SEARCH
Philippine Government Forms All in One Location
Tweet
Share
MSASF31 Assessment Checklist for ISO TS 22003 2013 PNS ISO IEC 17021-1 2015
PAB checklist for ISO TS 22003 2013 PNS ISO IEC 17021-1 2015
Your Browser Doesn't Support Canvas. Showing the Text Content of the PDF Instead: Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
1 of 62
Findings/Comments: (To be filled-up by the AB)
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
5.1.3 Responsibility for certification decisions
Is the certification body responsible for, and does it retain authority for, its decisions relating to
certification, including the granting, refusing, maintaining of certification, expanding or reducing the
scope of certification, renewing, suspending or restoring following suspension, or withdrawing of
certification?
Findings/Comments: (To be filled-up by the AB)
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
5.1.2 Certification agreement
Does the certification body have a legally enforceable agreement for the provision of certification
service in accordance with the relevant requirements of this part of ISO/IEC 17021 to its client?
Where there are multiple offices of a certification body or multiple sites of a client, does the
certification body ensure that there is a legally enforceable agreement between the certification body
granting certification and issuing a certificate, and all the sites covered by the scope of the
certification?
*An agreement can be achieved through multiple agreements that reference or otherwise link to one
another.
Findings/Comments: (To be filled-up by the AB)
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
5 General Requirements
5.1 Legal and contractual matters
5.1.1 Legal responsibility
Is the certification body a legal entity, or a defined part of a legal entity, such that it can be held legally
responsible for all its certification activities?
*A governmental certification body is deemed to be a legal entity on the basis of its governmental
status.
Clause Requirement
Legend: C – Complies, O – Observation, T – To Address at Audit, N – Nonconformity, N/A – Not
Applicable
Conformity assessment – Requirement for bodies providing audit and certification of
management systems
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
2 of 62
Clause Requirement
5.2 Management of impartiality
ISO/TS 22003:2013
Is FSMS consultancy not provided by either the certification body or any part of the same legal entity?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.1 Does the certification body undertake conformity assessment activities impartially?
Does the certification body allow commercial, financial or other pressures to compromise impartiality?
Is the certification body responsible for the impartiality of its conformity assessment activities?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.2 Does the certification body have top management commitment to impartiality in management
system certification activities?
Does the certification body have a policy that it understands the importance of impartiality in carrying
out its management system certification activities, manages conflict of interest and ensures the
objectivity of its management system certification activities?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.3 Does the certification body have a process to identify, analyze, evaluate, treat, monitor and
document the risks related to conflict of interests arising from provision of certification including any
conflicts arising from its relationship on an ongoing basis?
Where there are any threats to impartiality, does the certification body document and demonstrate
how to eliminate or minimize such threats and document any residual risk?
Does the demonstration cover all potential threats that are identified, whether they arise from within
the certification body or from the activities of other persons, bodies or organizations?
Does the top management review any residual risk to determine if it is within the level of acceptable
risk?
Does the risk assessment process include identification of and consultation with appropriate
interested parties advising on matters affecting impartiality including openness and public perception?
*Sources of threats to impartiality of the certification body can be based on ownership, governance,
management, personnel, shared resources, finances, contracts, training, marketing and payment of a
sales commission or other inducement for the referral of new clients, etc.
* Interested parties can include personnel and clients of the certification body, customers of
organizations whose management systems are certified, representatives of industry trade
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
3 of 62
Clause Requirement
associations, representatives of governmental regulatory bodies or other governmental services or
representatives of non-governmental organizations, including consumer organizations.
* One way of fulfilling the consultation requirement of this clause is by the use of a committee of these
interested parties.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.4 Does the certification body certify another certification body for its management system
certification activities?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.5 Does the certification body or any part of the same legal entity under the organizational control
of the certification body offer or provide management system consultancy?
This also applies to that part of government identified as the certification body.
*This does not preclude the possibility of exchange of information (e.g. explanation of findings or
clarification of requirements) between the certification body and its clients.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.6 Does the certification body or any part of the same legal entity and any entity under the
organizational control of the certification body offer or provide internal audits to its certified clients?
Is carrying out of internal audits by the certification body and any part of the same legal entity to its
certified clients a significant threat to impartiality?
*See Note 1 to Clause 5.2.3.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
4 of 62
Clause Requirement
5.2.7 Does the certification body certify the management system for a minimum of two years following
the end of the consultancy?
When a client has received management systems consultancy from a body that has a relationship
with a certification body, this is a significant threat to impartiality.
*See Note to 5.2.3.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.8 Does the certification body outsource audits to a management system consultancy
organization, as this poses an unacceptable threat to the impartiality of the certification body (see
Clause 7.5)?
This does not apply to individuals contracted as auditors covered in Clause 7.3.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.9 Are the certification body’s activities marketed or offered as linked with the activities of an
organization that provides management system consultancy?
Does the certification body take action to correct inappropriate links or statements by any consultancy
organization stating or implying that certification would be simpler, easier, faster or less expensive if
the certification body were used?
Does the certification body not state or imply that certification would be simpler, easier, faster or less
expensive if a specified consultancy organization were used?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.10 Does the certification body ensure that personnel who have provided management system
consultancy, including those acting in a managerial capacity, do not take part in an audit or other
certification activities if they have been involved in management system consultancy towards the
client in question within two years following the end of the consultancy?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
5 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
5.2.11 Does the certification body take action to respond to any threats to its impartiality arising from
the actions of other persons, bodies or organizations?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.12 Do all certification body personnel, either internal or external, or committees, who could
influence the certification activities, act impartially and not allow commercial, financial or other
pressures to compromise impartiality?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.2.13 Does the certification body require personnel, both internal and external, to reveal any
situation known to them that may present them or the certification body with a conflict of interests?
Does the certification body record and use this information as input to identifying threats to
impartiality raised by the activities of such personnel or by the organizations that employ them?
Does the certification body use personnel, either internal or external, unless they can demonstrate
that there is no conflict of interests?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
5.3 Liability and financing
5.3.1 Can the certification body demonstrate that it has evaluated the risks arising from its
certification activities and that it has adequate arrangements (e.g. insurance or reserves) to cover
liabilities arising from its operations in each of its fields of activities and the geographic areas in which
it operates?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
6 of 62
Clause Requirement
5.3.2 Does the certification body evaluate its finances and sources of income and demonstrate to the
committee specified in 6.2 that initially, and on an ongoing basis, commercial, financial or other
pressures do not compromise its impartiality?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
6 Structural requirements
6.1 Organizational structure and top management
6.1.1 Has the certification body documented its organizational structure, showing duties,
responsibilities and authorities of management and other certification personnel and any committees?
When the certification body is a defined part of a legal entity, does the structure include the line of
authority and the relationship to other parts within the same legal entity?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
6.1.2 Are the certification activities structured and managed to safeguard impartiality?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
6.1.3 Has the certification body identified the top management (board, group of persons, or person)
having overall authority and responsibility for each of the following:
a) development of policies and establishment of processes and procedures relating to its operations;
b) supervision of the implementation of the policies and procedures;
c) ensuring impartiality;
d) supervision of its finances;
e) development of management system certification services and schemes;
f) performance of audits and certification, and responsiveness to complaints;
g) decisions on certification; delegation of authority to committees or individuals, as required, to
undertake defined activities on its behalf;
h) contractual arrangements;
i) provision of adequate resources for certification activities?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
7 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
6.1.4 Does the certification body have formal rules for the appointment, terms of reference and
operation of any committees involved in the certification activities?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
6.2 Operational Control
6.2.1 Does the certification body have a process for the effective control of certification activities
delivered by branch offices, partnerships, agents, franchisees, etc. irrespective of their legal status,
relationship or geographical location?
Have the certification body considered the risk that these activities pose to the competence,
consistency and impartiality of the certification body?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
6.2.2 Has the certification body considered the appropriate level and method of control of activities
undertaken including its processes, technical areas of certification bodies’ operations, competence of
personnel, lines of management control, reporting and remote access to operations including
records?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7 Resource requirements
7.1 Competence of personnel
7.1.1 General considerations
Does the certification body have processes to ensure that personnel have appropriate knowledge and
skills relevant to the certification standard and geographic areas in which it operates?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
8 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
7.1.2 Determination of competence criteria
Does the certification body have a documented process for determining the competence criteria for
personnel involved in the management and performance of audits and certification activities?
Are competence criteria determined with regard to the requirements of the certification standard for
each technical area, and for each function in the certification process?
Is the output of the process documented criteria of required knowledge and skills necessary to
effectively perform audit and certification tasks to be fulfilled to achieve the intended results?
Annex A specifies the knowledge and skills that a certification body shall define for specific functions.
*The term “technical areas” is applied differently on the management system standard being
considered. For any management system, the term is related to products, processes and services in
the context of the scope of the management system standard. The technical area can be defined by a
specific certification scheme (e.g. ISO/TS 22003) or can be determined by the certification body. It is
used to cover a number of other terms such as “scopes”, “categories”, “sectors”, etc., which are
traditionally used in different management system disciplines.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003:2013
Does the competence criteria included in Annex C form the basis for the criteria developed for each
category?
