prEN ISO/IEC 17021-2

SLOVENSKI STANDARD
01-november-2009
Ugotavljanje skladnosti - Zahteve za organe, ki presojajo in certificirajo sisteme
vodenja, in zahteve za tretje stranke, ki presojajo certificiranje sistemov vodenja -
2. del: Zahteve za tretje stranke, ki presojajo certificiranje sistemov vodenja
(ISO/IEC/DIS 17021-2:2009)
Conformity assessment - Requirements for bodies providing audit and certification of
management systems and requirements for third-party certification auditing of
management systems - Part 2: Requirements for third party certification auditing of
management systems (ISO/IEC/DIS 17021-2:2009)
Konformitätsbewertung - Teil 2: Anforderungen an Drittparteien - Zertifizierungsaudits
von Managementsystemen (ISO/IEC/DIS 17021-2:2009)
Évaluation de la conformité - Exigences pour les organismes procédant à l'audit et à la
certification des systèmes de management et exigences pour l'audit de certification par
une tierce partie de systèmes de management - Partie 2: Exigences pour l'audit de
certification par une tierce partie de systèmes de management (ISO/IEC/DIS 17021-
2:2009)
Ta slovenski standard je istoveten z: prEN ISO/IEC 17021-2
ICS:
03.120.20 Certificiranje proizvodov in Product and company
podjetij. Ugotavljanje certification. Conformity
skladnosti assessment
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD
DRAFT
NORME EUROPÉENNE
EUROPÄISCHE NORM
September 2009
ICS 03.120.20
English version
Conformity assessment - Requirements for bodies providing
audit and certification of management systems and
requirements for third-party certification auditing of management
systems - Part 2: Requirements for third party certification
auditing of management systems (ISO/IEC/DIS 17021-2:2009)
Évaluation de la conformité - Exigences pour les Konformitätsbewertung - Teil 2: Anforderungen an
organismes procédant à l'audit et à la certification des Drittparteien - Zertifizierungsaudits von
systèmes de management et exigences pour l'audit de Managementsystemen (ISO/IEC/DIS 17021-2:2009)
certification par une tierce partie de systèmes de
management - Partie 2: Exigences pour l'audit de
certification par une tierce partie de systèmes de
management (ISO/IEC/DIS 17021-2:2009)
This draft European Standard is submitted to CEN members for parallel enquiry. It has been drawn up by the Technical Committee
CEN/CLC/TC 1.
If this draft becomes a European Standard, CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal
Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

This draft European Standard was established by CEN and CENELEC in three official versions (English, French, German). A version in any
other language made by translation under the responsibility of a CEN and or CENELEC member into its own language and notified to the
CEN Management Centre has the same status as the official versions.

CEN and CENELEC members are the national standards bodies and national electrotechnical committees, respectively, of Austria,
Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and
United Kingdom.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to
provide supporting documentation.

Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without notice and
shall not be referred to as a European Standard.

CEN Management Centre: CENELEC Central Secretariat:
Avenue Marnix 17, B-1000 Brussels Avenue Marnix 17, B-1000 Brussels
© 2009 CEN/CENELEC All rights of exploitation in any form and by any means reserved Ref. No. prEN ISO/IEC 17021-2:2009 E
worldwide for CEN national Members and for CENELEC
Members.
Contents Page
Foreword .3

Foreword
This document (prEN ISO/IEC 17021-2:2009) has been prepared by Technical Committee ISO/CASCO
"Committee on conformity assessment" in collaboration with Technical Committee CEN/CLC/TC 1 “Criteria for
conformity assessment bodies” the secretariat of which is held by BSI.
This document is currently submitted to the parallel Enquiry.
Endorsement notice
The text of ISO/IEC/DIS 17021-2:2009 has been approved by CEN as a prEN ISO/IEC 17021-2:2009 without
any modification.
DRAFT INTERNATIONAL STANDARD ISO/IEC 17021-2
CASCO Secretariat: ISO/CS
Voting begins on Voting terminates on
2009-09-17 2010-02-17
INTERNATIONAL ORGANIZATION FOR STANDARDIZATION • МЕЖДУНАРОДНАЯ ОРГАНИЗАЦИЯ ПО СТАНДАРТИЗАЦИИ • ORGANISATION INTERNATIONALE DE NORMALISATION
INTERNATIONAL ELECTROTECHNICAL COMMISSION  • МЕЖДУНАРОДНАЯ ЭЛЕКТРОТЕХНИЧЕСКАЯ КОММИСИЯ  • COMMISSION ÉLECTROTECHNIQUE INTERNATIONALE

