This document provides guidance on the use of remote auditing methods in auditing management systems. It is applicable to all organizations that plan and conduct all kinds of internal or external audits (i.e. first-party, second-party and third-party audits) of management systems. This document supports the general principles of auditing given in ISO 19011:2018 and provides further guidance on specific conditions, possibilities and limitations for implementing remote auditing methods. This document is intended to strengthen confidence in the use of remote auditing methods for auditing management systems among customers, regulators, accreditation bodies, certification bodies, scheme owners, industry, employees, consumers, suppliers and other interested parties. The use of remote auditing methods for auditing management systems is not intended to replace on-site audit methods. Instead, remote auditing methods are intended to serve as a tool to effectively and efficiently conduct the audit. NOTE This document can be used for other types of audits and assessments.

  • Technical specification
    24 pages
    English language
    sale 15% off

This document specifies requirements for conformity assessment bodies (CABs) performing certification of new lifts (elevators), model lifts, lift components and lift functions. NOTE Hereinafter in this document, the term “lift” is used instead of the term “elevator”.

  • Technical specification
    8 pages
    English language
    sale 15% off

This document specifies prerequisite requirements for application for the certification of new lifts (elevators), model lifts, lift components and lift functions. NOTE Hereinafter in this document, the term “lift” is used instead of the term “elevator”.

  • Technical specification
    9 pages
    English language
    sale 15% off

This document provides the solution for auditors to obtain the regulated financial report data and the payroll data. This document is applicable for government audits, as well as external independent audits and internal audits.

  • Standard
    18 pages
    English language
    sale 15% off

This document complements the existing requirements of ISO/IEC 17021-1 for bodies providing audit and certification of quality management systems against ISO 19443.
NOTE       This document is recommended for use as a criteria document for accreditation, peer assessment or other audit processes.

  • Technical specification
    26 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies the functional requirements that build on ISO 21378 for audits in the areas of customs duties and indirect taxes [e.g. value-added tax (VAT) and excise duties]. It addresses how tax auditors obtain audit data for these audits, including data element formats and to some extent content requirements. In practice, this document applies to virtually every step in the whole process in the supply chain and covers both goods, services and works. It includes domestic transactions, cross-border transactions (import and export) and can cover both third-party and intercompany transactions or even movements of goods within the same company. This document does not describe when an event is taxable nor how to calculate tax or customs duties as this is legislation-specific and the situation can vary from country to country or even within the same country. This document covers standard exchange of the data related to taxable operations/activities by businesses to perform controls and audits more effectively and efficiently through automated tests. This document focuses on the characteristics related to taxability and the related formalities of the indirect tax and customs duties regulations. It includes the result of a tax calculation, the relevant underlying parameters which can be processed by ERP-systems and/or indirect tax/customs duties systems, and data needed to comply with indirect tax and customs duties legislation and formalities. This document is not designed to collect audit data from the regulators like tax and/or customs authorities.

  • Standard
    33 pages
    English language
    sale 15% off

ISO/IEC 27006:2015 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021‑1 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification.
The requirements contained in this International Standard need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in this International Standard provides additional interpretation of these requirements for any body providing ISMS certification.
NOTE          This International Standard can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Standard
    56 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document complements the existing requirements of ISO/IEC 17021-1 for bodies providing audit and certification of quality management systems against ISO 19443.
NOTE          This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Technical specification
    26 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document complements the existing requirements of ISO/IEC 17021-1 for bodies providing audit and certification of quality management systems against ISO 19443. NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Technical specification
    17 pages
    English language
    sale 15% off
  • Technical specification
    18 pages
    French language
    sale 15% off

This document specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021-1.
The requirements contained in this document are demonstrated in terms of competence and reliability by bodies providing ISMS certification. The guidance contained in this document provides additional interpretation of these requirements for bodies providing ISMS certification.
NOTE       This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Standard
    56 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021-1. The requirements contained in this document are demonstrated in terms of competence and reliability by bodies providing ISMS certification. The guidance contained in this document provides additional interpretation of these requirements for bodies providing ISMS certification. NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Standard
    47 pages
    English language
    sale 15% off
  • Standard
    53 pages
    French language
    sale 15% off

This document specifies baseline requirements intended to support the data protection certification
mechanism requested by Article 42 of the GDPR to demonstrate compliance in accordance with
EN ISO/IEC 17065.
It does not however apply to products or management systems destined for processing personal data.
This document is applicable to all organizations which, as personal data controllers and/or processors,
process personal data, and its objective is to provide a set of requirements supporting such organizations
in demonstrating compliance with the EU personal data protection normative framework
This document is applicable to all of an organization’s processing activities or to a specific subset of these
if such a decision does not involve failure to conform with the EU personal data protection normative
framework.
This document also provides indications for conformity assessment with the aforementioned
requirements.

