The proof that a management system (SRPS ISO 9001, SRPS ISO 22000, SRPS ISO14001, SRPS ISO 27001, OHSAS 18001) has been implemented is its certification as well as regular surveillance. The need for certification is especially indicated by "large scale buyers" (the army, power industry, railways, large retail chains, professional associations, etc.) as a way of reduction of self inspection costs through a second party and the transfer of quality costs to manufacturers and service providers which will assure their quality through the appropriate certification. In today's world the awareness of the significance of certification and accreditation of manufacturers in order to protect all stakeholder groups, is widely present. Foreign companies entering our market bringing their ways of doing business as well as the considerable effort made by the people who work on standardization in Serbia, resulted in 473 presently existing conformity assessment bodies (accredited laboratories, inspection bodies, product certification bodies, management system certification bodies) This number is close to or even exceeds those in the surrounding. SRPS ISO/IEC 17021:2011 represents the auditing standard for certification bodies that audit management systems and certify organizations. These requirements enable certification bodies to operate management systems certification in a consistent, competent and impartial manner, so their certification would be accepted and recognized on a national and international basis. [1] Besides, conformity assessment such as management system certification (in further text QMS1) provides value to the organization, its customers and interested parties.

ResearchGate Logo

Discover the world's research

  • 20+ million members
  • 135+ million publications
  • 700k+ research projects

Join for free

Kvalitet i izvrsnost, 2012, vol. 1, br. 11-12, str. 77-79

THE INTERPRETATION AND IMPLEMENTATION OF SRPS

ISO/IEC 17021 STANDARDS

Ruso Jelena, Faculty of organization science, jelena.ruso@fon.rs

Stojanović Vera, Faculty of organization science, vera.stojanovic11@gmail.com

1. INTRODUCTION

The proof that a management system (SRPS ISO 9001, SRPS ISO 22000, SRPS

ISO14001, SRPS ISO 27001, OHSAS 18001) has been implemented is its certification as

well as regular surveillance. The need for certification is especially indicated by "large

scale buyers" (the army, power industry, railways, large retail chains, professional

associations, etc.) as a way of reduction of self inspection costs through a second party

and the transfer of quality costs to manufacturers and service providers which will assure

their quality through the appropriate certification. In today's world the awareness of the

significance of certification and accreditation of manufacturers in order to protect all

stakeholder groups, is widely present. Foreign companies entering our market bringing

their ways of doing business as well as the considerable effort made by the people who

work on standardization in Serbia, resulted in 473 presently existing conformity

assessment bodies (accredited laboratories, inspection bodies, product certification

bodies, management system certification bodies) This number is close to or even exceeds

those in the surrounding. SRPS ISO/IEC 17021:2011 represents the auditing standard for

certification bodies that audit management systems and certify organizations. These

requirements enable certification bodies to operate management systems certification in a

consistent, competent and impartial manner, so their certification would be accepted and

recognized on a national and international basis. [1] Besides, conformity assessment

such as management system certification (in further text QMS

1

) provides value to the

organization, its customers and interested parties.

1

QMS – Quality Management System – Sistem menadžmenta kvaliteta

Kvalitet i izvrsnost, 2012, vol. 1, br. 11-12, str. 77-79

2. SPECIFIC REQUIREMENTS FOR CONFORMITY ASSESSMENT BODIES

2

FOR MANAGEMENT SYSTEM CERTIFICATION WITHIN SRPS ISO

17021:2011

Specific requirements mentioned in SRPS ISO/IEC 17021:2011 are structural

requirements, resource requirements, information requirements, process requirements and

management system requirements.

The structure of SRPS ISO/IEC 17021:2011 is summed up as follows:

The structure of the new standard contains 6 annexes: one normative and five informative

Annex A (normative) – relates to the types of certification (inspection) body;

Annex B (informative) - provides the list of elements that can be given in the inspection

report i.e. certificate.

