Procedure No.: AC.01.00 Quality and Certification Division

Procedure No.: AC.01.00 Quality and Certification Division Procedures

Procedure : Quality Manual Chapter: Organization

Page : 1 of 55 Edition 13

Valid from : 09/12

Division Director’s Signature: Eli Cohen - Kagan

Changes follow up Date Revision

Para 5.1.2 - food added, para 5.4.1 – food safety systems added, 6.5.3

deleted (approval of contractors)

06/11 8

12.2.1c - resources added, Para 13 - IAF MD 7 added, 3.7 added 11/11 9

12.2.1d and e - resources added, 12/11 10

Quality Manual restructured and updated in accordance with ISO

17021:2011, added para. 1.1 - QMS according to option 1, added para

10.6.7 - Management Representative, para 10.5.2 added for periodical

review of the documentation.

06/12 11

Quality Manual updated - clause 9 added in details 07/12 12

Para 5.2 updated - impartiality analysis, 5.3 updated, 8.3 - website

added, 8.6.3 updated, 9.1.4.6.7 updated, 9.1.5 - multi-site updated, 9.4.1

revised, 9.4.3 updated

09/12 13




Valid from : 09/12

Quality Manual

Content

Page Subject Para.

4 General and Scope of Activities 1

4 Normative Reference- Obligatory Standards and other Documentation 2

4 Terms and Definitions 3

5 Principles 4

6 General Requirements - Background of the Standards Institution of

Israel

5

6 Legal and Contractual Matters 5.1

6 Management of Impartiality 5.2

7 Liability and Financing 5.3

8 Structural Requirements 6

9 Organizational Structure and Top Management of the SII - Quality and

Certification Division

6.1

9 Committee for Safeguarding Impartiality 6.2

10 Resource requirements 7

10 Competence of Management and Personnel 7.1

10 Personnel Involved in the Certification Activities 7.2

10 Use of Individual External Auditors and External Technical Experts 7.3

10 Personnel Records 7.4

10 Outsourcing 7.5

10 Information Requirements 8

11 Publicly Accessible Information 8.1

11 Certification Documents 8.2

11 Directory of Certified Clients 8.3

11 Reference to Certification and Use of Marks 8.4

11 Confidentiality 8.5

11 Information Exchange between a Certification Body and its Clients 8.6

11 Process requirements 9

11 General requirements 9.1

12 Initial Audit and Certification 9.2

25 Surveillance Activities 9.3

28 Recertification 9.4




Valid from : 09/12

31 Special Audits 9.5

32 Suspending, Withdrawing or Reducing the Scope of Certification 9.6

33 Appeals 9.7

34 Complaints 9.8

35 Records of Applicants and Clients 9.9

37 Quality Management System requirements - Option 1 10

37 Exclusions 10.4

37 Quality Policy 10.5.1

43 Core Processes 10.9

50 Division's Products 11

53 Sanctions according to IMF MD-7 12

54 Cross-reference division procedures to ISO 9001 standard

requirements

13




Valid from : 09/12

1. General and Scope of Activities

1.1 The Quality and Certification Division has chosen to establish and maintain a Quality Management System based on ISO 9001 and developed for conformity with the requirements of ISO 17021 following Option 1.

1.2 This Quality Manual was prepared according to ISO 17021:2011requirements.

1.3 The Quality Manual refers to the Quality and Certification Division which is one of the divisions of

the Standards Institution of Israel.

1.4 The manual refers to all the divisions activities, in the field of :

1.4.1 Operating the Management Quality systems certification

1.4.2 Standards mark systems' operation for processes and products.

1.4.3 Training center of the Standards Institution – Professional guidance only..

1.4.4 Providing Assessment services such as IQ NET 9004

1.4.5 Operating Green Label and Green Building systems

2. Obligatory guidelines and required rules governing the division:

2.1 Standards Law – 1953 ( combined version )

2.2 Standards mark regulations – Standards mark and supervision symbol 1982

2.3 ISO IEC 17021 : 2011 – Conformity assessment – Requirements for bodies providing audit and

certification of management standards.

2.4 ISO IEC GUIDE 65

2.5 ISO IEC GUIDE 67

2.6 IAF MD 1 - Mandatory Document for the Certification of Multiple Sites Based on Sampling

2.7 IAF MD 2 - Mandatory Document for the Transfer of Accredited Certification Management Systems

2.8 IAF MD 3 - Advanced Surveillance and Recertification Procedures (ASRP) - Not eligible for ANAB

accreditation.

2.9 IAF MD 5 - Mandatory Document for Duration of QMS and EMS Audits

2.10 IAF MD 7 - IAF Mandatory document for Harmonization of Sanctions to be applied to CAB

2.11 I.S. ISO 9001:2008

2.12 I.S ISO 14001 : 2004

2.13 AS 9100 rev C

2.14 Ethical Code – W.I 0.1

2.15 Form 101.06 - Milestones and meeting minutes for the Committee for safeguarding impartiality

3. Terms and definition

3.1 See ISO 9000




Valid from : 09/12

4. Principles

4.1 General Background and Objectives 4.1.1 The QCD provides certification services to quality management, environmental and safety systems

and product certification in order to promote the quality of management, service and human resource and to improve the competitive ability and quality of life in the country. In addition the division provides operational management services to the Standards Mark System which certifies products and processes by permit committees. Certificate holders of the Institute benefit from their management systems and marketing advantages.

4.1.2 The division employs more than 60 academically qualified auditors with experience in engineering,

finance, environmental affairs, programming and IT, safety, chemistry, food, agriculture, public

management, microbiology, and more. The expertise in these fields provides a broad data source

needed for certification and accreditation processes.

4.1.3 The division is accredited by the RvA for ISO 9001, ISO 14001 and ISO 13485 Management

Standards and is currently in a process to achieve accreditation from ANAB for ISO 9001, AS 9100

and ISO 22000 Management Standards.

4.1.4 The division, as a representative of the institute, is a member of IQNET which is a chain of 39

certification bodies that includes 150 branches in different countries. The members are connected

through mutual agreements, so that the certificates provided by the division are recognized in the

countries in which the organizations members operate. This fact assists the manufacturers in

international trade and reduces the cost of auditing required of them in the countries of destination.

4.1.5 The institute cooperates with various certification bodies worldwide, and is used as the operational

section to conduct audits in the organizations in the country. The meaning of it, is that audits are

conducted by qualified auditors of the division and the certificate is given by the relevant certification

body. In this way the certification spectrum given to manufacturers in the country has increased.

Main cooperation partners are : NQA ( England ) in the field of automotive industry, aerospace and

tele-communication, MDC (Germany )- medical products, LNE/GMED (France) – medical products ,

ECAS (Holland) – agriculture, ISA (Holland) – food and agriculture.

4.2 Vision of the division

The Quality and Certification division shall be a leader on the market in all provided services, by innovation

and advancement, professional authority as well as reputation, providing value to its customers. The

division shall operate as a profit and loss center expanding its activities over the course of time.

4.3 Values of the Quality and Certification division

Client focus

Clear understanding and meeting the customer's needs and expectations.

Professional service

Providing service solely on a professional merit.

Cooperation and mutual responsibility

Team work, Openness, Transparency, Listening, Respect of feelings, understanding of needs:

employee to employee and employee to manager, loyalty to work place, responsibility for results.

Continuous Improvement and Innovation




Valid from : 09/12

Personal motivations to enrich knowledge, penetration of new products, improve internal processes and

improve performance (efficiency, effectiveness)

Information confidentiality

Safe guarding the intellectual property of the division / client and preventing leaks to concerns to whom

the division/client did not express his agreement (defined manner) of revealing to them.

Impartiality and Objectivity

Decisions based on objective evidence of conformity, not influenced by other interests.

Competence

Responsiveness to complaints

5. General Requirements - Background of the Standards Institution of Israel

5.1 Legal and contractual matters

5.1.1 Legal Responsibility a) The Standards Institution of Israel is a non profit organization, operating with authorized powers

according to the" Standards Law" determined in 1953.The rules define the goals of the Institution, Primarily standards preparation and product quality assurance, by standards preparation, conducting audits, implementation of tests and research, granting approval to label with the Standards mark etc

b) The Standards Institution operates as an objective body and is a nonprofit organisation. The rules and regulations of the institution determine the managing bodies – the general assembly and the operational committee – and its composition. These bodies consist of representatives from organizations which have influence on the daily activities of country such as – Manufacturers Associations, Consumer organisations, Government offices, Engineers Society, Contractors, Trade Associations, Local Councils Science and Research Institutes and more.

c) The institute actively initiates, operates and participates in quality processes in the country such as: National Quality week, National prize for quality in industry, Prize for quality in service and more.

d) The Standards Institution of Israel (SII) represents Israel in International standardization organizations such as: ISO and IEC and is a member in institutes that manage these organizations. The Institute maintains diverse contacts with parallel institutes overseas and is connected with parallel bodies under bilateral recognition agreements. With these agreements the Institute obtains international recognition allowing complete response to customer's requirements worldwide and provides Israeli companies the opportunity to market their products overseas.

5.1.2 Certification Agreement QCD maintains with all clients a legally enforceable agreement for the provision of certification activities. Details are defined in Procedure AC 03.01 and AC 03.02. 5.1.3 Responsibility for Certification QCD is responsible for all decisions relating to certification, including : granting, maintaining, renewing, extending, reducing, suspending and withdrawing of certification. Details regarding those activities are defined in Procedures: AC 03.01, AC 03.02, AC 03.03, AC 03.04. 5.2 Management of Impartiality

5.2.1 We are committed to impartiality in our management system certification activities and ensure the objectivity of our management system certification activities.




Valid from : 09/12

5.2.2 We identify, analyze and document the possibilities for conflict of interests arising from provision of certification and resulting relationships. Detailed information hereto shall be made available to the committee for safeguarding impartiality (CSI) for decision (see Form 101.06E - Risk Assessment). In order to attain effective and consistent our impartiality is based on the following details :

5.2.3 We do not provide certification in cases of unacceptable threat to impartiality. There will be no offering of certification when relationships that threaten impartiality cannot be eliminated or minimized.

5.2.4 We do not certify another certification body's management systems certification activities

5.2.5 The quality and certification division does not deal with consulting and does not provide internal

audits to its certified clients.

5.2.6 We do not outsource audits and do not offer linked activities with organizations that provides management system consultancy. There are no joined marketing activities with consultancy organizations.

5.2.7 We make sure, that personnel who have provided management system consultancy in previous

two years, shall not be used to take part in certification activities, unless more than 3 years passed.

5.2.8 We take actions to respond to any threats to our impartiality arising from external actions.

5.2.9 We make sure that all our personnel act impartially and shall not allow commercial, financial or other pressures to compromise impartiality.

5.2.10 The personnel of the division is instructed to report any situations that might result in threats to

impartiality.

5.2.11 All the activities of the division‟s staff are based on the Ethical Code – W.I 0.1.

5.2.12 Periodically the Quality and Certification Division reviews conformance with the impartiality requirements of ISO 17021. The results shall be recorded on form 101.06 - Risk Assessment and presented to the CSI for further review and approval.

5.3 Liability and Financing

5.3.1 We evaluate periodically the risks arising from certification activities and posses appropriate insurance to cover liabilities.

5.3.2 The evaluation is based on FMEA and is documented on Form 101.06. 5.3.3 We demonstrate to the committee for safeguarding impartiality (CSI) our finances and sources

periodically during reviews of impartiality. The demonstration is based on the QCD budget and monthly and annual records of the QCD performance which are being processed by the Finance Department.




Valid from : 09/12

6. Organisational Structure of the Institute

6.1 In order to complete the designated assignments the standards institution is organized according

to divisions and operational units as follows:

6.1.1 Responsibilities and authorities of the divisions

a) Standardizations division – Responsible for the coordination and preparation of the Israeli

Standards and various specifications.

b) Industrial division – Responsible for the operation of the Institutes labs such as: Electricity and

electronics lab, Mechanics Hydraulics and Energy lab, Chemistry Food and Textiles lab,

Calibrations lab and teleprocessing lab. The labs perform the tests in the manufacturer's plants,

Importers warehouse and customs.

c) Construction division – Responsible for the operation of centralized labs for soil, roads and

construction material. The labs perform tests at the various construction sites. The division has

various branches and centers in the large cities in order to supervise public and private

Managing

Director

Spokesman

Quality and Certification Division.

Standardization Division.

Industrial Division.

Construction Division.

Finance Division.

Computer Division.