  • Standard
    25 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document provides specifications for a transport format which enables the digital encapsulation of this data. This document refers to an encapsulation of hardware identification (HWID) data as a HWID tag, just as ISO/IEC 19770-2 refers to software identification (SWID) tags for software identification. This document applies to the following. — Tag producers: organizations that create HWID tags for use by others in the market. A tag producer can be part of the organization creating the hardware or a third-party organization. These organizations can be broken down into two major categories. — Device or component providers: entities responsible for the manufacturing or creation of the hardware device and/or associated operating system, virtual environment, or application platform. Platform providers which support this document can additionally provide tag management capabilities at the level of the platform or operating system. — Tag tool providers: entities that provide tools to create hardware identification tags. For example, tools within development environments that generate hardware identification tags, or installation tools that can create tags on behalf of the installation process, and/or desktop management tools that can create tags for underlying hardware, virtual machines, or platforms that did not originally have a hardware identification tag. — Tag consumers: tools and/or organizations who utilize information from HWID tags are broken down into the following two major categories. — Device or component consumers: entities that purchase, install, integrate, and/or otherwise deploy physical or virtual hardware or components. — IT discovery and processing tool providers: entities that provide tools to collect, store, and process hardware identification tags. These tools may be targeted at a variety of different market segments, including security, asset management, and logistics. This document deals only with hardware device or component identification. This document does not detail information technology asset management (ITAM) processes required for discovery and management of hardware (which is provided in ISO/IEC 19770-1) software identification tags (as defined by ISO/IEC 19770-2), entitlement tags (as defined by ISO/IEC 19770-3), or resource utilization measurements (as defined by ISO/IEC 19770-4).

  • Standard
    41 pages
    English language
    sale 15% off

This document specifies the performance criteria and test procedures for the performance test of stationary automated measuring systems (AMS) that continuously measure gases and particulate matter in, and flow of, the waste gas from stationary sources.
This document supports the requirements of particular EU Directives. It provides the detailed procedures covering the QAL1 requirements of EN 14181 and, where required, input data used in QAL3.

  • Standard
    72 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document provides a harmonized process and documentation requirements for the establishment of Certificates of Conformance (CoCs) used to attest the conformity of aviation, space, and defence products (e.g. assemblies, sub-assemblies, equipment and systems, parts, material) or services). It includes a CoC template and supporting instructions on how to complete it.
When quoted by the customer in a contractual requirement, application of this document is mandatory. In other cases, its use is recommended, but if there is a conflict between the requirements of this document and customer or applicable statutory/regulatory requirements, the latter take precedence.
Requirements for the establishment of Authorized Release Certificates (ARCs) [e.g. European Union Aviation Safety Agency (EASA) Form 1, Federal Aviation Administration (FAA) 8130-3 tag] by an external provider holding a production approval (for new aviation products; production or spares) or maintenance approval (i.e. for in service repairs, modifications, after sales maintenance, overhaul activities, inspections) are not covered by this document, as applicable rules are defined by the aviation authorities having granted these approvals.

  • Standard
    12 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document defines the industry-accepted requirements for the ICOP scheme, which provides confidence to ASD customers, that organizations with certification of their QMS, issued by accredited CBs, meet applicable AQMS standard requirements. The requirements in this document are applicable to all participants in the ICOP scheme. If there is a conflict between the requirements of this document, and customer or applicable statutory/regulatory requirements, the latter takes precedence.