The conducted review of SRPS ISO 17021:2011 hasn't cancelled nor deleted the

previous version of the standard (SRPS ISO 17021:2006) but the changes have been

made in the scope i.e. by extending the scope of the text. Clause 4 of the standard SRPS

ISO 17021:2011 (4 Principles) which enable understanding of the essential nature of

certification and underpin all the requirements of this standard, but as such do not

represent auditable requirements. Clause 10 (10 Management System requirements for

Certification Bodies) describes two alternative ways of demonstrating consistency in

satisfying the requirements of this International Standard. Specified requirements for

management system certification bodies (SRPS ISO 17021:2011) are structural

requirements (6), resource requirements (7), information requirements (8), process

requirements (9), and management system requirements for certification bodies (10).

3. THE DIFFERENCES BETWEEN SRPS ISO/IEC 17021:2006 AND SRPS

ISO/IEC 17021:2011

In this chapter the requirements of SRPS ISO/IEC 17021:2011, Conformity Assessment -

Requirements for bodies providing audit and certification of management systems, which

weren't incorporated in or which have been modified from the previous version of the

same standard from 2006, as well as the differences between these two versions, are

presented. The revision of standard is intended for certification bodies providing

management system certification, accredited in accordance with SRPS ISO/IEC

2

Filipović J., Božanić V., 2007, ISO, IEC i Svetska trgovina, Tehnika - Kvalitet, standardizacija i

metrologija, Beograd, strana 1-4

(Conformity assessment bodies perform conformity assessment activities including certification,

inspection, testing, and calibration. It is essential that customers, legislators and public have awareness of

the competence of conformity assessment bodies for carrying out their activities. That is the main reason

for ncreased demand for impartial audit (verification) of their competence.)

Kvalitet i izvrsnost, 2012, vol. 1, br. 11-12, str. 77-79

17021:2006, and preparing to conform to the new version of the standard as well as for

the auditors of the Accreditation Body of Serbia, who perform accreditation activities.

The changes that occurred didn't affect all ten clauses of the standard, but six of them

have undergone changes. Clauses two, four and six have a few deletions and corrections

whereas the clauses with substantial changes are three, seven and nine. Clause 3 (3.Terms

and Definitions) includes extended definitions; Clause 7 (7.Resource requirements) and

Clause 9 (9.Process Requirements) which refers to the audit process with the additional

items previously pursuant to SRPS ISO 19011:2011.

3

The text of the standard ISO/IEC 17021:2011 Requirements for the Bodies Providing

Audit and Certification of management systems remains practically unchanged when

compared to the text of the existing standard, ISO/IEC 17021:2006, but it includes

additional requirements for certification activities when it comes a third-party audit, and

competences criteria for personnel taking part in certification process. These amendments

to the standard occurred as the result of i.e. the response to the market requirements

during the implementation of the previous version of the standard. The drawbacks of ISO

17021:2006 were in that it failed to define the methods for measuring the effectiveness of

audit and to propose techniques for audit evaluation i.e. the observer of the audit or

specific quantitative methods which posed a sufficient reason for the new, amended

version, SRPS ISO/IEC 17021:2011.

4

Normative references in SRPS ISO/IEC 19011:2011 Guidelines for quality and/or

environmental management systems auditing are no longer present because the text with

specific requirements for the third-party certification is included in the standard and

competence of management and personnel involved in certification process. In that

manner all the requirements for system management certification bodies are comprised in

SRPS ISO/IEC 17021:2011.

Apparent discrepancies:

a. the structure of the standard (harmonized with ISO/IEC 17000:20075 series

5

);

b. specific requirements of the standard have been examined in more detail (especially by

taking the parts of the text from IAF/ILAC A4 guideline, but with further elucidation).

The item 4.3 has been amended by deletion of a sentence no longer in accordance with

the new definition of competency (3.7).

