Presentation on the new standard ISO/IEC 17024: 2012 Conformity assessment – General requirements for bodies operating certification of persons Slide 1 4/13/2015 Introduction This presentation has been developed by the Convenor of ISO CASCO WG 30. The aim is to support all interested parties concerned by the implementation of this new standard, ISO/IEC 17024 Conformity assessment – General requirements for bodies operating certification of persons. This is an open presentation without any copyrights and can be used by anyone. ISO CASCO Secretary Sean MacCurtain Slide 2 4/13/2015 ISO CASCO Convenor WG 30 Dr. Cynthia D. Woodley Purpose of ISO/IEC 17024 Standard for Certification of Persons Official Title – General requirements for bodies operating certification of persons Introduction – “. . . Has been developed with the objective of achieving and promoting a globally accepted benchmark for organizations operating certification of persons” Introduction – “. . .This international standard can serve as the basis for the recognition of the certification bodies for persons and the certification schemes under which persons are certified, in order to facilitate their acceptance at the national and international levels.” Slide 3 4/13/2015 WG30 – Revision of ISO/IEC 17024 ISO/IEC 17024 originally published in 2003. Due for systematic review in 2008 (usually every 5 years). ISO member bodies voted down ISO/IEC 17024 for systematic review. ANSI introduced a New Work Item proposal to completely revise ISO/IEC 17024. October 2008 member bodies voted in favour of the New Work Item proposal to revise ISO/IEC 17024. Based on New Work Item, a working group (WG30) was formed to revise ISO/IEC 17024. Slide 4 4/13/2015 Timeline of Revision ISO/IEC 17024 Activity Date(s) 1st WG30 meetingterms of reference, scope and structure 9-10 February 2009 2nd WG30 meeting 22-24 July 2009 3rd meeting (DG 28-29 September 2009 meeting) 4th WG30 meeting 22-24 February 2010 5th WG30 meeting 22-24 June 2010 6th WG30 meeting 18-20 January 2011 7th meeting (DG 26-27 September 2011 meeting) 8th WG30 meeting 5-6 December 2011 FDIS out for ballot 1 March 2012 Standard Published 1 July 2012 Slide 5 4/13/2015 Output Participants Results ballot 16 WD1 17 WD2 5 WD2 CD1 DIS 22 16 18 12 FDIS 19 95% approval of ISO P-members and 97% of IEC Pmembers Published Goals of the Revision Repair/rewrite areas of the standard that needed clarification or had been confusing. Incorporate all appropriate guidance from the IAF Guidance Document (GD24) into the standard. Add additional clauses in some areas. Make the standard “look” like the other ISO standards (use standard ISO/CASCO format). Slide 6 4/13/2015 Most Problematic Areas of 17024 as Reported on a Survey of ABs and CBs conducted by IAF*: ABs reported: ‒Development and Maintenance of a Certification Scheme ‒Surveillance ‒Evaluation ‒Organizational Structure CBs reported: ‒Surveillance ‒Organizational Structure ‒Development and Maintenance of a Certification Scheme ‒Other (write in) ‒Evaluation Slide 7 4/13/2015 *Reported as results from IAF survey of ABs conducted in 2009 Major Discussion Issues for WG30 What to do about schemes not owned by CB: ‒ Government owned ‒ Third party owned Surveillance ‒ Not really being followed ‒ Not always needed depending upon the recertification period Separation of Training/Certification Functions ‒ How far is that separation? ‒ Can a training organization be a CB for persons? ‒ Can trainers serve in any role in the certification program? ‒ Can a trainer be an evaluator? ‒ Can a CB require candidates to complete their training program? Slide 8 4/13/2015 Major Issues for WG30 Impartiality ‒ How assured? ‒ Is an Impartiality Committee required? ‒ Or can impartiality be demonstrated some other way? Measurement rigor ‒ How much science of measurement should be added to the standard? ‒ How much documentation is needed in the development of the scheme? Level of detail ‒ What is the appropriate balance between being too prescriptive and providing enough information to help those who do not understand the science of measurement? Slide 9 4/13/2015 Major Issues for WG30 Scheme -What are the mandatory components of a scheme versus what are process requirements associated with the implementation of a scheme? Slide 10 4/13/2015 Major Sections in the New Revision 1. Scope 2. Normative references 3. Terms and definitions 4. General requirements 5. Structural requirements 6. Resource requirements 7. Records and information requirements 8. Certification schemes 9. Certification process requirements 10. Management systems requirements Annex A - Principles Slide 11 4/13/2015 Major Changes in the New Revision Change: Refer to the “Certification of Persons” instead of “Personnel Certification” and “Certification Body for Persons (CBP)” instead of “Personnel Certification Body (PCB)”. Reason: “Personnel” is defined and translated as employee so Personnel Certification and Personnel Certification body were interpreted as certification of one’s own employees. This is not correct. New term Certification of Persons and Certification Body for Persons is so everybody will understand that