Certification Process
Annex 1: Certification Process:
1.1 Title:
Certification process.
1.2 Purpose:
This process explains the certification process of RICGISO.
1.3 Scope:
This procedure is applicable to all types of certification activities carried down by RICGISO.
1.4 Responsibilities:
Quality Assurance Analyst Committee- QAAC (CEO, Operation Head & Certification Manager)
1.5 Initial Certification:
1.5.1: Inquire: Receiving inquire through mails, phones, associates and the overall process for the certification audit.
1.5.2: Feedback: Responding without delay and submission of the application form to the clients, following the filled application form submitted back by the client for the next procedure perusal.
1.5.3: Certification Guide Dispatch: After submission of the empty application form to the client, RICGISO will inform the prospective clients about the certification procedure and requirement related to the certification process with the complete guideline of procedure.
1.5.4: Application Form Review: After receiving the filled application form, the quality assurance analyst committee (QAAC) will review the application for the specific requirement of the clients and RICGISO ability to provide such services, competent resources are also identified based on SOP for defining certification personnel, It will review e.g. The standards, scope, number of employees and capacity of the organization or company.
1.5.5: Application Approval: Once the Quality Assurance Analyst Committee (QAAC) approved the application form of the clients the contract will be signed by the parties, all the policies and procedures will be mentioned and will be followed in the contract by the parties.
1.5.6: Archive Code: Archive Code issue by (QAAC) for keeping records of all hard documents submitted by the clients or Certification Manager Audit Reports before issuing the certifications or after issuing certification during the surveillances, The archive code is consist of digital number code which shows the hard documents of the clients exist in the archive of the RICGISO, All the reports documents from the client store in the Iron Cabinet with security lacks.
1.5.7: Audit Program & Team Selection: As the certifications require two stage of auditing the competent audit team is identified based on scope of the clients, The audit planner composes the audit team according to the audit team composition, after reviewing the audit scope, the schedule, the auditors competence.
1.5.8: Selection & Appointment of Stage 1 Team Operation: The competent audit team is selected for conducting stage 1 of client.
1.5.9: Stage 1 Plan: The audit plan along with the information of audit team and dates is sent to the client and confirmation received with other issues e.g. traveling or other arrangement of audit team.
1.5.10: Conduct Stage 1: The stage 1 audit plan is as per the procedure for auditing and procedure for the stage 1, It is consist of performing the audit of the clients management system documentations.
1.5.11: Action Plan on Stage 1: The resolving stage one area of concern is based on the reports and recommendation of the audit team & (QAAC) the area of concern are resolved with the client, The area of concern may be modification in scope or may result in re-planning of certification include recondition of stage 1 following the client management system documentations.
1.5.12: Planning for Stage 2: The audit information and audit team plan will be submitted to the clients for organizing the audit process, The time gap will exist one day between both stage one and stage two, The FSMS will not take more than 6 months based on the needs of the clients.
1.5.13: Conducting Stage 2: The purpose of the stage 2 audit is to evaluate the implementation, including effectiveness of the client’s management system, the stage 2 audits shall take place at the site(s) of the clients as per the procedure for auditing and procedure of stage 2.
1.5.14: Resolving Stage 2 Area: Based on the report and recommendation of audit team & (QAAC) the area of concern are resolved with the client, the area of concern may be modification in scope or may result in special audits- If special audit is not conducted within 6 months from the last day of the last audit to verify CCA then stage 2 will be re-evaluated.
1.5.15: Conclusion of Certification Audit: The report of Audit Team with the evidences of effective implementation of corrective action is checked for completeness by Certification Manager and then sent to Quality Assurance Analyst Committee (QAAC) to review the audit team report that conduct technical review of the report and recommend for the certification award.
1.5.16: Certification Award: The Quality Assurance Analyst Committee (QAAC) review the decision reported by the Certification Manager and take final decision on award of certification.
