describe how the body strives to improve energy efficiency in its operations, from office spaces to travel practices and technology usage. Efficiency in energy usage not only aligns with environmental goals but also reduces costs for the certification body.

• Occupational Health and Safety: Ensuring a safe and healthy work environment for employees is vital. The policy must describe how the certification body manages occupational health, focusing on employee well-being, training, and workplace safety procedures.

This policy is especially relevant for certification bodies that evaluate organizations in the environmental or occupational health fields, as it demonstrates the body’s commitment to sustainability, safety, and energy efficiency.

4. Information on Impartiality

To build trust and transparency, the certification body must provide detailed information about its impartiality practices. This document is essential for communicating to stakeholders the specific actions the certification body takes to maintain impartiality in all aspects of its operations. Key points covered in this document should include:

• Identification of Threats to Impartiality: The certification body must clearly define potential threats to impartiality. These could include financial pressures, relationships with clients, or staff members’ personal interests. Identifying these threats in advance allows the body to create strategies for mitigating or eliminating them.

• Mitigation Measures: The document must outline the measures the certification body takes to prevent conflicts of interest from influencing the certification process. These measures could involve segregating duties, implementing independent review procedures, or using external impartiality bodies to oversee the process.

• Monitoring Impartiality: Regular evaluations of impartiality are essential to ensure that the certification body continues to operate without bias. This includes monitoring the decision-making processes and reviewing any complaints or concerns raised by clients, stakeholders, or employees.

• Transparency in Decision-Making: Information on impartiality should make it clear how decisions are made, who is involved, and how impartiality is ensured throughout. This fosters confidence among stakeholders that the certification body’s activities are conducted with fairness and objectivity.

By providing this information, the certification body can demonstrate its dedication to impartiality and enhance its credibility in the certification process.

5. Rules of Procedure for the Impartiality Body

The impartiality body plays a critical role in ensuring that the certification body’s operations are conducted impartially. The rules of procedure for the impartiality body define its composition, scope of authority, and processes for managing impartiality-related issues. This document should include:

• Composition of the Impartiality Body: The impartiality body should consist of individuals who have no vested interests in the certification body’s activities and who can act independently to ensure impartiality is maintained.

• Responsibilities: The rules must define the impartiality body’s responsibilities, including overseeing impartiality policies, reviewing decisions to ensure they align with the body’s impartiality standards, and investigating any potential conflicts of interest.

• Independent Operation: The impartiality body must operate independently from the certification body’s management and operational activities to ensure that its decisions are unbiased and objective.

By defining these rules, the certification body ensures that the impartiality body is effective in maintaining impartiality in its processes and that its activities remain transparent and accountable.

6. Information on the Activities of the Impartiality Body

This document outlines the specific activities carried out by the impartiality body. It provides transparency into the operations of the impartiality body and ensures that stakeholders understand how impartiality is monitored and enforced. Key points to include are:

• Monitoring and Review Activities: The impartiality body’s activities must include regular reviews of the certification process, assessment of risks to impartiality, and follow-up actions to address any potential threats.

• Incident Reporting and Resolution: This section should explain the process for reporting and resolving impartiality-related incidents, ensuring that issues are addressed quickly and effectively to maintain the integrity of the certification process.

• Collaboration with Stakeholders: The impartiality body must collaborate with various stakeholders, including auditors, management, and external parties, to ensure that impartiality standards are upheld.

The information on the impartiality body’s activities ensures that all relevant parties understand how impartiality is maintained and that transparency is achieved throughout the certification process.

7. Impartiality Declaration from Members of the Certification Body

Every member of the certification body is required to submit an impartiality declaration. This declaration confirms that they will carry out their duties impartially and are not influenced by external interests, personal biases, or conflicts of interest. The impartiality declaration should:

• Commitment to Objectivity: Members must pledge to base all decisions and actions solely on objective criteria and evidence, without allowing personal, financial, or professional interests to influence their work.

• Acknowledgment of the Certification Body’s Policies: The declaration ensures that all members are aware of and agree to adhere to the certification body’s impartiality policies and procedures.

By obtaining these declarations, the certification body can ensure that its personnel are committed to impartiality and are actively working to prevent conflicts of interest that could compromise the certification process.