Are the competence criteria generic or specific?
Are the competence criteria in ISO/IEC 17021-1:2015 considered to be generic?
*The competence criteria identified in Annex C are food safety related criteria for certification body
personnel. The certification body can identify specific competences required for the identified
categories and for each certification function.
**Annex D provides guidance to the certification body on many of the generic certification functions
identified in ISO/IEC 17021-1:2015, Annex A, for which competence criteria need to be determined
for personnel involved in the audit and certification of an FSMS
***Qualification(s) and experience can be used as part of the criteria; however, competence is not
based on these alone, as it is important to ensure that a person can demonstrate the ability to apply
the specific knowledge and skills that would expect a person to have after completing a qualification
or having a certain amount of industry experience.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
9 of 62
Clause Requirement
7.1.3 Evaluation processes
7.1.3 Does the certification body have documented processes for the initial competence evaluation,
and on-going monitoring of competence and performance of all personnel involved in the
management and performance of audits and other certification activities, applying the determined
competence criteria?
Does the certification body able to demonstrate that its evaluation methods are effective?
The output from these processes shall be to identify personnel who have demonstrated the level of
competence required for the different functions of the audit and certification process?
*A number of evaluation methods that can be used to evaluate knowledge and skills are described in
Annex B of IS/IEC 17021-1.
*Annex C of ISO/IEC 17021-1:2015 shows an example of process flow for determining and
maintaining competence.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.1.4 Other considerations
Does the certification body have access to the necessary technical expertise for advice on matters
directly relating to certification activities for all technical areas, types of management systems and
geographic areas in which the certification body operates?
Such advice may be provided externally or by certification body personnel.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2 Personnel involved in the certification activities
7.2.1 Does the certification body have sufficient, competent personnel for managing and supporting
the type and range of audit programmes and other certification work performed?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.2 Does the certification body employ, or have access to, a sufficient number of auditors, including
audit team leaders, and technical experts to cover all of its activities and to handle the volume of audit
work performed?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
10 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.3 Does the certification body make clear to each person concerned their duties, responsibilities
and authorities?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.4 Does the certification body have processes for selecting, training, formally authorizing auditors
and for selecting and familiarizing technical experts used in the certification activity?
Does the initial competence evaluation of an auditor include ability to apply required knowledge and
skills during audits, as determined by a competent evaluator observing the auditor conducting an
audit?
*During the selection and training process described above desired personal behaviours can be
considered. These are characteristics that affect an individual's ability to perform specific functions.
Therefore, knowledge about the behaviours of individuals enables a certification body to take
advantage of their strengths and to minimize the impact of their weaknesses.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.5 Does the certification body have a process to achieve and demonstrate effective auditing,
including the use of auditors and audit team leaders possessing generic auditing skills and
knowledge, as well as skills and knowledge appropriate for auditing in specific technical areas?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.6 Does the certification body ensure that auditors (and, where needed, technical experts) are
knowledgeable of its audit processes, certification requirements and other relevant requirements?
Does the certification body give auditors and technical expert’s access to an up-to-date set of
documented procedures giving audit instructions and all relevant information on the certification
activities?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
11 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.7 Does the certification body identify training needs and offer or provide access to specific training
to ensure its auditors, technical experts and other personnel involved in certification activities are
competent for the functions they perform?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.8 Does the group or individual that takes the decision on granting, refusing, maintaining,
renewing, suspending, restoring or withdrawing certification, or on expanding or reducing the scope
of certification, understand the applicable standard and certification requirements, and have
demonstrated competence to evaluate the outcomes of the audit processes including related
recommendations of the audit team?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.9 Does the certification body ensure the satisfactory performance of all personnel involved in the
audit and certification activities?
Are there documented process for monitoring competence and performance of all persons involved,
based on the frequency of their usage and the level of risk linked to their activities?
Does the certification body review and record the competence of its personnel in the light of their
performance in order to identify training needs?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.10 Does the certification body monitor each auditor considering each type of management system
to which the auditor is deemed competent?
Do the documented monitoring procedures for auditors include combination of on-site observation,
review of audit reports and feedback from clients or from the market?
Is the monitoring designed in such a way as to minimize disturbance to the normal processes of
certification, especially from the client's viewpoint?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
12 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.2.11 Does the certification body periodically evaluate the performance of each auditor on-site?
Is the frequency of on-site evaluations based on the need determined from all monitoring information
available?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.3 Use of individual external auditors and external technical experts
Does the certification body require external auditors and external technical experts to have a written
agreement by which they commit themselves to comply with applicable policies and implemented
processes as defined by the certification body?
Does the agreement address aspects relating to confidentiality and impartiality and require the
external auditors and external technical experts to notify the certification body of any existing or prior
relationship with any organization they may be assigned to audit?
*Use of an individual or employee of another organization individually contracted to serve as an
external auditor or technical expert does not constitute outsourcing.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.4 Personnel records
Does the certification body maintain up-to-date personnel records, including relevant qualifications,
training, experience, affiliations, professional status and competence?
Does the record include management and administrative personnel in addition to those performing
certification activities?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
13 of 62
Clause Requirement
7.5 Outsourcing
7.5.1 Does the certification body have a process in which it describes the conditions under which
outsourcing (which is subcontracting to another organization to provide part of the certification
activities on behalf of the certification body) may take place?
Does the certification body have a legally enforceable agreement covering the arrangements,
including confidentiality and conflict of interests, with each body that provides outsourced services?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.5.2 Are decisions for granting, refusing maintaining of certification, expanding or reducing the scope
of certification, renewing, suspending or restoring, or withdrawing of certification are not outsourced?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.5.3 Does the certification body:
a) take responsibility for all activities outsourced to another body,
b) ensure that the body that provides outsourced services, and the individuals that it uses, conform
to requirements of the certification body and also to the applicable provisions of ISO/IEC 17021-1,
including competence, impartiality and confidentiality, and
c) Ensure that the body that provides outsourced services, and the individuals that it uses, are not
involved, either directly or through any other employer, with an organization to be audited, in such
a way that impartiality could be compromised?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
7.5.4 Does the certification body have a process for the approval and monitoring of all bodies that
provide outsourced services used for certification activities?
Does the certification body ensure that records of the competence of all personnel involved in
certification activities are maintained?
* For Clauses 7.5.1 to 7.5.4, where the certification body engages individuals or employees of other
organizations to provide additional resources or expertise, these individuals do not constitute
outsourcing provided they are individually contracted to operate under the certification body’s
management system (see Clause 7.3)
*For Clauses 7.5.1 to 7.5.4, the terms “outsourcing” and “subcontracting” are considered to be
synonyms.
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
14 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8 Information requirements
Do the certification documents identify in detail what activity is certified, referring to categories and
subcategories?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.1 Publicly accessible information
8.1.1 Does the certification body maintain (through publications, electronic media or other means),
and make public, without request, in all the geographical areas in which it operates, information
about:
a) Audit processes;
b) Processes for granting, refusing, maintaining, renewing, suspending, restoring or withdrawing
certification or expanding or reducing the scope of certification;
c) Types of management systems and certification schemes in which it operates;
d) The use of the certification body’s name and certification mark or logo;
e) Processes for handling requests for information, complaints and appeals;
f) Policy on impartiality?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.1.2 Does the certification body provide upon request about:
a) geographical areas in which it operates;
b) the status of a given certification; and
c) the name, related normative document, scope and geographical location (city and country) for a
specific certified client?
*In exceptional cases, access to certain information can be limited on the request of the client (e.g.
for security reasons).
*The certification body can also make the information in 8.1.2 public by any means it chooses without
request, e.g. on its internet website.
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
15 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.1.3 Does the certification body ensure that information provided to any client or to the marketplace,
including advertising, is accurate and not misleading?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.2 Certification documents
8.2.1 How does the certification body provide certification documents to the certified client?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.2.2 Does the certification document(s) identify the following:
a) the name and geographic location of each client whose management system is certified (or the
geographic location of the headquarters and any sites within the scope of a multi-site
certification);
b) the effective date of granting, expanding or reducing the scope of certification or renewing
certification which shall not be before the date of the relevant certification decision;
*The certification body can keep the original certification date on the certificate when a certificate
lapses for a period of time provided that:
- the current certification cycle start and expiry date are clearly indicated;
- the last certification cycle expiry date be indicated along with the date of recertification audit
c) the expiry date or recertification due date consistent with the recertification cycle;
d) a unique identification code;
e) the management system standard and/or other normative document, including indication of issue
status (e.g. revision date or number) used for audit of the certified client;
f) the scope of certification with respect to types of activities, products and services as applicable at
each site without being misleading or ambiguous;
g) the name, address and certification mark of the certification body; other marks (e.g. accreditation
symbol, client’s logo) may be used provided they are not misleading or ambiguous;
h) any other information required by the standard and/or other normative document used for
certification;
i) in the event of issuing any revised certification documents, a means to distinguish the revised
documents from any prior obsolete documents?
*ISO/IEC 17030 provides requirements for use of third-party marks.
