KVQA:. Our Certification Process
We submit the proposal for certification working on our understanding of the business process of every client and the gathered client information. The entire certification process includes three main steps:
1. Contract finalization and agreement
2. Review management system documents for adequacy to relevant standard.
● Conduct management system audit as per applicable standards.
We follow the following procedures for carrying out quality certifications:
Sequence of Audit & Certification Process | To Be Done By |
---|---|
Decision making on ISO 9001 : 2015 requirement | Organization |
Analyzing your organization for ISO certification | Discussion between your Organization & KVQA |
Planning for quality manuals, documented procedure & ISO 9001 implementation | Organization or Consultant. |
Periodic review on preparation for ISO 9001, Action & Follow up | Organization |
Satisfactory preparation for ISO Audit | Organization |
Fixing up of dates for Audit | Organization |
Auditing for adequacy of documents | Organization |
Conducting on site audit at your premises | KVQA |
AUDIT PROCESS IN DETAIL
1. Initial certificationM
The initial Certification audit is carried in two stages and the objective in first stage
is to
Stage 1
--Review and. Evaluation of Management System documentation submitted by the client.
-- Evaluation of clients established location(s) and site specific conditions including
Collection of necessary
information regarding scope of the management system, processes and equipment used and
Applicable
statutory & regulatory requirements.
--Information to Client on issues requiring special attention/cause non conformity in
Stage 2 and may lead to
postponement or cancellation of
Stage 2
-- Evaluation of the Implementation & effectiveness of Management System including
Information and evidence
about conformity to all requirements.
-- Performance monitoring, measuring, reporting & reviewing against key performance
objectives and targets
and legal/regulatory compliance and Operational control of processes and Internal audit
& Management
review and Management responsibility for clients policies& procedures
● Process /Methodology followed in conducting audits
-- Opening meeting detailing Communication during the audit and Use/need of Observers
and guides
-- Collection and verification of information
-- Identification and recording audit findings
-- Summarizing conformity and detailing non conformity, Identifying opportunities for
improvement
-- Closing meeting presenting Audit conclusions including recommendation re
certification and giving
an Opportunity to client for questions
-- Preparation of a written report for each audit giving, Audit findings, evidence &
conclusions and
unresolved if any, Comments on conformity with a clear statement of non conformities, if
any, with
supporting evidence and sends a copy of the Audit Report to the Client
-- Analysis by the client of the cause and describe the specific correction or
corrective actions taken
or planned to be taken to eliminate detected non conformities and time to implement
corrective action,
-- Review of identified causes and verification of the corrective actions taken
-- Information to Client if additional audit- full or limited needs to be conducted or
documented
evidence collected during the next surveillance audit
● Maintaining certification
-- Certificate issue based on a positive conclusion by Lead Auditor which is valid for a
maximum of 3 years.
Certificates can be suspended or revoked if serious deficiencies in the management
system are observed
during the supervision activity.
-- Surveillance audit as per contract for certification made with the client, the
supervision of the management
system by means of periodic supervisory audits is carried out and includes Internal
audits & Management
reviews and Review of actions taken on non conformities identified in the previous
audit
-- Recertification audit is planned and conducted when the validity of the certificate
expires after three years
in due time to enable for timely renewal before the certificate expiry date..
-- Restoration of certification within 6 months provided that the outstanding
recertification activities are
completed, otherwise at least a stage 2 s conducted. The effective date on the
certificate shall be on or after
the recertification decision and the expiry date shall be based on prior certification
cycle.
2. Special audits
● Extension of scope of the existing certification requires to be extended, the
extension may be included by
means of an extension audit.
● Extension audit may be performed in conjunction with a surveillance audit, re-audit
or
on a separate date as agreed. after reviewing the application for the same
● Unannounced audits may be required in case of change in the verification level
(standards) or change in
the scope, change in address or name or some major complaint about the certified client
or other
changes occur as submitted which could affect the decision on the clients compliance.
Management Policy
KVQA shall contribute to the improvement of management performance for its clients by providing them with the best services in certification and related activities, and strive to be a leading certification body in its kind. KVQA shall provide competitive certification and audit services by giving continuous confidence to all interested parties that the management system certified fulfills specified requirements as well as impartial and competent assessment.