  • Standard
    50 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document provides a harmonized process and documentation requirements for the establishment of CoCs used to attest the conformity of aviation, space, and defence products (e.g. assemblies, sub-assemblies, equipment and systems, parts, material, software) or services. It includes a CoC template and supporting instructions on how to complete it.
When quoted by the customer in a contractual requirement, application of this document is mandatory. In other cases, its use is recommended, but if there is a conflict between the requirements of this document and customer or applicable statutory/regulatory requirements, the latter take precedence.
This document can be used by other industries that require the use/application of a CoC.
Requirements for the establishment of Authorized Release Certificates (ARCs) [e.g. European Union Aviation Safety Agency (EASA) Form 1, Federal Aviation Administration (FAA) 8130-3 tag, Civil Aviation Administration of China (CAAC) Form 038] by an external provider holding a production approval (for new aviation products, production, or spares) or maintenance approval (i.e. for in service repairs, modifications, after sales maintenance, overhaul activities, inspections) are not covered by this document, as applicable rules are defined by the aviation authorities having granted these approvals.

  • Standard
    12 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies competence requirements for personnel involved in the audit and certification process for management systems for quality in healthcare organizations. It complements the existing requirements of ISO/IEC 17021-1.

  • Technical specification
    5 pages
    English language
    sale 15% off

This document defines the industry-accepted requirements for the ICOP scheme, which provides confidence to ASD customers, that organizations with certification of their QMS, issued by accredited CBs, meet applicable AQMS standard requirements. The requirements in this document are applicable to all participants in the ICOP scheme. If there is a conflict between the requirements of this document, and customer or applicable statutory/regulatory requirements, the latter takes precedence.

  • Standard
    50 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document defines the rules applicable to the audit and certification of educational organization management systems (EOMS) conforming to the requirements given in ISO 21001 (or other sets of specified EOMS requirements). It also provides the necessary information and confidence to customers about the way certification of their suppliers has been granted.
Certification of EOMS is a third-party conformity assessment activity (as described in ISO/IEC 17000:2020, 4.5), and bodies performing this activity are third-party conformity assessment bodies.
NOTE 1 This document can be used as a criteria document for the accreditation or peer assessment of certification bodies which seek to be recognized as being competent to certify that an EOMS conforms to ISO 21001. It is also intended to be used as a criteria document by regulatory authorities and industry consortia which engage in direct recognition of certification bodies to certify that an EOMS conforms to ISO 21001. Some of its requirements could also be useful to other parties involved in the conformity assessment of such certification bodies, and in the conformity assessment of bodies that undertake to certify the compliance of EOMS with criteria additional to, or other than, those in ISO 21001.
NOTE 2 Certification of an EOMS according to ISO 21001 is a management system certification, not a product certification.
NOTE 3 ISO 21001 is a standalone management system standard, not a sector application of ISO 9001.

  • Technical specification
    27 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical specification
    22 pages
    English language
    sale 15% off

1.1   General
This document defines requirements for the preparation and execution of the audit process. In addition, it defines the content and composition for the audit reporting of conformity and process effectiveness to the EN 9100-series standards, the organization’s QMS documentation, and customer and statutory/regulatory requirements.
The requirements in this document are additions or represent changes to the requirements and guidelines in the standards for conformity assessment, auditing, and certification as published by ISO/IEC (i.e. ISO/IEC 17000:2020, ISO/IEC 17021 1). When there is conflict with these standards, the requirements of this document take precedence.
NOTE 1   In this document, the term “EN 9100-series standards” comprises the EN 9100, EN 9110, and EN 9120 standards; developed by the IAQG and published by various national standards bodies.
NOTE 2   In addition to this document, the IAQG publishes deployment support material on the IAQG website (see http://www.iaqg.org) that can be used by audit teams, when executing the audit process.
1.2   Application
This document is intended to be used for audits of EN 9100-series standards by Certification Bodies (CBs) for certification of organizations, under the auspices of the ASD industry certification scheme [also known as the Industry Controlled Other Party (ICOP) scheme]. The ICOP scheme requirements are defined in the EN 9104-series standards (i.e. FprEN 9104-1, prEN 9104-2, EN 9104 3).
NOTE   Relevant parts of this document can also be used by an organization in support of internal audits (1st party) and external audits at suppliers (2nd party).

