Rules for the certification of IT (Information Technology) Service Management Systems



Similar documents
Rules for the certification of Environmental Management Systems

General Rules for the certification of Management Systems

Rules for the certification of Quality Management Systems

Rules for the certification of event sustainability management system

Rules for the certification of asset management systems

Rules for the certification of Food Safety Management Systems

General Rules for the Certification of Management Systems Code: RG

IAF Mandatory Document for the use of Computer Assisted Auditing Techniques ( CAAT ) for Accredited Certification of Management Systems

IAF Mandatory Document for the Transfer of Accredited Certification of Management Systems

IAF Mandatory Document

Regulations for certification of quality management systems

1 SUBJECT AND FIELD OF APPLICATION SPECIAL RULES CERTIFICATION ACCORDING TO THE STANDARDS EN 9100 EN 9110 EN

EA-7/01. EA Guidelines. on the application. Of EN Publication Reference PURPOSE

Memorandum of Understanding

Application of ISO/IEC for the Accreditation of Food Safety Management Systems (FSMS) Certification Bodies

IAF Informative Document. Transition Planning Guidance for ISO 9001:2015. Issue 1 (IAF ID 9:2015)

IAF Mandatory Document

TG TRANSITIONAL GUIDELINES FOR ISO/IEC :2015, ISO 9001:2015 and ISO 14001:2015 CERTIFICATION BODIES

An Alternative Method for Maintaining ISO 9001/2/3 Certification / Registration

Document Reference APMG 15/015

The IAF Multilateral Recognition Arrangement (MLA) Certified Once Accepted Everywhere

IAF Mandatory Document. Witnessing Activities for the Accreditation of Management Systems Certification Bodies. Issue 1, Version 2 (IAF MD 17:2015)

IAF Informative Document. IAF Informative Document for the Transition of Management System Accreditation to ISO/IEC 17021:2011 from ISO/IEC 17021:2006

ISO Registration Guidance Document

Regulations for the certification of environmental management systems in conformity with UNI EN ISO 14001:2004

National Accreditation Board for Certification Bodies. Accreditation Criteria

of 28 September 2007 (Status as of 1 April 2010)

REGULATIONS FOR THE CERTIFICATION OF MANAGEMENT SYSTEMS

Audit of the control body through the monitoring of compliance with control plan. Measures for the irregularities

International Accreditation Forum, Inc.

ISO/IEC Part 1 the next edition. Lynda Cooper project editor for ISO20000 part 1

List of EA Publications. And International. Documents

Information Security Management Systems

EA IAF/ILAC Guidance. on the Application of ISO/IEC 17020:1998

CP14 ISSUE 5 DATED 1 st OCTOBER 2015 BINDT Audit Procedure Conformity Assessment and Certification/Verification of Management Systems

Accreditation in Europe

IMQ RULES. Contents. IMQ Rules - Product certification

IAQG AS 9104 System Process Flowcharts

Guidance for accreditation of EN 15224:2012 Health care services Quality management systems Requirements based on EN ISO 9001:2008

Info 15:2 TRAINING 2015/2016. Info 13:19

HKCAS Supplementary Criteria No. 8

Certification Procedure of RSPO Supply Chain Audit

Aerospace Guidance Document

MANAGEMENT REVIEW FOR LABORATORIES AND INSPECTION BODIES

Network Certification Body

ETSI TS V2.1.1 ( )

Asset Management Systems Scheme (AMS Scheme)

FSSC Q. Certification module for food quality in compliance with ISO 9001:2008. Quality module REQUIREMENTS

Raad voor Accreditatie (Dutch Accreditation Council RvA) Assessment of Conformity Assessment Schemes

IAF Informative Document for the Transition of Food Safety Management System Accreditation to ISO/TS 22003:2013 from ISO/TS 22003:2007

Radio Spectrum and Technical Standards Advisory Committee

(Draft) Transition Planning Guidance for ISO 9001:2015

How do I gain confidence in an Inspection Body? Do they need ISO 9001 certification or ISO/IEC accreditation?