Human Resources And Maintenance

Comptroller




Valid from : 09/12

construction countrywide.

d) Quality and Certification division – Coordinates the following subjects:

Licenses granted to manufacturers for the production of products, Process certification,

Management Systems Certification approval, Certification of Food Safety Management

Systems, Information Security etc. The operation of the division is conducted through auditors

who perform the checks in order to provide permits in organizations and companies. The

division provides the professional support to the training center.

e) Service divisions – Finance division, Human resource division and central computer division

who provide service to all the institutes units.

6.1.2 Responsibilities and authorities of the QCD Management - see AC 01.02.

6.1.3 Appointment of committees - See AC 01.01.

6.2 Committee for safeguarding impartiality - see AC 01.01

6.3 Organisational Structure of the QCD

Training Center – Professional coordination only

Division Director

Eli Cohen-Kagan

Head of

Standard Mark

Operation Directorate

Joshua Miller

Training

Center

Shai Hanoch

Head of Customer

Service Directorate

A. Weinberg

Head of Systems

Certification Directorate

Jacob Jarosinski

Director’s Assistant for

Budget and Control

Ravit Shahar Administration

Orli Zarfati

Quality & Information

Management

Orit Shirian

Rabinovitz

Orit Shirian

Rabinovitz

אורית שיריאן Head of Green

Label Directorate

Benny Braun




Valid from : 09/12

7. Resource requirements 7.1 Competence of management and personnel (AC.02.02)

7.1.1 General considerations QCD ensures that personal have appropriate knowledge relevant to the types of management standards we certify.

Required competences for each technical area are defined in W.I 2.0.

7.1.2 QCD reviews and approves conformance with competence criteria are defined in procedure.

7.1.3 Evaluation of the initial competence and ongoing monitoring of competence and performance is based on clearly defined process.

7.1.4 QCD addresses clearly the competence requirements for personnel performing certification and has sufficient access to technical expertise for each technical area.

7.2 Personnel Involved in the certification process The process of evaluation of competence, employment of auditors including audit and team leaders

and technical experts, definition of duties and responsibilities, selection, training, authorization of auditors, use and assignment of auditors, identification of training needs, requirements for personnel taking decision on granting, maintaining, renewing, extending, reducing, suspending or withdrawing certifications, observation and monitoring for auditors is laid down in details in procedure AC 02.03.

7.3 Use of individual external auditors and external experts

7.3.1 QCD maintains a written agreement with all auditors whether fully or partially employed.

7.4 Personnel records QCD maintains up-to date personnel records, including relevant qualifications, training, experience, competence and any consultancy services provided by any of the personnel.

7.5 Outsourcing

QCD does not outsource any of it's services.

7.6 Human resources (ISO 9001 clause 6.2) 7.6.1 The QCD employs sufficient number of auditors and other personnel (administration etc) to cover all

of its activities and to handle the volume of audit work performed. This issue is considered during the preparation of the annual budget and is followed continuously by the QCD management.

7.6.2 The Certification Directorate assigns every existing or new organization / Management System activities to one of the auditors. Periodical operational reports are issued from the computerized system and reviewed by the Directorate with the purpose of monitoring of open activities (audits) and in order to allow an exact overview of the work load of every auditor. Those reports allows to verify if sufficient auditors are available or new auditors have to be hired in order to cover all required audits for existing and new customers

7.6.3 SII employees few partial employed freelance auditors with different competences, who can

always backup any shortage of auditors until new auditors are hired and authorized




Valid from : 09/12

7.6.4 At the beginning of each year, training needs are being identified and a training plan is being established in order to ensure competency of personnel.

8 Information Requirements 8.1 Publicly accessible Information 8.1.1 QCD maintains and makes publicly accessible accurate information describing the certification and auditing process, including information about certification granted, suspended or withdrawn. 8.1.2 The information regarding the certification auditing system is available on the AC 04.xx procedures depending on the Management System. 8.1.3 Information regarding certified / suspended organizations may be found on the SII Website and may also be received by phone. 8.2 Certification Documents Procedure AC 03.02 defines the requirements and the process of issuing of certificates 8.3 Directory of certified clients QCD maintains a data bank of all certified organizations including all details, such as : name, address, contact people, phones, e-mails, scope of certifications and history of the audit visits. The data is confidentially maintained and secured. The data related to certified / suspended / withdrawn organizations is publicly accessible through the SII Website (www.sii.org.il). 8.4 Rules for use of certification logos by organizations are defined on Form 130.03 and are handed over to every certified organisation. 8.5 Confidentiality 8.5.1 QCD maintains a policy and arrangements to safeguard the confidentiality of the information obtained during performance of audits. 8.5.2 All employees and any personnel, including members of the committees sign a confidentiality agreement on Form 124.01. 8.6 Information exchange between a QCD and the clients 8.6.1 QCD provides and updates the customers on details regarding certification activities, normative requirements and fees for application and certification and procedures for complaints and appeals - see AC 04.xx. 8.6.2 Due notice regarding changes to the requirements is given to the customers. 8.6.3 QCD signs with every customer a legally enforceable agreement - e.g 129.01. 9 Process requirements 9.1 General Requirements 9.1.1. Audit Program

9.1.1.1 An audit is an independent systematic activity in order to determine if the activities and their results conform to the planned arrangements. In an audit, these arrangements are also checked to see if they have been effectively implemented and if they are suitable for achieving the objectives. An audit applies to an entire system or to its elements.




Valid from : 09/12

9.1.1.2 QCD develops an audit program for the full certification cycle in order to demonstrate that the client's management system fulfils the requirements for certification to the applicable standards.

9.1.1.3 The audit program includes a two -stage initial certification audit, surveillance audit in the first and second year and a recertification in the third year prior to expiration of certification. The determination of the audit program takes into account the size of the organization,

complexity of the processes and products.

9.1.1.4 Where other audits have already been granted to an organization, a reliable information shall be collected, justified and recorded and shall be an input to adjust the audit program.

9.1.2 Audit Plan

9.1.2.1 Preparations and Audit Planning Performance of an effective audit in an organization depends on suitable preparations. For this reason, the auditor must complete at least the following actions prior to the performance of the audit:

9.1.2.2 Coordinate the date of the visit with the organization, at least one week in a dvance, and ensure that an appropriate and authorized representative of the organization is present during the performance of the audit. The organization representative must be notified of the names of the audit team so he may appeal the participants.

9.1.2.3 Audit objectives, criteria and an audit plan shall be submitted to the organization representative in order to prepare suitably. Where necessary, the audit plan may be adjusted and modified to the organization constraints (as long as these adjustments and modifications do not interfere with audit objectives and it‟s essence).

9.1.2.4 Review the previous audit reports, with emphasis on nonconformities found and corrective actions required.

9.1.2.5 Study the technologies and production processes and tests existing in the organiz ation. As deemed necessary and according to the opinion of the auditor, a professional consultant, from the SII laboratories (or from some other suitable source) shall be assigned to the audit.

9.1.2.6 Review the requirements of the applied standards, laws and/or requirements concerning the field of certification that the customer has requested or received.

9.1.2.7 When the organization in within the framework of Standards Mark, the last laboratory reports should be checked to see whether they have any negative findings, and these should be clarified with the organization.

9.1.2.8 An audit plan shall be prepared on Form 125.xx “Audit Plan”, or Form 103.xx – “Recertification and Audit Plan (see Appendix A).

9.1.2.9 Stage 1 audits shall be based on Stage 1 Audit plans - Form 125.00 for ISO 9001 / AS9100, Form 125.22 for FSMS audits or equivalent shall be used.

9.1.2.10 The plan shall include an indication of the elements of the quality system and relevant organizational units that will be audited. Consideration of all subjects in the various organizational units shall be ensured.

9.1.3 Audit Team Selection and Assignment




Valid from : 09/12

9.1.3.1 Audits shall be performed by auditors with demonstrated competence (applies also to technical experts if used), authorized in accordance with Procedures AC.02.02 and AC.02.06 for the Standards Mark system, in accordance with the results of the contract review. The appointed Lead Auditor shall be entered into the AS400 system and shall be nominated by Form 127.00. The organization shall be informed in writing regarding the appointment.

9.1.3.2 All team members shall be authorized for the standard / scheme needed to achieve objectives of the audit.

9.1.3.3 The audit team shall include at least one auditor certified for the scope in the field of activity of the organization, who will cover during the audit all activities related directly to the scope (production / service related issues).

9.1.3.4 The lead auditor shall be responsible for all activities in the specific organization (the attending auditor), unless set otherwise by the Head of Systems Certification Dir ectorate.

9.1.3.5 The audit team shall include persons capable of reading and writing in the language in which the audit is performed.

9.1.3.6 When establishing a team of auditors to conduct an environmental management system audit, the lead auditor shall choose additiona l auditors in accordance with their qualifications concerning the environmental impact levels to be covered at the organization. In any case, at least one team member shall cover the maximum impact level of the organization (see AC.02.02).

9.1.3.7 Auditors in training may be included in the audit provided an auditor is appointed as an evaluator.

9.1.4 Determining Audit Time

9.1.4.1 Determining of audit time is based on IAF MD 5:2009, those shall be used as guidelines for preparation of quotations, based on questionnaires filled in by the customers and additional information received about the customer‟s premises and processes.

9.1.4.2 The tables provide a framework for further planning and adjustments to audit durations for all types of audits.

9.1.4.3 Determining of audit time shall take into account the following aspects : the requirements of the relevant management system standard, size and complexity of the organization, technological and regulatory context, any outsourcing activities, the results of any prior audits, number of sites and multi-site considerations

9.1.4.4 Time spent by any team member that is not assigned as an auditor (observers, auditors in training, technical experts) shall not count as a part of the audit.

9.1.4.5 For the purpose of calculating the number of required man-days, the number of employees in an organization shall include all employees, including administrative staff. – see definition – „Effective Number of Personnel‟

9.1.4.6 EMS audit duration




Valid from : 09/12

9.1.4.6.1 Risks, the nature of the organization and gravity of the environmental aspects shall be considered. Determination of audit duration shall be based on the following complexity categories :

- High (Level 1) – environmental aspects with significant nature and gravity (typically manufacturing or processing organizations)

- Medium (Level 2) – environmental aspects with medium nature and gravity (typically manufacturing organizations).

- Low (Level 3) – environmental aspects with low nature and gravity (typically assembly organizations).

- Limited (Level 4) – environmental aspects with limited medium nature and gravity (typically office type environment).

- Special (Level X) – require unique consideration.

- See Table B for the four first complexity categories

- Flexibility in consideration of man-days shall be applied, as not always organizations in a specific sector fall in the same complexity category.

- The attending auditor, assigned to the organization shall confirm the appropriate category on Form 100.01 (Stage1), based on the gathered information concerning possible environmental influences, the processes, the organization's complexity and legal obligations. Possible sources of information are (but are not limited to) documents supplied by the organization, information concerning processes in the relevant industry, visit to the site, consultation with the engineer of the attending Division, etc. The auditor shall estimate the time needed on the basis of this information.

9.1.4.6.2 Increase of audit duration should be considered n in the following cases :

- Complicated logistics involving many buildings and locations

- Staff speaking in foreign languages and an interpreter is required.

- High degree of regulation (food, drugs, aerospace etc)

- Highly complex system with relatively high number of unique activities

- Activities that require visiting of temporary sites (project management sites, service, installation sites etc).

- Additional, indirect or unusual environmental aspects for the sector or higher sensitivity compared to the industry sector

9.1.4.6.3 Reduction may be made for organizations in the following cases :

- Temporary unskilled personnel is available

- Client is not „Design Responsible‟ (for QMS only)




Valid from : 09/12

- Few of the standard elements are not covered in the scope (e.g no manufacturing processes or offices only)

- Low risk products or processes.

- Maturity of management system

- Combined audit of an integrated system

- Prior knowledge of the client management system (e.g certified to another standard)

- Low complexity activities (service only)

- Identical activities performed on all shifts (based on previous audits / internal audits)

- Significant proportion of staff carry out similar simple functions in respect to the product or service provided e.g. assembly workers in a mass production plant

- Staff include a number of people who work „Off Location‟ e.g salespersons, drivers, service personnel, security guards and appropriate records for review are available

9.1.4.6.4 Where organizations operate on shift basis, the extent of auditing of each shift shall be based on the level of control that is demonstrated by the client. The justification for not auditing each shift shall be documented

9.1.4.6.5 For the first certification cycle a reduction of audit duration should not exceed 30 % of audit time as established in tables.

9.1.4.6.6 Time required for audit planning and report writing should not reduce the total audit on-site to less than 80% of the total audit time.