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
16 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.3 Reference to certification and use of marks
8.3.1 Does the certification body have rules governing any management system’s third party mark
that it authorizes certified clients to use?
Do these rules ensure, among other things, traceability back to the certification body?
Is there any ambiguity, in the mark or accompanying text, as to what has been certified and which
certification body has granted the certification?
Is the mark used on a product or product packaging seen by the consumer or in any other way that
may be interpreted as denoting product conformity?
*ISO/IEC 17030 provides additional information for use of third-party marks.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.3.2 How does the certification body ensure that its marks are not applied to laboratory test,
calibration or inspection reports or certificates? Such reports are deemed to be products in this
context.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.3.3 Does the certification body have rules governing the use of any statement on product packaging
or in accompanying information that the certified client has a certified management system?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.3.4 Does the certification body through legally enforceable arrangements require that the certified
client:
a) conforms to the requirements of the certification body when making reference to its certification
status in communication media such as the internet, brochures or advertising, or other
documents;
b) does not make or permit any misleading statement regarding its certification;
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
17 of 62
Clause Requirement
c) does not use or permit the use of a certification document or any part thereof in a misleading
manner;
d) upon withdrawal of its certification, discontinues its use of all advertising matter that contains a
reference to certification, as directed by the certification body (see 9.6.5);
e) amends all advertising matter when the scope of certification has been reduced,
f) does not allow reference to its management system certification to be used in such a way as to
imply that the certification body certifies a product (including service)or process;
g) does not imply that the certification applies to activities and sites that are outside the scope of
certification; and
h) does not use its certification in such a manner that would bring the certification body and/or
certification system into disrepute and lose public trust?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.3.5 Does the certification body exercise proper control of ownership and take action to deal with
incorrect references to certification status or misleading use of certification documents, marks or audit
reports?
*Such action could include requests for correction and corrective action, suspension, withdrawal of
certification, publication of the transgression and, if necessary, legal action.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.4 Confidentiality
8.4.1 Does the certification body, through legally enforceable agreements, have the responsibility for
the management of all information obtained or created during the performance of certification
activities at all levels of its structure, including committees and external bodies or individuals acting
on its behalf?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.4.2 Does the certification body inform the client, in advance, of the information it intends to place in
the public domain?
Is all other information, except for information that is made publicly accessible by the client,
considered confidential?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
18 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.4.3 Except as required in ISO/IEC 17021, is information about a particular certified client or
individual not disclosed to a third party without the written consent of the certified client or individual
concerned?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.4.4 When the certification body is required by law or authorized by contractual arrangements (such
as with the accreditation body) to release confidential information, are the client or individual
concerned, unless prohibited by law, notified of the information provided?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.4.5 Is information about the client from sources other than the client (e.g. complainant, regulators)
treated as confidential, consistent with the certification body’s policy?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.4.6 Do personnel, including any committee members, contractors, personnel of external bodies or
individuals acting on the certification body's behalf, keep all information obtained or created during
the performance of the certification body's activities, except as required by law, confidential?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.4.7 Does the certification body have processes and where applicable equipment and facilities that
ensure the secure handling of confidential information?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
19 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.5 Information exchange between a certification body and its clients
8.5.1 Information on the certification activity and requirements
Does the certification body provide and update clients on the following:
a) detailed description of the initial and continuing certification activity, including the application,
initial audits, surveillance audits, and the process for granting, refusing, maintaining of
certification, expanding or reducing the scope of certification, renewing, suspending, or restoring,
or withdrawing of certification;
b) the normative requirements for certification;
c) information about the fees for application, initial certification and continuing certification;
d) the certification body's requirements for clients to:
1. comply with certification requirements,
2. make all necessary arrangements for the conduct of the audits, including provision for
examining documentation and the access to all processes and areas, records and personnel
for the purposes of initial certification, surveillance, recertification and resolution of complaints,
and
3. make provisions, where applicable, to accommodate the presence of observers (e.g.
accreditation assessors or trainee auditors);
e) documents describing the rights and duties of certified clients, including requirements, when
making reference to its certification in communication of any kind in line with the requirements in
8.3; and
f) information on procedures for handling complaints and appeals?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
8.5.2 Notice of changes by a certification body
Does the certification body give its certified clients due notice of any changes to its requirements for
certification?
Does the certification body verify that each certified client complies with the new requirements?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
20 of 62
Clause Requirement
8.5.3 Notice of changes by a certified client
Does the certification body have legally enforceable arrangements to ensure that the certified client
informs the certification body, without delay, of matters that may affect the capability of the
management system to continue to fulfil the requirements of the standard used for certification?
Do these include, for example, changes relating to:
a) the legal, commercial, organizational status or ownership;
b) organization and management (e.g. key managerial, decision-making or technical staff);
c) contact address and sites;
d) scope of operations under the certified management system; and
e) major changes to the management system and processes?
Does the certification body take action as appropriate?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9 Process requirements
9.1 Pre-certification activities
9.1.1 Application
Does your certification body require an authorized representative of the applicant organization to
provide the necessary information to enable it to establish the following:
a) the desired scope of the certification;
b) relevant details of the applicant organisation as required by the specific certification scheme,
including its name and the address(es) of its site(s), its processes and operations, human and
technical resources, functions, relationships and any relevant legal obligation;
c) identification of outsourced processes used by the organisation that will affect conformity to
requirements;
d) the standards or other requirements for which the applicant organisation is seeking certification;
and
e) whether consultancy relating to the management system to be certified has been provided and, if
so, by whom?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003:2013
Does the certification body require the applicant organization to provide detailed information
concerning process lines, HACCP studies and the number of shifts?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
21 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
9.1.2 Application Review
9.1.2.1 Does your certification body conduct a review of the application and supplementary
information for certification to ensure that:
a) the information about the applicant organisation and its management system is sufficient to
develop an audit programme (see Clause 9.1.3)
b) any known difference in understanding between the certification body and the application
organisation is resolved;
c) the certification body has the competence and ability to perform the certification activity; and
the scope of certification sought, the site(s) of the applicant organisation’s operations, time
required to complete audits and any other points influencing the certification activity are taken
into account (language, safety conditions, threats to impartiality, etc.)?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.2.2 Following the review of the application, does the certification body either accept or decline an
application for certification. When the certification body declines an application for certification as a
result of the review of application, are the reasons for declining an application documented and made
clear to the client?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.2.3 Based on this review, does the certification body determine the competences it needs to
include in its audit team and for the certification decision?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
22 of 62
Clause Requirement
9.1.3 Audit programme
ISO/TS 22003:2013
9.1.1 Does the certification body use Annex A to define the relevant scope for the organization
applying for certification?
Does the certification body not exclude activities, processes, products or services from the scope of
certification when those activities, processes, products or services can have an influence on food
safety of the end products as defined in the scope of certification?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.3.1 Is an audit programme for the full certification cycle developed to clearly identify the audit
activity/activities required to demonstrate that the client’s management system fulfils the requirements
for certification to the selected standard(s) or other normative document(s)?
Does the audit programme for the certification cycle cover the complete management system
requirements?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.3.2 Does the audit programme for the initial certification include a two-stage initial audit,
surveillance audits in the first and second years following the certification decision, and a
recertification audit in the third year prior to expiration of certification?
Does the first three-year certification cycle begin with the certification decision?
Do subsequent cycles begin with the recertification decision (See Clause 9.6.3.2.3)?
Does the determination of the audit programme and any subsequent adjustments consider the size of
the client, the scope and complexity of its management system, products and processes as well as
demonstrated level of management system effectiveness and the results of any previous audits?
* Annex E of ISO/IEC 17021-1 is a flowchart of a typical audit and certification process.
**The following list contains additional items that can be considered when developing or revising an
audit programme, they might also need to be addressed when determining the audit scope and
developing the audit plan:
- Complaints received by the certification body about the client;
- Combined integrated or joint audit;
- Changes to certification requirements;
- Changes to legal requirements;
- Changes to accreditation requirements;
- Organisational performance data (e.g. defect levels, key performance indicators data)
*** If specified by the industry specific certification scheme, the certification cycle can be different
from three years.
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
23 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.3.3 Are surveillance audits conducted at least once a calendar year, except in recertification
years?
Is the date of the first surveillance audit following initial certification not more than 12 months from the
certification decision date?
*It can be necessary to adjust the frequency of surveillance audits to accommodate factors such as
seasons or management systems certification of a limited duration (e.g. temporary construction site)
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.3.4 Where the certification body is taking account of certification already granted to the client and
to audits performed by another certification body, does the certification body obtain and retain
sufficient evidence, such as reports and documentation on corrective actions, to any nonconformity?
Does the documentation support the fulfilling of the requirements in this part of ISO/IEC 17021?
Does the certification body, based on the information obtained, justify and record any adjustments to
the existing audit programme and follow up the implementation of corrective actions concerning
previous nonconformities?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.3.5 Where the client operates shifts, are the activities that take place during shift working
considered when developing the audit programme and audit plans?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
24 of 62
Clause Requirement
9.1.4 Determining audit time
ISO/TS 22003:2013
9.1.4
Does the certification body have documented procedures for determining audit time?