3

SRPS ISO/IEC 19011:2011,Guidelines for auditing management systems

4

Edly Ferdin Ramly, 2007, Effectiveness of quality management system audit to improve quality

performance - A conceptual framework, The Fifth International Conference on Quality and Reliability

(ICQR 2007), Thailand, 25-30

5

ISO/IEC 17000:2007, Conformity assessment-Vocabulary and general principles

Kvalitet i izvrsnost, 2012, vol. 1, br. 11-12, str. 77-79

Resource requirements in Clause 7 have been modified i.e. two new requirements have

been added 7.1.2 and 7.1.3, whereas 7.1.4 "applicable personal attributes" has been

deleted and the note referring to the desired personal behaviour described in informative

Annex D was added. Considering that SRPS ISO 19011:2011 is focused on QMS and

EMS audit management it is reasonable that most of the changes occurred in Clause 9,

Process Requirements. Majority of changes are elaboration of general requirements in

9.1. Compared to the initial audit and certification there is just one small change.

Fifteen general requirements from Clause 9.1, in ISO/IEC 17021:2006, are listed, with

the exception of every clause now being given a title. Wit the exception of labeling, the

topic remains the same. However, there are considerable amendments to each clause

listed below, added in additional requirements based upon the content of

ISO 19011. Among them, Clause 9.1.9 is the one that has undergone the most significant

changes. The remaining clauses weren't subjected to any substantial changes.

9.1.1 Audit programme (1 new requirement);

9.1.2 Audit plan (6 new requirements);

9.1.3 Audit team selection and assignments (4 new requirements);

9.1.4 Determining audit time (1 new requirement);

9.1.9 Conducting on-site audits (16 new requirements);

9.1.10 Audit report (1 new requirement, the content of the requirement);

9.1.12 Effectiveness of corrections and corrective measures (1 new obligation, records

/evidence of the effectiveness of the review);

9.2 Initial audit and certification (1 new request);

9.2.2.2 Documented reasons for declining an application;

Several new notes (7.2.4, 9.1.1.2)

c. A considerable number of definitions, 7, (inspection schemes and inspection system,

etc.) has been added :

third-party certification auditing (needs to be defined because the auditors of ISO

19011:2011 consider there are other types of third-party auditing, as well)

client;

auditor;

competence (deleted word demonstrated);

guide;

observer and

technical area (elaborated in the same manner as Note in Clause 7).

Kvalitet i izvrsnost, 2012, vol. 1, br. 11-12, str. 77-79

Many of these definitions were needed because of the deleted references from SRPS

ISO19011:2011.

d. The possibility for certification/auditing body to operate management systems in one

of the following manners:

In accordance with 8.1.2 ISO/IEC 17020 requirements or

In accordance with SRPS ISO 9001:2008.

e. The requirement relating to preventive actions has been introduced;

f. The requirement for an inspection body or organization to have an independently

accessible account is excluded from the standard;

g. Requirement for cooperation is given within a note.

6

The other important aspect in the new version of the standard ISO/IEC 17021:2011 are

changes in relation to competence of the personnel. Namely, ISO/IEC 17021:2011

defines competence as the ability to apply knowledge and skills to achieve the intended

results. Consequently, the need arises to define intended results for each certification

activity as well as to apply evaluation processes in order to identify the personnel who

have demonstrated the level of competence required for the different functions of the

audit and certification process.

7

The new version of the standard provides an informative

annex defining desired personal behaviours which will enable certification bodies to use

the advantages of individuals involved in certification activities and to overcome the

weaknesses which could adversely affect these activities.

Some of the newly introduced requirements which could be highlighted are:

Determining audit objectives, scope and criteria implies that certification audit

shall evaluate the whole management system, not only for conformity criteria, but

its ability to meet the needs of client organization and their customers, as well.

Requirement that audit report shall define its content highlighting audit findings,

evidence and conclusions in consistence with the requirements of the type of

audit.

It is advisable to pay attention to a considerable number of conformity assessment

schemes evaluated by accreditation bodies in accordance with criteria for accreditation

body.