9.1.4.6.7 Reduction of times established in tables shall be justified on Calculation Forms.

9.1.4.6.8 Combined ISO 9001 / ISO 14001 audits - Man days for organizations with combined QMS / EMS

systems shall be calculated as follows : the number of man-days for QMS, based on the number of employees

shall be added to the required man-days defined for EMS, based on the environmental impact of the

organization

9.1.4.6.9 Modifying and updating the calculation - The planned surveillance audit duration shall be reviewed from time to time, at least at the time of recertification

9.1.5 Multi-site Sampling

9.1.5.1 Multi-site sampling applies to organizations with similar processes, methods or activities (e.g manufacturing, service, sales etc.). Where processes in each location are not similar, but clearly linked, the sampling plan shall include at least one sample of each process conducted by the organization.

9.1.5.2 QCD conducts a contract review in order to ensure the eligibility of the organization for a multi-site sampling. The contract review shall identify the complexity and scale of the activities covered by the management system, including any differences between sites, as a basis for determining the level of sampling and competency requirements.




Valid from : 09/12

9.1.5.3 If all sites of the organization are not ready to be submitted for certification at the same time, the organization shall inform the QCD in advance of the ready and those to be excluded.

9.1.5.4 A representative of the QCD shall explain to the candidate the application of multi-sampling prior to commencement of an audit.

9.1.5.5 A multi-site organization need not be a unique legal entity, but all sites shall have a legal or contractual link with the central office of the organization.

9.1.5.6 The management system shall be under a centrally controlled QMS which shall include the following items : System Documentation and changes, Management Review, Handling of Complaints, Evaluation of Corrective Actions, Internal Audit Planning and evaluation of results, Changes to aspects and associated aspects of EMS, Legal requirements, Nonconformities.

9.1.5.7 When nonconformities are found at any individual site, either through internal or external auditing, investigation should take place to determine whether the other sites may be affected.

9.1.5.8 Evidence of resolution shall be required until control is re-established (frequency and/or size of sampling may be increased as necessary).

9.1.5.9 At the time of the decision making process, if any site has a nonconformity, certification shall be denied to the whole network of listed sites, pending satisfactory corrective action.

9.1.5.10 Exclusions of nonconformities at a single site can only be agreed in advance.

9.1.5.11 Certification Documents for multi-site organisations

9.1.5.11.1 Certificates shall contain the name and address of the central office and a list of all sites to which the certification documents relate.

9.1.5.11.2 Certificates may be issued for each site under the condition, that they contain the same scope, or a sub-scope of that scope.

9.1.5.11.3 The organization shall be requested to inform the SII about the closure of any sites covered by the organization.

9.1.5.11.4 Addition of new sites additional audits shall be based on update of the audit program.

9.1.5.12 Sampling

9.1.5.12.1 At least 25% of the sample should be random.

9.1.5.12.2 Initial Audit‟s sample size shall be calculated as follows : sample size = √ number of sites

9.1.5.12.3 Surveillance Audit‟s sample size shall be calculated as follows sample size = 0.6√ number of sites

9.1.5.12.4 Re-certification Audit‟s sample size shall be calculated as follows sample size = 0.8√ number of sites.

9.1.5.12.5




Valid from : 09/12

9.1.5.12.6 Sampling may include the following aspects : results of internal audits, recordes of complaints, significant variation in size, shifts, modifications since last audit etc.).

9.1.5.12.7 The sampling size may be increased due to the complexity of the activity, associated impacts for EMS, audit results etc.

9.1.5.13 Adding of additional sites - each new group of sites shall be considered as an independed set for the determination of the sample size. Following certification of the new group, the new sites shall be cumulated to the previous one for determining the future sampling size.

9.1.5.14 Audit Time - The number of man-days per site, including main office shall be calculated according to approved man-days Tables. The audit days shall never be less, than if the work had been undertaken ar a single site.

9.1.6 Communication of Audit Tasks

9.1.6.1 The tasks given to the audit team include the following objectives: determination of the conformity of the client's Management System, conformance with the applicable regulatory and contractual requirements, continual evaluation of the effectiveness of the system.

9.1.6.2 Examination of the quality manual and procedures from the customer.

9.1.6.3 Auditing of the locations, organizational units, activities and processes. Generally, the totality of the audits shall be consistent with the scope.

9.1.6.4 The audit criteria shall be used as a reference for conformity evaluation and shall provide a basis for confidence in the client's management system.

9.1.6.5 The audit team leader shall communicate to the client any inconsistencies between the clients policy, objectives and targets and the results.

9.1.7 Communication concerning audit team members

9.1.7.1 The Head of the Systems Certification Directorate shall appoint an attending auditor (in coordination with the Customer Directorate).

9.1.7.2 Prior to the appointment, the Systems Certification Directorate shall ensure the suitability of the auditor for the organization, namely:

9.1.7.2.1 His certification according to Procedure AC.02.02 for required standards and scopes, technical knowledge and skills appropriate to the needed competencies for the organization

9.1.7.2.2 Impartiality - No connections, such as: family or business relationships, advising of competitors, etc. that may influence the performance of the audit and the conclusions.

9.1.7.2.3 More than two years have passed since the auditor completed his function as a consultant to the organization.

9.1.7.2.4 The attending auditor shall be appointed and the client informed accordingly, sufficient time to object.

9.1.8 Communication of the audit plan




Valid from : 09/12

9.1.8.1 The audit plan shall be communicated and the audit days agreed with the organization's representatives.

9.1.9 Conducting on-site audits

9.1.9.1 QCD defined a process for conduction on-site audits.

9.1.9.2 Conducting the opening Meeting

9.1.9.2.1 The opening meeting shall take place with representatives of the organization. It is important to assure that these representatives shall be of the appropriate level to able and are authorized to transmit information on behalf of the organization. It is essential that the person responsible for quality in the organizat ion should participate and it is desirable that member(s) of the management also participate.

9.1.9.2.2 Information and clarification of the audit goals, scopes to be assessed and the system of carrying out the audit shall be delivered, and the audit plan and timeta ble shall be finalized.

9.1.9.2.3 An opening meting shall cover the following issues :

9.1.9.2.3.1 introduction of the participants, including an outline of their roles;

9.1.9.2.3.2 confirmation of the scope of certification;

9.1.9.2.3.3 confirmation of the audit plan (including type and scope of audit, objectives and criteria), any changes, and other relevant arrangements with the client, such as the date and time for the closing meeting, interim meetings between the audit team and the client's management;

9.1.9.2.3.4 confirmation of formal communication channels between the audit team and the client;

9.1.9.2.3.5 confirmation that the resources and facilities needed by the audit team are available;

9.1.9.2.3.6 confirmation of matters relating to confidentiality;

9.1.9.2.3.7 confirmation of relevant work safety, emergency and security procedures for the audit team

9.1.9.2.3.8 confirmation of the availability, roles and identities of any guides and observers;

9.1.9.2.3.9 the method of reporting, including any grading of audit findings;

9.1.9.2.3.10 information about the conditions under which the audit may be prematurely terminated;

9.1.9.2.3.11 confirmation that the audit team leader and audit team representing the certification body is responsible for the audit and shall be in control of executing the audit plan including audit activities and audit trails;

9.1.9.2.3.12 confirmation of the status of findings of the previous review or audit, if applicable;

9.1.9.2.3.13 methods and procedures to be used to conduct the audit based on sampling;




Valid from : 09/12

9.1.9.2.3.14 confirmation of the language to be used during the audit;

9.1.9.2.3.15 confirmation that, during the audit, the client will be kept informed of audit progress and any concerns;

9.1.9.2.3.16 opportunity for the client to ask questions.

9.1.9.2.3.17 A short general review of the organization and its quality system, and a very short tour of acquaintance, if this is the first audit.

9.1.9.2.3.18 Evaluation of safety risks to the audit team during the audit

9.1.9.2.3.19 Information about changes in the processes, the product, the organizational structure and the functions - if this is not a first audit.

9.1.9.2.3.20 The opening meeting should be kept as short as possible and not longer than 30 minutes.

9.1.9.3 Communication during the audit

9.1.9.3.1 During the audit, the audit team shall periodically assess audit progress and exchange information.

9.1.9.3.2 The audit team leader shall reassign work as needed between the team members and communicate the progress of the audit and any concerns to the client.

9.1.9.3.3 Where the audit evidence indicates that the audit objectives are unattainable or there is a risk to the team members, the client shall be informed accordingly. The Lead Auditor is responsible to advise any required plan changes, termination of the audit or scope changes to the team and to the client.

9.1.9.3.4 Head of the System Certification shall be notified regarding the action taken in such cases.

9.1.9.4 Observers and Guides

9.1.9.4.1 The presence of observers dur ing the audit shall be agreed with the client prior to the conduct of the audit.

9.1.9.4.2 During the audit, each auditor shall be accompanied by a guide

9.1.9.4.3 The Lead Auditor shall ensure that observers and guides do not influence or interfere in the audit process.

9.1.9.5 Collecting and verifying information

9.1.9.5.1 During the audit information relevant to the audit objectives, scope and criteria, including interfaces between functions and processes shall be collected to become audit evidence.




Valid from : 09/12

9.1.9.5.2 These findings shall be collected by means of checking the documents (procedures, work instructions, various approvals, etc.), checking the serviceability of equipment and materials, checking work processes (including their compliance with procedures and work instructions and interviewing the employees. Information gathered by questioning employees, should be also verified by other means.

9.1.9.5.3 The audit also includes checking of publications of the organization, catalogues, information sheets, packages and on the products, and checking that the customer does not publish misleading information, (according to SII Procedures AC 04.01, AC.04.02, AC.04.03 etc). Every case of misleading publication shall be reported and dealt with, by the person responsible for misleading publications. In addition, the audit will include checking of complaints and appeals received in the organization, or “indirect complaints” against the organization brought to the attention of the division.

9.1.9.5.4 During the audit, check if there is conformity with the requirements while gat hering relevant evidence to reach conclusions concerning the quality system being tested, and to analyze these findings.

9.1.9.5.5 The audit plan and it's contents shall be followed.

9.1.9.5.6 The criticism should be constructive while preserving the respect of the employees of the surveyed organization.

9.1.9.5.7 The auditors shall not add requirements beyond those specified in the standards, the guideline documents or the organization procedures.

9.1.9.6 Identifying and recording audit findings

9.1.9.6.1 Findings shall be recorded against a specific requirement of the applicable standard. (following a discussion with the client, to ensure that the evidence is accurate and the nonconformity is understood).

9.1.9.6.2 Opportunities for improvement may be identified and recorded, however nonconformities shall not be classified as opportunities for improvement.

9.1.9.6.3 Objective evidence upon which conclusions are reached determining classification of subjects on the report conclusion page shall be detailed

9.1.9.6.4 During the summary, if a disagreement arises between the auditor and the representative of the organization, the claims of the representative of the organization shall be heard with sincerity. The auditor shall reconsider his judgment and determine whether to change his initial decision and will act accordingly. Disagreements not settled during the summary meeting, shall be noted in the audit summary.

9.1.9.7 Preparing Audit conclusion

9.1.9.7.1 Prior to the closing meeting, the audit team shall review the audit findings and any other information collected during the audit, agree upon the audit conclusion and identify any necessary follow-up action.




Valid from : 09/12

9.1.9.7.2 Appropriateness of the audit program shall be confirmed (e.g scope, audit time, surveillance frequency, competence).

9.1.9.8 Conducting The Closing Meeting

9.1.9.8.1 A formal closing meeting (attendance shall be recorded) shall be held with customer's management representatives.

9.1.9.8.2 The purpose is to present audit conclusions including recommendation regarding certification.

9.1.9.8.3 Any Nonconformities shall be presented and explained during the audit. The audit report shall include all nonconformities identified.

9.1.9.8.4 The closing meeting shall include also the following elements as applicable : explanation regarding sampling during the audit, report presentation, grading of nonconformities, process of handling nonconformities, status of certification, timeframe for corrective action, information about the appeals process to the SII.

9.1.9.8.5 The audit report shall be submitted to the customer (in accordance with Procedure AC.03.03). For initial audits (even if an organizations was class ified as conforming), the pages of comments alone will be transmitted to the organization. The summary page shall be transmitted to the organization only after all the stages of certification and approval have been completed. Upon request of the organizat ion, the auditor may hand over a summary page with the general classification “no classification” only.

