IAM Endorsed Assessor Scheme: Faqs About Conformity Assessment, Accreditation and Certification

IAM Endorsed Assessor Scheme: FAQs about conformity assessment, accreditation and certification

There canbe confusionwiththe terminology associated with conformity assessment for the certification of management systems, and who can issue certificates of conformity. Also, although in everyday language the terms accreditation and certification are often used interchangeably, theydo have very specific meaningsin international standards.

This document seeks toidentify:

• the relevant terminology, where to find the definitions in ISO standards / guidelines, and provide some explanations;
• the standards / guidelines relevant to assessment of the requirements in ISO 55001:2014;
• who can issue certificates for ISO 55001:2014, and how National Accreditation Body (NAB) schemes and the IAM Endorsed Assessor scheme relate to this;and
• how the IAM is clarifying the competence required for ISO 55001 auditors within the Endorsed Assessor scheme.

To get the most from this document it is recommended that you read it from the beginning, as the responses to the later questions assume an understanding of the earlier questions.

FAQ Index

1. What is conformity assessment?
2. What is certification in relation to management systems?
3. Who can issue a certificate for a management system standard?
4. What is accreditation in relation to management systems?
5. Can organisations that are not Certification Bodies assess conformity against ISO 55001?
6. Why is an assessor’s knowledge and understanding of asset management important, and how can it be demonstrated?

1.What is conformity assessment?

Conformity assessment is defined in 2.1 of ISO 17000:2004[1] as ‘demonstration that specified requirements relating to a product, process, system, person or body are fulfilled’.

Note 2 of this definition identifies ‘a service is covered by the definition of a product.’

In everyday language, the term ‘compliance’ is often incorrectly used in relation to assessing management systems. Within ISO management system standards, ‘compliance’ means compliance with legal, or other (e.g. regulatory) requirements. ISO 17021-1:2015[2] identifies - Note to clause 9.2.1.2(b) - that ‘A management system certification audit is not a legal compliance audit.’

This difference between assessment of conformity and compliance is further clarified in Notes 1 and 3 associated with the definition of audit findings in 3.4 of ISO 19011:2011[3].

• NOTE 1 Audit findings indicate conformity or nonconformity.
• NOTE 3 If the audit criteria are selected from legal or other requirements, the audit finding is termed compliance or non-compliance.

[Back to FAQ index]

2.What is certification in relation to management systems?

ISO’s formal definition of Certification is "third party attestation related to products, processes, systems or persons." (ISO 17000:2004)

ISO 17021:2011 identifies certification of management systems as third-party conformity assessment that ‘provides independent demonstration that the management system of

the organization

a) conforms to specified requirements,

b) is capable of consistently achieving its stated policy and objectives, and

c) is effectively implemented.’

Certification provides written assurance (a certificate) by an independent Certification Body that a management system achieves the above, and thereby provides value to the organization, its customers and interested parties.

ISO 17021-1:2015, clause 3.4, defines a ‘certification audit’ along with 6 explanatory notes to clarify aspects of certification audits:

Certification audit - audit carried out by an auditing organization independent of the client and the parties that rely on certification, for the purpose of certifying the client’s management system.

Note 1 to entry: In the definitions which follow, the term “audit” has been used for simplicity to refer to third party certification audit.

Note 2 to entry: Certification audits include initial, surveillance, re-certification audits, and can also include special audits.

Note 3 to entry: Certification audits are typically conducted by audit teams of those bodies providing certification of conformity to the requirements of management system standards.

Note 4 to entry: A joint audit is when two or more auditing organizations cooperate to audit a single client.

Note 5 to entry: A combined audit is when a client is being audited against the requirements of two or more management systems standards together.

Note 6 to entry: An integrated audit is when a client has integrated the application of requirements of two or more management systems standards into a single management system and is being audited against more than one standard.

[Back to FAQ index]

3.Who can issue a certificate for a management system standard?

In practice anybody can declare themselves to be a Certification Body and issue a certificate of conformity for an ISO management system standard.

It is therefore important that there are mechanisms available to independently assess a Certification Body’s competence, credibility, independence and integrity in carrying out its conformity assessment activities. Such mechanisms provide assurances to prospective client organisations when they are selecting organisations to assess the extent of their conformity to a management system standard.

It was for this reason that the IAM originally established the Endorsed Assessor (EA) scheme for PAS 55, and has since extended it to cover ISO 55001. Although the IAM has chosen not to use the term Certification Bodies to describe its EAs, in practice this would be a correct use of the term for those EAs it has endorsed to issue certificates of conformity against ISO 55001:2014 or PAS 55:2008.

IAM EAs can only describe themselves as being accredited for assessing against ISO 55001:2014 if they have also been separately accredited by a National Accreditation Body (such as UKAS) against both ISO 17021-1 and ISO 17021-5.

[Back to FAQ index]

4.What is accreditation in relation to management systems?

ISO’s formal definition of accreditation is “third party attestation related to a conformity assessment body conveying formal demonstration of its competence to carry out specific conformity assessment tasks.” (ISO 17000:2004)

A fuller description of accreditation is the formal recognition by an Accreditation Body[4] to the technical and organisational competence of a conformity assessment body to carry out a specific service in accordance to the standards and technical regulations as described in their scope of accreditation.

