We submit the proposal for certification working on our understanding of the business process of every client and the gathered client information. The entire certification process includes three main steps:

1. Contract finalization and agreement

2. Review management system documents for adequacy to relevant standard.

● Conduct management system audit as per applicable standards.

We follow the following procedures for carrying out quality certifications:

Sequence of Audit & Certification Process	To Be Done By
Decision making on ISO 9001 : 2015 requirement	Organization
Analyzing your organization for ISO certification	Discussion between your Organization & KVQA
Planning for quality manuals, documented procedure & ISO 9001 implementation	Organization or Consultant.
Periodic review on preparation for ISO 9001, Action & Follow up	Organization
Satisfactory preparation for ISO Audit	Organization
Fixing up of dates for Audit	Organization
Auditing for adequacy of documents	Organization
Conducting on site audit at your premises	KVQA

AUDIT PROCESS IN DETAIL

1. Initial certificationM

The initial Certification audit is carried in two stages and the objective in first stage is to
Stage 1
--Review and. Evaluation of Management System documentation submitted by the client.
-- Evaluation of clients established location(s) and site specific conditions including Collection of necessary
information regarding scope of the management system, processes and equipment used and Applicable statutory & regulatory requirements.
--Information to Client on issues requiring special attention/cause non conformity in Stage 2 and may lead to postponement or cancellation of

Stage 2
-- Evaluation of the Implementation & effectiveness of Management System including Information and evidence about conformity to all requirements.
-- Performance monitoring, measuring, reporting & reviewing against key performance objectives and targets and legal/regulatory compliance and Operational control of processes and Internal audit & Management review and Management responsibility for clients policies& procedures

● Process /Methodology followed in conducting audits

-- Opening meeting detailing Communication during the audit and Use/need of Observers and guides
-- Collection and verification of information
-- Identification and recording audit findings
-- Summarizing conformity and detailing non conformity, Identifying opportunities for improvement
-- Closing meeting presenting Audit conclusions including recommendation re certification and giving an Opportunity to client for questions
-- Preparation of a written report for each audit giving, Audit findings, evidence & conclusions and
unresolved if any, Comments on conformity with a clear statement of non conformities, if any, with supporting evidence and sends a copy of the Audit Report to the Client
-- Analysis by the client of the cause and describe the specific correction or corrective actions taken or planned to be taken to eliminate detected non conformities and time to implement corrective action,
-- Review of identified causes and verification of the corrective actions taken
-- Information to Client if additional audit- full or limited needs to be conducted or documented evidence collected during the next surveillance audit

● Maintaining certification

-- Certificate issue based on a positive conclusion by Lead Auditor which is valid for a maximum of 3 years. Certificates can be suspended or revoked if serious deficiencies in the management system are observed
during the supervision activity.
-- Surveillance audit as per contract for certification made with the client, the supervision of the management system by means of periodic supervisory audits is carried out and includes Internal audits & Management reviews and Review of actions taken on non conformities identified in the previous audit
-- Recertification audit is planned and conducted when the validity of the certificate expires after three years in due time to enable for timely renewal before the certificate expiry date..
-- Restoration of certification within 6 months provided that the outstanding recertification activities are completed, otherwise at least a stage 2 s conducted. The effective date on the certificate shall be on or after the recertification decision and the expiry date shall be based on prior certification cycle.

2. Special audits

● Extension of scope of the existing certification requires to be extended, the extension may be included by means of an extension audit.
● Extension audit may be performed in conjunction with a surveillance audit, re-audit or on a separate date as agreed. after reviewing the application for the same
● Unannounced audits may be required in case of change in the verification level (standards) or change in the scope, change in address or name or some major complaint about the certified client or other changes occur as submitted which could affect the decision on the clients compliance.

Management Policy

KVQA shall contribute to the improvement of management performance for its clients by providing them with the best services in certification and related activities, and strive to be a leading certification body in its kind. KVQA shall provide competitive certification and audit services by giving continuous confidence to all interested parties that the management system certified fulfills specified requirements as well as impartial and competent assessment.