Implementation Guidance for ISO 9001:2015

RSPO Supply Chain Certification Systems

UKAS Guidance for bodies operating certification of Trust Service Providers seeking approval under tscheme

Certification Process Requirements

International Organization for Standardization

TYPE CERTIFICATION OF WIND TURBINES

AN GARDA SIOCHANA POLICY ON MONITORED INTRUDER ALARMS

Translation Service Provider according to ISO 17100

GUIDE 62. General requirements for bodies operating assessment and certification/registration of quality systems

ETSI EN V2.2.2 ( )

Standards and accreditation. Tools for delivering better regulation

FSSC Certification scheme for food safety systems in compliance with ISO 22000: 2005 and technical specifications for sector PRPs PART I

How to apply for and maintain. Training Organization Approval and Training Course Certification

RSPO Supply Chain Certification Systems. For accreditation and certification bodies

National Institute of Justice

Resources Based, Manufacturing and Consumer Goods Industries Chemicals Industry

Frequently Asked Questions. Unannounced audits for manufacturers of CE-marked medical devices. 720 DM a Rev /10/02

FOOD SAFETY SYSTEM CERTIFICATION FSSC 22000

General Conditions for the Certification of Management System

IAF Informative Document for the Transition of Food Safety Management System Accreditation to ISO/TS 22003:201X from ISO/TS 22003:2007

Criminal Justice Offender Tracking System Certification Program Requirements

COMMISSION REGULATION (EU)

Copyright, Language, and Version Notice The official language of this [Certification Protocol] is English. The current version of the [Certification

-Blue Print- The Quality Approach towards IT Service Management

RECOMMENDATION. on the Evaluation of Quality Management System of National Metrology Institutes

TRANSPORT FOR LONDON (TfL) LOW EMISSIONS CERTIFICATE (LEC) GUIDANCE NOTES FOR THE COMPANY AUDIT PROCESS. LEC (Company Audit) Guidance Notes

RG 7 Accreditation for Inspection Bodies Performing Non-Destructive Testing

DLS QUALITY MANAGEMENT, INC

QUALITY SYSTEM REQUIREMENTS FOR PHARMACEUTICAL INSPECTORATES

RSPO Supply Chain Certification Systems

Spillemyndigheden s Certification Programme Change Management Programme

Chain of Custody Standard

ISO/IEC Registration Guidance Document

Auditor view about ETSI and WebTrust criteria. Christoph SUTTER

Voluntary Certification Scheme for Traditional Health Practitioner

Hong Kong Accreditation Service

Spillemyndigheden s change management programme. Version of 1 July 2012

RSPO Supply Chain Certification Systems

Bank or building society account details form

IRCA QUALITY MANAGEMENT SYSTEMS AUDITOR/LEAD AUDITOR TRAINING IRCA Reg. No. A18021 (5 DAYS)

Contact address: Global Food Safety Initiative Foundation c/o The Consumer Goods Forum 22/24 rue du Gouverneur Général Eboué Issy-les-Moulineaux

TOGAF Certification for People Training Course Accreditation Policy

RWANDA STANDARDS BOARD NATIONAL CERTIFICATION DIVISION MANAGER. IDENTIFICATION No. AUTHOR:

CHECKLIST ISO/IEC 17021:2011 Conformity Assessment Requirements for Bodies Providing Audit and Certification of Management Systems

Accreditation and Competence?

Transcription:

Rules for the certification of IT (Information Technology) Service Management Systems Effective from 1 July 2010 RINA Via Corsica 12 16128 Genova - Italia tel +39 010 53851 fax +39 010 5351000 web site: www.rina.org Technical Rules 1

CONTENTS CHAPTER 1 GENERAL... 3 CHAPTER 2 REFERENCE STANDARD / CERTIFICATION REQUIREMENTS... 3 CHAPTER 3 INITIAL CERTIFICATION... 4 CHAPTER 4 MAITENANCE OF CERTIFICATION... 5 CHAPTER 6 MANAGEMENT OF CERTIFICATES OF CONFORMITY... 5 CHAPTER 8 SPECIAL PROCEDURES FOR MULTI-SITE ORGANISATIONS... 5 CHAPTER 9 TRANSFER OF ACCREDITED CERTIFICATES... 6 CHAPTER 10 SUSPENSION, REINSTATEMENT AND WITHDRAWAL OF CERTIFICATION... 6 CHAPTER 11 RENUNCIATION OF CERTIFICATION... 7 2