By way of example, for ISO 55001:2014 for the UK (similar arrangements would apply in other countries):

• the Accreditation Bodywould be UKAS (United Kingdom Accreditation Service).
• the Conformity Assessment Bodies who would beaccredited by UKAS to assess organisations against the requirements of ISO 55001, and issue certificates of conformity,would be known as Certification Bodies[5].
• UKAS would accreditISO 55001:2014Certification Bodiesbyassessing them against the standards:
• ISO 17021-1:2015- This specifies generic requirements for such certification bodies performing audit and certification of management systems.
• ISO 17021-5[6]- This complements the requirements of ISO 17021:2011, specifying additional competence requirements for personnel involved in the certification process for asset management systems.

It should be noted that it is not compulsory to be accreditedby an Accreditation Bodyto issue a certificate of conformity for a management system standard. However, in the UK, only UKAS accredited Certification Bodies and theorganisations they have certificated are allowed to use the relevant UKAS accreditation marks (incorporating the tick and royal crown).

UKAS is a national signatory, along with other nationally recognisedAccreditation Bodies, to multilateral agreements for the purposes of mutual recognition of accreditations. This is achieved through the European Co-operation for Accreditation (EA) and the International Accreditation Forum (IAF). The Accreditation Bodies that are signatory to these agreements are deemed to be equivalent having undergone stringent peer evaluations.

At the time of updating this FAQ document (August 2016), the IAM is aware that accreditation schemes for ISO 55001 are in place for the followingNational Accreditation Bodies:

• UKAS (United Kingdom Accreditation Services)
• ENAC (Entidad Nacional de Accreditacion) - Spain

(Please note that the IAM does not intend to update this list of NABs)

[Back to FAQ index]

5.Can organisations that are not Certification Bodies assess conformity againstISO 55001?

The majority of organisations seeking to achieve a certificate of conformity to ISO 55001:2014 are likely to begin the process by undertaking a gap analysis against the requirements of the standard.

However, this is not necessarily the case for case all organisations. Some may wish to be assessed against ISO 55001:2014and not aspire to achieve a certificate of conformity.They may be seeking to understand where they have gaps in their capability with a view to considering the business value that could be gained from addressing these.

In either of the above cases, an organization does not have to engage a Certification Body to undertake the gap analysis. However, the IAM believes that for client organisations to have confidence in, and gain value from, the process of gap analysis, organisations providing this assessment service should be part of a formal scheme that requires them to demonstrate the same competence, credibility, independence and integrity asCertification Bodies operating under a NAB accreditation or IAM Endorsed Assessor schemes.

[Back to FAQ index]

6.Why is an assessor’s knowledge and understanding of asset management important, and how can it be demonstrated?

The IAM strongly believes that for a client to gain most value from assessment of the conformity of their management system against ISO 55001:2014, the assessor they engage must have knowledge and understanding of asset management as well as the management system standard.

For the audit team, and those reviewing the audit report and making the certification decision, Clause 5 of ISO 17021-5 identifies competence requirements in relation to:

5.1 - Asset management terminology, definitions and principles

5.2 - Asset management practices, activities and methodologies

5.3 - Asset management system standards and normative documents

In conjunction with the other international members of the Global Forum, the IAM has developed a GFMAM specification[7] for the competence of personnel who are to assess management systems against the requirements of ISO 55001:2014. The competence requirements in the specification conform to, at least, the requirements of ISO 17021-5.

Theasset management knowledge identified in the GFMAM specification can be objectively tested by examination. There are currently 2 examinations designed to achieve this:

• the IAM’s Certificate in Asset Management
• the WPiAMCAMA (Certified Asset Management Assessor) qualification, developed between 5 of the other 10 Global Forum members.

The IAM Endorsed Assessor Scheme requires all competent auditors operating under the scheme to be qualified by one of the above 2 examinations, in addition to demonstrating appropriate experience. The IAM Certificate is designed to supportContinuing Professional Development (CPD), so auditors who are also IAM members would find it beneficial to sit the IAM examination.

[Back to FAQ index]

Further questions or comments

If you should have questions or comments related to the content of this document, please email them to the IAM’s Endorsed Assessor scheme administrator at .

Notes:

In producing this document, reference has been made to the websites of ISO and UKAS.

It is recommended that you explore the resources on these websites if you want to find out more about conformity assessment, accreditation or certification.

(1)the ISO FAQ webpage Conformity assessment and certification

(2)the UKAS webpagesAbout Accreditation and FAQs

If your organization is based outside the UK and you wish to find out about arrangements related to your own country, you should be able to find further information via these websites:

European Co-operation for Accreditation (EA)

International Accreditation Forum (IAF)

FAQs - conformity assessment, accreditation and certification V2 Aug-2016.docxPage 1 of 6

[1]ISO 17000:2004 ‘Conformity assessment – Vocabulary and general principles’

[2]ISO 17021-1:2015 ‘Conformity assessment — Requirements for bodies providing audit and certification of management systems’

[3]ISO 19011:2011 ‘Guidelines for auditing management systems’

[4]Accreditation Bodies are also referred to as Accreditation Authorities

[5]The term ‘Certification Bodies’ is identified in clause 1 (Scope) of ISO 17021:2011

[6]ISO 17021-5:2014 ‘Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 5: Competence requirements for auditing and certification of asset management systems’

[7]GFMAM Competency Specification for an ISO 55001 Asset Management System Auditor / Assessor