Clause |
GUARDIAN’s Procedure |
7 |
Maintaining Certification |
7.0 |
Surveillance Audit |
7.1 |
Surveillance Planning |
|
Surveillance audit shall be identified 3 months before the due date by QM/AM, the client must be communicated about the due date and proposed date of the Surveillance audit. CEO shall monitor the effectiveness of Surveillance audits every month. If the client does not confirm the Surveillance Audit date within 7 days of the due date, a letter of suspension is issued to the client. After the issuance of the Suspension letter, a letter of cancellation is issued to the client on the next date of the due date. Any justification provided by the client for the postponement of the audit is recorded and has to be approved by QM/CEO and recorded in the client file. |
7.2 |
Surveillance audits are on-site audits but are not necessarily full system audits. Surveillance audits are planned together with other surveillance activities so that the certification body can maintain confidence that the certified management system continues to fulfill requirements between recertification audits. The Assigned team leader is responsible for conducting and managing the assessment along with another team member, if any. The Team Leader shall be of Auditor status as a minimum. The team leader also ensures that any Technical Expert / Specialist is not allowed to function independently and is always accompanied by an Auditor/ Lead Auditor. |
7.3 |
The surveillance audits are conducted at least once a year and the date of the first surveillance audit following initial certification shall not be more than 12 months from the last day of the stage 2 audit. |
7.4 |
The surveillance audit is to ensure the following: a. Ensure that the client’s management system which was the basis of the grant of the certificate has been maintained continuously. b. Verify and ensure that any changes to the management system that might have taken place since the last audit meet the requirement of the standard/ specification and are implemented effectively c. Ensure on-site audits assessing the certified client's management system's fulfillment of specified requirements concerning the standard to which the certification is granted. d. Ensure that the management system continues to be appropriate to the product/ process/ service offered by the client, with the capability of managing and improving performance. e. Assess Continual Improvement is the client’s management system f. Additionally client’s statements concerning its operations (e.g. promotional material, website). Also reviewed during each surveillance audit. |
|
g. Inquiries from the certification body to the certified client on aspects of certification. h. Requests to the client to provide documents and records (on paper or electronic media) i. Other means of monitoring the certified client's performance, j. Internal audits and management review, k. A review of actions taken on nonconformities identified during the previous audit l. Actions taken on customer complaints m. Effectiveness. Of the management system about achieving the objectives n. Progress of planned activities aimed at continual improvement o. Continuing operational control |
|
p. Review of the use of CB & AB marks q. Verify the OHS for the respective objectives and targets r. Hazard Identification & Assessment Controls s. Compliance with Legal & Other requirement including customer requirements t. Verify the OHS management systems at the temporary site u. Verify the OHS management at the Multisite based on the Audit Program |
7.5 |
The team leader shall review the client file, especially the last audit report to make note of any issues to be followed up, including the non-conformities and corrective action plan. An audit plan shall be sent to clients in advance so that they can seek any changes concerning timing etc, if found inconvenient due to administrative reasons. |
7.6 |
Audit should be conducted (at least annually and it shall be ensured that the date of the first surveillance audit shall not be more than 12 months from the last day of stage 2 audit.) as per the Surveillance audit plan given in the last audit report but if there is any change due to any justified reasons, the same should be recorded in auditor notes and surveillance audit plan shall be updated in the report. |
7.7 |
During opening and closing meetings, the attendance record sheet is circulated for recording the name and designation of the client representative present. Either each person can record their name & designation or one person can do so for all present. |
7.8 |
The corrective action taken on non-conformities identified during the last audit should be verified for its effectiveness. If the corrective action taken is not satisfactory/non-taken, the severity of the minor NC shall be re-issued and escalated to Major and the client shall be advised accordingly. |
7.9 |
Non-conformity reporting, report preparation, report distribution, and requirement of CAP (in case NC is raised) shall be similar to the certification audit procedure. |
7.10 |
If to change in site address/ scope requires a re-issue of the certificate, the “Certification Details” in the report shall be completed and the client date base shall be updated. a. Any significant changes like change in manpower, or process necessitating change in subsequent audit duration shall be recorded and post-contract review is done by AM. b. Other changes like changes in contact number/ person etc shall also be recorded in the report for updating the client database, |
|