CHAPTER 1 GENERAL 1.1 The present Rules define the additional, and not substitutive, procedures applied by RINA for the certification of IT, in comparison with what is already defined in the: Rules for the Certification of Management Systems The points of these Rules refer (and keep the same numbering) to the corresponding points of the Rules for the Certification of Management Systems for which changes or integrations have been made. 1.2 RINA issues the certification according to the requirements of the rules itsmf Scheme for Bodies Operating Certification/Registration including scoping guidelines information (itsmf 15/015) Vers. 1.0 to Organisations whose Management System 1.6 The body guaranteeing the certificates issued by RINA is the itsmf (information Technology Service Management Forum). It may require 1.7 The terminology used in these Rules is indicated in the ISO/IEC 20000-1:2005 and CEI EN ISO/IEC 17000:2005 standards. CHAPTER 2 REFERENCE STANDARD / CERTIFICATION REQUIREMENTS 2.1..... as well as any additional elements foreseen by the itsmf in their reference documents 2.2.2 The drawing up of a Manual is optional. 3

CHAPTER 3 INITIAL CERTIFICATION 3.1. In particular, the Organisation must inform RINA: if their IT Service Management System includes documentation (procedures, records, etc.) classified as confidential and/or in any case not available for certification purposes. RINA will then assess whether the conditions are right to continue the certification process; 3.2 Together with or following the certification request, the Organisation is to submit the following documents to RINA: documents, procedures and records required by the Standard; procedures and records adopted by the Organisation; IT Service Management System policies (objectives, principles for action); catalogue of IT services; effective control measures (including a description of the measurement method); network architecture and IT systems architecture. The drawing up of a Manual is optional. 3.3 The stage 1 audit is to be performed:..... to collect the necessary information regarding the scope of the IT Service Management System to assess admissibility and suitability for certification; to get an idea of the applicability of all the processes covered by the Standard;..... 4

3.4 The Stage 2 audit is performed by qualified RINA technical personnel, on the basis of the stage 1 audit report, the documents prepared by the Organisation and those indicated in paragraph 3.2 3.7 After the satisfactory completion of the evaluation and validation by the relative RINA committee and by itsmf, a Certificate of Conformity of the IT Service Management System, valid for three years, will be issued CHAPTER 4 MAITENANCE OF CERTIFICATION 4.4 contained in the reference standard according to which the Management System was certified, taking into account the documents of point 3.2..... CHAPTER 6 MANAGEMENT OF CERTIFICATES OF CONFORMITY 6.3 RINA provides the itsmf with the information concerning the Organisation needed to publish the certificate on the itsmf ISO/IEC 20000 web site (www.isoiec20000certification.com). Acceptance of these Rules authorises RINA to give this information concerning the Organisation to the itsmf. CHAPTER 8 SPECIAL PROCEDURES FOR MULTI-SITE ORGANISATIONS 8.1 5

The Organisation must also demonstrate that the head office has established a management system in compliance with the reference standard and that the entire Organisation meets its requirements. Furthermore, it must provide mapping at the sites of the responsibilities for performing the IT service management processes included in the Standard, so as to allow verification of conformity of all the said processes. In particular, at least the following activities are to be managed by the head office of the Organisation:..... review of the IT services catalogue; CHAPTER 9 TRANSFER OF ACCREDITED CERTIFICATES 9.1 If an Organisation with a valid certificate issued by another IT Service Management System Certification Body, recognized by the itsmf, intends to transfer its certificate to RINA, it must send RINA the Informative Questionnaire as per point 3.1, giving its reasons for requesting transfer. If the above certificate has been issued by a Certification Body accredited in relation to the IAF MLA mutual recognition agreement, but not registered with the itsmf, RINA will decide on a case by case basis whether the conditions for transfer exist. If the Organisation accepts the economic offer, it must send RINA the Certification Request and enclose the following documents: a copy of the valid certificate issued by the itsmf; the catalogue of IT services. CHAPTER 10 SUSPENSION, REINSTATEMENT AND WITHDRAWAL OF CERTIFICATION 10.1 Suspension of the validity of the certificate is made public by RINA directly on the website www.rina.org as indicated in point 6.3 and communicated to the itsmf. 10.2 6

It is notified to the Organisation in writing and made public by RINA on its website www.rina.org as established in point 6.3 and communicated to the itsmf. 10.3 Withdrawal of the Certificate of Conformity is notified to the Organisation in writing and made public by RINA as indicated in point 6.3 and communicated to the itsmf. CHAPTER 11 RENUNCIATION OF CERTIFICATION Integration to the General RuleS: Generally speaking, within one month from the date of the communication, RINA updates the validity status of the certificate and informs the itsmf. 7

Publication: RC/C 56 English edition RINA Via Corsica 12 16128 Genova - Italia tel +39 010 53851 fax +39 010 5351000 web site : www.rina.org Technical Rules 8