9.1.9.8.6 The QCD process of handling nonconformities including any consequences relating to the certification shall be explained

9.1.9.8.7 Information about the complaint handling and appeal process.

9.1.9.8.8 The client shall be given opportunity for questions.

9.1.10 Audit Report

9.1.10.1 At the end of the audit and prior to the summary meeting of the audit, a full audit report shall be prepared, where findings shall be referred to the applicable standard element.

9.1.10.2 Audit findings shall be recorded for each audit on relevant report forms as follows: Page of the summary of findings signed by the lead auditor, to which is attached a summary of the audit, to which is attached details of findings.

9.1.10.3 The report must include details of corrective actions performed as a result of nonconformities raised in previous reports. The remarks shall include details of corrective actions requested in the past and not completed.

9.1.10.4 At the end of the audit, in accordance with new data accumulated, the Lead Auditor shall check whether there is a need to update the number of man-days for the next audits, and report his decision to the relevant assistant of the Customer Directorate. Information regarding this change (if applicable) shall be communicated to representatives of the organization.




Valid from : 09/12

9.1.10.5 The Lead Auditor is responsible for the contents of the audit including all relevant information, such as : name and address of the customer, type of audit, audit criteria, audit objectives, audit scope, names of the participants, place of audit, audit findings etc.

9.1.10.6 The audit plans and audit reports shall be transferred to the head of the directorate of system certification for approval.

9.1.11 Cause Analysis on Nonconformities

9.1.11.1 Following the issuance of any nonconformities during the audit (classified as Major or Minor), it is mandatory to require from the organization a written Correction / Corrective Action Report which shall include a Root Cause Analysis, affected documentation and CA effectiveness. CA may be submitted on Form 101.01or Form 101.02 or on a compatible form of the audited organization which shall include all the information as detailed on the a.m forms.

9.1.11.2 The auditor shall determine a timetable for receipt and review of the correction /corrective action within a reasonable time in accordance with the significance of the nonconformities.

9.1.12 Effectiveness of corrections and corrective actions

9.1.12.1 The Lead Auditor shall review (onsite or based on documentation) and approve the correction / corrective action reports, including identified root causes and corrective actions submitted by the client, to determine if all subjects were properly addresses, the responsible people were identified and time tables for corrections and corrective action implementation have been properly addresses and these are acceptable. The Lead auditor shall verify the effectiveness of any correction and corrective action taken.

9.1.12.2 For Initial certification and recertification audits the nonconformities have to be closed out prior to recommendation of certification or certification continuation

9.1.12.3 For surveillance audits the nonconformities may be reviewed during the next audit, up to the decision of the Lead Auditor. If it is necessary to change the classification of the audit as a result of the correction / corrective action submission, the decision shall be transferred to the Head of the System Certification Directorate for approval.

9.1.12.4 In case no satisfactory correction / corrective action reports have been received, including sufficient evidences of implementation of the corrective action, it is the responsibility of the Lead Auditor to set a special audit or to initiate a suspension / withdrawal of the certification.

9.1.12.5 The clients shall be informed accordingly regarding the status of correction /corrective action verification.

9.1.13 Additional Audits

9.1.13.1 The client shall be informed in case an additional audit should be required.

9.1.14 Certification decision

9.1.14.1 The person who makes the certification decision is always different from those who carried out the audit.




Valid from : 09/12

9.1.15 Actions prior to making decision

9.1.15.1 The recommendation file shall be transferred to the responsible professional coordinator of the scheme (or scope) for professional review and once approved, to the Head of the System Certification Directorate for final review and approval (by a signature). The signature of the Head of the Directorate on the recommendation form 128.00, constitutes the decision to grant certification.

9.1.15.2 The approval is based on the following issues :

9.1.15.2.1 the information provided by the audit team was sufficient

9.1.15.2.2 The effectiveness of corrections and corrective actions was evaluated and accepted

9.1.15.2.3 Client's plan for corrections / corrective actions was approved

9.2 Initial Audit and Certification

9.2.1 Application

9.2.1.1 Organizations requesting certification for their management systems, may approach the Department in a number of ways: By telephone, in writing, by email or through the internet.

9.2.1.2 The client shall prepare an application form, according to the requested certification.

9.2.1.3 The submitted information shall include :

9.2.1.3.1 The specific requested Standard (ISO 9001; MOD, ISO14001, IS18001 etc.) is clearly defined on the application.

9.2.1.3.2 Requested scope of activity.

9.2.1.3.3 Location

9.2.1.3.4 The number of employees.

9.2.1.3.5 The name of the contact person.

9.2.1.3.6 Customer signature. An unsigned application shall be returned to the customer.

9.2.1.3.7 Information concerning employed consultants, shifts, exclusions etc.

9.2.1.3.8 Technologies, processes and products are clearly described, regulatory matters, outsourcing etc.

9.2.2 Application Review

9.2.2.1 Upon receiving from the customer, the completeness of the application shall be checked by an Assistant to the Directorate. The following details are to be considered:

9.2.2.1.1 The information about the applicant organization and its management system is sufficient for the conduct of the audit and includes the following issues at least :




Valid from : 09/12

9.2.2.1.2 The specific requested Standard (ISO 9001; MOD, ISO14001, IS18001 etc.) is clearly defined on the application.

9.2.2.1.3 Requested scope of activity.

9.2.2.1.4 The number of workers.

9.2.2.1.5 The name of the contact person.

9.2.2.1.6 The QCD has the competence and ability to perform the certification activity

9.2.2.1.7 Records of the decision are maintained

9.2.2.2 The reason for decline of an application shall be documented

9.2.2.3 Based on the review, the competences of the team shall be determined

9.2.2.4 The audit team shall be appointed based on the competences of the auditors.

9.2.2.5 The QCD established a list of competent certification decision makers

9.2.3 Initial Certification audit - shall be conducted in two stages

9.2.3.1 Stage 1 Audit

9.2.3.1.1 Stage 1 audit shall be based on Stage 1 audit plan - form 125.00 and shall include the following issues:

9.2.3.1.1.1 The client‟s management system documentation

9.2.3.1.1.2 Evaluation of the client‟s location and assessment of preparedness for stage 2 audit and site-specific conditions and undertake discussions with the client's personnel.

9.2.3.1.1.3 Review of client‟s understanding of the standard with respect to processes, objectives and operation of the management system.

9.2.3.1.1.4 Collecting of information regarding the scope of the management system, statutory and regulatory aspects, legal aspects and risks and processes and locations.

9.2.3.1.1.5 Preparation of an audit plan for stage 2 audit.

9.2.3.1.1.6 Evaluation of internal audits and management review performed by the customer.

9.2.3.1.1.7 All Stage 1 audits under ANAB accreditation shall be conducted onsite. The statement is valid for new certifications as well as for transfers of ISO 9001 and ISO 22000 which had not include an onsite Stage 1 audit.

9.2.3.1.1.8 Consideration shall be given to the needs of the client to resolve areas of concern identified during stage 1 audit.

9.2.3.1.1.9 Review of Quality Manual / Procedures and supporting Documentation




Valid from : 09/12

9.2.3.1.1.9.1 The review shall be performed by a certified auditor onsite or offsite as a part of stage 1 audit.

9.2.3.1.1.9.2 The attending auditor shall review the suitability of the Quality Manual and related Documentation, submitted by the customer, to the Standard, within 30 days of their receipt in the Division.

9.2.3.1.1.9.3 The review of the Quality Manual shall be documented.

9.2.3.1.1.9.4 The report of the Quality Manual review shall be sent to the representative of the organization prior to conducting the certification audit.

9.2.3.1.1.9.5 An auditor is authorized to approve the execution of an audit even if nonconformities were found in documentation, or if corrections were not carried out sufficiently prior to the certification audit. However, the certification of the organization is dependent upon completion of all requirements

9.2.3.1.2 Stage 1 audit findings shall be documented and communicated to th e client.

9.2.3.1.3 Any areas of concern, which could be classified as nonconformities during stage 2 audit or may lead to postponement or cancellation of the Stage 2 audit.

9.2.3.2 Stage 2 Audits shall include :

9.2.3.2.1 Evaluation of the implementation, including effectiveness of the client‟s management system.

9.2.3.2.2 Evidence about conformity to all requirements of the applicable standard or scheme.

9.2.3.2.3 Performance monitoring and reviewing against key performance objectives and targets.

9.2.3.2.4 Conformance to regulatory and legal aspects relevant to the standard.

9.2.3.2.5 Operational control of the client‟s processes.

9.2.3.2.6 Internal auditing, management review and management responsibility, competence of personnel, performance data, audit findings and conclusions.

9.2.3.2.7 Links between the normative requirements, policy, performance objectives and targets

9.2.4 Initial Certification audit Conclusion

9.2.4.1 The audit team shall analyze all information and audit evidence gathered during stage 1 and stage 2 audits and agree on conclusions

9.2.5 Information for Granting Initial Certification

9.2.5.1 The attending Lead auditor shall prepare the recommendation file.

9.2.5.1.1 The following documents shall be filed in the recommendation file in the following order:




Valid from : 09/12

9.2.5.1.2 Application form, filled out by the customer, requesting certification (Form 126);

9.2.5.1.3 Results of Stage 1 audit, including summary of procedure review (Form 100.01);

9.2.5.1.4 Report on Stage 2 audits conducted (Form 104) and correspondence regarding required corrections / corrective actions (approved by the Lead Auditor), including organization‟s response;

9.2.5.1.5 Surveillance man-days calculation form (Form 120)

9.2.5.1.6 A Draft of the approved certification certificate (Form142);

9.2.5.1.7 Recommendation form (Form 128 ), signed by the attending auditor;

9.2.5.1.8 Surveillance Audit program (Form 103.xx) shall contain a detailed list of main processes, departments / sites of the organization ;

9.2.5.1.9 Company‟s registration form.

9.2.5.2 Any existing information, such as public information, comments on the audit report from the client shall be evaluated.

9.3 Surveillance Activities

9.3.1 General

9.3.1.1 QCD develops the surveillance activities so that representative areas and functions covered by the scope of the management system are monitored on regular basis and take into account changes to the client and his management system

9.3.1.2 Surveillance activities include semi-annual or annual on-site audits

9.3.2 Surveillance Audit

9.3.2.1 The objectives of the surveillance procedures are:

9.3.2.1.1 To verify that the management system of the organization continues to perform in compliance with the requirements of the Standard and the follow-up agreement.

9.3.2.1.2 To check whether any changes occurred in the organization which necessitate a modification of the management system.

9.3.2.1.3 To verify that corrective actions, which should have been implemented, were indeed carried out as planned and as promised.

9.3.2.2 Surveillance methods :

9.3.2.2.1 The organizations may choose one of two surveillance methods:

9.3.2.2.1.1 Annual surveillance method - which includes conducting one surveillance audit annually, and performing a Recertification every third year (conditioned for MOD suppliers upon confirmation from MOD).




Valid from : 09/12

9.3.2.2.1.2 Semi-annual surveillance method - which includes conducting two audits annually and a Recertification every third year .

9.3.2.2.1.3 Surveillance audits shall be conducted at least once a year. The date of the first surveillance audit shall be not more than12 month from the last day of stage 2 audit.

9.3.2.2.1.4 Noncompliance with the requirement to conduct periodical audits in a timely manner (more than 18 month for annual audits or more than 12 month for semi-annual audits will require to start the certification process from the beginning, including Stage 1 audit. A waiver to this procedure can be granted by the Head of the Certification Directorate only.

9.3.2.2.1.5 It is possible to transfer between the methods at the beginning of each surveillance year only.

9.3.2.2.2 Audit Program and Audit Plan

9.3.2.2.2.1 The Customer Directorate, in combination with the attending auditor shall prepare a program for conducting surveillance audits in the organization, in advance, according with the surveillance method that the organization chose.The program shall be updated in the Computer System, by the directorate workers.

9.3.2.2.2.2 The plan shall include or refer to the following : audit objectives, audit criteria, audit scope, functional units, processes, dates and sites where the onsite activities are to be conducted, expected time and duration of onsite audits, roles and responsibilities of the audit members.

9.3.2.2.2.3 Based upon the program and following certification of the organization, a quotation estimate shall be prepared for the organization in accordance with Procedure AC.02.04, and an invoice shall be issued.

9.3.2.2.2.4 In addition, the attending auditor shall prepare an audit plan that includes the system elements and the relevant organizational units, processes and sites of the assessed organization. The audit plan shall be prepared on Form 103.xx (Recertification and Audit Plan Form), Form 125.xx or equivalent. The audit plan shall be sent to the organization prior to the audit (or left in the organization in advance for the next audit).