KVQA shall adhere to a system formulated on principles of:
A Impartiality
B Competence
C Responsibility
D Openness
E Confidentiality
F Responsiveness to complaints
G And Risk based approach
KVQA’s procedure for
3. Suspending, withdrawing or reducing scope of certification
● Suspend certification in cases when clients management system persistently or
seriously fails to meet
certification requirements or client does not allow surveillance/ recertification at
required time
or does not pay the fees within the set period after reminder or there is any other
unresolved issue
-- Withdraw any certificates issued if certificates have been misused or client’s
bankruptcy.
-- Reduce scope to exclude the parts not meeting certification requirements when clients
management system persistently or seriously fails to meet certification requirements
-- The certificate can be suspended or withdrawn and the Scope can be reduced to exclude
the parts not
meeting the requirements if client requests for the same
-- The certificate can be suspended or withdrawn In case of misuse of certificates as
specified in the
contract regarding certification and right of utilization of the KVQA symbol.
-- Complaints raised by third parties against certified enterprises.
● Restore the suspended certification if the issue that has resulted in the
suspension has
been resolved. .
● Initiate suitable action which, depending on type and severity, may include:
-Written notification to the certification holder, A formal warning
-Public disclosure of the misuse or Revocation of the certificate
Stage 1. Evaluation of Management System documentation submitted by the client of this management system- manual & references.
Evaluation of clients location and site specific conditions including- for OHS considers additional hazards at boundaries, review of Client Profile, temporary sites & Collection of necessary information regarding scope of the management system, processes and location(s) and Legal & regulatory aspects compliance Review of clients understanding of standard, Evaluation of internal audits and mgt reviews, their regularity Results shall be documented in a written report & KVQA will review Stage 1 and identify any issues requiring special attention in Stage 2
Stage 2 Evaluation of the Implementation & effectiveness of Management System
Evaluation of effectiveness and conformity of management system & can include Information and evidence about conformity to all requirements. Performance monitoring, measuring, reporting & reviewing against key performance objectives and targets and legal/regulatory compliance and Operational control of processes and Internal audit & Management review and Management responsibility for clients policies& procedures Links between normative requirements, policy, performance objectives & targets, applicable legal requirements, responsibilities, competence of personnel, operations, procedures, performance data, and internal audit findings & conclusions. For ISMS specific elements are: Maintenance and evaluation of applicable legal & regulatory compliance & Demonstration of analysis of Security related threats relevancy.
● Information granting initial certification Reporting and recommendation
regarding issue of certificate by audit team, or specification & performance of a re-audit.
Procedure for Audit is detailed in Procedure of Certification audit CCBP - 02
● Certification decision Checking of the audit report, including any deviation reports, by the head of certification to establish whether issue of certificate is possible in the case of certification field . The approval can be given by the appointed Certification committee of KVQA or by the Head of Certification KVQA and then registered in KVQA and Certificate issued by the KVQA’s authorized signatory – Head of Certification or Head of Planning.
Procedure for Issue of Certificate is detailed in Procedure CCBP – 03
● Surveillance activities
● General In the contract for certification made with the client, the supervision of the management system by means of periodic supervisory audits is specified.
● Surveillance audit The programme will include Internal audits & Management reviews and Review of actions taken on non conformities identified in the previous audit Treatment of complaints, Effectiveness of management system with regard to achieving client's objectives, Progress of planned activities aimed at continual improvement
Continuing operational control and Review of any changes and use of mark and logo
For OHS the program will also include Hazard identification and assessment controls, Legal & other
requirements, Management system at temporary sites, Multiple sites. For ISMS program will also include
info security issues related threat to assets, vulnerabilities on to the client organization and For MDQMS
program will incl a review of actions taken for notification of adverse events, advisory notices and recalls
● Maintaining certification- KVQA maintains certification based on a positive conclusion by the Lead Auditor The certificate issued is valid for a maximum of three years. The certificates can be suspended or revoked if serious deficiencies in the management system are observed during the supervision activity.
9.4
● Recertification
5.5.1 Recertification audit planning When the validity of the certificate expires after three years, recertification audit is planned and conducted. The scope of the reassessment corresponds to the certification audit (initial) All elements are audited to consider the performance of the management system over the period of certification including review of previous surveillance audit reports. In case of significant changes to the management system Stage 1 audit is also carried out.
● Appeals
● Appeals received are registered in writing and will be brought to attention of Head of
Certification KVQA immediately.