Conclusion

Impartiality is a cornerstone of the ISO 17065 certification process. The documents related to impartiality are critical for ensuring that the certification body operates with transparency, fairness, and objectivity. By maintaining and regularly updating these documents, certification bodies can build trust with stakeholders, demonstrate their commitment to ethical standards, and maintain the integrity of their certification processes.

Section 9: Internal Audit in ISO 17065 Certification Bodies

An internal audit is a vital component in the quality management system of any certification body, ensuring compliance with ISO 17065 standards and identifying areas for improvement. This process plays a crucial role in maintaining the integrity of the certification body’s operations by evaluating whether the established processes, procedures, and controls are being followed effectively. The internal audit ensures that the certification body operates in accordance with the documented policies and procedures, meets the required standards, and identifies any potential issues or non-conformities that could impact certification activities.

Key Documents and Procedures for Internal Audits:

As outlined in section 9 of the ISO 17065 standard, certification bodies must establish a comprehensive internal audit system. The internal audit process is structured and involves several key documents that must be properly maintained for the audit to be effective. It is essential for the certification body to organize and number these documents systematically for ease of use. For example, documents related to internal audits should be numbered with the prefix “9” to align with the standard's structure:

1. 9.2.1.1 Internal Audit Plan for the Current Year: This plan defines the scope, objectives, and schedule of the internal audits for the year. It provides a clear roadmap for when and how audits will be conducted to assess the certification body’s compliance with ISO 17065.

2. 9.2.1.2 Order for Forming the Internal Audit Team: This document outlines the assignment of personnel who will lead and conduct the internal audits. The team members should have the necessary expertise and independence to carry out the audit impartially and effectively.

3. 9.2.1.3 Internal Audit Program: The audit program details the specific areas, processes, and activities to be audited, as well as the timeline and resources required for the audits. It ensures that all critical aspects of the certification body’s operations are regularly reviewed.

4. Audit Questions: This document includes a set of questions that the audit team will use to evaluate the effectiveness of the processes and the compliance of the certification body with ISO 17065 standards. These questions are designed to assess whether the certification body’s operations are in alignment with the required criteria.

5. Audit Findings: Following the audit, the findings document records the results of the audit, including any non-conformities, observations, or areas of improvement identified during the process. This is a crucial part of the audit as it highlights the effectiveness of the certification body’s processes.

6. Report – Verification of Corrective Actions: After the audit findings are reviewed, a report is created to verify that corrective actions have been taken to address any non-conformities or issues identified during the audit. This report ensures that the certification body is committed to addressing issues and improving its processes.

7. Proposal for Corrective Actions: This document outlines the proposed corrective actions that will be taken to rectify any identified non-conformities. It is essential that these actions are documented and monitored to ensure they are effectively implemented.

Audit Timeline and Preparation:

To ensure the smooth execution of internal audits, the audit order should be issued at least two (2) weeks prior to the start of the audit. This allows sufficient time for the staff to prepare for the audit and for the necessary documentation to be gathered. The certification body’s personnel must be adequately prepared to provide any required information or records that will be reviewed during the audit.

The audit questions and program must also be clearly communicated in advance to ensure all parties involved are aware of the audit scope and objectives. This ensures transparency and enables the team to focus on the relevant areas of the certification process.

Handling Non-Conformities and Observations:

During the internal audit, non-conformities or observations will inevitably arise. These issues must be recorded and addressed in accordance with the procedures established in the internal audit program. The findings, whether positive or negative, are critical in providing insight into the operational effectiveness of the certification body and help identify areas that require improvement.

All identified non-conformities must be documented in appropriate forms, and corrective actions must be proposed and implemented. The forms should be prepared by the Quality Manager or another qualified individual who is knowledgeable about quality management systems and the requirements of ISO 17065. The correct handling and documentation of non-conformities are essential to maintaining the credibility of the certification body and ensuring continuous improvement.

Role of the Quality Manager in Internal Audits:

The Quality Manager plays a critical role in the internal audit process. They are responsible for preparing the necessary documents, organizing the audit process, and ensuring that all findings and corrective actions are appropriately documented. The Quality Manager also ensures that the internal audit is carried out in compliance with the ISO 17065 standard and that the certification body adheres to the requirements for continual improvement.

After the audit, the Quality Manager ensures that the findings are properly reviewed and that corrective actions are verified. They are also responsible for ensuring that the audit process remains impartial, thorough, and aligned with ISO 17065 requirements.