9.3.2.2.2.5 The attending auditor shall follow up performance of audits and at the end of each audit shall mark the elements (sites, procedures, departments and Standard clauses) that were checked during the audit. (Form 103.xx or equivalent). The follow-up form shall be filed in the customer file, preferably in the file pocket.

9.3.2.2.3 Audit plans shall be prepared so that the audits meet the following requirements:

9.3.2.2.3.1 The audits shall encompass all the clauses of the Standard and all the sites of the organization within the 3 years cycle.

9.3.2.2.3.2 The audits shall encompass all the organizational units within a reasonable time limit, considering the size of the organization.

9.3.2.2.4 The following clauses shall be checked in each surveillance audit cycle:

9.3.2.2.4.1 Implementation or the corrective actions required by the previous audit.




Valid from : 09/12

9.3.2.2.4.2 Review of changes in the organization

9.3.2.2.4.3 At least one of the components of the quality system typical of the core manufacturing process / service in the organization.

9.3.2.2.4.4 Management reviews.

9.3.2.2.4.5 Internal system audits .

9.3.2.2.4.6 Customer complaints.

9.3.2.2.4.7 Corrective and preventive actions.

9.3.2.2.4.8 Scopes/activities that have changed since the last audit.

9.3.2.2.4.9 Customer complaints & appeals received in the Division concerning the organization.

9.3.2.2.4.10 Use of marks (certification symbols)

9.3.2.2.4.11 Remark : Should the frequency of performing the activities in clauses 4 and 5 be lower than the surveillance audit frequency, these subjects shall be checked according to their frequency in the organization.

9.3.2.2.4.12 Also during surveillance and recertification audits, the effectivity of the management system shall be checked for achievement of organizational goals, and the progress towards the organizational plans for continuous improvement.

9.3.2.2.4.13 If substantial changes occurred in the organization, the auditor shall update the audit plan as required.

9.3.2.2.4.14 Coordination of audits and their conducting shall be in accordance with Procedure AC.02.01.

9.3.3 Maintaining Certification

9.3.3.1 Maintaining of certification is based on demonstration that the client continues to satisfy the requirements and on positive conclusion by the audit team.

9.3.3.2 In cases of situations that may lead to suspension or withdrawal of certification, a review by appropriately competent personnel, different from those who carried out the audit may be required.

9.3.3.3 The Systems Certification Directorate monitors the surveillance activities and the repo rts by the auditors, to confirm that the certification activity is operating effectively.

9.4 Recertification

9.4.1 Recertification audit planning

9.4.1.1 All organizations due to Recertification shall be identified in the list of organizations by a "RA"




Valid from : 09/12

9.4.1.2 Recertification shall be conducted once in three years for annual and bi-annual audited organizations.

9.4.1.3 Following significant changes on the system, the need for a stage 1 audit shall be considered.

9.4.1.4 Recertification requirements for annual and bi-annual organizations

9.4.1.4.1 As a preparation for the recertification audit, additionally to the regular annual preparation the following shall be done :

9.4.1.4.1.1 Review of the QM and relevant procedures - the L.A shall mainly concentrate on problematic issues resulting from nonconformities from previous audits and shall also assess the relevance of the procedures to the scope of the organization. If required as follows from previous performance of the organization, additional documentation may be reviewed (specs, work instructions etc).

9.4.1.4.1.2 The documentation shall be reviewed on-site as a part of the recertification audit.

9.4.1.4.2 Review of previous audit reports :

9.4.1.4.2.1 Coverage of all main processes and activities and all standard elements shall be checked

9.4.1.4.2.2 All activities which had not been sufficiently covered by previous audits shall be prioritized for the recertification audit.

9.4.1.4.2.3 Re-occurring nonconformities shall be identified and followed.

9.4.1.4.2.4 Corrective action and corrections shall be reviewed and a close out of those shall be re-affirmed.

9.4.1.4.2.5 The Audit Plan shall confirm with requirements defined in Procedure AC 02.04

9.4.1.4.3 Audit Documentation

9.4.1.4.3.1 Findings resulting from review of the documentation shall be recorded of Form 106.02 (or equivalent).

9.4.1.4.4 The audit details shall be recorded also on Form 103.xx and shall include :

9.4.1.4.4.1 Name and number of the organization

9.4.1.4.4.2 Recertification period

9.4.1.4.4.3 All audit details done during the certification cycle, including standard elements, sites and processes.

9.4.1.4.4.4 Classification of findings

9.4.1.4.4.5 Not audited elements / processes for each audit shall be clearly identified ('--" or "NE").

9.4.1.4.4.6 Exclusions shall be clearly identified




Valid from : 09/12

9.4.1.4.4.7 recertification audit report shall include all sites which are part of the organization

9.4.2 Conducting a Recertification Audit

9.4.2.1 A re-assessment audit shall be conducted in the following cases :

9.4.2.1.1 Once in three years in accordance with procedure AC.03.03 – surveillance audits.

9.4.2.1.2 When significant changes have occurred in the quality system (following ownership, equipment or personnel changes).

9.4.2.1.3 When there is a well-founded suspicion that the customer's management system is no longer in accordance with the requirements (for instance as a result of customer complaints or other information).

9.4.2.1.4 When the audits were not performed according to planned arrangements.

9.4.2.2 The extent of the audit (man-days) is reflected by orders on the computerized system.

9.4.2.3 The audit shall include at least :

9.4.2.3.1 Implementation of the procedures

9.4.2.3.2 Subject where nonconformities were detected in previous audits including implementation of correction and corrective actions.

9.4.2.3.3 Activities which had not been covered sufficiently during the certification cycle.

9.4.2.3.4 Conformance of the system with the scope.

9.4.2.3.5 Effectivity of the system and continuous improvement in the processes.

9.4.2.4 The audit shall be summarized on Form 104.xx (the type of the audit shall be recorded in an appropriate place) in accordance with Procedure AC 02.01.

9.4.2.5 A copy of the audit report shall be handed over to a representative of the organization, the original shall be filed in the organization's file and shall be submitted to a professional coordinator of the scheme for review and approval.

9.4.2.6 The re-certification shall be noted also in the cover of the file.

9.4.2.7 Final decision regarding renewal of re-certification shall take into account also previous performance of the organization.

9.4.2.8 In case of nonconformities, the organization shall be required to submit correction or corrective action. Should the audit results in a "Requiring Improvement" status - the organization shall not be recommended for continuation of the certification without detailed Corrective Action, which shall be verified and confirmed by the Lead Auditor.

9.4.2.9 All orders shall be reported and closed following completion of all activities related to the recertification audit.




Valid from : 09/12

9.4.2.10 Depending on the result of the recertification audit, additional audit may be set not later than 3 month after the recertification audit. This is at the discretion of the Lead Auditor. There shall not be any recommendation by the LA without appropriate and approved CA.

9.4.3 Information for granting recertification

9.4.3.1 All the reports (including review of the system over the period of certification and complaints), including Corrections and Corrective Action shall be submitted in the organization's file for review and approval of the professional coordinator of the scheme. The approval of the recommended file and reporting of the audit on the system conclude the activity and allows the issuance a new certificate to the organization.

9.5 Special Audits

9.5.1 Extension or reduction to Scope

9.5.1.1 A customer interested in expanding his scope of certification shall notify the Division ASAP. The Division shall attempt to include the additional scope within the regular audits.

9.5.1.2 A request for certification to a new Standard (such as ISO 14001) shall not be considered as an extension of the existing scope of certification but as a new request.

9.5.1.3 The attending auditor shall check the extent of activity needed for the extension and where necessary shall notify the organization of additional payments, with a quotation.

9.5.1.4 The auditor shall check the applicability of the procedures and the readiness of the organization for the extended scope, and in accordance with the results shall present his recommendation as per Procedure AC.03.02.

9.5.2 Short notice audits

Partial or complementary audit shall be performed in the following instances:

9.5.2.1 When it is necessary to repeat and ensure that a certified system continues to be duly implemented (within the framework of surveillance audits).

9.5.2.2 When changes have occurred concerning the customer or his products (such as: additional sites, broadening the fields of activity, extension of scope, investigation following complaints, etc.) and it is necessary to ensure that the management system continues to be properly implemented.

9.5.2.3 When the audits were not performed according to planned arrangements.

9.5.2.4 When it is necessary to ensure the completion of corrective actions required by previous audits.

9.5.2.5 In case substantial nonconformities are detected in the management system of the organization, additional audits shall be conducted, in order to verify required corrective actions in accordance with Procedure AC.03.04. For these audits, the organization shall be sent separate invoices issued by the Assistant to the Directorate, where required.

9.5.3 Transfer Audits from other Certification Bodies




Valid from : 09/12

9.5.3.1 Organizations transferring to SII from other accredited certification bodies (IAF MLA signatory) will be required to follow all requirements of this procedure, including a formal application on Form 126.xx as applicable.

9.5.3.2 The validity of the existing certificate shall be checked, the last audit report and the applicable Corrective Action is to be reviewed

9.5.3.3 .This is a prerogative of the Heads of the Certification / Customer Directorates to reduce the required extent of the Quality Manual /Procedures review (may be performed on-site). The extent of the Transfer / Certification Audit may be reduced up to the extent of a surveillance audit.

9.5.3.4 In case the existing certificate is not valid anymore or the last audit had not been performed according to the required frequency (6 or 12 month as applicable), the organization shall be considered a new applicant and not a transferring organization.

9.6 Suspending, withdrawing or reducing the scope of certification

9.6.1 Procedure AC.03.04 defines the requirements related to suspending, withdrawing or reducing the scope of certification.

9.6.2 The following are the cases for which the Division shall begin certification revocation :

9.6.2.1 Classification of an audit as “nonconforming” in a surveillance audit.

9.6.2.2 Classification of “improvement necessary” in two consecutive audits.

9.6.2.3 Classification of “improvement necessary” in a Recertification audit, not closed within 90 days.

9.6.2.4 Classification of “nonconforming” in a surveillance audit for a part of the management system.

9.6.2.5 The organization intends to give up a part of the certification.

9.6.2.6 Where there is an excessive complaint or an excessive amount of complaints against the customer.

9.6.2.7 Repeated breach of the surveillance agreement (misleading publication), or any other breach of the follow-up agreement (such as: preventing surveillance of the management system, etc.) at the discretion of the Head of the Customer Directorate.

9.6.3 In the cases mentioned above, the attending auditor shall warn the supplier of his intention to recommend suspension / withdrawal of certification. The warning shall be given by one or more of the following actions:

9.6.3.1 Sending a warning letter to the customer. The letter shall include a requirement that the client discontinues its use of the certificate and all other advertising matter that contains any reference to a certified status.

9.6.3.2 Discussing the subject at the summary meeting of an audit or during a specific meeting with the customer.

9.6.3.3 A partial revocation may be acceptable in some cases.




Valid from : 09/12

9.6.3.4 In any case, in accordance with the severity of the nonconformities, the auditor may recommend directly the certification suspension / withdrawal

9.6.3.5 Additional parties authorized to recommend suspension / withdrawal of a management system certification are the Heads of the Directorates.

9.6.3.6 The warning to the customer shall be documented, including an indication of the corrective action required of the customer and a date the suspension shall become effective if the nonconformities shall not be removed.

9.6.3.7 The letter shall detail the meaning of suspension and certification withdrawal, if those become effective (the organization shall not be able anymore to use certificates or publicize itself as being certified in any way .

9.6.3.8 The warning shall be approved by a signature of the Head of the Directorate of System Certification.

9.6.4 If during special audit it was found that the customer did not implement the required corrective action, or the supplier refused to conduct the special audit within a reasonable period of time, the suspension / withdrawal process shall be initiated without any further warnings. The name of the organization shall be removed from the list of certified organizations immediately with start of suspension / withdrawal activities

9.6.4.1 Returning of the status “certified” following suspension / withdrawal of system matters, shall be the responsibility of the System Certification directorate. Suspension and Withdrawal of the certification shall include all subsidiaries included under the certification process (which are not performing standalone audits).

9.6.4.2 The time between suspension and withdrawal should not be more than 6 month.

9.6.5 The Directorate of Systems Certification is responsible for conducting the follow-up after the submission of the recommendation for certification suspension / withdrawal or reduction. In case where the reason of suspension has not been resolved, a withdrawal shall be started. The withdrawal process shall be documented.

