ISO Certification Process

7.0       Procedure:

7.1       Initial Audit planning

Initial audit planning is done by the Operation Manager /Technical Manager (if required with the help of competent Tech Expert), on the basis of information provided by the client as per Application cum client information form. The stage -1 audit is planned  and performed to assess clients readiness for the certification audit and to gather information necessary for planning stage-2 certification audit. A code competent audit team is selected  for stage-1 audit

, by the Application Reviewer as per Auditors code approval table. Stage -1 audit plan

is communicated to the client in form RCPL/F/05. Stage-1 audit is planned only after

receiving confirmation from the client that it has successfully completed at least one

cycle of Internal audit and M R M, this shows that the client’s QMS/ EMS/ FSMS

 has achieved maturity and stability.

7.2     Audit assignment is given to the selected stage-1 auditor only after getting declaration of impartiality from the concerned auditor and, note of acceptance / NOC from the Client regarding deployment of the auditor.

7.3 Audit objective:

Stage 1 audit is conducted to assess the adequacy of the documented system and readiness of the client to organize stage-2 certification audit. During the audit, information supplied by the client (as per its application) is also verified. During stage-1 audit, information about, complexities of the clients business procedure, linguistic and logistical needs, auditor’s competency need, time needed for stage-2 audit, and other resource requirements, is gathered, to enable the CB prepare an effective planning for stage-2 certification audit. Special Care is taken in case of high risk industry, and sufficient information should be gathered to identify all processes (defined in scope) that impact process, product and user / consumer’s safety.

In case, any critical process is being performed outside the premises or outside normal working hours, (in different shift), the stage-1 auditor should plan for stage-2 audit timing and duration in such a way as to enable the stage-2 audit team, conduct real time audit of these critical processes.

7.4    Offsite document audit:

While conducting audit in remote locations, some part of the document audit may be conducted off site, provided the onsite audit duration (stage-1 and stage-2) is not reduced to less than 80% of the total planned audit duration. 

7.5     Stage I opening meeting:

The audit team (one member or multi member team) visits the audit site as per mutually agreed audit plan. The audit team leader introduces himself/ herself and the audit team members. Client’s introduction is received and after confirming address and scope of this audit, brief explanation of the purpose of the stage-1 audit, and its methodology is provided by the audit team. The audit team assures the client about maintaining full confidentiality and informs about audit team’s legally enforceable contract & declaration of confidentiality. Signature of the participants from both the sides is taken.                

In case of audit, care is taken to ensure that management and worker’s representative for are present during the Opening meeting.

7.6 Conducting stage-1 audit: Audit function is started with taking a round of the physical facilities of the clients organization. Audit is conducted by perusal of documents, interview and observation.  Readiness of the clients QMS/EMS/FSMS for successful certification audit is assessed, and issues that may be flagged as major non- conformity during the stage-2 audit, are identified. Audit findings are noted by the auditor/s in their audit checklist/ audit reporting format in Form: RCPL/F/07 (QMS/EMS/FSMS). Inadequacies identified during the audit are communicated to the auditee (on the same day, wherever possible), in order to allow them sufficient time to close the non-conformities.  

7.7 Corrective Action request regarding non- conformities/ inadequacies identified during the audit, is made in the Stage-1 reporting format.

7.8 Working Lunch: RCPL has established a policy to promote working lunch at a place that is nearest to the audit area, in order to save time.

7.9 Closing meeting:  During the closing meeting the client is thanked about their transparency and hospitality. Audit team’s conclusion about recommendation / no recommendation regarding approval for stage-2 final audit is communicated to the Client.  After audit closure pending non conformities / inadequacies are finalized, documented and the client’s representative is asked to acknowledge it.

The client is further asked to inform the RCPL after closing the inadequacies, in order to plan for Stage-2 certification audit.  Signature of the participants is taken in the audit attendance sheet in Form RCPL/F/07 Client’s feedback about performance of the audit team is collected after each audit.

Stage 1 Auditor to determine whether any process defined in the scope being performed outside normal working hours or outside the premises. If so information should be highlighted in stage 1 report & to be considered during preparation of Stage-2 audit plan.

