Initial Certification

1. Stage 1 Control

The purpose of a stage 1 audit includes but is not limited to: assessing the clients documented policies and procedures against the requirements of the standard(s), evaluating the clients location and site specific conditions, collect necessary information regarding the scope of the management system, processes and location and related statutory and regulatory aspects and compliance, ensure that internal audits and management review are being planned and performed and provide a focus for planning of the stage 2 audit.

2. Stage 2 Control

Purpose of the Stage 2 audit: Assessment of compliance with all requirements of the applicable system and other regulatory documents. The time frame between the Stage 1 and Stage 2 audit is not specific as it depends on the results of the stage 1 audit and the client's ability and resources to resolve any findings prior to the Stage 2 audit .

3. Initial certification decision

The certification decision process will review and assess completed audit documents submitted for technical adequacy, and to ensure that audit findings and decisions are comprehensively presented. the audit has been properly addressed (Major NCRS closed, Customer's Minor MSs corrective action plan is acceptable). After the completion of the positive certification decision the certificate can be issued to the customer.

Surveillance Audit

Management Systems Certification requires periodic surveillance audits to determine that the certified client's implemented management system remains in compliance with the applicable standard and regulatory and other applicable requirements included within the scope of certification. Surveillance audits also take into account any changes to the certified clients and its management system. The date of the first surveillance after initial certification must be conducted not more than 12 months after the certification decision date (certificate start date). For scheduling purposes, the first surveillance should be planned to be completed 9 months after the certificate start date (certification decision). All subsequent surveillance audits, after the first surveillance audit must be conducted once per calendar year. Surveillance audits may be conducted more than once per calendar year as required. For scheduling purposes all annual surveillance audits (after the first surveillance) audit must be planned to be completed on the 12-month anniversary from the previous surveillance planned date. A flexibility of three months earlier or later is permitted. Failure to undertake audits in a timely manner according to the above requirements or client refusal to undertake an audit must lead to suspension of certification.

Recertification

Before the expiration of certification, the recertification activities below (1-5) shall all be completed in order to recertify the client organization for a new three-year certification cycle with continuity of certification dates:

1. Recertification planning activities including Contract review for the recertification audit and next certification cycle and review of the previous cycle performance

2. Completion of the recertification audit

3. Verification and closure of any outstanding major nonconformities

4. Verification and closure / acceptance of planned actions for any outstanding minor nonconformities

5. Recertification decision

Where the above activities are all completed prior to the expiry date of the existing certification, the start date and expiry date on the new certificate can be a continuation from the expiry date of the existing certificate (continuity of certification dates) e.g. the new certificate start date will be as per the expiry date of the existing certificate and the expiry date on the new certificate will be calculated to be three (3) years from the certificate start date.

Major Non-Conformities

The client must analyse and describe the cause and describe the specific correction and corrective actions taken for each major nonconformity. This must be documented on the nonconformity report (section 2) and be submitted to the Office and the auditor.

Upon receipt the auditor must review the corrections, identified causes and corrective actions submitted by the client to determine if these are acceptable and verify the effectiveness of actions taken*. If actions taken are acceptable and effective the auditor must close the nonconformity.

If the cause, correction and corrective actions taken are not accepted by the auditor the client will be required to take further action and submit further evidence for review and verification to the auditor.

Minor Non-Conformities

The client must analyse and describe the cause and either describe the specific correction and corrective actions taken OR provide a plan for correction and corrective action for each minor nonconformity. This must be documented on the nonconformity report (section 2) and be submitted to the Office and the auditor.

Upon receipt the auditor must review the identified causes and actions taken / action plan submitted by the client to determine if these are acceptable. Where actions have been taken the auditor must verify the effectiveness of actions taken and if acceptable and effective the auditor must close the nonconformity. Where an action plan has been submitted the auditor must review the action plan and if acceptable the auditor must mark the nonconformity as action plan accepted for verification and closure at the next audit.

If the cause, correction, and corrective actions taken / action plan are not accepted by the auditor the client will be required to take further action and submit further evidence for review and verification to the auditor.

Suspension of Certification

BM CERT shall suspend certification in cases when:

The client’s certified system has persistently or seriously failed to meet certification requirements;

The certified client does not allow surveillance or recertification audits to be conducted at the required frequencies;

The certified client does not close major non-conformities in the required timeframe;

The certified client requests voluntary suspension;

The certified client is in breach of the certification contract i.e. payment issues.

The duration of the suspension period will be decided on a case-by-case basis dependent on the reason for suspension. Under suspension the client’s certification is temporarily invalid.

Withdrawal of certification

Following suspension of certification, where the client has not addressed the reason for suspension the next step of action is for BM CERT to withdraw the client’s certification.

Upon withdrawal of certification BM CERT shall send documented communication to the certified client confirming withdrawal of certification and informing the certified client that they shall:

Inform their customers of their withdrawn certification.

Not conduct business on the basis of certification.

Immediately discontinue any certification claims including use of certification marks and discontinues the use of all advertising matter that contains any reference to the withdrawn certification.

Return/ destroy all copies of their BM CERT certificate.