General Section(Please Include This Section in All Application Forms)

Form F-4
Application form for a certification proposal
Select type of management system(s)certification audit: / ISO9001 - QMS (Please fill appendix Ain addition to the general section)
ISO14001 - EMS (Please fillappendix B in addition to the general section)
ISO20000 – ITSMS (Please fill appendix Cin addition to the general section)
ISO22301 – BCMS (Please fill appendix D in addition to the general section)
ISO27001 – ISMS (Please fill appendix E in addition to the general section)
OHSAS 18001 – OHSMS (Please fill appendix F in addition to the general section)
ISO 50001 – EnMS (Please fill appendix G in addition to the general section)
ISO 27017 – Cloud Security - (Please fill appendix E in addition to the general section)
ISO 27018 – Privacy - (Please fill appendix E in addition to the general section)

General Section(Please include this section in all application forms)

Name of Organisation: / Please enter the name of the organization here
Postal Address: / Please enter the postal address of the organization here
Visiting Address: / Please enter the visiting address of the organization here (if different from the postal address).
General Phone number:
Fax number: / Please enter the general phone number of the organization here
Please enter the fax number of the organization here
Contact person: / Please enter the name and designation of the contact person here
Date of Birth: / Please enter the date of birth of the contact person here
Phone number: / Please enter the phone number of the contact person here.
Salutation reports and invoices:
(for instance name director) / Please enter salutation reports and invoices here (for instance name director)
Short description of the organisation: / Please provide a short description of the Organization here
Organisation name / Current financial auditor / Registered on stock exchange
What is the legal position of the organisation?
(Is there a (foreign) holding company? Are either your organisation and/or the holding company registered on a stock exchange? And who is the financial auditor for the organisation): / organisation name / No/Yeson <stock exchange name>
holding name (if applicable) / No/Yeson <stock exchange name>
What is the year of establishment of the organisation? / Please enter the year the organization was established here.
Does your organization already possess other types of Management system(s) certifications? / Yes/No.
If yes, please state the certification here (e.g ISO9001/ISO27001/ISO14001/ISO20000/OHSAS18001).
Are there regulatory requirements within the scope of the certification? / No/Yes, namely:
Yes/No. If yes, please mention the requirements. A regulatory requirement might be any legal or statutory laws and compliance that the organization has to comply with for its day-to-day functioning. E.g. FISMA, UK Data Privacy act etc.
Provide all information concerning all outsourced processes used that will possibly affect conformity to your defined management system(s) / Please list down all the outsourced processes that directly or indirectly interact with the organization’s management system(s).
Is it the expectation of the organisation that the goal of this assignment will be reached, special circumstances taken into account? / Please fill your answer here.
Which data are considered confidential or sensitive to such an extent that these will not be made available to the certification
audit team during the assessments? Is it possible to make specific arrangement with regard of accessing this information? / Please list any confidential or critical information that would fall within the scope of the management system(s)and that cannot be shared with the auditors. Please also describe what additional arrangements can be made for granting the auditors access to the organization’s or its client’s confidential information.
Provide all information concerning the use of consultancy used by your organisation related to the implementation of the management system(s) / Please mention the internal team name or name of the external organization that offered a consultancy to your organization and helped with the implementation of the management system(s), as applicable.
Have prior (third party) audits been performed in this regard? / Yes/No
Do you prefer a trial assessment prior to the formal certification audit? / Yes/No
If yes, which scope and depth does this trial assessment needs to encompass? / Please fill in your answer here / .
What is your estimated planning for the execution of the certification audit? / Please fill in the dates that you propose for the audit to take place basis your availability. Please note there might be deviations from the proposed date basis the availability of EY CertifyPoint auditors. Any changes shall be communicated beforehand.
What do you expect of EY CertifyPoint as service provider: / Please fill your comments here.

This request form has been filled out completely and is signed by an authorized representative of the organisation applying for certification.

Place: / Date:
Name of applicant: / Signature:

APPENDIX A

ISO9001 Application form (please append this form to the general Section in case of an ISO9001 audit)

How many employees are currently present in the organisation within the QMS scope & boundaries (if multiple locations are applicable, please mention type of location & # of employees per location) / Please provide the number of employees that are directly or indirectly are involved in the scope of the organization’s QMS
General information with regard to the Quality Management system (QMS) and the activities that are covered by this system: / Please give a brief description of the activities that are covered by the QMS, e.g., Advisory services, application support etc.
Scope of the requested certification (to which parts of the organisation and/or locations does the certification apply): / Please describe the departments/functions that fall under the QMS scope e.g., HR, IT, Finance, Business Operations, etc. Also, describe the locations that are in scope of the QMS audit.
In which technical area, consisting of one or more sectors according to the NACE rev.2 and EA – code classification, does the organization within the scope of the management system(s) reside? / Please enter the information here.

APPENDIX B

ISO14001 Application form (please append this form to the general Section in case of an ISO14001 audit)

How many employees are currently present in the organisation within the EMS scope & boundaries (if multiple locations are applicable, please mention type of location & # of employees per location) / Please provide the number of employees that are directly or indirectly are involved in the scope of the organization’s EMS
General information with regard to the EnvironmentManagement system (EMS) and the activities that are covered by this system: / Please give a brief description of the activities that are covered by the EMS, e.g., Advisory services, application support etc.
Scope of the requested certification (to which parts of the organisation and/or locations does the certification apply): / Please describe the departments/functions that fall under the EMS scope e.g., HR, IT, Finance, Business Operations, etc. Also, describe the locations that are in scope of the EMS audit.
In which technical area, consisting of one or more sectors according to the NACE rev.2 and EA – code classification, does the organization within the scope of the management system(s) reside? / Please enter the information here.