9.6.6 Conditions for suspension / withdrawal are clearly defined on the surveillance agreement - Form 130.01

9.6.7 The decision concerning restoration of the certification, extension of the suspension, or total revocation shall be transferred to the Customer Directorate and the computerized system shall be updated accordingly

9.7 Appeals

9.7.1 Procedure AC 01.07 and procedures AC.04.01 - AC.04.05 cover the requirements for handling of Appeals.

9.7.2 Procedures AC.04.01 - AC.04.05 are accessible to the public

9.7.3 Receiving and handling Appeals




Valid from : 09/12

9.7.3.1 Any received appeals shall be recorded and tracked, including actions undertaken in order to resolve the appeal. The appeals shall be recorded and followed up on the computerized SII complaints system.

9.7.3.2 SII shall acknowledge receipt of the appeal and shall provide the appellant with progress report and the outcome. An immediate response shall be sent to the party making the complaint within 7 days of its receipt.

9.7.3.3 The appeal shall be validated and investigated and decision shall be taken in response, taking into account the results of previous similar appeals.

9.7.3.4 Any required Correction / Corrective Action shall be documented

9.7.3.5 Persons engaged in the appeals handling process shall be different from those who carried the audits and made the certification decisions.

9.7.3.6 Submission, investigation and decision on appeals shall not result in any discriminatory actions against the appellant.

9.7.3.7 If necessary, the Committee shall summon the appealer's representative to state his arguments

9.7.3.8 Head of System Certification Directorate is responsible for handling and resolving of appeals

9.7.3.9 A final, written response shall be sent to the appellant within 30 days.

9.8 Complaints

9.8.1 Procedures AC.04.01 - AC.04.05 are accessible to the public

9.8.2 Receiving and logging a Complaint

9.8.2.1 Written complaints will similarly be forwarded to the complaints coordinator, who will enter all of the details into the computerized system. The Division will only handle complaints received in writing. The complaining party will be asked to point out as many details as possible (including test results, if there are any).

9.8.2.2 Upon receipt of an indirect complaint the coordinator shall send the complaining party a letter on Form 110.xx, the organization referred to in the complaint will receive a copy of the complaint, within 7 working days.

9.8.3 Dealing with a complaint

9.8.3.1 After a review of the compliant, the coordinator will decide, who the most suitable person in the Division is to handle the complaint. He will then transfer the complaint to this person along with any accompanying documents.

9.8.3.2 If need, an complaint will be transferred to the Ombudsman. When the topic of the complaint has to do with the laboratory, the coordinator will send a copy of the complaint to the laboratory, asking them for their response.

9.8.3.3 The person handling the complaint will investigate all aspects of it, will learn the facts pertaining to it and will find out if it is justified. If need be, the person handling the complaint will refer to




Valid from : 09/12

documents, certificates, standards or any other documentation that may have a bearing on the complaint and the facts connected with it. The person handling the complaint may decide to meet with other employees and/or the complaining party and question them as he sees fit.

9.8.3.4 The Complaint Coordinator will enter any complementary information pertaining to the complaint into the computer. When the Division's part is finished, the person handling the complaint will enter into the computer his intermediary conclusions

9.8.4 Closure of a complaint

9.8.4.1 Each complaint received a shall be responded in writing by one of the following, according to the case: complaint coordinator, Head of Directorate, Division Director, Head of a laboratory, Quality Manager, Ombudsman.

9.8.4.2 The answering letter shall contain a summary of the investigation conducted, the findings and the conclusions drawn.

9.8.4.3 With the dispatch of the letter, the case will be considered “closed” and will be so noted on the database.

9.8.4.4 A final reply to the complaint will be sent within 30 days after receipt of the complaint

9.8.4.5 In cases where it is not possible to complete the inquiry within this period, the complaint coordinator is responsible to send the complaint an interim response.

9.8.5 Open complaints shall be reviewed after 30 days and the reason shall be documented

9.8.6 QCD shall determine whether and to what extent, the subject of the complaint and it‟s resolution shall be made public.

9.8.7 Reporting and Corrective Action

9.8.7.1 The complaint coordinator shall report, to the Division's Director, each complaint which, according to his opinion, is liable to cause damage (defamation, legal action, etc.) to the Division or the Institution. In this case, a reply will be given to the complainant only after appropriate consideration.

9.8.7.2 When necessary, corrective action to a complaint or a cluster of complaints shall be taken, in accordance with procedure AC.01.08.

9.8.7.3 A report regarding the complaints and corrective/preventive actions, taken shall be presented during the management review.

9.8.7.4 The report shall analyze the complaints by category in comparison with findings in previous periods. This analysis will include, but not be limited to, duration of complaint handling and degree of justifiability. If need, the coordinator shall add to the report his recommendations regarding corrective or preventive action to be taken in order to reduce the causes of complaints.

9.8.8 Documentation of Complaints and Appeals

9.8.8.1 The complaint coordinator will maintain an electronic record of all complaints and appeals related to the activities of the Division, including complaints related to products which had been granted a Standard Mark.




Valid from : 09/12

9.8.8.2 The records of complaints and appeals, will be retained by the coordinator for a period of three years

9.8.8.3 In addition, the Ombudsman keeps a record of all complaints and appeals and relevant correspondence handled by him.

9.9 Records of Applicants and Clients

9.9.1 All documents relating to communications between the Institution and the customer shall be filed in a customer file, apart from audit time determinations which shall be kept in designated files.

9.9.2 Records of Applicants and Clients include the following

9.9.2.1 Customer's Application

9.9.2.2 Customer's Registration

9.9.2.3 Justification for Audit Time (initial, surveillance and recertification) including sampling

9.9.2.4 Stage 1 Audit including a documentation review records

9.9.2.5 Stage 2 Audits

9.9.2.6 Certification agreements

9.9.2.7 Verification of corrections and Corrective Action

9.9.2.8 Scope Recommendation Form

9.9.2.9 Certification Recommendation Form including certification / recertification decisions

9.9.2.10 Surveillance Audits records (including Correction / Corrective Action resolution)

9.9.2.11 Recertification Audit records (including Correction / Corrective Action resolution)

9.9.2.12 Scope extension records

9.9.2.13 Records of appeals and complaints

9.9.2.14 Competence records of administration and auditors

9.9.3 Securing quality records

9.9.3.1 Records shall be kept in dedicated customer files in a cabinet accessible to Division employees only. The filing cabinet is protected by a fire detecting and extinguishing system which is periodically checked.

9.9.3.2 Records in the SII computer shall be backed-up and stored in accordance with Computer Unit Procedure MH 15.01 – Central Computer Back-up.

9.9.3.3 Records kept outside the filing cabinet shall be stored in protected locations only.




Valid from : 09/12

9.9.3.4 Confidentiality also applies to records taken out of the vicinity of the SII. The files will be kept in a manner that assures their integrity, prevents their loss and prevents unauthorized access.

9.9.3.5 Under no circumstances will information or reporting pertaining to an organization be transferred to a third party, without written permission from the organization.

9.9.4 Retaining Customer Documents

9.9.4.1 The period of keeping Customer records is described in procedure AC.01.04.

9.9.4.2 If the customer's file does not have enough space to store all of the documents during the entire retaining period, some of the documents may be kept in some other manner, provided that such storage ensures adequate storage and convenient access to the documents.

9.9.5 Discarding Documents

9.9.5.1 Following expiration of the retention period, documents shall be transferred for shredding. 10. Management system requirements 10.1 Scope - the scope of the QMS includes design and development of our certification services. 10.2 The Quality System takes into account the credibility of the certification and the needs of all parties. 10.3 The quality system includes a Quality manual, detailed procedures and Work Instructions. 10.4 Exclusions 10.4.1 Clause 7.6 – Control of monitoring and measuring devices – The division does not deal with measuring devices. Within the frame work of the standards mark the labs carry out measurements by their instruments.

10.5 Requirements of the ISO 9001:2008 Standard (details include only the issues that are not covered in the division's procedures) 10.5.1 Quality Policy of the division

a) Operating Standards Mark System for processes and products and certifying quality management

systems, certification of environmental management systems and safety and health in the workplace of

organizations in various frameworks, food safety systems and professional guidance of the training

centers activities dealing with the public, providing various services to governmental offices and other

clients, in issues which are the core of the divisions activities, with emphasis on:

- Providing service to all without bias

- High degree of accuracy and reliability

- Courtesy and pleasant manner

- Short reaction time

- Fair price

- Work completed by a professional team selected, trained and qualified for the job.

- The various technological audits carried out by auditors with the appropriate professional

background.

- Ensure maintaining information confidentiality




Valid from : 09/12

- Maintain strict professional and personal ethical rules.

b) We guarantee performance of the highest standard in accordance with the appropriate national and

international standards such as ISO Guide 17021:2011, ISO Guide 65 (EN – 45011).

c) We operate to provide certification services and mutual recognition worldwide via the international

certification network IQNET, and cooperation with network members with the aim of developing services

and products with added value to its clients. The division's procedures are suited to the IQNET's

procedures.

d) We participate in the advancement of quality in Israel by conducting operations such as:

Initiation of national quality activities, National Quality week, Participation in national quality activities

such as Quality conference for the Israel Association for Quality or the National prize for quality in

industry.

e) We grant the "Gold Mark" to manufacturers and service providers who have quality and excellence

ingrained and who have at least 3 quality standards testifying to the suitability of the management

systems , processes' and products to international and national standards , and "Platinum Mark" for

manufacturers and service providers who have 5 quality standards.

f) We operate to update our clients with innovations/updates/changes in the standards, approval

systems within the scope of the division's activities. In addition we update our clients on general quality

issues that are of interest to the general public

.

g) We encourage all enquiries in order to improve and discuss all suggestions aimed at advancing the

divisions objectives. We initiate continuous improvement of the employee's professional ability through

relevant training and courses.

10.5.2 Quality System Documentation - The conformance of the hierarchy of the QCD documentation

and the continuous compliance of the Quality Manual and procedures with the requirements of

ISO 17021 and the Accreditation Bodies shall be periodically reviewed and reapproved (at least

once in three years). The results of the review shall be documented as a part of the management

review.

10.5.3 Division's Goals - The detailed objectives will be determined within the framework of the annual

management review

10.5.4 Customers Satisfaction – Increase customer satisfaction and improve customer loyalty.

10.5.5 Excellence in the process – Improve operational efficiency and improve quality of work in particular

service deadlines. Increase clarity, transparency and accuracy of documents dealing with customer

communication

.

10.5.6 Infrastructure – Increase employee's satisfaction by improving employee's abilities and

development of knowledge and management information infrastructure.




Valid from : 09/12

10.5.7 Financial performance - Maintaining the overall revenues and profitability by providing for product

development and infrastructure.

10.6 Management responsibility (clause 5 in the standard)

10.6.1 Obligation of top management to develop and implement the quality management system and to

improve it's effectiveness, defining measurable quality goals and objectives, conducting management

reviews and initiating activities to advance improvements in processes.

10.6.2 The management assigns resources for the advancement of the quality system as a part of the budget.

10.6.3 Focusing on the client, defined in the manual as a central role in the division's activities. The focus is

expressed by dedicating to each organization a person responsible for customer liaison - the

responsible lead auditor, and a customer manager whose role is to provide back up to the auditor in

connection with customer liaison.

The customers are divided into sectors of activities in order to provide a service suitable for all the

customers' characteristics. Sector managers are responsible for developing services suitable for the

type of customers in the sector.

Focusing includes the needs of all parties that rely upon certification services, such as the public,

legislation and conformance with mandatory standards and our customer‟s customer needs.

10.6.4 The Quality Policy is distributed to the division's employees during the annual training, and is

assessed for its compatibility within the framework of the annual management review.

10.6.5 The Quality goals – These goals are detailed in this manual. Measureable goals are defined and

monitored, measured and updated as applicable in the management review.

10.6.6 Planning the Quality system is detailed in this manual. Changes to the system are conducted in a

controlled manner under the supervision of the division's management.

10.6.7 Management representative for quality – The Management representative for quality is the Head of

the System Certification directorate. He was appointed due to his long lasting acquaintance with the

QMS of the division and his involvement in the processes.

10.6.8 Internal communication – The internal communication of the division is conducted through a intertwined number of activities : Every auditor has a mail box in which all the internal and customer

correspondence mail may be kept. As the auditor is usually away from the office, most of the

communication is done telephonically/by e-mail. Other communications channels :

a. Communication of auditors with customer managers – by telephone and e-mails .

This, in addition to occasional face-to-face meetings in the office.

b. Auditor meetings – The division manager and management members conduct periodical

meetings with groups of auditors, to sort out major issues and exchange ideas.