8.0       Stage II Audit Objective & Plan:

8.1 Stage 2 audit is conducted to-

a. Assess the conformity of the client’s QMS/EMS/FSMSagainst the requirement of audit  standards,  client’s own system requirements, regulatory & contractual  requirements.

b. Identify the area of improvement

c. Submit audit report & recommendations regarding certification. (This Includes  

    granting, continuation, Renewal, refusal of certification, expending or  

    reduction of the scope)

8.2 Audit plan describing name of auditors, time & duration of audit, any process defined in the scope being performed outside normal working hours or outside the premises & processes/area to be audited is prepared by the office in charge in consultation with the audit team leader & the client. Availability of the Stage-2 auditors is confirmed, and the audit plan is submitted to the Client organization for approval of timings and to ensure availability of required officers/ staff. For multi site audit, sampling plan is developed as per each client’s individual situation and accordingly audit is planned. After receipt of acceptance of the audit plan from the client, the stage II audit plan is put into action.

8.3       Opening Meeting:

The audit team (one member or multi member team) visits the audit site as per mutually agreed audit plan. The audit team leader introduces helf/ herself and the audit team members. Client’s introduction is received and after confirming address and scope of this audit, brief explanation of the purpose & method of the stage-2 audit, and categories of findings, is provided by the audit team.  The audit team assures the client about maintaining full confidentiality and informs about audit team’s legally enforceable contract & declaration of confidentiality. The client is informed about its right of appeal against the audit team’s decision. Signature of the participants from both the sides is taken. Non conformities identified during the audit are communicated to the auditee, in order to allow them sufficient time to close the nonconformities, on the same day, wherever possible. Audit report is prepared in Form RCPL/F/10 (QMS/ EMS / FSMS).

8.4 Audit process: In course of audit it is ensured that all key personnel whose performance impacts the Management system are interviewed to assess their competence and involvement in the management system. In case of  audit, special care is taken to ensure that management and worker’s representative for , Healthcare professionals, temporary and contractual workers are also interviewed and observed to assess conformity of the .  

In case of EMS, FSMS, and  audit, deliberate or consistent non- compliance to legal requirements shall be considered as serious non- conformity and certification shall not be recommended, and in case of existing certification, the certification shall be suspended or withdrawn, unless appropriate corrective action is demonstrated.

In case of EMS, FSMS, and  audit, if the client has implemented all  legal requirements, and has initiated legal applications, non availability of license or certification shall not prevent the CB from granting certification. However the report shall state the fact of non availability of license/ NOC, and shall confirm availability of all safeguards as required under law of the land. The client must document a “ legal compliance implementation plan”  stating all existing compliance activities and future plan with date of completion. In case of EMS, FSMS,  or  audit where a part of the industry is closed, still it my create EMS, FSMS, or  hazard for the area, and such conformity to the EMS/ FSMS/  should be audited, and if found non- compliant , Non -conformity should be raised. RCPL has established a policy to promote  working lunch at a place that is nearest to the audit area, in order to save time.

8.5 Closing meeting:  After audit closure pending non conformities are finalized, documented and the client’s representative is asked to acknowledge it. During the closing meeting the client is thanked about their transparency and hospitality. The client is further asked to submit in writing its corrective action plan within one week. The Client is asked to close minor NC within one month, and major NC within 3 months.  Signature of the participants is taken in the audit attendance sheet in Form RCPL/F/07. Client’s feedback about performance of the audit team is also collected.

On the basis of objective evidences recommendation for grant (Conditional/ unconditional) or refusal of certification, is made. Summary of non conformities, observations or Opportunities for improvement, and decision about recommendation/ non recommendation is communicated to the Client organization by the Audit team leader, during the Closing meeting. 

8.6 Client’s Feedback about Auditor: Feedback about auditor’s performance is requested from the Client as per RCPL/F/12

8.7 Report:

Satege-1 and stage-2 audit reports are compiled in a file. These contain evidences of conformity and non -conformities and OFIs if any. Result of audit is also documented in the audit report. In audits where non -conformities have been identified, the NC forms are attached with the audit report. The NC reports contain the corrective action plan submitted by the client. If satisfied the audit team leader puts sign of acceptance.