Does the certification body determine the time needed to plan and accomplish a complete and
effective audit of the client’s FSMS?
Are the audit time determined by the certification body, and the justification for the determination
recorded?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.4.1 Does the certification body have documented procedures for determining audit time?
Does the certification body determine the time needed to plan and accomplish a complete and
effective audit of the client’s QMS/EMS?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.4.2 In determining the audit time, does the certification body consider, among other things, the
following aspects:
a) the requirement of the relevant QMS/EMS standards;
b) complexity of the client and its management system;
c) technological and regulatory context;
d) Any outsourcing of any activities included in the scope of the QMS/EMS;
e) results of any prior audits;
f) size and number of sites, their geographical locations and multi-site considerations;
g) the risks associated with the products, processes or activities of the organisation;
h) when audits are combined, joint or integrated?
* Time spent travelling to and from audited sites is not included in the calculation of the duration of
the management system audit days.
** The certification body can use the guidance established in ISO/IEC TS 17023 for determining the
duration of management system audit when documenting these procedures.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.4.3 Are the duration of the management system audit and its justification recorded?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
25 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.4.4 Does the time spent by any team member that is not assigned as an auditor (i.e. technical
experts, translators, interpreters, observers and auditors-in-training) not count in the above
established duration of the management system audit?
*The use of translators can necessitate additional audit time.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.5 Multi-site sampling
Where multi-site sampling is used for the audit of a client’s management system covering the same
activity in various geographical locations, does the certification body develop a sampling programme
to ensure proper audit of the management system?
Is rationale for the sampling plan documented for each client? Sampling is not allowed for some
specific certification schemes, and where specific criteria have been established for a specific
certification scheme, e.g. ISO/TS 22003, these shall be applied.
*Where there are multiple sites not covering the same activity sampling is not appropriate.
ISO?TS 22003:2013
**This subclause (9.1.5) is intended to apply only to operations directly affecting food safety, and not
to exclusively administrative sites.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003:2013
9.1.5.1
Is a multi-site organization an organization having an identified central function (hereafter referred to
as a central office – but not necessarily the headquarters of the organization) at which certain FSMS
activities are planned, controlled or managed and a network of sites at which such activities are fully
or partially carried out?
Are examples of possible multi-site organizations:
organizations operating with franchises;
a manufacturing company with one or more production sites and a network of sales offices;
service organizations with multiple sites offering a similar service;
organizations with multiple branches?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
26 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003:2013
9.1.5.2
Does the certification body certify a multi-site organization under one management system providing
that the following conditions apply:
a) all sites are operating under one centrally controlled and administered FSMS as defined in ISO
22000:2005, Clause 4, or equivalent for other FSMS;
b) an internal audit has been conducted on each site within one year prior to certification;
c) audit findings of the individual sites shall be considered indicative of the entire system and
correction shall be implemented accordingly.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003:2013
9.1.5.3
Is the use of multi-site sampling possible for categories A, B, E, F and G (as per Table A.1) and for
organizations with more than 20 sites operating similar processes within these categories?
Does this apply to the initial certification, to surveillance and to recertification audits?
Does the certification body justify its decision on sampling for multi-site certification?
Where multi-site sampling is permitted, following certification, does the annual internal audit
programme include all sites of the organization?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.5.4
ISO/TS 22003:2013
Where the certification body offers multi-site sampling, does the certification body utilize a sampling
programme to ensure an effective audit of the FSMS where the following apply:
a) for the organizations with 20 sites or less, all sites be audited. The sampling for more than 20
sites shall be at ratio of 1 site per 5 sites. All sites shall be randomly selected and, after the audit,
no sampled sites may be nonconforming (i.e. not meeting certification thresholds for ISO 22000).
b) At least annually, an adult of the central office for the FSMS shall be performed by the certification
body.
c) At least annually, surveillance audits shall be performed by the certification body on the required
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
27 of 62
Clause Requirement
number of sampled sites.
d) Audit finding of the sampled sites shall be considered indicative of the entire system and
correction shall be implemented accordingly.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.1.6 Multiple management systems standards
When certification to multiple management system standards is being provided by the certification
body, does the planning for the audit ensure adequate on-site auditing to provide confidence in the
certification?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2 Planning Audits
9.2.1 Determining Audit objectives scope and criteria
9.2.1.1 Does the certification body determine the audit objectives?
Does the certification body establish the audit scope and criteria, including any changes, after
discussion with the client?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.1.2 Do the audit objectives describe what is to be accomplished by the audit and include the
following:
a) determination of the conformity of the client's management system, or parts of it, with audit
criteria;
b) evaluation of the ability of the management system to ensure the client organization meets
applicable statutory, regulatory and contractual requirements;
*A management system certification audit is not a legal compliance audit.
c) determination of the effectiveness of the management system to ensure the client organization
can reasonably expect to achieving its specified objectives; and
d) as applicable, identification of areas for potential improvement of the management system?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
28 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
9.2.1.3 Does the audit scope describe the extent and boundaries of the audit, such as physical
locations, organizational units, activities and processes to be audited?
Where the initial or re-certification process consists of more than one audit (e.g. covering different
locations), does the scope of an individual audit not cover the full certification scope, but the totality of
audits is consistent with the scope in the certification document?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.1.4 Is the audit criteria used as a reference against which conformity is determined, and does it
include:
the requirements of a defined normative document on management systems;
the defined processes and documentation of the management system developed by the client?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.2 Audit team selection and assignments
9.2.2.1.1 General
Does the certification body have a process for selecting and appointing the audit team, including the
audit team leader and technical experts as necessary, taking into account the competence needed to
achieve the objectives of the audit and requirements for impartiality?
If there is only one auditor, Does the auditor have the competence to perform the duties of an audit
team leader applicable for that audit?
Does the audit team have the totality of the competences identified by the certification body as set out
in Clause 9.1.2.3 for the audit?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
29 of 62
Clause Requirement
9.2.2.1.2 In deciding the size and composition of the audit team, is consideration given to the
following:
a) audit objectives, scope, criteria and estimated audit time;
b) whether the audit is combined, joint or integrated;
c) the overall competence of the audit team needed to achieve the objective of the audit (See Table
A.1 of ISO/IEC 17021-1)
d) certification requirements (including any applicable statutory, regulatory or contractual
requirements);
e) language and culture?
*The team leader of a combined or integrated audit is expected to have in-depth knowledge of at
least one of the standards and an awareness of the other standards used for that particular audit.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.2.1.3 Is the knowledge and skills of the audit team leader and auditors supplemented by technical
experts, translators and interpreters, and operate under the direction of an auditor?
Are translators or interpreters selected such that they do not unduly influence the audit?
*The criteria for the selection of technical experts are determined on a case-by-case basis by the
needs of the audit team and the scope of the audit.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.2.1.4 Are auditors-in-training included in the audit team as participants, provided an auditor is
appointed as an evaluator?
Is the evaluator competent to take over the duties and have final responsibility for the activities and
findings of the auditor-in-training?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.2.1.5 Does the audit team leader, in consultation with the audit team, assign to each team
member responsibility for auditing specific processes, functions, sites, areas or activities?
Do these assignments take into account the need for competence, and the effective and efficient use
of the audit team, as well as different roles and responsibilities of auditors, auditors-in-training and
technical experts?
Are changes to the work assignments made as the audit progresses to ensure achievement of the
audit objectives?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
30 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.2.2 Observers, technical experts and guides
9.2.2.2.1 Observers
Is the presence and justification of observers during an audit activity agreed to by the certification
body and client prior to the conduct of the audit?
Does the audit team ensure that observers do not unduly influence or interfere in the audit process or
outcome of the audit?
*Observers can be members of the client’s organisation, consultants, witnessing accreditation body
personnel, regulators or other justified persons.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.2.2.2 Technical experts
Is the role of technical experts during an audit activity agreed to by the certification body and client
prior to the conduct of the audit?
Does a technical expert not act as an auditor in the audit team?
Is the technical expert accompanied by an auditor?
*The technical experts can provide advice to the audit team for the preparation, planning or audit.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
31 of 62
Clause Requirement
9.2.2.2.3 Guides
Is each auditor accompanied by a guide, unless otherwise agreed to by the audit team leader and the
client?
Are guide(s) assigned to the audit team to facilitate the audit?
Does the audit team ensure that guides do not influence or interfere in the audit process or outcome
of the audit?
*The responsibilities of a guide can include:
a) establishing contacts and timing for interviews;
b) arranging visits to specific parts of the site or organization;
c) ensuring that rules concerning site safety and security procedures are known and respected by
the audit team members;
d) witnessing the audit on behalf of the client;
e) providing clarification or information as requested by an auditor.
**Where appropriate, the auditee can also act as the guide.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.3 Audit plan
ISO/TS 22003:2013
Does the certification body have a process for choosing the audit day, time and season, so that the
audit team has the opportunity of auditing the organization operating on a representative number of
product lines, categories and subcategories covered by the scope of certification?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.3.1 General
Does the certification body ensure that an audit plan is established prior to each audit identified in the
audit programme to provide the basis for agreement regarding the conduct and scheduling of the
audit activities?