KVQA shall adhere to a system formulated on principles of:

A Impartiality
B Competence
C Responsibility
D Openness
E Confidentiality
F Responsiveness to complaints
G And Risk based approach

KVQA’s procedure for

3. Suspending, withdrawing or reducing scope of certification

● Suspend certification in cases when clients management system persistently or seriously fails to meet certification requirements or client does not allow surveillance/ recertification at required time or does not pay the fees within the set period after reminder or there is any other unresolved issue
-- Withdraw any certificates issued if certificates have been misused or client’s bankruptcy.
-- Reduce scope to exclude the parts not meeting certification requirements when clients management system persistently or seriously fails to meet certification requirements
-- The certificate can be suspended or withdrawn and the Scope can be reduced to exclude the parts not meeting the requirements if client requests for the same
-- The certificate can be suspended or withdrawn In case of misuse of certificates as specified in the contract regarding certification and right of utilization of the KVQA symbol.
-- Complaints raised by third parties against certified enterprises.
● Restore the suspended certification if the issue that has resulted in the suspension has been resolved. .
● Initiate suitable action which, depending on type and severity, may include: -Written notification to the certification holder, A formal warning -Public disclosure of the misuse or Revocation of the certificate

Stage 1. Evaluation of Management System documentation submitted by the client of this management system- manual & references.
Evaluation of clients location and site specific conditions including- for OHS considers additional hazards at boundaries, review of Client Profile, temporary sites & Collection of necessary information regarding scope of the management system, processes and location(s) and Legal & regulatory aspects compliance Review of clients understanding of standard, Evaluation of internal audits and mgt reviews, their regularity Results shall be documented in a written report & KVQA will review Stage 1 and identify any issues requiring special attention in Stage 2

Stage 2 Evaluation of the Implementation & effectiveness of Management System
Evaluation of effectiveness and conformity of management system & can include Information and evidence about conformity to all requirements. Performance monitoring, measuring, reporting & reviewing against key performance objectives and targets and legal/regulatory compliance and Operational control of processes and Internal audit & Management review and Management responsibility for clients policies& procedures Links between normative requirements, policy, performance objectives & targets, applicable legal requirements, responsibilities, competence of personnel, operations, procedures, performance data, and internal audit findings & conclusions. For ISMS specific elements are: Maintenance and evaluation of applicable legal & regulatory compliance & Demonstration of analysis of Security related threats relevancy.

● Information granting initial certification Reporting and recommendation regarding issue of certificate by audit team, or specification & performance of a re-audit.
Procedure for Audit is detailed in Procedure of Certification audit CCBP - 02
● Certification decision Checking of the audit report, including any deviation reports, by the head of certification to establish whether issue of certificate is possible in the case of certification field . The approval can be given by the appointed Certification committee of KVQA or by the Head of Certification KVQA and then registered in KVQA and Certificate issued by the KVQA’s authorized signatory – Head of Certification or Head of Planning.
Procedure for Issue of Certificate is detailed in Procedure CCBP – 03
● Surveillance activities
● General In the contract for certification made with the client, the supervision of the management system by means of periodic supervisory audits is specified.
● Surveillance audit The programme will include Internal audits & Management reviews and Review of actions taken on non conformities identified in the previous audit Treatment of complaints, Effectiveness of management system with regard to achieving client's objectives, Progress of planned activities aimed at continual improvement
Continuing operational control and Review of any changes and use of mark and logo For OHS the program will also include Hazard identification and assessment controls, Legal & other requirements, Management system at temporary sites, Multiple sites. For ISMS program will also include info security issues related threat to assets, vulnerabilities on to the client organization and For MDQMS program will incl a review of actions taken for notification of adverse events, advisory notices and recalls
● Maintaining certification- KVQA maintains certification based on a positive conclusion by the Lead Auditor The certificate issued is valid for a maximum of three years. The certificates can be suspended or revoked if serious deficiencies in the management system are observed during the supervision activity. 9.4