● The Head of Certification will validate, investigate and decide on actions to be taken
taking into account similar appeals in the past
● KVQA acknowledges receipt of appeal and shall inform the appellant on the progress/
result of investigation. and takes the necessary corrective/preventive action
● KVQA shall give a formal notice to the appellant at the end of the appeal handling
process
● Complaints
● Complaints received are registered in writing and will be brought to attention of
Head of Certification KVQA immediately.
● Commercial complaints are dealt with by the head of certification KVQA. In case of
complaints, relating to certification activities it is responsible for the Operation
Committee is consulted and further action is taken to reach an agreement
● Procedure for Appeals, complaints and disputes, as well as rights of utilization of
KVQA symbol, is included in the contract for certification and it shall be informed
to the client in writing that the Appeal, complaint, dispute has been received .The
Certification Committee or the Operation Committee shall be informed and the outcome
shall be informed by the Office Coordinator to the party concerned. Wherever considered
appropriate KVQA shall inform the complainant of the progress and give the target date
of closure and give a formal notice to the complainant at the end of the complaint
handling process and its outcome
● As part of the Audit report the Auditors get the Assessment Activity Survey report
filled up which is studied by the Certification Committee while evaluating the documents
of the Audit and any appeal, complaint and dispute which the Certification Committee
considers for review is sent to the Head of Certification. For ISMS complaints represent a
source of information as to a possible non conformity and the client organization should
establish and where appropriate report on the cause including any predetermining factors
within the organization. KVQA satisfies itself that such investigations are being used for
remedial/corrective action. Any complaint about a certified client shall be referred to the
client at an appropriate time
● Client Certification Records
KVQA maintains records on all organizations audited, certified or with certification
suspended or withdrawn. These records are retained for the duration of the current cycle plus one full certification Cycle and are maintained as Client Files
5.10 References
ISO 17021 : 2011 and Clause 9 Process requirements :
List of KVQA auditors & scope and List of Technical Experts & members of Committees
Special surveillance audit
KVQA at regular intervals demands the following documents on the basis of the reference list in order to review the procedure with respect to content and compliance with stipulated procedures.
- report of audit result
- copies of certificates
The KVQA will provide it basically with the complete procedures, for example, certification and, where relevant, surveillance audits
Suspending, withdrawing or reducing scope
The certificate can be suspended or withdrawn if Client requests for the same and the Scope can be reduced to exclude the parts not meeting the requirements
In case of misuse of certificates, procedure shall be:
KVQA monitors the use of certificates issued by it within the scope of its supervisory audits and by means of "market observations"
In the case of "market observation" (passive supervision), KVQA reacts to complaints raised by third parties against certified enterprises.
The use of certificates is specified in the contract regarding certification and right of utilization of the KVQA symbol, which the clients are required to follow and is verified in surveillance audits.
Where impermissible use or unauthorized amendment to certificates and/or misleading use of certificates for advertising purposes are detected by KVQA, head of certification
KVQA initiates suitable action which, depending on type and severity, may include:
-Written notification to the certification holder, A formal warning
-Public disclosure of the misuse or Revocation of the certificate
Reasons for withdrawal or cancellation
-KVQA is authorized to suspend or withdraw any certificates issued if the certificates have been misused. KVQA has the right to cancel any certificates issued if
-Supervision indicates that significant preconditions, which existed at the time of issue of the certificate, are no longer applicable.
-Supervision cannot be performed for reasons for which the clients are responsible.
-The fees are not paid within the set period after reminder
-The client has gone to bankruptcy.
-The continued use of the certificates in view of its informational value on market is no longer reasonable, due to circumstance, which were not clearly apparent at time of audit.
Process for granting, refusing, maintaining, renewing, suspending, restoring or withdrawing certification or expanding or reducing the scope of certification:
Certification Committee members selected understand the applicable standard and certification
requirements, and associate Experts/ Auditors as necessary to evaluate the audit processes
and related recommendations of the audit team. The certification committee shall
1) Deliberate and verify the results of initial audit.
2) Deliberate suspension/cancellation of certification according to surveillance audit result.
3) Deliberate granting, maintaining, suspending, and canceling the certification.
4) Deliberate the extension or reduction of the certification scope.
5) Deliberate the suspension and cancellation of certification for other reasons.
6) Shall counteract any tendency on part of its Directors of KVQA to allow commercial or
other considerations to prevent consistent tech objective as per provision of its services
7) Deal with Complaints
The Certification Committee takes the decision on granting, refusing, maintaining, renewing, suspending, restoring, or withdrawing certification, or on expanding or reducing the scope of certification.