6

Accreditation Body of Serbia, webpage www.ats.rs

7

Natalija Jovič ić Zarić, Primena standarda ISO/IEC 17021:2011, ATS Bilten, Beograd, 5.

Kvalitet i izvrsnost, 2012, vol. 1, br. 11-12, str. 77-79

. In order to harmonize the approach to evaluation of these schemes Guidance EA2-13,

EA Cross Frontier Accreditation Policy and Procedure for Cooperation between EA

Members has been developed. All national conformity assessment schemes, entitled to

use accreditation symbols, signatories of EA MLA have to meet the requirements of this

document. Endorsement of this document ensures a consistent approach in accreditation

of conformity assessment schemes by all EA members.

8

Also, the mandatory document,

EA 2/17, EA Guidance of Horizontal Requirements for the Accreditation of CABs for

Notification Process, contains horizontal criteria for conformity assessment bodies

seeking accreditation for the purpose of notification and presents a mandatory document

for all accreditation bodies which accredit for notification purposes.

4. THE INTERPRETATION OF THE MOST IMPORTANT PARAGRAPHS

FROM NEW REGULATIONS ON OPERATION AND ACCREDITATION OF

MANAGEMENT SYSTEM CERTIFICATION BODIES

Having scrutinized this entire work and its topic we are able to draw certain conclusions

focusing on the main reasons for using services of accredited certification bodies:

Risk reduction

Reduction of costs

Growth of reputation and business recognition

New possibilities- companies can improve their performances during the

certification activities which opens new possibilities overlooked previously

International recognition

Possibilities for signing new deals- there are many examples where offerors are

required to provide certified management systems for bidding purposes and where

an offeree opts for an offeror certified by accredited certification body

9

.

Each specified ISO/IEC 17021:2011 requirement is important, but according to the

opinion of the author of this work the crucial requirements of this standard are: resource

requirements, process requirements and requirements for management system

certification bodies. Resource requirements impose competence of management and

personnel enabling management system certification. In the old version of the standard,

ISO/IEC 17021:2006, most audits were incorporated in this requirement because market

conditions called for a more detailed definition and familiarization with criteria for

competence, knowledge and skills of a certification body personnel. There was a

perceived need on the market for evaluation of the competence of personnel. The input

values should demonstrate the required level of competence (including administrative

personnel), in evaluation processes, or even exceed it, for various audits and certification

8

Natalija Jovič ić Zarić, Primena standarda ISO/IEC 17021:2011, ATS Bilten, Beograd, strana 5.

9

Standardization Law, 2009 :"Certification bodies are conformity assessment bodies through a third party"

Kvalitet i izvrsnost, 2012, vol. 1, br. 11-12, str. 77-79

processes, in order to achieve the maximum results in the best possible way and to mutual

satisfaction. Also, niceness and behaviour (being ethical, open-minded, tenacious,

versatile, observant, diplomatic, collaborative, perceptive, decisive, self-reliant,

professional, morally courageous and organized) are the determining factor whether a

client will continue to make use of a certification body's services, to develop confidence

(assurance of quality) that a certification body satisfies the quality requirements, and to

share his/her positive experience with other potential clients. Going beyond mere

satisfaction of requirements means providing assurance in high quality of the services

offered by certification body. One of the ways to act preventively is based upon our own

as well as on others' experience. Process requirements make it possible for us to relive

that experience and by harmonizing our actions prevent mistakes from recurring.

Benefiting from audits (Stage 1 and Stage 2 audit), surveillance activities, recertification,

special audits, appeals, complaints, records, possible suspending, withdrawing or

reducing the scope and object of audit, a certification body can make corrections (either

in case of nonconformities of a client or in its own performances) and afterwards take

corrective measures to identify the cause of the nonconformity that has occurred. The

certification body would thereby be able to improve its performances, effect

improvement and timely notify its client of potential problems/nonconformities. In that

manner a high level of contentment of interested parties interests will be reached in the

management system certification field.