● Recertification
5.5.1 Recertification audit planning When the validity of the certificate expires after three years, recertification audit is planned and conducted. The scope of the reassessment corresponds to the certification audit (initial) All elements are audited to consider the performance of the management system over the period of certification including review of previous surveillance audit reports. In case of significant changes to the management system Stage 1 audit is also carried out.
● Appeals
● Appeals received are registered in writing and will be brought to attention of Head of Certification KVQA immediately.
● The Head of Certification will validate, investigate and decide on actions to be taken taking into account similar appeals in the past
● KVQA acknowledges receipt of appeal and shall inform the appellant on the progress/ result of investigation. and takes the necessary corrective/preventive action
● KVQA shall give a formal notice to the appellant at the end of the appeal handling process
● Complaints
● Complaints received are registered in writing and will be brought to attention of Head of Certification KVQA immediately.
● Commercial complaints are dealt with by the head of certification KVQA. In case of complaints, relating to certification activities it is responsible for the Operation Committee is consulted and further action is taken to reach an agreement
● Procedure for Appeals, complaints and disputes, as well as rights of utilization of KVQA symbol, is included in the contract for certification and it shall be informed to the client in writing that the Appeal, complaint, dispute has been received .The Certification Committee or the Operation Committee shall be informed and the outcome shall be informed by the Office Coordinator to the party concerned. Wherever considered appropriate KVQA shall inform the complainant of the progress and give the target date of closure and give a formal notice to the complainant at the end of the complaint handling process and its outcome
● As part of the Audit report the Auditors get the Assessment Activity Survey report filled up which is studied by the Certification Committee while evaluating the documents of the Audit and any appeal, complaint and dispute which the Certification Committee considers for review is sent to the Head of Certification. For ISMS complaints represent a source of information as to a possible non conformity and the client organization should establish and where appropriate report on the cause including any predetermining factors within the organization. KVQA satisfies itself that such investigations are being used for remedial/corrective action. Any complaint about a certified client shall be referred to the client at an appropriate time
● Client Certification Records
KVQA maintains records on all organizations audited, certified or with certification suspended or withdrawn. These records are retained for the duration of the current cycle plus one full certification Cycle and are maintained as Client Files
5.10 References
ISO 17021 : 2011 and Clause 9 Process requirements :
List of KVQA auditors & scope and List of Technical Experts & members of Committees
Special surveillance audit
KVQA at regular intervals demands the following documents on the basis of the reference list in order to review the procedure with respect to content and compliance with stipulated procedures.
- report of audit result
- copies of certificates
The KVQA will provide it basically with the complete procedures, for example, certification and, where relevant, surveillance audits
Suspending, withdrawing or reducing scope
The certificate can be suspended or withdrawn if Client requests for the same and the Scope can be reduced to exclude the parts not meeting the requirements
In case of misuse of certificates, procedure shall be:
KVQA monitors the use of certificates issued by it within the scope of its supervisory audits and by means of "market observations"
In the case of "market observation" (passive supervision), KVQA reacts to complaints raised by third parties against certified enterprises.
The use of certificates is specified in the contract regarding certification and right of utilization of the KVQA symbol, which the clients are required to follow and is verified in surveillance audits.
Where impermissible use or unauthorized amendment to certificates and/or misleading use of certificates for advertising purposes are detected by KVQA, head of certification
KVQA initiates suitable action which, depending on type and severity, may include:
-Written notification to the certification holder, A formal warning
-Public disclosure of the misuse or Revocation of the certificate
Reasons for withdrawal or cancellation
-KVQA is authorized to suspend or withdraw any certificates issued if the certificates have been misused. KVQA has the right to cancel any certificates issued if
-Supervision indicates that significant preconditions, which existed at the time of issue of the certificate, are no longer applicable.
-Supervision cannot be performed for reasons for which the clients are responsible.
-The fees are not paid within the set period after reminder
-The client has gone to bankruptcy.
-The continued use of the certificates in view of its informational value on market is no longer reasonable, due to circumstance, which were not clearly apparent at time of audit.

Process for granting, refusing, maintaining, renewing, suspending, restoring or withdrawing certification or expanding or reducing the scope of certification:

Certification Committee members selected understand the applicable standard and certification requirements, and associate Experts/ Auditors as necessary to evaluate the audit processes and related recommendations of the audit team. The certification committee shall
1) Deliberate and verify the results of initial audit.
2) Deliberate suspension/cancellation of certification according to surveillance audit result.
3) Deliberate granting, maintaining, suspending, and canceling the certification.
4) Deliberate the extension or reduction of the certification scope.
5) Deliberate the suspension and cancellation of certification for other reasons.
6) Shall counteract any tendency on part of its Directors of KVQA to allow commercial or other considerations to prevent consistent tech objective as per provision of its services
7) Deal with Complaints

The Certification Committee takes the decision on granting, refusing, maintaining, renewing, suspending, restoring, or withdrawing certification, or on expanding or reducing the scope of certification.