What is the certification process?

Application for certification

The request for certification is normally in writing and includes details of the activity to be certified. Each request is responded to with a quote or a justification as to why a quote cannot be offered. The scope of the audit is determined based on the requirements of the certification scheme and is assessed based on, among other things, the number of employees, geographical spread and complexity of operations. For organizations with geographically dispersed and similar activities, a so-called multi-site approach may be relevant.

The scope of the assignment and the price quoted may need to be revised during the course of the assignment due to the results of the audit and changed conditions for certification.

Planning

The certification engagement is planned and the audit team is selected based on the requirements of impartiality. All members of the audit team, employed and contracted, are qualified and approved according to the requirements for certification bodies for management system certification according to EN ISO/IEC 17021-1 and the additional requirements for the specific service.

The organization can veto the audit team without giving reasons.

Planning Dialogue (Step 1)

The audit team reviews the management system at an overall level and evaluates how well it meets the requirements of the standard and identifies areas for improvement. Readiness for certification is assessed. The approach and scope of the certification audit (Step 2) is determined. The results of the review are documented in a report with areas for improvement and any changes to the planning for the certification audit.

Certification audit (Step 2)

The audit team conducts the audit by interviewing staff, reviewing governing and accounting documents, and auditing the implementation of the management system in the organization. Strengths, weaknesses, non-conformities and areas for improvement, as well as a recommendation for certification, are presented in a written report at the final meeting. The report is also available in RISE Ecert, a web-based audit database with access via customer-unique login.

Review and issuing of certificates

The audit report and responses to any discrepancies are reviewed by the audit team.

Once all non-conformities are resolved, an independent assessment of the engagement is made. After a successful review, a certification decision can be taken and a certificate issued. For example, if there are deficiencies in the implementation of the engagement or if there are outstanding open non-conformities, no certificate can be issued.

Information on issued certificates is published on Certsearch: https://www.iafcertsearch.org/

Follow-up audit

The first follow-up audit is usually conducted 6-9 months after the certification audit. Thereafter, the audit team returns for a follow-up audit at least once a year. The purpose of the audit is to continuously ensure that the requirements for certification are met.

Recertification audit

The certification is valid for three years, provided that all the conditions for certification are met. During the third year, an evaluation of the certification and an extended audit, known as a recertification audit, are carried out. The evaluation includes a review of the three-year period with regard to continuous improvement and the fulfillment of operational objectives. This evaluation is carried out both as a document review and as a recertification audit. It provides an opportunity to draw conclusions from the work done and to identify new objectives and paths for the next three-year period.

Changes that may affect certification

In the event of major changes to the management system, organization or operations, RISE must be notified in writing.  This may apply, for example, if more locations are to be added or removed from the certification.

An assessment is made of whether the change affects the description of the activities on the certificate and whether the management system still meets the requirements of the relevant standard. An assessment is then made of what actions need to be taken, such as an audit or document review.

Temporary or permanent withdrawal of certificates

Suspension of a certificate may be considered for several reasons, which are assessed on a case-by-case basis. A certificate can be suspended for a maximum of 6 months, after which a new certification audit must be carried out.  Reinstatement of a suspended certificate can be done after an investigation. The outcome of the investigation determines the actions to be taken before reinstatement.

Once a certificate is suspended, any reference to the certification in advertising or other publicity must cease immediately.

Permanent withdrawal of the certificate is done when:

• the customer does not wish to remain certified
• follow-up audits reveal major shortcomings
• the certificate or mark has been used misleadingly in marketing   
• payments to RISE Certification have not been made
• the certificate holder has gone bankrupt or transferred the business
• customer has significant deficiencies that are subject to regulatory intervention

When certificates are withdrawn, RISE Certification's publication of the certification ceases.

Reference to certification

Certified organizations may use the RISE certification mark and certificate in various marketing contexts in ways that are not misleading and that are done according to RISE specific rules for the use of certificates and marks.

Certification marks in digital form are provided by RISE, and they may not be changed in color, shape or content.

Please contact us if you have any questions regarding the use of our certification marks.