The just-published second edition of the International Standard ISO/IEC 17021 sets new requirements for the auditing of management systems and for auditor competence in order to increase the value of management system certification to public and private sector organizations worldwide.
The certification bodies that carry out management system certification (independently of ISO), are being given a two-year period to bring their operations in line with the new edition (see below).
ISO/IEC 17021:2011, Conformity assessment – Requirements for bodies providing audit and certification of management systems, is intended to increase trust in certificates issued attesting conformity to management system standards (MSS) such as ISO 9001 (quality management), ISO 14001 (environmental management) and ISO 22000 (food safety management). Certificates to these and other MSS are widely used in global markets to establish confidence between business partners and between organizations and their customers, to qualify suppliers in supply chains, and as a requirement to tender for procurement contracts.
The first edition, published in 2006, named six principles that inspire confidence: impartiality, competence, responsibility, openness, confidentiality, and complaint handling. These principles then formed the basis for specific requirements given in the standard.
The new edition retains these principles and requirements, but adds new requirements developed in response to market feedback on the use of the first edition. The new requirements provided in ISO/IEC 17021:2011 relate to the competence of the auditors who carry out certification and to the way in which they are managed and deployed.
Certification bodies that use the new edition will be able to ensure competent audit teams, with adequate resources, following a consistent process and reporting audit results in a consistent manner.
Observance of the standard’s requirements is intended to ensure that certification bodies operate competently, consistently and impartially, so facilitating the recognition of such bodies and the acceptance of their certifications both nationally and internationally. ISO/IEC 17021 will therefore serve as a foundation for facilitating the recognition of management system certification in the interests of international trade.
The requirements of the 2006 edition have not been changed except where they contradict those of the 2011 edition. ISO/IEC 17021 is also being published in an unofficial marked-up edition highlighting the new and deleted text. The new edition is to be reviewed one year after it has been in use to decide whether any first edition requirements need modifying to align them further with the new requirements.
ISO and the International Accreditation Forum (IAF) – the association of national accreditation bodies that declare the competence of certification bodies – have agreed on a two-year transition period from the date of publication of ISO/IEC 17021:2011 for certification bodies to bring their operations and processes in line with the requirements of the new edition. A joint ISO-IAF communiqué giving details is available here.
ISO/IEC 17021:2011, Conformity assessment – Requirements for bodies providing audit and certification of management systems, was developed by the ISO Committee on conformity assessment (ISO/CASCO) and is available from ISO national member institutes (see the complete list with contact details). It may also be obtained directly from the ISO Central Secretariat, price 142 Swiss francs for the clean, official edition and 208 Swiss francs for the clean edition plus the unofficial marked-up edition, through the ISO Store or by contacting the Marketing, Communication & Information department (see right-hand column).