In Clause 3 (3 Terms and definitions) definitions have been widened and some terms

which are of key importance have been added, because it was impossible to interpret,

understand and implement the requirements of SRPS ISO/IEC, unless we understand

basic concepts being used throughout SRPS ISO/IEC 17021:2011 (certified client,

impartiality, consultancy services, third-party certification auditing, client, auditor,

competence, guide, observer, technical area).

5. CONCLUSION

Accreditation system functioning with the use of observation of mandatory rules builds

up mutual trust in the competence of conformity assessment bodies among the member

states and thereby in certificates and audit reports they issue, as well.

Enforcement of ISO/IEC 17021:2011 could spur certification bodies to comply with

obligation to introduce certain changes to their procedures, provide new training

programs, or modify and enhance existing ones, upgrade software and system application

in order to satisfy all requirements. Accreditation bodies will scrutinize the

implementation of the requirements of the new standard in certification bodies'

headquarters during initial assessment, surveillance audit, or recertification in conformity

with their plans.

Observance of the requirements incorporated in SRPS ISO/IEC 17021:2011 should

enable certification bodies to conduct management system certification activities in a

consistent and impartial manner and thereby ease the process of recognition of such

bodies and the acceptance of their certifications on national and international level.

Kvalitet i izvrsnost, 2012, vol. 1, br. 11-12, str. 77-79

LITERATURE

Coursebooks:

1. Popovi ć Predrag, 2010, Akreditacija i ocenjivanje usaglašenosti, Univerzitet

Singidunum, Beograd, strana 78-95

Regulations:

2. Zakon o standardizaciji, (Sl. glasnik R. Srbije br 36/09)

3. Zakon o slobodnom pristupu informacijama od javnog značaja (Službeni glasnik

R. Srbije br 36/10)

Standards:

4. Standard SRPS ISO/IEC 17021:2011 Ocenjivanje usaglašenosti – zahtevi za tela

koja obavljaju proveru i sertifikaciju sistema menadžmenta

5. Standard SRPS ISO/IEC 17021:2006 Ocenjivanje usaglašenosti – zahtevi za tela

koja obavljaju proveru i sertifikaciju sistema menadžmenta

6. Standard SRPS ISO/IEC 19011:2011 Upustva za proveravanje sistema

menadžmenta

7. Standard ISO/IEC 17000:2007, Ocenjivanje usaglašenosti – Rečnik i opšti

principi

Articles:

8. Filipović Jovan i Božanić Vojislav, 2007, ISO, IEC i Svetska trgovina, Tehnika -

Kvalitet, standardizacija i metrologija, Beograd,strana 1-4

9. Kristina Tamm Hallström, 2011, Organizing risks and risk prevention in the

markets of inspection and sertification, 27th EGOS Collequium, Gothenburg

10. Simonović Srđan, 2011, Sukob interesa u sistemu standardizacije, Konferencija

studenata industriskog inženjerstva i menadžmenta, Kragujevac, strana 25

11. Ilić Dušan, 2012, Informacije od javnog značaja, Biznis i Finansije, Beograd

12. Natalija Jovič i ć Zarić, 2011, Primena standarda ISO/IEC 17021:2011, ATS

Bilten, Beograd, strana 5.

13. Edly Ferdin Ramly, 2007, Effectiveness of quality management system audit to

improve quality performance - A conceptual framework, The Fifth International

Conference on Quality and Reliability (ICQR 2007), Thailand, p.p 25-30

Web pages:

14. Akreditaciono telo Srbije, Internet stranica www.ats.rs

15. European co-operation for Accreitation – Evropska saradnja za akreditaciju

(Internet stranica: www.european-accreitation.org)

16. International accreditation forum- Međunarodni akreditacioni forum (Internet

stranica: www.iaf.nu)

Kvalitet i izvrsnost, 2012, vol. 1, br. 11-12, str. 77-79

17. International Laboratory Accreditation Cooperation – Međunarodno udruženje za

saradnju akreditovanih laboratorija (Internet stranica: www.ilac.org)

18. Privredno društvo za sertifikaciju i nadzor StandCert, www.standcert.rs

ResearchGate has not been able to resolve any citations for this publication.