7.1 The multi-site client shall be audited the same way except that instead of auditing all sites, sampling of sites shall be followed as per the contract review. 7.2 In case of major NC is found at any site the entire certificate of all sites shall be at Risk. 7.3 The surveillance report is submitted by the Lead Auditor in the GUARDIAN Head Office and shall be approved by the CEO/TM. 7.4 During the transition period of ISO 9001:2008 to ISO 9001:2015 and ISO 14001:2004 to ISO 14001:2015, any nonconformance of ISO 9001:20015 or ISO 14001:2015 shall not affect the validity of the standard respectively if the client meets the requirement of the old version of the standard till the validity of the standard respectively. |
8.0 |
Renewal/Re-Certification Audit |
8.1 |
The process of recertification would include a reassessment of the organization’s documented quality management system including a review of the Management System, where necessary, to be conducted before the expiry of a year's term of validity. The recertification audits are planned and conducted to evaluate the continued fulfillment of all of the requirements of the relevant management system standard or other normative document. The Renewal audit plan is verified to ensure that the majority of the audit time is given to verify the effective implementation of the management system in the locations where the organization’s activities take place including on-site audits of temporary sites for OHSMS ISO 45001 (OHSMS (In Management System Audit 80% of the audit time shall be given onsite). |
8.2 |
The reassessment provides for a review of the past performance of the quality management system throughout previous certification, including examination of the documents/records relating to the internal audits, management review, and effectiveness of corrective and preventive actions, etc. |
8.3 |
It is the responsibility of the person assigned (of Lead Auditor status) to conduct the Reassessment and submit the report. The team leader also ensures that any Technical Expert / Specialist is not allowed to function independently and is always accompanied by an auditor/ lead auditor. |
8.4 |
Re- Re-certification audit shall be planned and conducted three months before the validity of the certificate to ensure continuity of certification in the likely event of any nonconformance found during the audit. In the case of 9/6 monthly surveillance frequency, the Re-certification audit can be clubbed with the Surveillance Audit. |
8.5 |
The process of Re-certification is planned by the AM. Advance notice is sent to the client. If the client agrees to the recertification the sending Questionnaire, quotation, and application review are done as per procedure no.P06. If there are changes like the addition of new processes/services, regulatory requirements or new product/services addition or change of location, or a change of Top management Stage 1 audit is required to be conducted. |
8.6 |
Before proceeding to the client site, the team leader shall review all the previous reports since the certification audit/ last Reassessment by Performance Review and make a note of relevant points. The re-assessment program shall at least ensure the following: |
|
a. The effective interaction between all elements of the system & audit activities have a stage 1 audit in situations where there have been significant changes to the management system, the client, or the context in which the management system is operating (e.g. changes to legislation) as identified in the Application Questionnaire. b. The overall effectiveness of the system in its entirety in the light of changes in operations c. Demonstrated commitment to maintain the effectiveness of the system d. Summary of Previous Audit Reports e. Whether all areas/ processes/ clauses have been audited at least once in the last three-year cycle |
|
f. Any concentration of non-conformities against particular clauses/areas and effectiveness of corrective actions taken on nonconformities identified by GUARDIAN shall be closed within 15 days of recertification audit |
|
g. Objectives and Continual Improvement |
|
h. Whether the operation of the certified management system contributes to the achievement of the organization's policy and objectives. |
|
i. In the case of multiple sites or certification to multiple management system standards being provided by the GUARDIAN, the planning for the audit ensures adequate on-site audit coverage to provide confidence in the certification. |
|
j. Verify the OHS for the respective objectives and targets |
|
k. Hazard Identification & Assessment Controls |
|
l. Compliance with Legal & Other requirement including customer requirements |
|
m. Verify the OHS management systems at the temporary site |
|
n. Verify the OHS management at the Multisite based on the Audit Program |
8.7 |
Re-Certification Audit shall be conducted, if the client applies for re-certification before the expiry of the certificate and there is no major change in client organization (legal, scope, etc.). However, if the client applies for recertification after the after expiry date then stage I will also be conducted. |
8.8 |
If NC is identified for the Re-Certification audit the team leader shall ensure and communicate to the client that the Corrective Actions and the pieces of evidence are provided before the expiry of the certificate. |
9.0 |
Short Notice Audit |
|
As a result of a complaint, by any party, any adverse publicity or contravention of the conditions of certification or other information received and suspended client. The special visits will be undertaken after due notice has been given and details agreed between Guardian Assessment Pvt. Ltd. and visits will be undertaken after due notice has been given and details agreed between the certified company. Due care is taken of the following. |
|
· Information is given to the client in advance regarding the resources of the visit with details. · Due care is taken to select the auditor to Safeguard the Lack of Reason to the client for objection to the auditor. |