Conformity assessment — Requirements for bodies providing
audit and certification of management systems and requirements
for third-party certification auditing of management systems —
Part 2:
Requirements for third party certification auditing of management
systems
Evaluation de la conformité — Exigences pour les organismes procédant à l'audit et à la certification des systèmes
de management et exigences pour l'audit de certification par une tierce partie de systèmes de management —
Partie 2: Exigences pour l'audit de certification par tierce partie de systèmes de management
ICS 03.120.20
ISO/CEN PARALLEL PROCESSING
This draft has been developed within the International Organization for Standardization (ISO), and
processed under the ISO-lead mode of collaboration as defined in the Vienna Agreement.
This draft is hereby submitted to the ISO member bodies and to the CEN member bodies for a parallel
five-month enquiry.
Should this draft be accepted, a final draft, established on the basis of comments received, will be
submitted to a parallel two-month approval vote in ISO and formal vote in CEN.

This draft is submitted to a parallel enquiry in ISO and a CDV vote in the IEC.

In accordance with the provisions of Council Resolution 15/1993 this document is circulated
in the English language only.
Conformément aux dispositions de la Résolution du Conseil 15/1993, ce document est
distribué en version anglaise seulement.

To expedite distribution, this document is circulated as received from the committee
secretariat. ISO Central Secretariat work of editing and text composition will be undertaken at
publication stage.
Pour accélérer la distribution, le présent document est distribué tel qu'il est parvenu du
secrétariat du comité. Le travail de rédaction et de composition de texte sera effectué au
Secrétariat central de l'ISO au stade de publication.

THIS DOCUMENT IS A DRAFT CIRCULATED FOR COMMENT AND APPROVAL. IT IS THEREFORE SUBJECT TO CHANGE AND MAY NOT BE REFERRED TO
AS AN INTERNATIONAL STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS BEING ACCEPTABLE FOR INDUSTRIAL, TECHNOLOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL TO BECOME STANDARDS TO WHICH
REFERENCE MAY BE MADE IN NATIONAL REGULATIONS.
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT, WITH THEIR COMMENTS, NOTIFICATION OF ANY RELEVANT PATENT RIGHTS OF WHICH THEY
ARE AWARE AND TO PROVIDE SUPPORTING DOCUMENTATION.
© International Organization for Standardization, 2009

ISO/IEC DIS 17021-2
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not
be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading
this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in
this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the
unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.

Copyright notice
This ISO document is a Draft International Standard and is copyright-protected by ISO. Except as permitted
under the applicable laws of the user’s country, neither this ISO draft nor any extract from it may be reproduced,
stored in a retrieval system or transmitted in any form or by any means, electronic, photocopying, recording or
otherwise, without prior written permission being secured.
Requests for permission to reproduce should be addressed to either ISO at the address below or ISO’s member
body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Reproduction may be subject to royalty payments or a licensing agreement.
Violators may be prosecuted.
ii © ISO 2009 – All rights reserved

ISO/IEC DIS 17021-2
Contents Page
Foreword .vi
Introduction.vii
1 Scope.1
2 Normative references.1
3 Terms and definitions .2
4 Principles .3
4.1 General .3
4.2 Impartiality .4
4.3 Competence .4
4.4 Responsibility.4
4.5 Openness .4
4.6 Confidentiality.5
4.7 Responsiveness to complaints.5
5 General requirements .5
5.1 Legal and contractual matters .5
5.1.1 Legal responsibility.5
5.1.2 Certification agreement .5
5.1.3 Responsibility for certification decisions.5
5.2 Management of impartiality.5
5.3 Liability and financing.7
6 Structural requirements.7
6.1 Organizational structure and top management .7
6.2 Committee for safeguarding impartiality .7
7 Resource requirements .8
7.1 Competence of management and personnel .8
7.1.1 General considerations.8
7.1.2 Determination of competence criteria.8
7.1.3 Evaluation processes.9
7.1.4 Other considerations .9
7.2 Personnel involved in the certification activities.9
7.3 Use of individual external auditors and external technical experts.10
7.4 Personnel records.10
7.5 Outsourcing .11
8 Information requirements.11
8.1 Publicly accessible information.11
8.2 Certification documents .12
8.3 Directory of certified clients.12
8.4 Reference to certification and use of marks.12
8.5 Confidentiality.13
8.6 Information exchange between a certification body and its clients .14
8.6.1 Information on the certification activity and requirements.14
8.6.2 Notice of changes by a certification body .14
8.6.3 Notice of changes by a client.14
9 Process requirements.15
9.1 General requirements .15
9.1.1 Audit programme.15
9.1.2 Audit plan .15
© ISO/IEC 2009 – All rights reserved iii