Quality Management System audit is one of the quality tools to assist organization to improve quality performance. They are commonly used in the effort to diagnose, maintain and improve quality management system. It is made compulsory for the organization to maintain their quality management system based on ISO9001 standard to undergo series of audit. However, similarly to any other physical or conceptual system, they may fail to achieve the objectives set forth, to assess effectiveness and at the same time fail to recognized area for improvement. Based on an extensive literature review, the issues relevant to quality management system audit and quality performance are examine, and discussed the several issues to identify the conceptual framework to ensure the quality management system audit deliver the results.

Ocenjivanje usaglašenosti – Rečnik i opšti principi Articles

  • Iso Standard

Standard ISO/IEC 17000:2007, Ocenjivanje usaglašenosti – Rečnik i opšti principi Articles:

Ocenjivanje usaglašenosti -zahtevi za tela koja obavljaju proveru i sertifikaciju sistema menadžmenta

  • Srps Standard
  • Iso

Standard SRPS ISO/IEC 17021:2006 Ocenjivanje usaglašenosti -zahtevi za tela koja obavljaju proveru i sertifikaciju sistema menadžmenta

Sukob interesa u sistemu standardizacije, Konferencija studenata industriskog inženjerstva i menadžmenta

  • Simonović Srđan

Simonović Srđan, 2011, Sukob interesa u sistemu standardizacije, Konferencija studenata industriskog inženjerstva i menadžmenta, Kragujevac, strana 25

Informacije od javnog značaja, Biznis i Finansije, Beograd 12

  • Ilić Dušan

Ilić Dušan, 2012, Informacije od javnog značaja, Biznis i Finansije, Beograd 12. Natalija Jovičić Zarić, 2011, Primena standarda ISO/IEC 17021:2011, ATS Bilten, Beograd, strana 5.

Akreditacija i ocenjivanje usaglašenosti

Popović Predrag, 2010, Akreditacija i ocenjivanje usaglašenosti, Univerzitet Singidunum, Beograd, strana 78-95

ISO, IEC i Svetska trgovina, Tehnika - Kvalitet, standardizacija i metrologija

  • Filipović Jovan I Božanić Vojislav

Filipović Jovan i Božanić Vojislav, 2007, ISO, IEC i Svetska trgovina, Tehnika - Kvalitet, standardizacija i metrologija, Beograd,strana 1-4

Organizing risks and risk prevention in the markets of inspection and sertification, 27th EGOS Collequium

  • Kristina Tamm Hallström

Kristina Tamm Hallström, 2011, Organizing risks and risk prevention in the markets of inspection and sertification, 27th EGOS Collequium, Gothenburg

Ocenjivanje usaglašenosti -Rečnik i opšti principi Articles: 8. Filipović Jovan i Božanić Vojislav

  • Iso Standard

Standard ISO/IEC 17000:2007, Ocenjivanje usaglašenosti -Rečnik i opšti principi Articles: 8. Filipović Jovan i Božanić Vojislav, 2007, ISO, IEC i Svetska trgovina, Tehnika -Kvalitet, standardizacija i metrologija, Beograd,strana 1-4

Thailand, p.p 25-30 Web pages: 14. Akreditaciono telo Srbije, Internet stranica www.ats.rs 15. European co-operation for Accreitation -Evropska saradnja za akreditaciju

  • Ramly Edly Ferdin

Edly Ferdin Ramly, 2007, Effectiveness of quality management system audit to improve quality performance -A conceptual framework, The Fifth International Conference on Quality and Reliability (ICQR 2007), Thailand, p.p 25-30 Web pages: 14. Akreditaciono telo Srbije, Internet stranica www.ats.rs 15. European co-operation for Accreitation -Evropska saradnja za akreditaciju (Internet stranica: www.european-accreitation.org)