10 |
Suspension, Withdrawal, Extension, and Reduction / Change in Scope of Certification |
10.1 |
Suspension |
|
The grounds for suspending the certificate are as follows: a. If the certified organization is not getting the Surveillance audit conducted as per the certification agreement. b. If the client is found to misuse the logo of the Certification Body or is using any kind of misleading statement it might affect the reputation of the certification body and the accreditation board. c. If there is any complaint from the customer’s customer GUARDIAN needs to verify the complaint and in case the certified organization is found guilty the certificate will be suspended and will remain suspended until the complaint is resolved. d. In case of non-payment of the fee as per the Contractual agreement. e. If during the Surveillance audit system is found not to comply with Standard requirements. f. If the client fails to timely respond nd the GUARDIAN with its transition plan by 14th Sept. 2017, A Minor nonconformity shall be, raised anthe d if the client fails to successfully the complete transition assessment on 15th June 2018, this shall be treated as a major nonconformity and certificate shall be suspended, unless client gives specific request with its intention not to transit but to continue the full validity of the ISO 9001:2008 or ISO 14001:2004 (i.e. 15th Sept. 2018). |
|
Upon the Suspension, the certificate will be surrendered from the client, and the GUARDIAN website will be updated that the organization’s certificate is suspended (not valid). After withdrawal of the certification, cate if the organization is found using the certificate or certification information in any manner, legal action will be taken against the Organization as per the contractual agreement. |
|
Note: The evidence can be verified onsite or offsite depending upon the nature of the reason for the suspension. |
10.2 |
Withdrawal |
|
Any certificate issued by GUARDIAN may be withdrawn in the event of any of the following defaults by a certificate holder: |
|
a. If a surveillance audit is not arranged within 3 months of the due date in response to the notice issued by GUARDIAN Assessment Pvt. Ltd. b. Major lack of effective implementation of corrective actions within agreed time limits in respect of non-conformities identified during surveillance audits. c. Failure to pay appropriate fees. |
|
d. Continued misuse of Accreditation mark/logo e.g. misleading publications, advertisement, or contravention of the stipulated conditions for the use of marks/logo. Upon suspension or cancellation of the certificate of registration, the name of the organization shall be deleted from the GUARDIAN ASSESSMENT PVT. LTD.'s approved list of certified companies. e. In case the Organization is not able to resolve the issue of Suspension within 90 days from the date of Suspension. f. The evidence submitted by the organization for the reason of suspension as defined above is not found satisfactory. g. If a client fails to timely transit to the new standard within the timeline as specified by IAF or GAPL, the certificate of the respective standard shall be automatically withdrawn in due course of time. To manage this risk, Guardian should issue a certificate with the expiry date which is the validity date of the previous version of MSS. |
10.3 |
Extension |
|
Upon the request of the client at any point of the certification cycle, the scope of certification can be extended after the verifications are conducted as per the Guardian certification process. Extension to Scope of Certificate Amendments or extensions to the initial certified scope is possible, for example, to include additional offices or new areas of business. Audits for this ‘extension’ can often be carried out causing minimum disruption to the client’s organization. A common practice is to allocate some extra time during a routine surveillance visit. However special audits can be allocated at the request and cost of the client. surveillance |
|
An extension/reduction audit can be performed to extend or reduce the scope of an existing certificate. The extension/reduction audit may be carried out within the scope of a surveillance audit, re-certification audit, or on an independently selected date. |
|
The validity period of the certificate remains unaffected. Exceptions have to be justified in writing. The lead auditor/audit team will review the ISMS documents concerning the extended / reduced scope and audit all requirements that are affected by the extension/reduction. The further progress concerning the documentation and release of the audit procedure corresponds to a certification audit. |
10.4 |
Reduction |
|
Upon the request of the client or during the surveillance audit as identified/verified by the audit team, the scope of certification can be reduced after the verifications are conducted as per the Guardian certification process. |
10.5 |
Limited Warranty of the Certification |
|
It is considerable that all audits are performed based on limited sampling. If discrepancies are not discovered, there is no guarantee that they do not exist. |
11 |
Maintenance of Client Register |
11.1 |
All the certificates issued by Guardian Assessment Private Limited shall be timely updated (physical release of the certificate shall be after updating certificate) on the website of the company. In case of the requirements t of the accredited board to update the certificate (within the accredited scope) on the portal of AB, all the certificates shall be updated on the register of the accreditation tion board within the time frame specified by AB. Wherever a monthly report is required d, GAPL shall submit the report as per the requirement of the AB. |