*It is not expected that a certification body will develop an audit plan for each at the time that the audit
programme is developed.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
32 of 62
Clause Requirement
9.2.3.2 Preparing the audit plan
Is the audit plan appropriate to the objectives and the scope of the audit?
Does the audit plan include or refer to the following at least:
a) the audit objectives;
b) the audit criteria;
c) the audit scope, including identification of the organizational and functional units or processes to
be audited;
d) the dates and sites where the on-site audit activities are to be conducted, including visits to
temporary sites, as appropriate;
e) the expected time and duration of on-site audit activities;
f) the roles and responsibilities of the audit team members and accompanying persons?
*The audit plan information can be contained in more than one document.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.3.3 Communication of audit team tasks
Are the tasks given to the audit team defined?
Does the certification body require the audit team to:
a) Examine and verify the structure, policies, processes, procedures, records and related documents
of the client relevant to the management system standard;
b) Determine that these meet all the requirements relevant to the intended scope of certification;
c) Determine that the processes and procedures are established, implemented and maintained
effectively, to provide a basis for confidence in the client’s QMS/EMS management system; and
d) Communicate to the client, for its action, any inconsistencies between the client’s policy,
objectives and targets?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.3.4 Communication of audit plan
Is the audit plan communicated and the dates of the audit agreed upon, in advance, with the client
organization?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
33 of 62
Clause Requirement
ISO/TS 22003:2013
9.1.8
Does the certification body provide a written report for each audit?
Does the audit team identify opportunities for improvement, but not recommend specific solutions?
Is the ownership of the audit report maintained by the certification body?
Does the report include information about PRP used by the organization, hazard analysis
methodology used, comments on the food safety team, and other issues relevant to the FSMS?
*The stage 1 documented conclusions do not need to meet full requirements of a report.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.2.3.5 Communication concerning audit team members
Does the certification body provide the name of and, when requested, make available background
information on each member of the audit team, with sufficient time for the client organisation to object
to the appointment of any particular auditor or technical expert and for the certification body to
reconstitute the team in response to any valid objection?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.3 Initial certification
9.3.1 Initial certification audit
9.3.1.1 General
Is the initial certification audit of an FSMS conducted in two stages: stage 1 and stage 2?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.3.1.2 Stage 1
9.3.1.2.1 Does planning ensure that the objectives of stage 1 can be met and the client be informed
of any “on site” activities during stage 1?
*Stage 1 does not require a formal audit plan (see clause 9.2.3)
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
34 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
9.3.1.2.2 Are the objectives of stage 1 to:
a) Review the client’s management system documented information;
b) Evaluate the client’s site-specific conditions and to undertake discussions with the client’s
personnel to determine the preparedness for stage 2;
c) Review the client’s status and understanding regarding requirements of the standard, in particular
with respect to the identification of key performance or significant aspects, processes, objectives
and operation of the management system;
d) Obtain necessary information regarding the scope of the management system, including:
the client’s site(s);
processes and equipment used;
levels of controls established (particularly in case of multisite clients);
applicable statutory and regulatory requirements;
e) Review the allocation of resources for stage 2 and agree the details of stage 2 with the client;
f) Provide a focus for planning stage 2 by gaining a sufficient understanding of the client’s
management system and site operations in the context of the management system standard or
other normative document; and
g) Evaluate if the internal audits and management reviews are being planned and performed, and
that the level of implementation of the management system substantiates that the client is ready
for stage 2?
*If at least part of stage 1 is carried out at the client’s premises, this can help to achieve the
objectives stated above.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003
9.2.3.1.2
Are the objectives of stage 1 to provide a focus for planning the stage 2 audit by gaining an
understanding of the organization’s FSMS and the organization’s state of preparedness for stage 2
by reviewing the extent to which:
a) the organization has identified PRP that are appropriate to the business (e.g. regulatory,
statutory, customer and certification scheme requirements);
b) the FSMS includes adequate processes and methods for the identification and assessment of
the organization’s food safety hazards, and subsequent selection and categorization of control
measures (combinations);
c) relevant food safety legislation is implemented;
d) the FSMS is designed to achieve the organization’s food safety policy;
e) the FSMS implementation programme justifies proceeding to the audit (stage 2);
f) the validation of control measures, verification of activities and improvement programmes
conform to the requirements of the FSMS standard;
g) the FSMS documents and arrangements are in place to communicate internally and with
relevant suppliers, customers and interested parties; and
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
35 of 62
Clause Requirement
h) there is any additional documentation which needs to be reviewed and/or information which
needs to be obtained in advance?
Where an organization has implemented an externally developed combination of control measures,
does the stage 1 review the documentation included in the FSMS to determine if the combination of
control measures:
is suitable for the organization;
was developed in compliance with the requirements of ISO 22000; and
is kept up to date?
Is the availability of relevant authorizations checked when collecting the information regarding the
compliance to regulatory aspects?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003
9.2.3.1.3
Is the stage 1 carried out at the client’s premises in order to achieve the objectives stated above?
In exceptional circumstances, does part of stage 1 take place off-site and is full satisfied?
Does the evidence demonstrating that stage 1 objectives are fully achieved provided?
Do exceptional circumstances include very remote location, short seasonal production?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.3.1.2.3 Are documented conclusions with regard to fulfilment of the stage 1 objectives and the
readiness for stage 2 communicated to the client, including identification of any areas of concern that
could be classified as nonconformity during stage 2?
*The stage 1 output does not need to meet the full requirements of a report (see clause 9.4.8)
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003:2013
9.2.3.1.4
Is the client informed that the results of stage 1 may lead to postponement or cancellation of the
stage 2?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
36 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003:2013
9.2.3.1.5
Is any part of the FSMS audited during the stage 1 audit, determined to be fully implemented,
effective and in conformity with requirements, may not need to be re-audited during the stage 2
audit?
Does the certification body ensure that the already audited parts of the FSMS continue to conform to
the certification requirements?
In this case, does the audit report include these findings and shall clearly state that conformity has
been established during the stage 1 audit?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
ISO/TS 22003:2013
9.2.3.1.6
Is the interval between stage 1 and stage 2 not longer than 6 months?
Is stage 1 repeated if a longer interval is needed?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.3.1.3 Stage 2
The purpose of stage 2 is to evaluate the implementation, including effectiveness, of the client’s
management system. Does the stage 2 stake place at the site(s) of the client?
Does it include the auditing of at least the following:
a) Information and evidence about conformity to all requirements of the applicable management
system standard or other normative documents;
b) Performance monitoring, measuring, reporting and reviewing against key performance objectives
and targets (consistent with the expectations in the applicable management system standard or
other normative document);
c) The client’s management system ability and its performance regarding meeting of applicable
statutory, regulatory and contractual requirements;
d) Operational control of the client’s processes;
e) Internal auditing and management review; and
f) Management responsibility for the client’s policies?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
37 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.3.1.4 Initial certification audit conclusions
Does the audit team analyze all information and audit evidence gathered during stage 1 and stage 2
to review the audit findings and agree on audit conclusions?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4 Conducting audits
9.4.1 General
Does the certification body have a process for conducting on-site audits?
Does this process include an opening meeting at the start of the audit and a closing meeting at the
conclusion of the audit?
Where any part of the audit is made by electronic means or where the site to be audited is virtual,
Does the certification body ensure that such activities are conducted by personnel with appropriate
competence?
Is the evidence obtained during such an audit sufficient to enable the auditor to take an informed
decision on the conformity of the requirement in question?
* “On-site” audits can include remote access to electronic site(s) that contain(s) information that is
relevant to the audit of the management system. Consideration can also be given to the use of
electronic means for conducting audits.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.2 Conducting the opening meeting
Is a formal opening meeting held with the client’s management and, where appropriate, those
responsible for the functions or processes to be audited?
Is the purpose of the opening meeting, which is usually conducted by the audit team leader, to
provide a short explanation of how the audit activities will be undertaken?
Is the degree of details consistent with the familiarity of the client with the audit process?
Does the opening meeting include the following:
a) Introduction of the participants, including an outline of their roles;
b) Confirmation of the scope of certification;
c) Confirmation of the audit plan (including type and scope of audit, objectives and criteria), any
changes, and other relevant arrangements with the client, such as the date and time for the
closing meeting, interim meeting between the audit team and the client’s management;
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
38 of 62
Clause Requirement
d)
e)
f)
g)
h)
i)
j)
k)
l)
m)
n)
o)
p)
Confirmation of formal communication channels between the audit team and the client;
Confirmation that the resources and facilities needed by the audit team available;
Confirmation of matters relating to confidentiality;
Confirmation of relevant work safety, emergency and security procedures for the audit team;
Confirmation of the availability, roles and identities of any guides and observers;
The method of reporting, including any grading of audit findings;
Information about the conditions under which the audit may be prematurely terminated;
Confirmation that the audit team leader and audit team representing the certification body is
responsible for the audit and be in control of executing the audit plan including audit activities and
audit trails;
Confirmation of the status of findings of the previous review or audit, if applicable;
Methods and procedures to be used to conduct the audit based on sampling;
Confirmation of the language to be used during the audit;
Confirmation that, during the audit, the client will be kept informed of audit progress and any
concerns; and
Opportunity for the client to ask questions?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.3 Communication during the audit
9.4.3.1 During the audit, Does the audit team periodically assess audit progress and exchange
information?