  • Standard
    30 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document defines the rules applicable to the audit and certification of educational organization management systems (EOMS) conforming to the requirements given in ISO 21001 (or other sets of specified EOMS requirements). It also provides the necessary information and confidence to customers about the way certification of their suppliers has been granted. Certification of EOMS is a third-party conformity assessment activity (as described in ISO/IEC 17000:2020, 4.5), and bodies performing this activity are third-party conformity assessment bodies. NOTE 1 This document can be used as a criteria document for the accreditation or peer assessment of certification bodies which seek to be recognized as being competent to certify that an EOMS conforms to ISO 21001. It is also intended to be used as a criteria document by regulatory authorities and industry consortia which engage in direct recognition of certification bodies to certify that an EOMS conforms to ISO 21001. Some of its requirements could also be useful to other parties involved in the conformity assessment of such certification bodies, and in the conformity assessment of bodies that undertake to certify the compliance of EOMS with criteria additional to, or other than, those in ISO 21001. NOTE 2 Certification of an EOMS according to ISO 21001 is a management system certification, not a product certification. NOTE 3 ISO 21001 is a standalone management system standard, not a sector application of ISO 9001.

  • Technical specification
    27 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical specification
    22 pages
    English language
    sale 15% off

This document specifies baseline requirements for demonstrating processing activities compliance with the European personal data protection normative framework in accordance with EN ISO/IEC 17065. It does not however apply to products or management systems destined for processing personal data.
This document is applicable to all organizations which, as personal data controllers and/or processors, process personal data, and its objective is to provide a set of requirements enabling such organizations to conform effectively with the European personal data protection normative framework.
An organization can decide that the standard is applicable only to a specific subset of its processing activities if such a decision does not involve failure to conform with the European personal data protection normative framework.
This document also provides indications for conformity assessment with the aforementioned requirements.

  • Standard
    25 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document gives guidance and requirements for the assessment of conformity of compounds, products, joints and assemblies in accordance with the applicable part(s) of the ISO 16486 series which are intended to be included in the manufacturer’s quality plan as part of the quality management system and for the establishment of certification procedures.
NOTE 1    A basic test matrix in Annex B provides an overview of the testing scheme.
It is recommended for the manufacturer to have a management system such as ISO 9001[4] or equivalent.
NOTE 2    If certification is involved, certification bodies and inspection bodies operating according to ISO/IEC 17065 and ISO/IEC 17020 are considered to be competent.
In conjunction with the other parts of the ISO 16486 series (see Clause 2), this document is applicable to unplasticized polyamide (PA-U) piping systems intended to be buried and used for the supply of gaseous fuels. It is applicable to PA-U pipes, fittings and valves, as well as to their joints and to joints with components of other materials intended to be used under the following conditions:
a)    a maximum operating pressure (MOP) up to and including 18 bar[1] (the MOP is limited to 16 bar for CEN member countries, where ISO 16486-6 is replaced by CEN/TS 12007-6[1]);
b)    an operating temperature of 20 °C as the reference temperature.
NOTE 3    For operating temperatures different to 20 °C, derating coefficients can be used (see ISO 16486-6). CEN member countries use CEN/TS 12007-6[1] and ISO/TS 16486-7 (this document) as a basis, but they can also request additional requirements. For non-CEN member countries, information for dealing with special cases for PA-U can be found in ISO/TS 16486-7 (this document) and PPI TR-3.[7]
For mechanical fittings conforming to ISO 17885, guidance for assessment of conformity is not given in this document. When requested, a quality plan based on the tests mentioned can be set up in agreement between user and manufacturer.
The ISO 16486 series covers a range of maximum operating pressures and gives requirements concerning colours.
NOTE 4    It is the responsibility of the purchaser or specifier to make the appropriate selections from these aspects, taking into account their particular requirements and any relevant national regulations and installation practices or codes.
[1] 1 bar = 0,1 MPa = 105 Pa; 1 MPa = 1 N/mm2.

  • Technical specification
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies the general principles of certification, including common procedures and requirements, for the certification of air quality monitoring equipment (AQME).
This document applies to the certification of AQME for ambient air quality and emissions from stationary sources for which performance criteria and test procedures are available in European Standards.
This document provides for the certification of AQME according to the requirements of EN ISO/IEC 17065:2012.
This document elaborates and supplements the requirements of EN ISO/IEC 17065:2012 for bodies certifying AQME. It specifies requirements on testing laboratories as well as the manufacturer’s quality management system (QMS) and the surveillance for the manufacturing process as part of the certification process.