Valid from : 09/12

c. Personal meetings- Auditors – The division manager organizes personal meetings with the

auditors on his own initiative at least once a year. The head of systems certification directorate

meets the auditors at least twice a year for personal meetings.

d. Personal meetings – administration workers – The division manager holds periodical meetings

with the administration workers to sort out personal issues and solving professional issues.

e. Training meetings – The product managers / professional coordinators conduct training

meetings at least once a year.

f. Open door policy - The division managers keep an " open door policy " for every worker and

every auditor to sort out personal issues and solving professional issues.

g. Electronic mails – Messages are passed on to auditors also by way of the e-mail.

h. Northern based auditors have a contact point at the Haifa branch, for information transfer and

data needed on a regular basis.

i. Customer service workers meet for regular meetings to receive information, responsibility of

the customer service manager, at least once a month. The rest of the communication is done

on a one to one basis with the customer service coordinator of the division.

J . Meetings with all the divisions workers – periodical meetings are held of all the divisions

workers, including transferring information on a social basis.

10.6.9 Management Review - see AC 01.06

10.6.10 Infrastructure (clause 6.3)-

a. The working infrastructure of the headquarter includes centralized computing system ,telephon

system for communication with customers and with auditors, and an archive for management of

customers files.

b. Auditors work mainly at the customers sites, and receive communication instruments (cellular

phone),car for mobility and laptops to provide better service to the customer and to ease

communications with headquarters.

10.6.11 Work environment-

a. The administrative workers of the division are concentrated on one floor. Auditors, have a specific

area on a separate floor in order to complete office work. The auditors have cubicles, based on

available space, in order to work with the computer system, conducting office work and compiling

information.

The cubicles are used for a number of auditors. In both areas the system is one of "open space". The

coordinators have a separate work areas - coordinators office, to advance their activities.

b. The division has boardrooms to conduct meetings with customers and for work meetings and small

group training.




Valid from : 09/12

c. Customer reception – The division has a waiting room to receive audience waiting for meetings with

auditors or functionaries in the division.

10.7 Product implementation (clause 7 in the standard)

10.7.1 Communication with the customer - Official communication with the customer includes official

correspondence, especially signature on agreements, certification receipt, detailed in the operational

procedures ( See table in clause 17)

10.7.1 Correlating and dealing with questions and various enquiries – the customer managers are available

For the customers needs to clarify various issues by way of fax, telephone, e-mail or face to face

meetings. This, in addition to communication with the auditor, responsible for his service quality. The

details of the customer are updated in the computer system and used by all bodies that have access to

the system. In addition, the customer's details are updated in the customer's files, for the auditor's use.

10.7.2 Design and Development (Clause 7.3. of the standard) – The division follows the requirement of

clause 7.3 when developing and implementing new standards and services (see AC.01.09).

10.7.3 Validation of manufacturing processes and service provision (Special processes – clause

7.5.2 in the standard) – Audits of management system are special processes that can not be

measured on an absolute basis at the end of the audit. Therefore the audits are conducted with

emphasis on the auditors' qualifications, training and supervision of their work process, work by

advanced methods and evaluation over a period of time of the output of their work in relation to the

organization meeting the quality processes demands.

10.7.4 Identification and traceability (clause 7.5.3 in the standard)-

Customers are identified by a customer number that is output from the computer system. Projects are

identified in accordance with the customer number.

Status of service and certificates of a customer is defined in the computer system.

10.7.5 Customers property-

The customers purchased information is kept by the auditors in accordance with the confidentiality

agreement and ethical code of the division which obliges each and every worker.

The computer system is backed up according to the procedures of the information systems division and

is its responsibility.

In accordance with customers request, auditors sign a confidentiality agreement ( NDA- non disclosure agreement).

10.7.6 Measuring ,analysis and improvement ( clause 8 in the standard )

a) Measuring and monitoring (clause 8.2)

Customer satisfaction is measured by customer satisfaction surveys conducted from time to time. The

results of the survey are analyzed and used as a basis for discussions in the division and to improve

the service.

In addition, Sector managers are in direct contact with strategic customers, at least once a year, as a

basis to receive defined feedback from the customer regarding service provided to him. These results




Valid from : 09/12

are also analyzed and used for the management review.

Deserting customers are dealt according to a methodical manner by the sector manager and

customer managers, in order to prevent their removal from the system. The feedback from the

customer is recorded , analyzed and documented accordingly.

Measuring and monitoring processes is conducted by measuring the level of service defined in the

framework of the standards mark administration. In addition a measurement of the customer level

service is conducted by means of the Call Center, and by way of additional checking tables enabling

further checks of the service level provided to the customer.

b) Internal Audits (clause 8.2.2) - see AC 01.05

c) Improvement (clause 8.5)

As part of the management review the suitability of the activities is compared to the division's policy

and meeting of defined goals and objectives at least annually. According to results objectives are set

and goals renewed.(If needed)

With regards to the process of internal audits, handling of non conformance, corrective and preventive

actions-see procedures as defined in the following table




Valid from : 09/12

10.9 Core Processes

10.9.1 Focusing on the customer

Auditors –

Headquarter employees

Quality and Certification

Division

Internal processes

Customer

Standard

association

stamp

operation

administration

Management

system

approval

administration

Customer

administration

Training

center

Routine report management

– human resources

Human resource

management

Continuous information

provision

Initial certification

process

Inspection process

Customer documentation

management

Payments and collection

Satisfaction survey

Customer complaints and

handling enquiries

Marketing

Development :

New products

Development :

Infrastructure

Quality control –

implementation

Quality management

Preparation for external audits

employee

viewpoint survey

Welfare

Institu

tes labs

with

in th

e fram

ewor

k of

stan

dard

ass

ociatio

n stam

p

External accreditation bodies

Development and

professional

advancement

Training and

certification

Administration

services

External certification bodies




Valid from : 09/12

10.9.2 Flow diagram of work process – management system approval




Valid from : 09/12

Corrective

action

needed ?

Approved ?

Paid?

Corrective

action

needed ?

Conducting audits and checks

Signing a

Supervision agreement

Implementing

corrective action

Implementing

corrective action

Preparation in the organisation –

documentation and applicationApproval of price quote

Checking the corrective action

Conducting audits and checks

Certification approval


Customer reminder

Customer payment

required ( proforma )

Documentation approval Providing price quote

Customer enquiry

Index :

Quality and certification

division

Customer

Approved ?

Approved ?

No

No

No

No

No

Yes

Yes

Yes

Yes

Yes

Yes

No

Supervision

Preliminary ( Initial clarification )

10.9.3. Flow diagram of work process – standards mark approval




Valid from : 09/12

Corrective

action

needed ?

Approved ?

Defect

Discovered ?

Minor/Major

defect

Professional committee :

Recommendation to

grant permit/approval

Implementing

corrective action

Implementing

corrective action

Conducting quality audits

Conducting process audits

Checking the products

Approval of price quote

Checking the corrective action Approval of

supervision agreement


Conducting audits

and checks

Documentation approval:

Quality procedures

Product file

Providing price quote

Customer enquiry

Index :

Quality and certification

division

Customer

Approved ?

Continuation

of

process ?

No

No

No

No

No

Yes

Yes

Yes

Yes

Yes

Yes

No

Supervision

Initial clarification

– Standard Association Stamp

Preliminary survey

( if required )

Informing the

Customer

Permits committee :

Provision of permit/approval

Fields checked :

Quality system

Manufacturing process

Product characteristics

Lab

Lab/ Quality and

certification division

Professional committee

Minor defect

Major

defect

Permit

revoked ?

Permits committee

Permit cancellationYes

No

Minor defect

10.9.4 Mapping core processes




Valid from : 09/12

Procedure Output Input Customer Process

Owner Process N.o

.

Management systems and processes AC 02.05 AC 02.04

Approved price quote

Customers details Customer Customer Service Directorate assistant

Providing price quote to customer

1.

AC 02.01 Report of procedure checked Report of certification audit Certification certificate

- Organisations procedures - Quality system of the organisation

Customer Auditor Conducting certification process especially checking and approving procedures , and practical audit at customers facility

2.

AC 03.03 AC 03.04

Approval continuation of suitability to the standards requirements

- Organisations procedures - Quality system of the organisation

Customer M.O.D (when relevant )

Auditor Conducting supervision process

3.

- Updating supervision schedule - Updating details in the system - Updating price quote - Updating certificate

Details changed at customer

Customer Auditor

Head of system certification directorate

Changes in customers details

4.

AC 02.02 AC 02.03

- Progress Reports Auditors - Auditor training - Auditor accreditation

- Reports of audit - Accompanying auditors - I.S. ISO 19011 - RVA audits

Customer


Quality control of auditors

5.

AC 02.03 - Auditor accompanying report - Reports control report - Auditor training - Auditor assessment

- Accompanying auditors - Reports control - Approval system - Checking Customers files

Customer


Service (product) control

6.

AC 02.02 AC 02.06

-Grading auditors - Customers satisfaction survey per auditor

Training schedule Accompanying auditors

Auditors Head of system certification directorate

Auditor training

7.

AC 01.09 New services and - Sector analysis Management of Head of Product 8.




Valid from : 09/12

Procedure Output Input Customer Process Owner

Process N.o.

Management systems and processes products - International

standards quality and certification division

customer service directorate

development and services

- Expanding the customer base - Expanding the activity of existing customers

- Market reports - Products reports - Events and conferences - New products

Management of quality and certification division

Head of customer service directorate

Marketing activity

9.

- Consultants professionalism - Organisations better prepared for audits

- Products interpretation guidelines - Courses for consultants

Management of quality and certification division

Head of customer service directorate

Relationship with consultants to organisations

10.

- Verification of attendance report in order to finalize orders - Employees motivation

- Activity reports control - Personal advancement

Auditors Head of system certification directorate

Administrative treatment of auditors

11.

AC 01.04 Complete and updated customer file

- Customers documents - Audit reports - Correspondence with the customer

Auditors Management of quality and certification division

Directorate assistants

Management of customers files ( including in the computer system)

12.

Standards mark system WI 03.00 Approved price

quote Customers details Customer Providing

price quote to customer

13.

WI 03.00 Standards mark certificate

- Organizations procedures - Quality system of the organization

Customer Conducting initial clarification

14.

WI 03.09 WI 03.01 WI 03.02 WI 03.03 WI 03.40 WI 03.42

Approval continuation of suitability to the standards mark requirements/process documentation

- Organizations procedures - Quality system of the organization

Customer Conducting supervision process :

15.

WI 03.06 Three way agreement

- Standards mark approval for manufacturer Manufacturer enquiry

Customer –Producer Customer -Marketing

Signing three angle" agreement

WI 03.07 Updated testing schedule for

- Standardizations committee decision

Customer Announcements of




Valid from : 09/12

Procedure Output Input Customer Process Owner

Process N.o.

Management systems and processes products affected by change

- Announcement to standards mark manufacturers

revision/change of standards

WI 03.02 - Updating supervision schedule - Updating price quote

Details changed at customer

Customer Auditor

Changes in customers details

16.

WI 03.05 monitoring and measuring points updated and according to control

-Engineering Reports International standards-

Manufacturers Institutes labs

Documenting/Changing

monitoring and measuring points

17.

WI 3.20 Updated work schedule and pricing

Work schedule and pricing per previous year

Customer Preparation for the new year

WI 03.41 - Canceling deception in advertising - Publics confidence

- Information regarding misleading advertising - Standards and directives

User-citizen Dealing with misleading advertising

AC 02.06 Qualified auditors - Auditors - Certifying and training schedule

Divisions auditors Certifying auditors to conduct audits according to S.I.I 005

WI 03.10 - Certifying new processes - Standards mark for new products

-Engineering Reports International standards-

User-citizen Manufacturers

Development of new certifications

19.

Training Center ( See Quality Manual for Training Center )




Valid from : 09/12

10.9.5. Diagram of job descriptions of the division

Standard Mark Operation Directorate

Customer Directorate System Certification Directorate

Management of existing customers

Sector manager

Customer managers

ProfessionalCoordinator

Routine Control

Customer liaison

Marketing

Communication with operational organizations

Preparation of product files

Control performance percentage

Professional management

Work schedule control in conjunction with customers

Management of existing customers

Correspondence + cost preparations

Training material and interpretation

Control sold hours

Auditor placement

Cost approval

Customer liaison

Contract Review *, Cost approval

Auditor training

Courses Professional review and control of customer files

Marketing with sector manager

Assist sector manager

Management of lead auditor in projects

Report inspection

Control salary reporting

Future human resources planning

Professional management

Work schedule control in conjunction with customers

Auditor assistance

Marketing with sector manager

Auditor welfare

Product development

Manage working relations with labs

Product development

Costing consultation per field

Product development

Certification Decisions –Approval of certifications

11. Division's Products




Valid from : 09/12

11.1 Operational service of the Standards Mark – Standard Mark granted by the approval committee

assures that a certain product complies with the set requirements of quality as determined and defined by the

various standards. The quality and certification division operates the Standards Mark System for the institute:

11.1.1 Standards Mark – An approval label signifying that a certain product adheres to the standards

requirements. The standards mark system is voluntary.