Does the audit team leader re assign work as needed between the audit team members and
periodically communicate the progress of the audit and any concerns to the client?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.3.2 Where the available audit evidence indicates that the audit objectives are unattainable or
suggests the presence of an immediate and significant risk (e.g. safety), Does the audit team leader
report this to the client, if possible, to the certification body to determine appropriate action?
Does such action include reconfirmation or modification of the audit plan, changes to the audit
objectives or audit scope, or termination of the audit?
Does the audit team leader report the outcome of the action taken to the certification body?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
39 of 62
Clause Requirement
9.4.3.3 Does the audit team leader review with the client any need for changes to the audit scope
which becomes apparent as on-site auditing activities progress and report this to the certification
body?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.4 Obtaining and verifying information
9.4.4.1 During the audit, Does the auditor of the certification body collect information relevant to the
audit objectives, scope and criteria (including information relating to interfaces between functions,
activities and processes) by appropriate sampling and verified to become audit evidence?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.4.2 Does the auditor of the certification body use methods to collect information include, but not
limited to:
a) Interviews;
b) Observation of processes and activities;
c) Review of documentation and records?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.5 Identifying and recording audit findings
9.4.5.1 Are the audit findings summarizing conformity and detailing non conformity identified,
classified and recorded to enable an informed certification decision to be made or the certification to
be maintained?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.5.2 Are Opportunities for improvement identified and recorded, unless prohibited by the
requirements of a management system certification scheme?
Does the auditor of the certification body not record nonconformities as opportunities improvement?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
40 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.5.3 Are nonconformities recorded against a specific requirement of the audit criteria, and do they
contain a clear statement of the nonconformity and identify in detail the objective evidence on which
the nonconformity is based?
Are nonconformities discussed with the client to ensure that the evidence is accurate and that the
nonconformities are understood?
Does the auditor refrain from suggesting the cause of nonconformities or their solution?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.5.4 Does the audit team leader attempt to resolve any diverging opinions between the audit team
and the client concerning audit evidence or findings?
Are unresolved points recorded?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.6 Preparing audit conclusions
Under the responsibility of the audit team leader and prior to the closing meeting, does the audit
team:
a) review the audit findings, and any other appropriate information collected during the audit, against
the audit objective and audit criteria and classify nonconformities;
b) agree upon the audit conclusions, taking into account the uncertainty inherent in the audit
process; c. identify any necessary follow-up actions;
c) confirm the appropriateness of the audit programme or identify any modification required (e.g.
scope of certification, audit time or dates, surveillance frequency, audit team competence)?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
41 of 62
Clause Requirement
9.4.7 Conducting the closing meeting
9.4.7.1 Does the audit team of the certification body hold a formal closing meeting with the client's
management and, where appropriate, those responsible for the functions or processes audited?
Is attendance of the closing meeting recorded?
Is the purpose of the closing meeting, normally conducted by the audit team leader, to present the
audit conclusions, including the recommendation regarding certification?
Are all nonconformities presented in such a manner that they are understood, and the timeframe for
responding agreed?
*“Understood” does not necessarily mean that the nonconformities have been accepted by the client.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.7.2 Does the closing meeting also include the following elements where the degree of detail
consistent with the familiarity of the client with the audit process:
a) advising the client that the audit evidence collected was based on a sample of the information;
thereby introducing an element of uncertainty;
b) the method and timeframe of reporting, including any grading of audit findings;
c) the certification body's process for handling nonconformities including any consequences relating
to the status of the client's certification;
d) the timeframe for the client to present a plan for correction and corrective action for any
nonconformities identified during the audit;
e) the certification body's post audit activities;
f) information about the complaint handling and appeal processes.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.7.3 Does the audit team of the certification body give the client opportunity for questions?
Are diverging opinions regarding the audit findings or conclusions between the audit team and the
client discussed and resolved where possible?
Are diverging opinions that are not resolved recorded and referred to the certification body?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
42 of 62
Clause Requirement
9.4.8 Audit report
9.4.8.1 Does the certification body provide to the client a written report for each audit?
Does the audit team identify opportunities for improvement without recommending specific solutions?
Is the ownership of the audit report maintained by the certification body?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.8.2 Does the audit team leader ensure that the audit report is prepared and is responsible for its
content?
Does the audit report provide an accurate, concise and clear record of the audit to enable an
informed certification decision to be made and include or refer to the following:
a) identification of the certification body;
b) the name and address of the client and the client's representative;
c) the type of audit (e.g. initial, surveillance or recertification audit or special audits);
d) the audit criteria;
e) the audit objectives;
f) the audit scope, particularly identification of the organizational or functional units or processes
audited and the time of the audit;
g) any deviation from the audit plan and their reason;
h) any significant issues impacting on the audit programme;
i) identification of the audit team leader, audit team members and any accompanying persons;
j) the dates and places where the audit activities (on site or offsite, permanent or temporary sites)
were conducted;
k) audit findings (see 9.4.5), reference to evidence and conclusions, consistent with the
requirements of the type of audit;
l) Significant changes, if any, that affect the management system of the client since last audit took
place;
m) any unresolved issues, if identified.
n) where applicable, whether the audit is combined, joint or integrated;
o) a disclaimer statement indicating that auditing is based on a sampling process of the available
information;
p) recommendation from the audit team
q) the audited client is effectively controlling the use of the certification documents and marks, if
applicable; and
r) verification of effectiveness of taken corrective actions regarding previously identified
nonconformities, if applicable?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
43 of 62
Clause Requirement
9.4.8.3 Does the report contain:
a) a statement on the conformity and the effectiveness of the management system together with a
summary of the evidence relating to:
the capability of the management system to meet applicable requirements and expected
outcomes;
the internal audit and management review process;
b) a conclusion on the appropriateness of the certification scope; and
c) confirmation that the audit objectives have been fulfilled?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.9 Cause analysis of nonconformities
Does the certification body require the client to analyse the cause and describe the specific correction
and corrective actions taken, or planned to be taken, to eliminate detected nonconformities, within a
defined time?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.4.10 Effectiveness of corrections and corrective actions
Does the certification body review the corrections, identified causes and corrective actions submitted
by the client to determine if these are acceptable?
Does the certification body verify the effectiveness of any correction and corrective actions taken?
Is the evidence obtained to support the resolution of nonconformities recorded?
Is the client informed of the result of the review and verification?
Is the client informed if an additional full audit, an additional limited audit, or documented evidence (to
be confirmed during future surveillance audits) will be needed to verify effective correction and
corrective actions?
*Verification of effectiveness of correction and corrective action can be carried out based on a review
of documentation provided by the client, or where necessary, through verification on-site.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
44 of 62
Clause Requirement
9.5 Certification decision
9.5.1 General
9.5.1.1 Does the certification body ensure that the persons or committees that make the decisions for
granting certification, expanding or reducing the scope of certification, suspending or restoring
certification, withdrawing certification or renewing certification are different from those who carried out
the audits?
Does the individual(s) appointed to conduct the certification decision have appropriate competence?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.5.1.2 Is the person(s) [excluding members of committees (see clause 6.1.4)] assigned by the
certification body to make a certification decision employed by, or under legally enforceable
arrangement with either the certification body or an entity under the organizational control of the
certification body?
Does the certification body’s organizational control has one of the following:
a) Whole or majority ownership of another entity by the certification body;
b) Majority participation by the certification body on the board of directors of another entity; and
c) A documented authority by the certification body over another entity in a network of legal entities
(in which the certification body resides), linked by ownership or board of director control?
*For governmental certification bodies, other parts of the same government can be considered to be
“linked by ownership” to the certification body
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.5.1.3 Does the persons employed by, or under contract with, entities under organizational control
fulfill the same requirements of this part of ISO/IEC 17021 as persons employed by, or under contract
with, the certification body?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.5.1.4 Does the certification body record each certification decision including any additional
information or clarification sought from the audit team or other source?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
45 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.5.2 Actions prior to making a decision
Does the certification body have a process to conduct an effective review prior to making a decision
for granting certification, expanding or reducing the scope of certification, renewing, suspending or
restoring, or withdrawing of certification, including that:
a) the information provided by the audit team is sufficient with respect to the certification
requirements and the scope for certification;
b) it has reviewed, accepted and verified the effectiveness of correction and corrective actions, for
any major nonconformities: and
c) It has reviewed and accepted the client’s plan for correction and corrective action for any minor
nonconformities?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.5.3 Information for granting initial certification
9.5.3.1 Does the information provided by the audit team to the certification body for the certification
decision include, as a minimum,
a) the audit report;
b) comments on the nonconformities and, where applicable, the correction and corrective actions
taken by the client;
c) confirmation of the information provided to the certification body used in the application review
(see 9.1.2);
d) Confirmation that the audit objectives have been achieved; and
e) a recommendation whether or not to grant certification, together with any conditions or
observations?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.5.3.2 If the certification body is not able to verify the implementation of corrections and corrective
actions of any major nonconformity within 6 months after the last day of stage 2, does the certification
body conduct another stage2 prior to recommending certification?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
46 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
9.5.3.3 When a transfer of certification is envisaged from one certification body to another, Does the
accepting certification body have a process for obtaining sufficient information in order to take a
decision on certification?