  • Standard
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document gives guidance and requirements for the assessment of conformity of compounds, products, joints and assemblies in accordance with the applicable part(s) of the ISO 16486 series which are intended to be included in the manufacturer’s quality plan as part of the quality management system and for the establishment of certification procedures.
NOTE 1    A basic test matrix in Annex B provides an overview of the testing scheme.
It is recommended for the manufacturer to have a management system such as ISO 9001[4] or equivalent.
NOTE 2    If certification is involved, certification bodies and inspection bodies operating according to ISO/IEC 17065 and ISO/IEC 17020 are considered to be competent.
In conjunction with the other parts of the ISO 16486 series (see Clause 2), this document is applicable to unplasticized polyamide (PA-U) piping systems intended to be buried and used for the supply of gaseous fuels. It is applicable to PA-U pipes, fittings and valves, as well as to their joints and to joints with components of other materials intended to be used under the following conditions:
a)    a maximum operating pressure (MOP) up to and including 18 bar[1] (the MOP is limited to 16 bar for CEN member countries, where ISO 16486-6 is replaced by CEN/TS 12007-6[1]);
b)    an operating temperature of 20 °C as the reference temperature.
NOTE 3    For operating temperatures different to 20 °C, derating coefficients can be used (see ISO 16486-6). CEN member countries use CEN/TS 12007-6[1] and ISO/TS 16486-7 (this document) as a basis, but they can also request additional requirements. For non-CEN member countries, information for dealing with special cases for PA-U can be found in ISO/TS 16486-7 (this document) and PPI TR-3.[7]
For mechanical fittings conforming to ISO 17885, guidance for assessment of conformity is not given in this document. When requested, a quality plan based on the tests mentioned can be set up in agreement between user and manufacturer.
The ISO 16486 series covers a range of maximum operating pressures and gives requirements concerning colours.
NOTE 4    It is the responsibility of the purchaser or specifier to make the appropriate selections from these aspects, taking into account their particular requirements and any relevant national regulations and installation practices or codes.
[1] 1 bar = 0,1 MPa = 105 Pa; 1 MPa = 1 N/mm2.

  • Technical specification
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document gives guidance and requirements for the assessment of conformity of compounds, products, joints and assemblies in accordance with the applicable part(s) of the ISO 16486 series which are intended to be included in the manufacturer’s quality plan as part of the quality management system and for the establishment of certification procedures. NOTE 1 A basic test matrix in Annex B provides an overview of the testing scheme. It is recommended for the manufacturer to have a management system such as ISO 9001[4] or equivalent. NOTE 2 If certification is involved, certification bodies and inspection bodies operating according to ISO/IEC 17065 and ISO/IEC 17020 are considered to be competent. In conjunction with the other parts of the ISO 16486 series (see Clause 2), this document is applicable to unplasticized polyamide (PA-U) piping systems intended to be buried and used for the supply of gaseous fuels. It is applicable to PA-U pipes, fittings and valves, as well as to their joints and to joints with components of other materials intended to be used under the following conditions: a) a maximum operating pressure (MOP) up to and including 18 bar[1] (the MOP is limited to 16 bar for CEN member countries, where ISO 16486-6 is replaced by CEN/TS 12007-6[1]); b) an operating temperature of 20 °C as the reference temperature. NOTE 3 For operating temperatures different to 20 °C, derating coefficients can be used (see ISO 16486-6). CEN member countries use CEN/TS 12007-6[1] and ISO/TS 16486-7 (this document) as a basis, but they can also request additional requirements. For non-CEN member countries, information for dealing with special cases for PA-U can be found in ISO/TS 16486-7 (this document) and PPI TR-3.[7] For mechanical fittings conforming to ISO 17885, guidance for assessment of conformity is not given in this document. When requested, a quality plan based on the tests mentioned can be set up in agreement between user and manufacturer. The ISO 16486 series covers a range of maximum operating pressures and gives requirements concerning colours. NOTE 4 It is the responsibility of the purchaser or specifier to make the appropriate selections from these aspects, taking into account their particular requirements and any relevant national regulations and installation practices or codes. [1] 1 bar = 0,1 MPa = 105 Pa; 1 MPa = 1 N/mm2.

  • Technical specification
    33 pages
    English language
    sale 15% off

This document specifies general requirements for the competence and impartiality of proficiency
testing (PT) providers and consistent operation of all proficiency testing schemes. This document can
be used as a basis for specific technical requirements for particular fields of application.
Users of proficiency testing schemes, regulatory authorities, organizations and schemes using peer-
assessment, accreditation bodies and others can use these requirements in confirming or recognizing
the competence of proficiency testing providers.