1.5.17: Grant of Certifications: Once the decision has been made by the (QAAC) for the issuance of the certifications, both soft and hard copy of certification will be sending to the client.
Annex 2: Surveillance Audit:
2.1.1: Surveillance Audit: The surveillance audit is conducted once per year after issuance the certification, The date of surveillance shall not exit more than 12 months from the date of issue.
2.2.2: Information Exchange: The information regarding any changes in system, processes or scope of operation is exchange bet client.
2.2.3: Audit program: The audit program is sent for confirmation, It also include any changes or modification as per the exchange of information.
2.2.4: Appoint Audit Team and Confirmation: Audit team is selected based on the scope and standard of client and confirmation of audit team is taken from the client.
2.2.5: Planning for Surveillance Audit: The audit plan along with the information of audit team and date will be sent it to the client and confirmation received with information of audit team traveling schedule.
2.2.6: Conduct Surveillance Audit: Surveillance Audit is conducted by elected team as per the procedure for auditing and procedure for surveillance audit.
2.2.7: Resolving Surveillance: Based on the report and recommendation of audit team of concern area are resolved with the client. The area of concern may be modification in scope or may result in special audits.
2.2.8: Surveillance Conclusion: The audit team provides a written report of implementation of corrective action taken.
2.2.9: Independent Review: The report of surveillance audit is reviewed and decision to maintain the certification is taken by (QAAC).
2.2.10: Archive and Records: The audit team report the surveillance documents and clearance into the refer archive of the companies which the digital code has been already issued to the company during the issuing certification.
Annex 3: Recertification:
3.3.1: Recertification Audit: The recertification activity is conducted before the expiration of the certification.
3.3.2: Exchange of Information: The information in change system, process or scope of operation is exchange by client and RICGISO.
3.3.3: Recertification Audit Planning: The plan for next three year audit is prepared during each surveillance report as per the performances of the company and applying the certification policies in the regard to the effectiveness of corrective action taken in the scope of certification.
3.3.4: Audit Program: The audit program will be sent it to the client for the confirmation for any changes or modification.
3.3.5: Appointment of Audit Team and Confirmation: The Audit team will be selected based on the scope and standard of the client certification process and confirmation of audit team will be confirmed.
3.3.6: Planning for Recertification Audit: The audit plan and the audit team information and dates will be sent it to the client with the traveling schedule of the team.
3.3.7: Conduct Recertification Audit: The recertification audit will be conducted as per the procedure for auditing and procedure for the recertification audit.
3.3.8: Resolving Recertification Audit: As per the decision and recommendation of the (QAAC) and the audit team area of concern are resolved with the client, The area of concern maybe modification in scope of certification.
3.3.9: Recertification Audit Conclusion: The audit team provides a written report for implementation of corrective action and report to the certification manager for the archive and record and review of (QAAC).
3.3.10: Recertification Decision: The implementation of effective audit team report for the evidences of effective implementation of corrective action checked by the certification manager and (QAAC) which will conduct technical review of the report and recommend for certification award.
3.3.11: Grant of Certification: Once the documents and report has been reviewed by the (QAAC) both soft and hard documents of the reports, the approval may be sent it to certification manager for the further processing and it will issue the certificate to the client.
3.3.12: Special Audits (Unannounced Visit): The special audit may conducted to verify the implementation of corrective action plan within six months to verify any complaint by regulatory authority or to verify compliance against any new requirement for certification or if required by accreditation board or client for the modification in scope.
Related documents: Invoice, Application Form, Application Review Form, Certification Agreement, Check list, Audit Notification Email, Audit Notification, Audit Plan, Opening and Closing Meeting, Audit Program, Attendance Sheet, Auditor Finding Action Report , Stage 1 Report, Stage 2 Report, Logo Mark Use Policy, Lead Auditor/Auditor Evaluation Form, Certificate Draft Copy, Surveillance Reminder Letter, Suspension Letter, Termination Letter, Continuation Letter, Certification Transfer Report, Receive Form, Commitment Letter.