*Certification schemes can have specific rules regarding the transfer of certification
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.5.4 Information for granting recertification
Does the certification body make decisions on renewing certification based on the results of the
recertification audit, as well as the results of the review of the system over the period of certification
and complaints received from users of certification?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6 Maintaining certification
9.6.1 General
Does the certification body maintain certification based on demonstration that the client continues to
satisfy the requirements of the management system standard?
Does the certification body maintain a client's certification based on a positive conclusion by the audit
team leader without further independent review, provided that:
a) for any major nonconformity or other situation that may lead to suspension or withdrawal of
certification, the certification body has a system that requires the audit team leader to report to the
certification body the need to initiate a review by appropriately competent personnel (see 7.2.8),
different from those who carried out the audit, to determine whether certification can be
maintained, and
b) competent personnel of the certification body monitor its surveillance activities, including
monitoring the reporting by its auditors, to confirm that the certification activity is operating
effectively?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
47 of 62
Clause Requirement
9.6.2 Surveillance activities
9.6.2.1 General
9.6.2.1.1 Does the certification body develop its surveillance activities so that representative areas
and functions covered by the scope of the management system are monitored on a regular basis,
and take into account changes to its certified client and its management system?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.2.1.2 Do surveillance activities include on-site audits assessing the certified client's management
system's fulfilment of specified requirements with respect to the standard to which the certification is
granted?
Do other surveillance activities include:
a) enquiries from the certification body to the certified client on aspects of certification,
b) reviewing any client's statements with respect to its operations (e.g. promotional material,
website),
c) requests to the client to provide documents and records (on paper or electronic media), and
d) other means of monitoring the certified client's performance.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.2.2 Surveillance audit
Are surveillance audits on-site audits which are planned together with the other surveillance activities
so that the certification body can maintain confidence that the certified management system
continues to fulfil requirements between recertification audits?
Does the surveillance audit for the relevant management system include:
a) internal audits and management review;
b) a review of actions taken on nonconformities identified during the previous audit;
c) complaints handling;
d) effectiveness of the management system with regard to achieving the certified client's objectives
and the intended results of the respective management system(s);
e) progress of planned activities aimed at continual improvement,
f) continuing operational control;
g) review of any changes; and
h) use of marks and/or any other reference to certification?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
48 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
9.6.3 Recertification
9.6.3.1 Recertification audit planning
9.6.3.1.1 Is the purpose of the recertification audit to confirm the continued conformity and
effectiveness of the management system as a whole, and its continued relevance and applicability for
the scope of certification?
Are recertification audits planned and conducted to evaluate the continued fulfilment of all of the
requirements of the relevant management system standard or other normative document?
Is this planned and conducted in due time to enable for timely renewal before the certificate expiry
date?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.3.1.2 Does the recertification audit include the review of previous surveillance audit reports?
Does the recertification audit consider the performance of the management system over the most
recent certification cycle?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.3.1.3 Do recertification audit activities have a stage 1 audit in situations where there have been
significant changes to the management system, the client, or the context in which the management
system is operating (e.g. changes to legislation)?
*Such changes can occur at any time during the certification cycle and the certification body might
need to perform a special audit (see clause 9.6.4), which might or might not be a two-stage audit.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
49 of 62
Clause Requirement
9.6.3.2 Recertification audit
9.6.3.2.1 Does the recertification audit include an on-site audit that addresses the following:
a) the effectiveness of the management system in its entirety in the light of internal and external
changes and its continued relevance and applicability to the scope of certification;
b) demonstrated commitment to maintain the effectiveness and improvement of the management
system in order to enhance overall performance;
c) The effectiveness of the management system with regard to achieving the certified client’s
objectives and the intended results of the respective management system(s)?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.3.2.2 Does the certification body define time limits for correction and corrective action for any
major nonconformity?
Are these actions implemented and verified prior to the expiration of certification?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.3.2.3 When recertification activities are successfully completed prior to the expiry date of the
existing certification, Is the expiry date of the new certification based on the expiry date of the existing
certification?
Is the issue date on a new certificate on or after the recertification decision?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.3.2.4 If the certification body has not completed the recertification audit or the certification body is
unable to verify the implementation of corrections and corrective actions for any major nonconformity
(see Clause 9.5.2.1) prior to the expiry date of the certification, is recertification not recommended
and the validity of the certification not extended?
Is the client informed and the consequences explained?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
50 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
9.6.3.2.5 Following expiration of certification, can the certification body restore certification within 6
months provided that the outstanding recertification activities are completed; otherwise is stage 2 at
least conducted?
Is the effective date on the certificate on or after the recertification decision and the expiry date based
on prior certification cycle?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.4 Special audits
9.6.4.1 Expanding scope
Does the certification body, in response to an application for expanding the scope of a certification
already granted, undertake a review of the application and determine any audit activities necessary to
decide whether or not the extension may be granted?
Are special audits conducted in conjunction with a surveillance audit?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.4.2 Short-notice audits
Does the certification body conduct audits of certified clients at short notice or unannounced top
investigate complaints, or in response to changes, or as follow up on suspended clients?
In the case of short-notice audits does the certification body:
a) describe and make known in advance to the certified clients (e.g. in documents as described in
8.5.1) the conditions under which these short notice visits are to be conducted, and
b) exercise additional care in the assignment of the audit team because of the lack of opportunity for
the client to object to audit team members?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.5 Suspending, withdrawing or reducing the scope of certification
9.6.5.1 Does the certification body have a policy and documented procedure(s) for suspension,
withdrawal or reduction of the scope of certification, and subsequent actions by the certification body?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
51 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.5.2 Does the certification body suspend certification in cases when, for example,
the client's certified management system has persistently or seriously failed to meet certification
requirements, including requirements for the effectiveness of the management system,
the certified client does not allow surveillance or recertification audits to be conducted at the
required frequencies, or
the certified client has voluntarily requested a suspension?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.5.3 Is the client’s management system certification temporarily invalid under suspension?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.5.4 Does the certification body restore the suspended certification if the issue that has resulted in
the suspension has been resolved?
Does failure to resolve the issues that have resulted in the suspension in a time established by the
certification body result in withdrawal or reduction of the scope of certification?
*In most cases, the suspension would not exceed 6 months.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.6.5.5 Does the certification body reduce the client's scope of certification to exclude the parts not
meeting the requirements, when the client has persistently or seriously failed to meet the certification
requirements for those parts of the scope of certification?
Is any such reduction in line with the requirements of the management system standard used for
certification?
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
52 of 62
Clause Requirement
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.7 Appeals
9.7.1 Does the certification body have a documented process to receive, evaluate and make
decisions on appeals?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.7.2 Is the certification body responsible for all decisions at all levels of the appeals-handling
process?
Does your certification body ensure that the persons engaged in the appeals-handling process are
different from those who carried out the audits and made the certification decisions?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.7.3 Does the certification body ensure submission, investigation and decision on appeals do not
result in any discriminatory actions against the appellant?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.7.4 Does the appeals-handling process include at least the following elements and methods:
a) an outline of the process for receiving, validating and investigating the appeal, and for deciding
what actions are to be taken in response to it, taking into account the results of previous similar
appeals;
b) tracking and recording appeals, including actions undertaken to resolve them;
c) ensuring that any appropriate correction and corrective action are taken?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
53 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
9.7.5 Is the certification body receiving the appeal responsible for gathering and verifying all
necessary information to validate the appeal?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.7.6 Does the certification body acknowledge receipt of the appeal?
Does the certification body provide the appellant with progress reports and the result of the appeal?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.7.7 Is the decision to be communicated to the appellant made by, or reviewed and approved by,
individual(s) not previously involved in the subject of the appeal?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.7.8 Does the certification body give formal notice to the appellant of the end of the appealshandling process?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.8 Complaints
9.8.1 Is the certification body responsible for all decisions at all levels of the complaints-handling
process?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
54 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
9.8.2 Does submission, investigation and decision on complaints not result in any discriminatory
actions against the complainant?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.8.3 Upon receipt of a complaint, does the certification body confirm whether the complaint relates to
certification activities that it is responsible for?
If so, does the certification body deal with it?
If the complaint relates to a certified client, does examination of the complaint consider the
effectiveness of the certified management system?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.8.4 Is any valid complaint about a certified client referred by the certification body to the certified
client in question at an appropriate time?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.8.5 Does the certification body have a documented process to receive, evaluate and make
decisions on complaints?