  • Standard
    47 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    47 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies general requirements for the competence and impartiality of proficiency
testing (PT) providers and consistent operation of all proficiency testing schemes. This document can
be used as a basis for specific technical requirements for particular fields of application.
Users of proficiency testing schemes, regulatory authorities, organizations and schemes using peer-
assessment, accreditation bodies and others can use these requirements in confirming or recognizing
the competence of proficiency testing providers.

  • Standard
    47 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    47 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies general requirements for the competence and impartiality of proficiency testing (PT) providers and consistent operation of all proficiency testing schemes. This document can be used as a basis for specific technical requirements for particular fields of application. Users of proficiency testing schemes, regulatory authorities, organizations and schemes using peer-assessment, accreditation bodies and others can use these requirements in confirming or recognizing the competence of proficiency testing providers.

  • Standard
    36 pages
    English language
    sale 15% off
  • Standard
    41 pages
    French language
    sale 15% off

This document, the audit data collection standard (ADCS), defines the functional requirements for exchanging audit data in flat file format. This document concerns the specification of technical exchange formats in extensible markup language (XML), JavaScript object notation (JSON) and comma-separated values (CSV) as output file formats for the functional content defined in ISO 21378. This document also contains the following schemas and sample files for tables in ISO 21378. — XML schema; — XML sample file; — JSON schema; — JSON sample file. To keep the three exchange formats (XML, JSON and CSV) consistent, this document also specifies how to use the technical solution in the CSV format.

  • Technical specification
    43 pages
    English language
    sale 15% off

This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006 and ISO/IEC 27701. It is primarily intended to support the accreditation of certification bodies providing PIMS certification.
The requirements contained in this document need to be demonstrated in terms of competence and reliability by anybody providing PIMS certification, and the guidance contained in this document provides additional interpretation of these requirements for any body providing PIMS certification.
NOTE     This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies requirements for the management of farmed Angora rabbits in accordance
with animal welfare principles.
This document applies to the management and control of critical activities in Angora rabbit farming,
including accommodation, reproduction, feed and nutrients, health, fibre collection, ethical claims and
supporting information.

  • Standard
    28 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006 and ISO/IEC 27701. It is primarily intended to support the accreditation of certification bodies providing PIMS certification.
The requirements contained in this document need to be demonstrated in terms of competence and reliability by anybody providing PIMS certification, and the guidance contained in this document provides additional interpretation of these requirements for any body providing PIMS certification.
NOTE     This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies requirements for the management of farmed Angora rabbits in accordance with animal welfare principles.
This document applies to the management and control of critical activities in Angora rabbit farming, including accommodation, reproduction, feed and nutrients, health, fibre collection, ethical claims and supporting information.

  • Standard
    28 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies requirements for the management of farmed Angora rabbits in accordance with animal welfare principles. This document applies to the management and control of critical activities in Angora rabbit farming, including accommodation, reproduction, feed and nutrients, health, fibre collection, ethical claims and supporting information.

  • Standard
    19 pages
    English language
    sale 15% off
  • Standard
    20 pages
    French language
    sale 15% off

This document provides a framework that organisations can follow, and that can be used as the structure for market or sector specific schemes. It is intended to be a process certification.
The goal of this document is to have comparable attestations or certifications worldwide.

  • Standard
    22 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    16 pages
    English language
    sale 15% off

ISO/IEC 27007 provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011:2011.
ISO/IEC 27007 is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.

  • Standard
    48 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document is supplemental to ISO/IEC 17065. It specifies the rules applicable for the audit of a food safety system (FSS) and certification of products, processes and services complying with requirements of a certification scheme that is based on the internationally accepted principles of food safety (e.g. CODEX General Principles of Food Hygiene[8]) and includes management system elements. This document does not apply to certifications that are solely based on product testing (e.g. performed by an organization applying ISO/IEC 17025) or inspection (e.g. performed by an organization applying ISO/IEC 17020) and does not apply to ISO/IEC 17065-based food safety schemes that do not include both internationally accepted principles of food safety and management system elements. It also provides the necessary information and confidence to customers about the way certification of their suppliers has been granted. Certification of FSS is a third-party conformity assessment activity (as described in ISO/IEC 17000:2020, 4.3) and bodies performing this activity are third-party conformity assessment bodies. NOTE This document can be used as a criteria document for the accreditation or peer assessment of certification bodies which seek to be recognized as being competent to certify that an organization’s products, processes and services and its FSS comply with the requirements of a certification scheme. It is also intended to be used as a criteria document by regulatory authorities and industry consortia which engage in direct recognition of certification bodies to certify that an organization’s FSS complies with a certification scheme’s requirements. Some of its requirements can also be useful to other parties involved in the conformity assessment of such certification bodies, and in the conformity assessment of bodies that undertake to certify the compliance of an FSS with additional criteria. FSS certification does not attest to the safety or fitness of the products of an organization within the food chain. However, certification requires an organization to meet all applicable food-safety-related statutory and regulatory requirements through its FSS.