APPENDIX C

ISO20000 Application form (please append this form to the general Section in case of an ISO20000 audit)

How many employees are currently present in the organisation within the ITSMS scope & Boundaries? (if multiple locations are applicable, please mention type of location & # of employees per location) / Please provide the number of employees that are directly or indirectly are involved in the scope of the organization’s ITSMS
How many of them are using the main IT facilities? / Please list the number of in-scope employees that use the IT facilities.
General information with regard to the IT Service management process and the activities that are covered by the surrounding management system(s): / Please give a brief description of the activities that are covered by the ITSMS, e.g., Advisory services, application support etc.
Scope of the requested certification (to which parts of the organisation and/or locations does the certification apply): / Please describe the departments/functions that fall under the ITSMS scope e.g., HR, IT, Finance, Business Operations, etc. Also, describe the locations that are in scope of the ITSMS audit.
Describe the IT infrastructure in terms of software, hardware, IT dependency and number of IT staff (please ad a configuration scheme of the network/infrastructure is available): / Please describe the applications that are within the scope of ITSMS with specific details to describe whether the application is in-house/off the shelf or purchased, the supporting Operating system and Database along with their versions. A description of the organizations IT network, please share a network diagram if available.

APPENDIX D

ISO22301 Application form (please append this form to the general Section in case of an ISO22301 Audit)

How many employees are currently present in the organisation within the BCMS scope & Boundaries / Please provide the number of employees that are directly or indirectly are involved in the scope of the organization’s BCMS
General information with regard to the Business Continuity management system (BCMS) and the activities that are covered by this system: / Please give a brief description of the activities that are covered by the BCMS
Scope of the requested certification (to which parts of the organisation and/or locations does the certification apply): / Please describe the departments/functions that fall under the BCMS scope e.g., HR, IT, Finance, Business Operations, etc. Also, describe the locations that are in scope of the BCMS audit.
In which technical area, consisting of one or more sectors according to the NACE rev.2 and EA – code classification, does the organization within the scope of the management system(s) reside? / Please enter the information here.

APPENDIX E

ISO27001 Application form (please append this form to the general Section in case of an ISO27001 Audit)

Is the Statement of Applicability available? / Yes/No
How many employees are currently present in the organisation within the ISMS scope & Boundaries (if multiple locations are applicable, please mention type of location & # of employees per location) / Please provide the number of employees that are directly or indirectly are involved in the scope of the organization’s ISMS
How many of them are using the main IT facilities? / Please list the number of in-scope employees that use the IT facilities.
General information with regard to the information security management system (ISMS) and the activities that are covered by this system: / Please give a brief description of the activities that are covered by the ISMS, e.g., cloud computing service, Advisory services, application support etc.
Scope of the requested certification (to which parts of the organisation and/or locations does the certification apply): / Please describe the departments/functions that fall under the ISMS scope e.g., HR, IT, Finance, Business Operations, etc. Also, describe the locations that are in scope of the ISMS audit.
Describe the IT infrastructure in terms of software, hardware, IT dependency and number of IT staff (please ad a configuration scheme of the network/infrastructure is available): / Please describe the applications that are within the scope of ISMS with specific details to describe whether the application is in-house/off the shelf or purchased, the supporting Operating system and Database along with their versions. A description of the organizations IT network, please share a network diagram if available.

APPENDIX F

OHSAS 18001 Application form (please append this form to the general Section in case of an OHSAS 18001 audit)

How many employees are currently present in the organisation within the OHSMS scope & boundaries (if multiple locations are applicable, please mention type of location & # of employees per location) / Please provide the number of employees that are directly or indirectly involved in the scope of the organization’s EMS
General information with regard to the Occupational Health & Safety Management system (OHSMS) and the activities that are covered by this system: / Please give a brief description of the activities that are covered by the OHSMS, e.g., Advisory services, application support etc.
Scope of the requested certification (to which parts of the organisation and/or locations does the certification apply): / Please describe the departments/functions that fall under the OHSMS scope e.g., HR, IT, Finance, Business Operations, etc. Also, describe the locations that are in scope of the EMS audit.
In which technical area, consisting of one or more sectors according to the NACE rev.2 and EA – code classification, does the organization within the scope of the management system(s) reside? / Please enter the information here.

APPENDIX G

ISO 50001 Application form (please append this form to the general Section in case of an ISO50001 audit)

How many employees are currently present in the organisation within the EnMS scope & boundaries (if multiple locations are applicable, please mention type of location & # of employees per location) / Please provide the number of employees that are directly or indirectly are involved in the scope of the organization’s EnMS
General information with regard to the EnergyManagement system (EnMS) and the activities that are covered by this system: / Please give a brief description of the activities that are covered by the EnMS, e.g., Advisory services, application support etc.
Information regarding the energy profile of the company: / Please describe the following:

• Annual energy consumption (TJ)
• Number of energy sources
• Number of significant energy uses (SEUs)
• Number of EnMS effective personell (= people who actively contribute to meeting the requirements of an EnMS)

Scope of the requested certification (to which parts of the organisation and/or locations does the certification apply): / Please describe the departments/functions that fall under the EnMS scope e.g., HR, IT, Finance, Business Operations, etc. Also, describe the locations that are in scope of the EMS audit.
In which technical area, consisting of one or more sectors according to the NACE rev.2 and EA – code classification, does the organization within the scope of the management system(s) reside? / Please enter the information here.
Page 1/10