Is this process subject to requirements for confidentiality, as it relates to the complainant and to the
subject of the complaint?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
55 of 62
Clause Requirement
9.8.6 Does the complaints-handling process include at least the following elements and methods:
a) an outline of the process for receiving, validating, investigating the complaint, and for deciding
what actions are to be taken in response to it;
b) tracking and recording complaints, including actions undertaken in response to them;
c) ensuring that any appropriate correction and corrective action are taken?
*ISO 10002 provides guidance for complaints handling.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.8.7 Is the certification body receiving the complaint responsible for gathering and verifying all
necessary information to validate the complaint?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.8.8 Whenever possible, does the certification body acknowledge receipt of the complaint?
Does the certification body provide the complainant with progress reports and the outcome?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.8.9 Is the decision to be communicated to the complainant made by, or reviewed and approved by,
individual(s) not previously involved in the subject of the complaint?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.8.10 Whenever possible, does the certification body give formal notice of the end of the complaintshandling process to the complainant?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
56 of 62
Clause Requirement
Findings/Comments: (To be filled-up by the AB)
9.8.11 Does the certification body determine, together with the client and the complainant, whether
and, if so to what extent, the subject of the complaint and its resolution made public?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.9 Clients records
9.9.1 Does the certification body maintain records on the audit and other certification activities for all
clients, including all organizations that submitted applications, and all organizations audited, certified,
or with certification suspended or withdrawn?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.9.2 Do records on certified clients include the following:
a) application information and initial, surveillance and recertification audit reports;
b) certification agreement;
c) justification of the methodology used for sampling of sites, as appropriate;
* Methodology of sampling includes the sampling employed to audit the specific management
system and/or to select sites in the context of multi-site audit.
d) justification for auditor time determination (see Clause 9.1.4);\
e) verification of correction and corrective actions;
f) records of complaints and appeals, and any subsequent correction or corrective actions;
g) committee deliberations and decisions, if applicable;
h) documentation of the certification decisions;
i) certification documents, including the scope of certification with respect to product, process or
service, as applicable;
j) related records necessary to establish the credibility of the certification, such as evidence of the
competence of auditors and technical experts; and
k) audit programmes?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
57 of 62
Clause Requirement
9.9.3 Does the certification body keep the records on applicants and clients secure to ensure that the
information is kept confidential?
Are records transported, transmitted or transferred in a way that ensures that confidentiality is
maintained?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
9.9.4 Does the certification body have a documented policy and documented procedures on the
retention of records?
Are records retained for the duration of the current cycle plus one full certification cycle?
*In some jurisdictions, the law stipulates that records need to be maintained for a longer time period.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10 Management system requirements for certification bodies
10.1 Options
Does the certification body maintain a management system that is capable of supporting and
demonstrating the consistent achievement of the requirements of ISO/IEC 17021?
In addition to meeting the requirements of clauses 5 to 9, Which of the following management system
Option has the certification body implemented
a) general management system requirements (see Clause 10.2), or
b) management system requirements in accordance with ISO 9001 (see Clause 10.3)?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.2 Option A: General Management system requirements
10.2.1 General
Does the certification body establish, document, implement and maintain a management system that
is capable of supporting and demonstrating the consistent achievement of the requirements of
ISO/IEC 17021-1?
Does the certification body’s top management establish and document policies and objectives for its
activities?
Does the top management provide evidence of its commitment to the development and
implementation of the management system in accordance with the requirements of ISO/IEC 170211?
Does the top management ensure that the policies are understood, implemented and maintained at
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
58 of 62
Clause Requirement
all levels of the certification body’s organisation?
Does certification body’s top management appoint a member of management who, irrespective of
other responsibilities, have responsibility and authority that include
a) ensuring that processes and procedures needed for the management system are established,
implemented and maintained, and
b) reporting to top management on the performance of the management system and any need for
improvement?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.2.2 Management system manual
Have all applicable requirements of this International Standard been addressed either in a manual or
in associated documents?
Does the certification body ensure that the manual and relevant associated documents are
accessible to all relevant personnel?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.2.3 Control of documents
Does the certification body establish procedures to control the documents (internal and external) that
relate to the fulfilment of ISO/IEC 17021-1?
Do the procedures define the controls needed to:
a) Approve documents for adequacy prior to issue;
b) Review and update as necessary and re-approve documents;
c) Ensure that changes and the current revision status of documents are identified;
d) Ensure that relevant versions of applicable documents are available at points of use;
e) Ensure that documents remain legible and readily identifiable;
f) Ensure that documents of external origin are identified and their distribution controlled; and
g) Prevent the unintended use of obsolete documents, and to apply suitable identification to them if
they are retained for any purpose?
*Documentation can be in any form or type of medium.
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
59 of 62
Clause Requirement
10.2.4 Control of records
Does the certification body establish procedures to define the controls needed for the identification,
storage, protection, retrieval, retention time and disposition of its records related to the fulfilment of
ISO/IEC 17021-1?
Is access to these records consistent with the confidentiality arrangements?
Does the certification body establish procedures for retaining records for a period consistent with its
contractual and legal obligations?
*For requirements for records on certified clients, see also Clause 9.9
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.2.5 Management review
10.2.5.1 General
Does the certification body’s top management establish procedures to review its management system
at planned intervals to ensure its continuing suitability, adequacy and effectiveness, including the
stated policies and objectives related to the fulfilment of ISO/IEC 17021-1?
Are these reviews conducted at least once a year?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.2.5.2 Review inputs
Does the review input to the management review include information related to:
a) Results of internal and external audits;
b) Feedback from clients and interested parties;
c) Safeguarding impartiality;
d) The status of corrective actions;
e) The status of actions to address risks;
f) Follow-up actions from previous management reviews;
g) The fulfilment of objectives,
h) Changes that could affect the management system, and
i) Appeals and complaints?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
60 of 62
Clause Requirement
10.2.5.3 Review outputs
Does the outputs from the management review include decisions and actions related to
a) Improvement of effectiveness of the management system and its processes;
b) Improvement of the certification services related to the fulfilment of ISO/IEC 17021-1;
c) Resource needs; and
d) Revision of the organisation’s policy and objectives?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.2.6 Internal audits
10.2.6.1 Has the certification body established procedures for internal audits to verify that it fulfils the
requirements of ISO/IEC 17021-1, and that the management system is effectively implemented and
maintained?
*ISO 19011 provides guidelines for conducting internal audits
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.2.6.2 Is the audit programme planned, taking into consideration the importance of the processes
and areas to be audited, as well as the results of previous audits?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.2.6.3 Are internal audits performed at least once every 12 months?
Is the frequency of internal audits reduced if the certification body can demonstrate that its
management system continues to be effectively implemented according to ISO/IEC 17021-1 and has
proven stability?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
61 of 62
Clause Requirement
10.2.6.4 Does the certification body ensure that
a) internal audits are conducted by qualified personnel knowledgeable in certification, auditing and
the requirements of ISO/IEC 17021-1;
b) auditors do not audit their own work;
c) personnel responsible for the area audited are informed of the outcome of the audit;
d) any actions resulting from internal audits are taken in a timely and appropriate manner; and
e) any opportunities for improvement are identified?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.2.7 Corrective actions
Does the certification body establish procedures for identification and management of
nonconformities in its operations?]
Does the certification body also, where necessary, take actions to eliminate the causes of
nonconformities in order to prevent recurrence?
Are corrective actions appropriate to the impact of the problems encountered?
Do the procedures define requirements for
a) identifying nonconformities (e.g. from complaints and internal audits);
b) determining the causes of nonconformity;
c) correcting nonconformities;
d) evaluating the need for actions to ensure that nonconformities do not recur;
e) determining and implementing in a timely manner, the actions needed,
f) recording the results of actions taken; and
g) reviewing the effectiveness of corrective actions?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.3 Option B: Management system requirements in accordance with ISO 9001
10.3.1 General
Does the certification body establish and maintain a management system, in accordance with the
requirements of ISO 9001, which is capable of supporting and demonstrating the consistent
achievement of the requirements of ISO/IEC 17021-1, amplified by Clause 10.3.2 to 10.3.4?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
Philippine Accreditation Bureau
Management System Accreditation
Assessment Checklist for
ISO/TS 22003:2013 + PNS ISO/IEC
17021-1:2015
Document ID
Issue Number
Revision Number
Effectivity Date
Page
MSA/SF31
01
01
September 2018
62 of 62
Clause Requirement
10.3.2 Scope
Does the scope of the management system include the design and development requirements for its
certification service for application of the requirements of ISO 9001?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.3.3 Customer focus
For application of the requirements of ISO 9001, when developing its management system, Does the
certification body consider the credibility of certification and address the needs of all parties (as set
out in Clause 4.1.2) that reply upon its audit and certification services, not just its clients?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
10.3.4 Management review
For application of the requirements of ISO 9001, Does the certification body include as input for
management review, information on relevant appeals and complaints from users of certification
activities and a review of impartiality?
Describe briefly the CB’s established policies and procedures: (To be filled-up by the CB)
Findings/Comments: (To be filled-up by the AB)
