DQS UL Transition Arrangements for ISO 9001:2015 and ISO 14001:2015

Transcription

1 DQS UL Transition Arrangements for ISO 9001:2015 and ISO 14001:2015 As the revision of ISO 9001 and ISO has now proceeded to the Draft International Standard (DIS) stage and the documents are available from the national standardization organizations, we anticipate that the new standards introduce considerable changes and are likely to come into force before the end of the year DQS UL defined - subject to future changes due to possible additional accreditation requirements - its first guidance for transition: 1. Introduction DQS UL will issue accredited certificates only on the basis of officially released standards. Preliminary draft versions may serve as basis for pre-assessments, gap analysis or other preparatory activities. Upon customer request, DQS UL may issue statements of conformity to the final draft version (FDIS), when no significant changes to content are to be expected. While it is not anticipated that major changes will occur between the FDIS and issued ISO standard this will be evaluated and depending on the nature of any changes between the FDIS and the published ISO version, additional auditing may be required in order to issue an accredited certificate to the 2015 version. All DQS UL offices are encouraged to work with their clients promoting transition immediately on the basis of the draft standards. In doing so, the clients shall be made aware that the final standard could differ from the drafts. After publication, there will be a three-year period during which certificates against the current standards will still be valid. All such certificates will however expire on the third anniversary of the date of publication of ISO 9001: 2015 and/or ISO 14001:2015. On request of a client, DQS UL may still issue new certificates against the current standard versions (ISO 9001:2008 and/or ISO 14001:2004) within a period of 18 months after the publication of the revised standards. Clients shall be informed that these certificates get a restricted validity period, expiring on the third anniversary of the date of publication of ISO 9001: 2015 and/or ISO 14001:2015. Prior to issuing a certificate against ISO 9001:2015 and/or ISO 14001:2015, DQS UL must have verified (during an onsite audit) the organization s conformity with the requirements of the revised standards followed by a positive certification decision. For the purpose of the transition, an organization may be assessed a) as part of its scheduled recertification audit; b) in a planned manner through the surveillance process with additional audit time, or c) through a special transition audit. For certified customers the most cost-effective way of transition will be to use their scheduled recertification audit for audits against ISO 9001:2015 and/or ISO 14001:2015. This is possible within the three year transition period announced by ISO. Should a certified organization wish to be assessed against ISO 9001:2015 and/or ISO 14001:2015 prior to or after its scheduled reassessment, it may arrange a special audit for that purpose. CP07_Transition Arrangements page 1 / 5

2 All transition audits shall be scheduled in a way to assure that DQS UL clients will be able to finalize the transition process before the expiration of their old certificates. All DQS UL offices are encouraged to work with their certified/registered clients to ensure that migration to the new standards is planned and started early in the transition period. 2. Transition audits 2. 1 Transition as part of a scheduled recertification audit: Transition can be done during a regular scheduled recertification audit. A two-stage approach shall be applied, composed by the stages readiness review and system audit. Readiness review: The readiness review shall be performed to evaluate the client's changes to its management system, its status and understanding regarding the requirements of the revised standard, in particular with respect to the context of the organization, process approach, management commitment and objectives and to undertake discussions with the client's personnel to determine the readiness for the system audit. The readiness review should be preferably carried out on the client s premises. In exceptional cases or in the case of mature organizations, the review can be done through remote audit techniques or off-site. System audit: Required audit time for the system audit shall be calculated based on valid IAF MD 5 tables for recertification and under consideration of the maturity of the customer s management system. In light of considerable changes of the requirements reductions of audit time should be avoided. For more details refer to table 1, annex 1 as guiding principles. All DQS UL offices are encouraged to develop taylor-made upgrade offers for their customers. After a positive certification decision the customer will receive a new certificate with a validity of three years and a new certification cycle starts Transition as part of a surveillance audit or through a special transition audit: A client may decide to anticipate transition to the new standard during a regular scheduled surveillance audit or to decide at any moment to anticipate transition to the new standard, independent of any scheduled surveillance or recertification audit. In both cases the audit will be carried out in accordance to the rules for a transition during a recertification audit. Additional audit time has to be scheduled and the audit duration shall be equivalent to a recertification audit. The same process as described in II.1 applies. After a positive certification decision the customer will receive a new certificate with a validity of three years and a new certification cycle starts. 3. Audits against the current ISO 9001 and ISO versions Certificates against the old (current) standards can be issued only during the first eighteen months after publication of the revised standards. All audits based on the old standards have to be scheduled for a date within fifteen months after their publication in order to allow sufficient time for certification decision and implementation of corrective action, if applicable. Surveillance audits and recertification audits may be carried out during the transition period but should be avoided during the CP07_Transition Arrangements page 2 / 5