The Audit report contains audit conclusion in the form of Audit team leader’s recommendation for award/ expending/reduction of scope/ suspension or withdrawal of certificate as per requirement. The report is submitted to the Office In charge for review and appropriate decision by the Technical Committee of RCPL.

8.8 Evaluation of corrections and corrective actions taken by the client in accordance with their corrective action plans

The Technical committee/ Audit report reviewing authority, does not take certification decision unless it gets a clear recommendation from the audit team leader for award of certificate, supported by objective evidences contained in the audit report.

Before taking decision to award certificate, the technical committee verifies the closure of identified non conformities as per corrective action plan submitted by the client and accepted by the Audit team leader. The evidence obtained to support the resolution of non-conformities is recorded.

8.9 Submission of report to the Tech. Committee

 Report in detail with objective evidence is submitted to the Technical Committee along with client’s corrective action plan and evidences for final decision on auditor’s recommendation. Summary of the audit report is submitted to the client. If the Client requests for Auditors detailed report, the same is issued to the Client organization, by the Certification Body.

Ref: Technical committee decision sheet (in Clients audit file).

8.10 Expansion of scope

RCPL reviews application for expansion to the scope of a certification already granted, and plans audit activities necessary to decide whether or not the expansion may be granted. To economize activities, this is usually conducted in conjunction with a surveillance audit. The audit is conducted as per the prescribed procedure, the audit is preceded by audit plan declaring the audit objective and audit duration in clear terms. 

8.11 Short-notice audits

In certain situation it becomes necessary for RCPL to conduct audits of certified clients at short notice, or conduct an unannounced audit to investigate complaints, (in case of , breach of regulations necessitating involvement of legal authorities), or in response to significant changes in scope of certification, or as follow up on suspended clients. This possibility is

informed to the prospective clients through our Certification agreement.  RCPL exercises additional care in the assignment of the audit team because of the lack of opportunity

for the client to object to audit team members. However the RCPL takes care that each audit is conducted only after informing the client about the audit plan.

8.12 Special audit:

In case, where non- conformity leading to system failure is noted and on site verification of elimination of non conformity is required for recommendation, special audit is conducted to verify the same.  This audit is treated as follow up audit/ part of Stage II audit, and report of this audit becomes part of the stage II audit report. Some time special audits are conducted on the basis of complaints or to confirm certain issues, these are also conducted as per the agreed audit plan.

9.0       Surveillance Audit: Surveillance audit is organized as per auditor’s recommendation, based on business volume, its complexity, and stability of the organization’s management system. It is necessarily conducted within one year(or as agreed in contract) from the date of certification however RCPL Starts the first surveillance audit process in 10th month/two months  from the date of initial certification Ref:- ISO 17021-1:2015. This is done to maintain confidence that the certified client continues to maintain conformity with the audit criteria during the validity of the conformity certificate.

Surveillance audit report is prepared in Form RCPL/F/15 (QMS/EMS/FSMS//). After getting auditor’s clearance, certification/ registration continuation letter is issued to the client.

9.1 objective of the recertification audit

The objective is :

a) To assess the continued effectiveness of the management system in the light of internal and external changes since last audit with reference to the scope of the QMS certification

b) To assess whether the operation of the certified management system contributes to the achievement of the organization's policy and objectives.

c) To verify that the client is following the conditions of certification

10.0 Recertification:

Recertification process is initiated at least two month before the specified expiry date of the certificate. Information about any substantial change in management, machinery, process and QMS /EMS/FSMS/ / scope is gathered, and if substantial change is reported, stage-1 audit is planned to assess suitability of the documentation with current process status of the client.

When no substantial change is reported Stage-1 audit is not conducted, and certification audit is planned. Audit duration for recertification audit is fixed as 2/3 of the initial audit duration. When stage-1 audit is conducted the audit duration is kept as during initial certification audit, however some reduction (10%) in the audit duration may be planned due to familiarity of the client.

As per our defined procedure recertification audit is also conducted only after informing the client about the audit plan and after receiving client’s consent.

10.1 objective of the recertification audit

a) To assess the extent of the effectiveness of the management system in the light of internal and external changes with reference to the scope of the QMS /EMS/FSMS// certification

b) To assess whether the operation of the certified management system contributes to the achievement of the organization's policy and objectives.

c) To verify that the client is following the conditions of certification