ISO/IEC DIS 17021-2
9.1.3 Audit team selection and assignments . 16
9.1.4 Determining audit time. 17
9.1.5 Multi-site sampling . 17
9.1.6 Communication of audit team tasks. 17
9.1.7 Communication concerning audit team members. 18
9.1.8 Communication of audit plan . 18
9.1.9 Conducting on-site audits . 18
9.1.10 Audit report . 21
9.1.11 Cause analysis of nonconformities . 22
9.1.12 Effectiveness of corrections and corrective actions . 22
9.1.13 Additional audits. 22
9.1.14 Certification decision . 22
9.1.15 Actions prior to making a decision. 22
9.2 Initial audit and certification. 22
9.2.1 Application . 22
9.2.2 Application review . 23
9.2.3 Initial certification audit . 24
9.2.4 Initial certification audit conclusions . 25
9.2.5 Information for granting initial certification. 25
9.3 Surveillance activities . 25
9.3.1 General. 25
9.3.2 Surveillance audit . 26
9.3.3 Maintaining certification . 26
9.4 Recertification. 26
9.4.1 Recertification audit planning . 26
9.4.2 Recertification audit . 27
9.4.3 Information for granting recertification. 27
9.5 Special audits. 27
9.5.1 Extensions to scope. 27
9.5.2 Short-notice audits . 27
9.6 Suspending, withdrawing or reducing the scope of certification . 27
9.7 Appeals . 28
9.8 Complaints . 28
9.9 Records of applicants and clients . 29
10 Management system requirements for certification bodies . 30
10.1 Options . 30
10.2 Option 1: Management system requirements in accordance with ISO 9001. 30
10.2.1 General. 30
10.2.2 Scope . 30
10.2.3 Customer focus. 30
10.2.4 Management review. 30
10.2.5 Design and development . 31
10.3 Option 2: General management system requirements. 31
10.3.1 General. 31
10.3.2 Management system manual. 31
10.3.3 Control of documents . 31
10.3.4 Control of records. 32
10.3.5 Management review. 32
10.3.6 Internal audits . 32
10.3.7 Corrective actions. 33
10.3.8 Preventive actions . 33
Annex A (normative). Table of minimum body of knowledge and skills. 34
Annex B (informative)   One example of determining competence criteria for a management
systems certification body . 35
B.1 Competence criteria determination process . 35
B.2 Proficiency levels of knowledge . 35
B.3 Competence requirements for specific functions. 36
Annex C (informative) Possible evaluation methods . 38
iv © ISO/IEC 2009 – All rights reserved

ISO/IEC DIS 17021-2
C.1 General .38
C.2 Review of records.38
C.3 Feedback .38
C.4 Interviews .39
C.5 Observations.39
C.6 Examinations .39
Annex D (informative) Examples of evaluating competence of certification personnel .40
D.1 General .40
D.2 Competence evaluation process .41
Annex E (informative) Desired personal behaviours .45
Annex F (informative) Third-party audit and certification process.46
Annex G (informative) Additional items for consideration: audit programme, scope or plan.48
G.1 General .48
G.2 List of items for consideration.48
Bibliography.50

© ISO/IEC 2009 – All rights reserved v

ISO/IEC DIS 17021-2
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of conformity
assessment, the ISO Committee on conformity assessment (CASCO) is responsible for the development of
International Standards and Guides.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
Draft International Standards are circulated to the member bodies for voting. Publication as an International
Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO/IEC 17021-2 was prepared by the ISO Committee on conformity assessment (CASCO).
It was circulated for voting to the member bodies of both ISO and IEC, and was approved by both
organizations.
ISO/IEC 17021 consists of the following parts, under the general title Conformity assessment —
Requirements for bodies providing audit and certification of management systems and requirements for third-
party certification auditing of management systems:
⎯ Part 1: Requirements for bodies providing audit and certification of management systems
⎯ Part 2: Requirements for third-party certification auditing of management systems
The text in italics is original ISO/IEC 17021:2006 text. The text in normal blue font is 17021-2 text.
In this International Standard, the word "shall" indicates a requirement and the word "should" a
recommendation.
vi © ISO/IEC 2009 – All rights reserved