3 last year of the transition period because in those cases an additional special transition audit would be needed to transit to the revised standard(s). 4. Audits against DIS or FDIS Versions of the revised Standards 4.1 Declarations of conformity with draft versions of the revised standards DQS UL does not issue accredited certificates against DIS or FDIS versions of the revised standards. However, on request of a client, declarations of conformity may be issued to FDIS after verification (during an onsite audit) of the organization s conformity with the requirements of the final draft standards. Audits to verify conformity with the draft versions may be scheduled independent or together with regular scheduled audits. The rules described under II1. II.2 apply. Whenever an audit is scheduled together with an audit against the old version of a standard, the time used for verification of conformity with the draft versions shall be scheduled as additional time and shall not affect the verification of the conformity with the requirements of the old standards. 4.2 Gap / diagnostics audits For our clients the degree of change necessary will be dependent upon the maturity and effectiveness of the current management system, organizational structure and practices, therefore a Gap -audit or diagnostic might be useful in order to identify realistic resource and time implications. Such audits to verify the conformity status of organizations against the revised standards or draft standard may be scheduled at any moment, independent or together with scheduled audits. The purpose of these audits is to show clients their conformity status and to identify any actions required to assure a successful transition. The audit time may be agreed with the client, depending on the desired depth (sampling or full conformity verification). Whenever a gap audit or diagnostic is scheduled together with a regular audit, additional time has to be scheduled and the activities shall not affect the verification of the conformity with the requirements of the old standards. A Gap -audit or diagnostic against the FDIS with a positive result and conducted less than 6 month before a transition audit (see I.1 I.3) may be used to replace a readiness review as part of the transition. 5. Auditor competence In particular, we will assess our programs to ensure that our auditors and other relevant personnel demonstrate knowledge and understanding of: The requirements of the latest draft of ISO 9001: 2015 and/or ISO 14001:2015; The new risk based thinking as part of the requirements of the revised standards; Definition of certification scope in the light of the changed exclusion requirements; Performance of system document reviews in the light of the reduced emphasis on mandatory requirements for documented procedures in the proposed new standards; CP07_Transition Arrangements page 3 / 5

4 Any changes to our audit methodology and auditor training to address the proposed new aspects of the standards that increase the need to create audit trails in relation to the setting of measurable objectives and the planning and realization of their achievement and the increased emphasis on top management commitment and responsibilities. Before conducting transition audits and/or initial certification audits against the revised standards, all DQS UL auditors involved in these audits have to pass an approved DQS UL requalification training followed by a knowledge and application test. Each DQS UL country manager is responsible for assuring the required competence of its auditors involved in gap/diagnostics audits. 6. Change of audit processes DQS Holding will review and adopt the existing corporate auditing processes to ensure adequacy to the revised standards. CP07_Transition Arrangements page 4 / 5

5 Annex 1, table 1 Audit time guidance for transition audits Customer Group A Certified, compliant and mostly effective system Customer Group B Certified, mature and fully effective system Customer Group C Certified, mature and sustainable system (effective process management, consideration of interested parties) Certified for less than 3 years or an average of 3 or more non conformities per audit during the last certification cycle. Certified for more than 3 years and an average of less than 3 non conformities per audit during the last certification cycle. Certified for more than 3 years plus evidence for effective process approach and consideration of interested parties. Stage 1: Readiness review The readiness review may be substituted by a Gap -audit or diagnostic against FDIS with a positive result and conducted less than 6 months before stage 2 (system audit). Audit time for readiness review is in addition to stage 2 (system audit). - onsite - Minimum 0,5 audit days; - onsite -* Minimum 0,5 audit days; Offsite (document review) is acceptable Stage 2: Transfer-/Recertification audit 100 % recertification audit 90 to 100% recertification audits 80 to 90% recertification audits * Readiness review should be carried out on the client s premises. In exceptional cases (e.g. disproportional travel times) the review may be done offsite through remote auditing techniques. Any deviation from the above mentioned rules shall be approved by the executive management of the affected accredited DQS UL office. CP07_Transition Arrangements page 5 / 5