  • Standard
    32 pages
    English language
    sale 15% off
  • Standard
    34 pages
    French language
    sale 15% off

This document specifies the requirements for the audit and certification of a food safety management system (FSMS) complying with the requirements given in ISO 22000 (or other specified FSMS requirements). It also provides the necessary information and confidence to customers about the way certification of their suppliers has been granted. Certification of FSMS is a third-party conformity assessment activity (as described in ISO/IEC 17000:2020, 4.3), and bodies performing this activity are third-party conformity assessment bodies. NOTE 1 In this document, the terms “product” and “service” are used separately (in contrast with the definition of “product” given in ISO/IEC 17000). NOTE 2 This document can be used as a criteria document for the accreditation or peer assessment of certification bodies which seek to be recognized as being competent to certify that an FSMS complies with ISO 22000 or other sets of specified FSMS requirements. It is also intended to be used as a criteria document by regulatory authorities and industry consortia which engage in direct recognition of certification bodies to certify that an FSMS complies with ISO 22000. Some of its requirements can also be useful to other parties involved in the conformity assessment of such certification bodies, and in the conformity assessment of bodies that undertake to certify the compliance of FSMS with criteria additional to, or other than, those in ISO 22000. FSMS certification does not attest to the safety or fitness of the products of an organization within the food chain. However, an FSMS requires an organization to meet all applicable food-safety-related statutory and regulatory requirements through its management system. NOTE 3 Certification of an FSMS according to ISO 22000 is a management system certification, not a product certification. Other FSMS users can use the concepts and requirements of this document provided that the requirements are adapted as necessary.

  • Standard
    26 pages
    English language
    sale 15% off
  • Standard
    28 pages
    French language
    sale 15% off

This document recommends good practices for all elements of conformity assessment, including objects of conformity assessment, specified requirements, activities, bodies, systems, schemes and results. It is intended for use by individuals and bodies that wish to provide, promote or use impartial and reliable conformity assessment services. Providers of conformity assessment can include conformity assessment bodies, accreditation bodies, peer-assessment agreement groups, and organizations providing declarations of conformity. Individuals or organizations that promote or use conformity assessment can include, as appropriate, regulators, trade officials, and owners of conformity assessment systems and schemes.

  • Standard
    7 pages
    English language
    sale 15% off

In addition to the guidelines in ISO 19011, this document provides guidelines to organizations that contribute to the achievement of road vehicle cybersecurity throughout the supply chain on: — managing an audit programme for a cybersecurity management system (CSMS); — conducting organizational CSMS audits; — competencies of CSMS auditors; and — providing evidence during CSMS audits. Elements of the CSMS are based on the processes described in ISO/SAE 21434. This document is applicable to those needing to understand or conduct internal or external audits of a CSMS or to manage a CSMS audit programme. This document does not provide guidelines on cybersecurity assessments.

  • Technical specification
    21 pages
    English language
    sale 15% off

This document provides general requirements for third-party marks of conformity, including their
issue and use.
This document is applicable to third-party marks of conformity issued and used in different forms and
various media, including digital representation employing electronically stored and displayed marks,
machine readable code, blockchain (distributed ledger) or other electronic means.
NOTE 1 This document can also be used as guidance in using marks of conformity in activities other than
third-party conformity assessment.
NOTE 2 Third-party marks of conformity in accordance with this document also include symbols of
recognition, such as accreditation symbols. For consistency of terminology, they are referred to as accreditation
marks.
NOTE 3 Third-party marks of conformity in accordance with this document can include logos (e.g. the sign of
a conformity assessment body or trademarks), symbols (e.g. the representation of recognition in an accreditation
agreement or the depiction of the applicable programme) or a combination thereof.
NOTE 4 Third-party marks of conformity as a graphic representation of demonstrated conformity in
accordance with this document can be a combination of multiple marks (e.g. indications of compliance with
several sets of specifications, codes for individually fulfilled specifications).
NOTE 5 This document does not apply to markings that provide indication of a designation, a code, or a
classification only. Furthermore, it does not apply to graphic representations (e.g. of conformity assessment
systems or schemes/programmes) or logos (e.g. of an association of accreditation bodies or an association of
conformity assessment bodies).
NOTE 6 Third-party marks of conformity are based on a conformity assessment scheme that includes the
function of surveillance.