ISO/IEC DIS 17021-2
Introduction
Certification of a management system, such as a quality or environmental management system of an
organization, is one means of providing assurance that the organization has implemented a system for the
management of the relevant aspects of its activities, in line with its policy.
This International Standard specifies requirements for certification bodies. Observance of these requirements
is intended to ensure that certification bodies operate management system certification in a competent,
consistent and impartial manner, thereby facilitating the recognition of such bodies and the acceptance of their
certifications on a national and international basis. This International Standard serves as a foundation for
facilitating the recognition of management system certification in the interests of international trade.
Certification of a management system provides independent demonstration that the management system of
the organization
a) conforms to specified requirements,
b) is capable of consistently achieving its stated policy and objectives, and
c) is effectively implemented.
Conformity assessment such as certification of a management system thereby provides value to the
organization, its customers and interested parties.
In this International Standard, Clause 4 describes the principles on which credible certification is based. These
principles help the reader to understand the essential nature of certification and they are a necessary prelude
to Clauses 5 to 10. These principles underpin all the requirements in this International Standard, but such
principles are not auditable requirements in their own right. Clause 10 describes two alternative ways of
supporting and demonstrating the consistent achievement of the requirements in this International Standard
through the establishment of a management system by the certification body.
This International Standard is intended for use by bodies that carry out audit and certification of management
systems. It gives generic requirements for such certification bodies performing audit and certification in the
field of quality, environmental and other forms of management systems. Such bodies are referred to as
certification bodies. This wording should not be an obstacle to the use of this International Standard by bodies
with other designations that undertake activities covered by the scope of this document.
Certification activities involve the audit of an organization's management system. The form of attestation of
conformity of an organization's management system to a specific management system standard or other
normative requirements is normally a certification document or a certificate.
The publication of this International Standard includes the text of ISO/IEC 17021:2006, including amendments
to delete relevant references to ISO 19011, with new text adding specific requirements for third-party auditing
and the management of competence. This International Standard will be designated as ISO/IEC 17021 Part 2
(ISO/IEC 17021-2).
Specific market needs have already been identified, resulting from a lack of specific and recognized
requirements for third-party auditors of management systems, such as quality management systems,
environmental management systems or food safety management systems. ISO 19011:2002 provides only
non-mandatory guidance on auditor competence. The lack of requirements for auditor competence and the
way in which these auditors are managed and deployed has been identified by key stakeholders, including
industry stakeholder groups, as being a drawback.
ISO/IEC 17021-2 provides a set of requirements for management systems auditing at a generic level aimed at
providing a reliable determination of conformity to the applicable requirements for certification, conducted by a
© ISO/IEC 2009 – All rights reserved vii

ISO/IEC DIS 17021-2
competent audit team, with adequate resources and following a consistent process, with the results reported
in a consistent manner.
This International Standard will be used as the basis for recognizing the competence of third-party auditing
and certification of management systems and as a criteria document for accreditation. It can also be used for
peer assessment or other audit processes.
ISO/IEC 17021-2 is a horizontal standard that is applicable to the auditing and certification of any type of
management system. It is recognized that some of the requirements, and in particular those related to auditor
competence, can be supplemented with additional criteria in order to achieve the expectations of the
interested parties.
ISO has recognized these needs and has established a process for technical experts from CASCO to liaise
with specific Technical Committees to provide for the participation of subject matter experts for the technology
(from the Technical Committee) as well as conformity assessment (from CASCO) in order to ensure
technically appropriate consistency. It is expected that such supplementary documents will reference all the
requirements in ISO/IEC17021-2 and only add to these requirements, as needed.
viii © ISO/IEC 2009 – All rights reserved

DRAFT INTERNATIONAL STANDARD ISO/IEC DIS 17021-2

Conformity assessment — Requirements for bodies providing
audit and certification of management systems and requirements
for third-party certification auditing of management systems —
Part 2:
Requirements for third party certification auditing of management
systems
1 Scope
This International Standard contains principles and requirements for the competence, consistency and
impartiality of the audit and certification of management systems of all types (e.g. quality management
systems or environmental management systems) and for bodies providing these activities. Certification bodies
operating to this International Standard need not offer all types of management system certification.
Certification of management systems (named in this International Standard “certification”) is a third-party
conformity assessment activity (see ISO/IEC 17000:2004, 5.5). Bodies performing this activity are therefore
third-party conformity assessment bodies (named in this International Standard “certification body/bodies”).
NOTE 1 Certification of a management system is sometimes also called “registration”, and certification bodies are
sometimes called “registrars”.
NOTE 2 A certification body can be non-governmental or governmental (with or without regulatory authority).
NOTE 3 This International Standard can be used as a criteria document for accreditation or peer assessment or other
audit processes.
This International Standard supplements the existing requirements of ISO/IEC 17021:2006 and provides
additional requirements with respect to the audit process and the management of competence. This
International Standard provides a framework for the development of specific criteria for third-party certification
auditing and management of competence for different types of management systems or sector applications.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
ISO 9000:2005, Quality management systems — Fundamentals and vocabulary
1)
ISO 19011:2002, Guidelines for quality and/or environmental management systems auditing
ISO/IEC 17000:2004, Conformity assessment — Vocabulary and general principles

