FAQs about conformity assessment, accreditation and certification in

February 2015
FAQs about conformity assessment, accreditation and certification in
relation to the IAM’s Endorsed Assessor Scheme
There can be confusion with the terminology associated with conformity assessment for
the certification of management systems, and who can issue certificates of conformity.
Also, although in everyday language the terms accreditation and certification are often
used interchangeably, the terms do have very specific meanings in international
This document seeks to address some FAQs (Frequently Asked Question) related to these
issues, and identify:
 the relevant terminology, where to find the definitions in ISO standards / guidelines,
and provide some explanations
 the standards / guidelines relevant to assessment of the requirements in ISO 55001
 who can issue certificates for ISO 55001:2014, and how National Accreditation Body
schemes and the IAM Endorsed Assessor scheme relate to this
 how the IAM is clarifying the competence required for ISO 55001 auditors within the
Endorsed Assessor scheme
To get the most from this document it is recommended that you read it from the
beginning, as the responses to the later questions assume an understanding of the earlier
What is conformity assessment?
What is accreditation?
What is certification?
Who can issue a certificate for a management system standard?
Can organisations that are not Certification Bodies assess conformity against
ISO 55001?
6. Why is an assessor’s knowledge and understanding of asset management
important, and how can it be demonstrated?
FAQs - conformity assessment accreditation and certification.docx
Page 1 of 5
February 2015
What is conformity assessment?
Conformity assessment is defined in 2.1 of ISO 17000:20041 as ‘demonstration that
specified requirements relating to a product, process, system, person or body are fulfilled’.
Note 2 of this definition identifies ‘A service is covered by the definition of a product.’
In everyday language, the term ‘compliance’ is often incorrectly used in relation to
assessing management systems. Within ISO management system standards, ‘compliance’
means compliance with legal, or other (e.g. regulatory) requirements. ISO 17021:20112
identifies that ‘A management system certification audit is not a legal compliance audit.’
This difference between assessment of conformity and compliance is further clarified in
Notes 1 and 3 associated with the definition of audit findings in 3.4 of ISO 19011:20113.
 NOTE 1 Audit findings indicate conformity or nonconformity.
 NOTE 3 If the audit criteria are selected from legal or other requirements, the audit
finding is termed compliance or non-compliance.
1. What is accreditation?
ISO’s formal definition of accreditation is “third party attestation related to a conformity
assessment body conveying formal demonstration of its competence to carry out specific
conformity assessment tasks.” (ISO 17000:2004)
A fuller description of accreditation is the formal recognition by an Accreditation Body4
to the technical and organisational competence of a conformity assessment body to
carry out a specific service in accordance to the standards and technical regulations as
described in their scope of accreditation.
By way of example5, for ISO 55001:2014 for the UK (similar arrangements would apply in
other countries):
 the Accreditation Body would be UKAS (United Kingdom Accreditation Service).
 the Conformity Assessment Bodies who would be accredited by UKAS to assess
organisations against the requirements of ISO 55001, and issue certificates of
conformity, would be known as Certification Bodies6
 UKAS would accredit ISO 55001:2014 Certification Bodies by assessing them against
the standards:
o ISO 17021:2011 - This specifies generic requirements for such certification
bodies performing audit and certification of management systems.
ISO 17000:2004 ‘Conformity assessment – Vocabulary and general principles’
ISO 17021:2011 ‘Conformity assessment — Requirements for bodies providing audit and certification of
management systems’
3 ISO 19011:2011 ‘Guidelines for auditing management systems’
4 Accreditation Bodies are also referred to as Accreditation Authorities
5 Please note that this is an illustration, and as at February 2015, UKAS does not have an accreditation
scheme in place for ISO 55001:2014
6 The term ‘Certification Bodies’ is identified in clause 1 (Scope) of ISO 17021:2011
FAQs - conformity assessment accreditation and certification.docx
Page 2 of 5
February 2015
o ISO 17021-57 - This complements the requirements of ISO 17021:2011,
specifying additional competence requirements for personnel involved in the
certification process for asset management systems.
It should be noted that it is not compulsory to be accredited by an Accreditation Body
to issue a certificate of conformity for a management system standard. However, in the
UK, only UKAS accredited Certification Bodies and the organisations they have
certificated are allowed to use the relevant UKAS accreditation marks (incorporating the
tick and royal crown).
UKAS is a national signatory, along with other nationally recognised Accreditation
Bodies, to multilateral agreements for the purposes of mutual recognition of
accreditations. This is achieved through the European Co-operation for Accreditation
(EA) and the International Accreditation Forum (IAF). The Accreditation Bodies that are
signatory to these agreements are deemed to be equivalent having undergone stringent
peer evaluations.
2. What is certification?
ISO’s formal definition of Certification is "third party attestation related to products,
processes, systems or persons." (ISO 17000:2004)
ISO 17021:2011 identifies certification of management systems as third-party conformity
assessment that ‘provides independent demonstration that the management system of
the organization
a) conforms to specified requirements,
b) is capable of consistently achieving its stated policy and objectives, and
c) is effectively implemented.’