With that, in accordance with the Minister of Industry and trades decision there are a number of products for

which the labeling of the Standards Mark is obligatory. This obligation deals mainly with products which have a

safety risk. The activity is completed in accordance with the following procedures :

S.I.I procedure 005 – Requirements of quality systems operated at the manufacturers producing products

labeled with the Standards Mark.

S.I.I procedure 006 – Policy determining the order, the importance and the degree of supervision of

products produced bearing the Standards Mark.

S.I.I procedure 007 – Regulations for operating the Standards Mark system.

11.1.2 Safety Mark - An approval label signifying that a certain product adheres to the safety requirements.

The Safety Mark ensures protection from dangers when using the product.

The approval in this field is provided in accordance with the SII procedures as defined by the detailed SII

procedures mentioned in the Standard Mark (clause 5.1.1)

11.1.3 Green Mark – An approval label signifying that a product meets the criteria proving that it's

environmental impact is minimal. The label with this Mark prevents deception of the public and ensures

appropriate use of the definition "environmental friendly". The activity is done in accordance with SII procedure

004 – regulations governing approval provision for the Green Mark to products with minimal environmental

impact.

11.1.4 Process certification – Approval given in the framework of the Standards Mark, ensuring that the

manufacturer maintains relevant means, appropriate organizational system work processes ensuring the

continuation of the process and quality system meeting the demands of the relevant Standards Institute

procedures. Processes such as: Imported cement manufacturing, swaying hydrant maintenance, vehicle

reinforcement, fire detection system maintenance, roof sealing etc.

The approval in this field is provided in accordance with the SII procedures as defined by the detailed SII

procedures mentioned in the Standards Mark (clause 5.1.1)

11.2 Certification of Management systems - All the management systems that the division approves focuses

on the operation of a methodical and controlled process of the management fields in the organization, in

accordance with the requirements of the specific standard. Fulfilling the standards requirements ensures a

clearly defined policy, defined aims and measures of the relevant management processes, process application

control of the company's policy, organizational learning process and continuous lesson building, measurement

of the processes affectivity and efficiency. The division's products in this field are:




Valid from : 09/12

I.S. ISO 9001:2008- quality management system certification. Focuses on the quality of the management

process to manufacture products and or services, and to increase their effectivity.

The activity is conducted in accordance with procedure AC 04.01 – Approval of quality systems that operate

according to the requirements of Israeli standard I.S. ISO 9001 – directives and regulations

I.S. ISO 90003 : 2004 Quality management system approvals in the field of software – Approval according

to the requirements of I.S. ISO 9001:2008 and guidelines to this standard serve as a manual for interpreting I.S

ISO 9001:2008 for organizations in the field of software.

I.S. ISO 14001 – environmental quality management system – Management of the parts of the organization

with impact on the environment, by analyzing the risks to the environment and planning measures for them ,

prevention and/or reduction of environmental impact.

The activity is conducted in accordance with procedure AC 04.02 – Approval of environmental management

systems that operate according to the requirements of Israeli standard ISO 14001 –regulations.

I.S. 18001 OHSAS – Procedure for hygiene and safety in the workplace – Controlled management of

operational sections in the organization dealing with workers industrial safety, health and hygiene. The

operation is done in accordance with procedure AC 04.03.

ISO/TSI 16949 – Quality management for materials, processes and products supplied to the worldwide

automotive industry – approval focusing on the quality of the management processes of manufacturers in the

industry, supplying parts, systems and products to the automotive industry. The process is done and certificates

granted by NQA ( British C.B) . .

I.S. 9301 – Safety management of the overland transportation system – the standard is based on the

quality management Israeli standard ISO 9001:2008 with emphasis on issues relating to overland transportation

system. The activity is conducted in accordance with procedure AC 04.01.

TL 9000 – Quality management in the field of communications industry – Approval focusing on the quality

of the management processes of manufacturers developing and providing services in the communication field.

The approval is granted in conjunction with the NQA ( British organization ) . The activity is conducted in

accordance with procedure AC 04.01.

I.S. ISO/IEC 27001 – Information security management – Approval given to organisations focusing on

providing comprehensive solutions to information security issues throughout all parts of the organization and an

overall organizational view. The standards' requirements include establishing management and maintenance of

the required controls, systematic monitoring and preparation of reaction ways for every possible event.

The activity is conducted in accordance with S.I.I procedure AC 04.01.

AS 9100 - Quality management in the aerospace industry - approval focusing on the quality of the

management processes of manufacturers in the industry, supplying parts, systems and products to the aviation

industry. The approval is granted in conjunction with the NQA (British CB). The activity is conducted in

accordance with procedure AC 04.04.

CE – Approval of products in the medical devices – Approval of products in the field of medical

equipment given by notified bodies authorized by the EEC. The approval is given in conjunction with MDC




Valid from : 09/12

( German organisation ) LNE/GMED ( French organization ). The activity is done according to European

directive EEC 93/42 and appropriate certification bodies procedures'.

I.S. ISO 13485:2003- production and development of medical devices – approval given for production of

medical equipment in accordance with European directives and international standards. The activity is

conducted in accordance with procedure AC 04.01. .

I.S. ISO 22000 – management system for safety in food. Requirement for every organization in the food

chain – Organisational approval especially for production and packaging. The standard includes HACCP

requirements. The activity is conducted in accordance with S.I.I procedure AC 04.05. .

HACCP- safety management for food manufacturers and service providers in the food field – the approval

is given by the Standards Institution.

BRC for food manufacturers – requirements of British Retailers Consortium for food manufacturers. The

approval is given in cooperation with ISA (Dutch organization) The activity is conducted according to ISA's

guidelines.

BRC – IOP for food packaging manufacturers – requirements of British Retailers Consortium for food

packaging manufacturers. The approval is given in cooperation with ISA (Dutch organization ) The activity is

conducted according to ISA's guidelines.

BRC for agricultural packing houses – requirements of British Retailers Consortium for agricultural

packing houses. The approval is given in cooperation with ECAS (Dutch organization) the activity is conducted

according to ECAS's guidelines.

TNC – Approval for agricultural produce and packaging according to standards laid out by TESCO

retail chain. The approval is given in cooperation with ECAS and approved by CMI (British organization).

EUREPGAP - Approval for agricultural produce and packaging according to the EUREPGAP

organization, an international European organization. The approval is given in cooperation with ECAS (Dutch

organization) the activity is conducted according to ECAS's guidelines.

IQNET 9004 standard for checking the organizations excellence – The approval is granted for meeting

the requirements of this standard of organizations excellence by the IQNet.

11.3 Conducting audits and additional services according to the customers' requirements:

11.3.1 Second party audits – Purchasing administration of the Israeli M.O.D – Conducting QMS in

organisations and transferring the audits' findings to M.O.D (Purchasing administration of the ministry of

defense) per customer's request, as a condition of registering as a supplier to the M.O.D.

11.3.2 Production approval for the American M.O.D – QPL/QML Qualified Product List /Qualified

Manufacturers List according to MIL STD 790.




Valid from : 09/12

11.4 Appreciation certificates

11.4.1 Gold Mark – Certificate granted to organizations who have quality and excellence ingrained and who

have at least 3 quality standards testifying to the suitability of the management systems, processes' and

products to international and national standards.

11.4.2 Platinum Mark - Certificate granted to organizations who have quality and excellence ingrained and

who have 5 or six quality standards testifying to the suitability of the management systems,

processes' and products to international and national standards.

11.4.3 Diamond Mark - Certificate granted to organizations who have quality and excellence ingrained and who have 7 or more quality standards testifying to the suitability of the management systems, processes' and products to international and national standards.

12. Sanctions according to IMF MD-7

12.1 Situations that may lead to sanctions by AB's are the following :

12.1.1 Failure to resolve nonconformities in accordance with an AB procedure

12.1.2 Negative outcome of a complaint investigation

12.1.3 Misuse / misinterpretation of an accredited symbol

12.1.4 Non-payment of fees

12.1.5 Proven evidence of fraudulent behavior, provision of false information

12.1.6 Deliberate violation of accreditation rules.

12.1.7 Providing certification to any standard used as a basis for accreditation (e.g ISO

17025)

12.2 Sanctions available may include :

12.2.1 Intensification of surveillance (office, witness or document review)

12.2.2 Reduction of accreditation scope

12.2.3 Suspension or withdrawal

12.2.3 Public notice of scope reduction / suspension / withdrawal / misrepresentation of

accreditation

12.2.4 Legal actions

12.3 SII management is aware of the requirements and acts accordingly in order not to

violate any of them. SII's personnel is trained accordingly.

12.4 SII possesses a liability insurance to cover any possible damage caused to

customers.

12.5 SII is committed to protect the clients and to help any of them to transfer to

another CB following sanctions of Accreditation Bodies.

13. Cross-reference division procedures to ISO 9001 standard requirements:




Valid from : 09/12

Companies procedure Standards requirements

Procedure Name

(IQNET Doc. Ref.)

Procedure

Number

Requirement Number

Quality Manual AC 01.00 General requirements 4.1

Quality Manual AC 01.00 Quality Manual 4.2.1

Documentation and information control AC 01.11 Document control 4.2.3

Records Control / confidentiality AC 01.04 Records control 4.2.4

Quality Manual AC 01.00 Managements obligation 5.1

Dealing with appeals and complaints AC 01.07 Focusing on the customer 5.2

Quality Manual AC 01.00 Quality Policy 5.3

Quality Manual AC 01.00 Planning 5.4

Areas of responsibility and organizational structure

Job descriptions

AC 01.01

AC 01.02

Authority and responsibility 5.5.1

Quality Manual para 10.6.7 AC 01.00 Management representative 5.5.2

Quality Manual AC 01.00 Internal communication 5.5.3

Management review AC 01.06 Management review 5.6

Certification of auditors

Certification of supervising auditor according to SII 005

AC 02.02

AC 02.05

Human Resources 6.2

Quality Manual AC 01.00 Infrastructure 6.3

Quality Manual AC 00.00 Work environment 6.4

Procedures to approve a management system AC 03.01 Product implementation

planning

7.1

Calculations preparation

Calculations environmental quality management

system

AC 02.04

AC 02.05

Setting requirements

concerning the product

7.2.1

Procedures to approve a management system AC 03.01 Survey of requirements

relating to the product

7.2.2

Quality Manual AC 01.00 Communication with

customer

7.2.3

Standards mark – initial enquiries AC 01.09 Development and design 7.3

Operation of external auditors according to institutes

procedures.

Agreements with external certification organizations

Institutes

procedures

Purchasing 7.4




Valid from : 09/12

Companies procedure Standards requirements

Procedure Name

(IQNET Doc. Ref.)

Procedure

Number

Requirement Number

according to institutes purchasing procedures.

Performing system audit Processes to approve management system

Approval provision Annual follow up

Suspension and Withdrawing process and appeals

AC 02.01 AC 03.01 AC 03.02 AC 03.03 AC 03.04

Manufacturing and service

provision

7.5.1

Quality Manual AC 01.00 Validation of manufacturing

processes and service

provision

7.5.2

Quality Manual AC 01.00 Identification and traceability 7.5.3

Quality records /Information confidentiality AC 01.04 Customers property 7.5.4

Quality records /Information confidentiality AC 01.04 Preserving the product 7.5.5

Excluded Control of monitoring and

measuring devices

7.6

Quality Manual AC 01.00 Customer satisfaction 8.2.1

Internal audit AC 01.05 Internal audit 8.2.2

Checking and testing AC 02.03 Measuring and monitoring

processes

8.2.3

Quality Manual AC 00.00 Measuring and monitoring

the product

8.2.4

Non conformances/Corrective actions/Preventative actions AC 01.08 Non conforming product control 8.3

Evaluation and monitoring AC 02.03 Data analysis 8.4

Quality Manual AC 01.00 Continuous improvement 8.5

Non conformances/Corrective actions/Preventative actions AC 01.08 Corrective actions 8.5.2

Non conformances/Corrective actions/Preventative actions AC 01.08 Preventative actions 8.5.3

Procedure No.: AC.01.00 Quality and Certification Division

Documents

Transcript of Procedure No.: AC.01.00 Quality and Certification Division