Conclusion:

In conclusion, internal audits are a vital part of maintaining a certification body’s compliance with ISO 17065. They ensure that the body’s operations are aligned with the standard's requirements and help identify areas for improvement. By adhering to the structured audit process and documenting findings, corrective actions, and audit results, certification bodies can maintain high-quality operations and continuously improve their certification processes. Regular internal audits also reinforce the integrity and impartiality of the certification process, ensuring that stakeholders can trust the certifications issued by the body.

Regarding the other required documents from the standard, they are: a list of valid documents for your certification body for the current year, a list of external documents that are valid for the current year, a list of records, forms for reversing equipment or documentation, and similar items. Additionally, a list of standards owned by your certification body in electronic format, as well as the training plan for the current year for personnel involved in your certification body or already involved.

It is advisable to have your own procedure for hiring staff, whether experienced or inexperienced. You will follow your job classification – positions, and based on that, you will engage your personnel in the certification body. It is also allowed to hire external personnel for whom you will prepare a solid cooperation agreement.

Note: It is not recommended for external personnel to act as the Team Leader for evaluation. For every personnel involved in the body, you must have personnel records that are regularly updated with training and professional development.

The Quality Manager should have a record of Interested Parties prepared annually, as well as a document for the Selection and Authorization of Personnel. There should be decisions for the Quality Manager, their deputy, or other positions within the body. These decisions are signed by the Director/Manager of the Certification Body.

Another important document is the Designated Competent Personnel, which contains all the specialists engaged in the body according to their competencies. For all personnel in the certification body, monitoring is usually done every four years, either with a client or internally, to verify their competencies and maintain the quality of the personnel depending on the purpose of your certification body.

The document that must be visibly attached to your website and regularly updated is the Register of Issued Certificates.

Key and essential foundational documents for your certification body include Procedures and Manuals, such as:

• Quality Management System Manual for the certification body of product certification.

• General Certification Scheme.

• Certification Rules.

• Certificate Usage Rules.

• Certification Board Manual for the certification body.

• Financial Management Rules.

The manual should contain all information about your certification body, including management procedures, hierarchy within the organization (displayed in a tabular format), policies, responsibility matrix, work processes, certification procedures, complaint management procedures, pricing, and all prescribed documents and forms necessary for initial assessments or for the ongoing certification process. This manual is prepared by an experienced team and is initially distributed to all employees within the certification body. The manual can undergo changes either as a new edition or a full revision if the changes are significant. All changes should be recorded with the date at the end of the manual.

The General Certification Scheme is a prescribed document that includes a general section, scope and application, terms and definitions. It provides a detailed description of the certification procedure, from the submission of the application to the issuance of the certificate.

In the Certification Rules, this document outlines the certification requirements, confidentiality, areas of certification, evaluation location, the certification scheme, responsibilities and obligations of certification, certification management, reduction, suspension, or withdrawal of certification, as well as appeals and complaints.

Rules for the Use of Certificates outline specific provisions and activities for your certification body, including terms and definitions, the use of logos or certification marks, the CE mark, certificate of conformity, use of the certificate, types of certificates, and maintenance of the certificate.

The Certification Scheme document includes the general section, scope of application, terms and definitions, responsibilities, specific provisions, activities, and a prescribed procedure for extraordinary oversight and measures in the case of nonconformance.

From this document, the following forms derive:

• Product Certification Request.

• Evaluation Plan.

• Initial Production Review Questionnaire.

• Initial Production Review Report.

• Certification Award Decision.

• List of Participants in the Evaluation.

• Factory Production Control Supervision Questionnaire.

• Factory Production Control Supervision Report.

• Certificate Withdrawal Decision.

• Nonconformance Report.

• Annex to Application – List of Documents.

• Certificate.

The Certification Board Manual outlines all specific provisions and activities regarding the operations of the certification board within the certification process and the body for impartiality and balance of interests. The decision to award the certificate is always made by consensus between the Certification Board Leader and members based on the positive outcome of the prior review and evaluation. Therefore, the body must designate a person responsible for reviewing the certification application who will not be involved in the evaluation process for the client applying for certification.