Certification provides written assurance (a certificate) by an independent Certification
Body that a management system achieves the above, and thereby provides value to the
organization, its customers and interested parties.
3. Who can issue a certificate for a management system standard?
In practice anybody can declare themself to be a Certification Body and issue a
certificate of conformity for an ISO management system standard.
It is therefore important that there are mechanisms available to independently assess a
Certification Body’s competence, credibility, independence and integrity in carrying out
its conformity assessment activities. Such mechanisms provide assurances to prospective
client organisations when they are selecting organisations to assess the extent of their
conformity to a management system standard.
ISO 17021-5 ‘Conformity assessment — Requirements for bodies providing audit and certification of
management systems — Part 5: Competence requirements for auditing and certification of asset
management systems’
FAQs - conformity assessment accreditation and certification.docx
Page 3 of 5
February 2015
It was for this very reason that the IAM originally established the Endorsed Assessor (EA)
scheme for PAS 55, and has since extended it to cover ISO 55001. Although the IAM has
chosen not to use the term Certification Bodies to describe its EAs, in practice this
would be a correct use of the term for those EAs it has endorsed to issue certificates of
conformity against ISO 55001:2014 or PAS 55:2008.
IAM EAs can only describe themselves as being accredited for assessing against ISO
55001:2014 if they have also been separately accredited against ISO 17021-5 by a
National Accreditation Body (such as UKAS).
4. Can organisations that are not Certification Bodies assess
conformity against ISO 55001?
The majority of organisations seeking to achieve a certificate of conformity to ISO
55001:2014 are likely to begin the process by undertaking a gap analysis against the
requirements of the standard.
However, this is not necessarily the case for case all organisations. Some may wish to be
assessed against ISO 55001:2014 and not aspire to achieve a certificate of conformity.
They may be seeking to understand where they have gaps in their capability with a view
to considering the business value that could be gained from addressing these.
In either of the above cases, an organization does not have to engage a Certification
Body to undertake the gap analysis. However, the IAM believes that for client
organisations to have confidence in, and gain value from, the process of gap analysis,
organisations providing this assessment service should be part of a formal scheme that
requires them to demonstrate the same competence, credibility, independence and
integrity as Certification Bodies.
5. Why is an assessor’s knowledge and understanding of asset
management important, and how can it be demonstrated?
The IAM strongly believes that for a client to gain most value from assessment of the
conformity of their management system against ISO 55001:2014, the assessor they
engage must have knowledge and understanding of asset management as well as the
management system standard.
For the audit team, and those reviewing the audit report and making the certification
decision, Clause 5 of ISO 17021-5 identifies competence requirements in relation to:
5.1 - Asset management terminology, definitions and principles
5.2 - Asset management practices, activities and methodologies
5.3 - Asset management system standards and normative documents
FAQs - conformity assessment accreditation and certification.docx
Page 4 of 5
February 2015
In conjunction with the other international members of the Global Forum, the IAM has
developed a GFMAM specification8 for the competence of personnel who are to assess
management systems against the requirements of ISO 55001:2014. The competence
requirements in the specification conform to, at least, the requirements of ISO 17021-5.
The asset management knowledge identified in the GFMAM specification can be
objectively tested by examination. There are currently 2 examinations designed to
achieve this:
 the IAM’s Certificate in Asset Management
 the CAMA (Certified Asset Management Assessor) qualification, developed between 5
of the other 10 Global Forum members.
The IAM has recently changed the Endorsed Assessor Scheme to require all auditors
operating within the scheme to be qualified by one of the above 2 examinations, in
addition to demonstrating appropriate experience. The IAM Certificate is designed to
support Continuing Professional Development (CPD), so auditors who are also IAM
members would find it beneficial to sit the IAM examination.
The IAM is aware that some National Accreditation Bodies are developing accreditation
schemes for ISO 55001. This document will be updated when the IAM understands how
National Accreditation Bodies intend to assess asset management knowledge and
understanding against the requirements in ISO 17021-5.
Further questions or comments
If you should have questions or comments related to the content of this document, please
email them to the IAM’s Endorsed Assessor scheme administrator at ea@theIAM.org
In producing this document, reference has been made to the websites of ISO and UKAS.
It is recommended that you explore the resources on these websites if you want to find
out more about conformity assessment, accreditation or certification.
(1) the ISO FAQ webpage Conformity assessment and certification
(2) the UKAS webpages About Accreditation and FAQs
If your organization is based outside the UK and you wish to find out about arrangements
related to your own country, you should be able to find further information via these
European Co-operation for Accreditation (EA)
International Accreditation Forum (IAF)
GFMAM Competency Specification for an ISO 55001 Asset Management System Auditor / Assessor
FAQs - conformity assessment accreditation and certification.docx
Page 5 of 5