  • Standard
    15 pages
    English language
    sale 10% off
    e-Library read for
    1 day

ISO/IEC 27007 provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011:2011.
ISO/IEC 27007 is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.

  • Standard
    48 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies the requirements for competence to carry out reference measurement procedures in laboratory medicine, using the requirements of ISO/IEC 17025:2017 as a normative reference and listing additional requirements for calibration laboratories to perform their tasks adequately.
The relationship between clauses in this document and ISO/IEC 17025:2017 are summarized in Annex A.
Examinations of properties with results reported on a nominal or ordinal scale are not included.
This document is not applicable to medical laboratories.
NOTE       Requirements for medical laboratories are specified in ISO 15189[1].

  • Standard
    16 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies the International Standards, including clauses and subclauses, with which
conformity to the quality requirements of ISO 3834-2, ISO 3834-3 or ISO 3834-4 can be claimed.
NOTE For brazing, see ISO 22688.

  • Standard
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies the competence requirements for personnel involved in the audit and certification process for management systems for records (MSR). It complements the existing requirements of ISO/IEC 17021-1. NOTE This document is applicable for auditing and certification of MSR based on ISO 30301. It can also be used for other MSR applications.

  • Technical specification
    6 pages
    English language
    sale 15% off

This document specifies principles and requirements for bodies performing validation and verification
of environmental information statements.
Any programme requirements related to bodies are additional to the requirements of this document.
This document is a sector application of ISO/IEC 17029:2019, which contains general principles
and requirements for the competence, consistent operation and impartiality of bodies performing
validation/verification as conformity assessment activities.
This document includes sector-specific requirements in addition to the requirements of
ISO/IEC 17029:2019.

  • Standard
    40 pages
    English language
    sale 10% off
    e-Library read for
    1 day

This document specifies the competence requirements for personnel involved in the audit and certification process for compliance management systems (CMS). It complements the existing requirements of ISO/IEC 17021‑1.

  • Technical specification
    5 pages
    English language
    sale 15% off
  • Technical specification
    5 pages
    English language
    sale 15% off
  • Technical specification
    5 pages
    French language
    sale 15% off
  • Technical specification
    5 pages
    French language
    sale 15% off
  • Technical specification
    5 pages
    Spanish language
    sale 15% off

This document provides general requirements for third-party marks of conformity, including their
issue and use.
This document is applicable to third-party marks of conformity issued and used in different forms and
various media, including digital representation employing electronically stored and displayed marks,
machine readable code, blockchain (distributed ledger) or other electronic means.
NOTE 1 This document can also be used as guidance in using marks of conformity in activities other than
third-party conformity assessment.
NOTE 2 Third-party marks of conformity in accordance with this document also include symbols of
recognition, such as accreditation symbols. For consistency of terminology, they are referred to as accreditation
marks.
NOTE 3 Third-party marks of conformity in accordance with this document can include logos (e.g. the sign of
a conformity assessment body or trademarks), symbols (e.g. the representation of recognition in an accreditation
agreement or the depiction of the applicable programme) or a combination thereof.
NOTE 4 Third-party marks of conformity as a graphic representation of demonstrated conformity in
accordance with this document can be a combination of multiple marks (e.g. indications of compliance with
several sets of specifications, codes for individually fulfilled specifications).
NOTE 5 This document does not apply to markings that provide indication of a designation, a code, or a
classification only. Furthermore, it does not apply to graphic representations (e.g. of conformity assessment
systems or schemes/programmes) or logos (e.g. of an association of accreditation bodies or an association of
conformity assessment bodies).
NOTE 6 Third-party marks of conformity are based on a conformity assessment scheme that includes the
function of surveillance.

  • Standard
    15 pages
    English language
    sale 10% off
    e-Library read for
    1 day