1) References in this document to the relevant guidance in ISO 19011 apply to the auditing of all other types of
management systems.
© ISO/IEC 2009 – All rights reserved 1

ISO/IEC DIS 17021-2
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 9000, ISO/IEC 17000 and the
following apply.
3.1
certified client
organization whose management system has been certified
3.2
impartiality
actual and perceived presence of objectivity
NOTE 1 Objectivity means that conflicts of interest do not exist or are resolved so as not to adversely influence
subsequent activities of the certification body.
NOTE 2 Other terms that are useful in conveying the element of impartiality are: objectivity, independence, freedom
from conflict of interests, freedom from bias, lack of prejudice, neutrality, fairness, open-mindedness, even-handedness,
detachment, balance.
3.3
management system consultancy
participation in designing, implementing or maintaining a management system
EXAMPLES are
a) preparing or producing manuals or procedures, and
b) giving specific advice, instructions or solutions towards the development and implementation of a
management system.
NOTE Arranging training and participating as a trainer is not considered consultancy, provided that, where the course
relates to management systems or auditing, it is confined to the provision of generic information that is freely available in
the public domain; i.e. the trainer should not provide company-specific solutions.
3.4
third-party certification audit
systematic and documented process carried out by an external, independent auditing organization for the
purpose of certifying the client's management system
NOTE 1 In the definitions which follow, the term ‘audit’ has been used for simplicity to refer to third-party certification
audit.
NOTE 2 Third-party certification audits include initial, surveillance, re-certification audits, and can also include special
audits.
NOTE 3 Third-party certification audits are typically conducted by audit teams of those bodies providing certification of
conformity to the requirements of management system standards.
NOTE 4 When two or more auditing organizations cooperate to audit a single client, this is termed a joint audit.
NOTE 5 When a client is being audited against the requirements of two or more management systems standards
together then this is termed a combined audit.
NOTE 6 When a client has integrated the application of requirements of two or more management systems standards
into a single management system and is being audited against more than one standard, then this is termed an integrated
audit.
3.5
client
organization being audited for certification purposes
2 © ISO/IEC 2009 – All rights reserved

ISO/IEC DIS 17021-2
3.6
auditor
person who conducts an audit
3.7
competence
demonstrated ability to apply knowledge and skills to achieve intended results
3.8
guide
person appointed by the client to assist the audit team
3.9
observer
person who accompanies the audit team but does not audit
3.10
technical area
area characterized by commonalities of processes relevant to a specific type of management system
4 Principles
4.1  General
4.1.1 These principles are the basis for the subsequent specific performance and descriptive requirements
in this International Standard. This International Standard does not give specific requirements for all situations
that can occur. These principles should be applied as guidance for the decisions that may need to be made
for unanticipated situations. Principles are not requirements.
4.1.2 The overall aim of certification is to give confidence to all parties that a management system fulfils
specified requirements. The value of certification is the degree of public confidence and trust that is
established by an impartial and competent assessment by a third-party. Parties that have an interest in
certification include, but are not limited to
a) the clients of the certification bodies,
b) the customers of the organizations whose management systems are certified,
c) governmental authorities,
d) non-governmental organizations, and
e) consumers and other members of the public.
4.1.3 Principles for inspiring confidence include
⎯ impartiality,
⎯ competence,
⎯ responsibility,
⎯ openness,
⎯ confidentiality, and
⎯ responsiveness to complaints.
© ISO/IEC 2009 – All rights reserved 3

ISO/IEC DIS 17021-2
4.2 Impartiality
4.2.1 Being impartial, and being perceived to be impartial, is necessary for a certification body to deliver
certification that provides confidence.
4.2.2 It is recognized that the source of revenue for a certification body is its client paying for certification,
and that this is a potential threat to impartiality.
4.2.3 To obtain and maintain confidence, it is essential that a certification body's decisions be based on
objective evidence of conformity (or nonconformity) obtained by the certification body, and that its decisions
are not influenced by other interests or by other parties.
4.2.4 Threats to impartiality include the following.
a) Self-interest threats: threats that arise from a person or body acting in their own interest. A concern
related to certification, as a threat to impartiality, is financial self-interest.
b) Self-review threats: threats that arise from a person or body reviewing the work done by themselves.
Auditing the management systems of a client to whom the certification body provided management
systems consultancy would be a self-review threat.
c) Familiarity (or trust) threats: threats that arise from a person or body being to
...