Rules for the Selection of Competent Personnel outline the criteria and experience required for selecting staff involved in certification activities. This is documented in a table listing the competencies and experience needed, as well as a competence assessment table for personnel.

Financial Management Rules outline the financial operations of the certification body, including its income and expenses, as well as monitoring the body’s financial activities.

Rules for Maintaining a Register and Assigning Certificate Numbers should contain a general section, areas and applications, terms and definitions, and special provisions and activities related to the assignment of certificate numbers. For example, in my certification body, the format for certificate numbers is nnnn-ZGP-zzzz, where nnnn is the identification number of the authorized certification body (decision for the designated body – mark 443), zzzz is the unique number assigned by the certification body in increasing order from 0001 to n, and ZGP is an acronym from the law on construction products in my country.

Regarding the order number for the certification subject, the format used by my certification body is XX/YYY-ZZZ, where XX represents the last two digits of the calendar year the certification case is opened, YYY is the serial number of the client, and ZZZ is the document number of the subject case, starting from 001 and continuing independently of the year the case was initiated.

In conclusion, from this section, students will gain a comprehensive understanding of the essential documents and procedures involved in managing a certification body. They will learn the significance of maintaining and regularly updating the Register of Issued Certificates on the website for transparency. Students will also understand the critical foundational documents, such as the Quality Management System Manual, General Certification Scheme, and Certification Rules, which outline the core principles and procedures for effective certification management.

Moreover, they will learn how these documents are structured, including the contents of the Certification Board Manual and the financial management rules, which govern the operations of the certification body. Students will become familiar with the detailed certification procedures, including the rules for certificate usage, the creation of product certification requests, and the management of nonconformities.

Furthermore, this section will help students understand the importance of selecting competent personnel and the processes involved in maintaining records and assigning certificate numbers. The section also emphasizes the necessity of consensus-based decision-making within the certification board to ensure impartiality and consistency in awarding certifications. Overall, students will acquire the knowledge needed to navigate and manage the documentation, processes, and personnel within a certification body effectively.

In conclusion, throughout this course, students will gain a thorough understanding of the essential processes and best practices involved in managing and operating a certification body. They will become familiar with key documentation, including the Quality Management System Manual, General Certification Scheme, Certification Rules, and Financial Management Rules, all of which are foundational to the operation of a certification body. The course will guide students in understanding the certification procedures, from initial application submission to the issuance of certificates, including how to handle nonconformities and appeals effectively.

Students will also learn about the critical role of the Certification Board and the importance of maintaining impartiality and transparency in decision-making processes. They will gain insight into the procedures for maintaining a Register of Issued Certificates, handling certification requests, and ensuring the selection and training of competent personnel for the certification process.

Additionally, the course will cover the financial aspects of certification bodies, providing students with the tools to manage income, expenses, and monitor financial activities. Emphasis will also be placed on the rules for maintaining accurate records, assigning certificate numbers, and the protocols for ensuring the ongoing quality of both the certification process and personnel.

By the end of the course, students will be equipped with the knowledge and skills to effectively manage the operations of a certification body, ensuring compliance, quality, and transparency in all aspects of the certification process.

At the end of this section, students will be able to:

1. Understand the Key Documentation: Identify and understand the essential documents required for the operation of a certification body, including the Quality Management System Manual, Certification Rules, Certification Scheme, and Financial Management Rules.

2. Navigate Certification Procedures: Effectively manage the certification process from initial application submission to certificate issuance, ensuring adherence to the relevant rules and regulations.

3. Ensure Compliance and Integrity: Understand the importance of impartiality and transparency in certification decisions, particularly in the operation of the Certification Board, and be able to manage appeals and nonconformities.

4. Maintain Records and Documentation: Accurately maintain and update the Register of Issued Certificates, manage product certification requests, evaluation plans, and related documents.

5. Select Competent Personnel: Apply appropriate rules and criteria for selecting and assessing competent personnel involved in the certification process.

6. Understand Financial Management: Monitor and manage the financial activities of a certification body, including income and expenses, ensuring effective financial operations.

7. Assign Certificate Numbers and Maintain Records: Understand and apply the rules for assigning certificate numbers, maintaining accurate records, and ensuring the ongoing quality of certification processes.

By mastering these skills, students will be equipped to manage and oversee the certification process, ensuring that the certification body operates effectively, efficiently, and in compliance with the required standards.