this is certification of people (not employees). Slide 12 4/13/2015 Major Changes in the New Revision Change: Added new terms for Certification Requirements, Scheme Owner, Certificate, Assessment, Invigilator, Personnel, Applicant, Impartiality, Fairness, Validity, Reliability, Interested Party and Surveillance. Reason: Several of these terms were misunderstood or confusing to readers of the standard and needed to be defined. Slide 13 4/13/2015 Major Changes in the New Revision Change: Added a more detailed section for Management of Impartiality (4.3). Impartiality may be achieved through the use of an Impartiality Committee or through other methods. Reason: Impartiality and objectivity are the cornerstones for the certification of persons. If the process for verifying the competence of persons and certifying the competence of persons is not impartial and objective then there is no value to the certification of persons. Slide 14 4/13/2015 Major Changes in the New Revision Change: Added a new section with more information about the Structure of the Certification Body in Relation to Training (5.2). Reason: Training is a threat to impartiality (5.2.3). Therefore the Certification Body for Persons must demonstrate the independence of the certification activities from training activities to ensure the confidentiality, information security and impartiality of the certification activities are not compromised (5.2.3.b). A trainer may not serve as an examiner of a specific candidate they have trained for a period of 2 years (5.2.3.e) unless the CB can demonstrate how it does not compromise impartiality. Slide 15 4/13/2015 Major Changes in the New Revision Change: Added more detail to section for personnel: -General Personnel Requirements (6.1) Clauses pertaining to competence, training and signing of conflict of interest and confidentiality agreements added. -Requirements for Examiners (6.2.2) Clauses pertaining to competence, impartiality, and declaration of conflicts of interest added. -Requirements for other personnel involved in the assessment (6.2.3) (new section added) Added requirements for invigilators and examination administrators. -Outsourcing (6.3) Includes contracted and subcontracted services. Note that Personnel definition (3.12) includes individuals internal or external who carry out activities for the certification body. Reason: The competence of personnel is important to ensure that certification activities are carried out correctly and impartially. Slide 16 4/13/2015 Major Changes in the New Revision Change: More detail added for Records and Information Requirements: Applicant, Candidate and Certified Persons records (7.1) – describes what persons records must be stored. Public Information (7.2) – describes information that must be available both with request and without request. Confidentiality (7.3) – provides clauses relating to confidential data including candidate data and examination data. Reason: A certification body for person must carefully balance information that should be available to the public with and without request and information that must be kept confidential. Slide 17 4/13/2015 Major Changes in the New Revision Change: New detailed section pertaining to security (7.4).Includes clauses pertaining to the security of confidential candidate data (personal information, etc.), and clauses pertaining to the security of examination data (test questions, answers, exam papers, etc.). Requires the CB to develop security polices and procedures that includes consideration of the location of the materials (transport, storage, exam centres, destruction, digital, etc.), the nature of the materials (electronic, paper, test equipment, etc.), and the steps in the life cycle of examinations (development, administration, results reporting, etc.) Reason: The release of some confidential information (such as examination information) could result in the invalidation of the entire certification program. It is important that all confidential and secure information is kept confidential. Many CBs are unaware of the security threats associated with their certification programs. Slide 18 4/13/2015 Major Changes in the New Revision Change: More detailed description of certification schemes. Now recognizes an external scheme owner. Provides clauses detailing the requirements for the contents of a scheme (8.2), detailed clauses for certification requirements that must be in a scheme (8.3), and detailed requirements for the development and review of the certification scheme (8.4). The requirement for a Job Task Analysis is now included in the standard (8.4). Surveillance is now “if applicable” as based on the scheme. Requires that the scheme be reviewed and validated on an ongoing, systematic basis. Reason: Development of the scheme was cited as one of the problematic areas in the survey of ABs and CBs. The new standard provides additional information to clarify scheme requirements. Slide 19 4/13/2015 Major Changes in the New Revision Change: More detail provided for the Certification Process Requirements (9) including the application process (9.1), assessment process (9.2), examination process (9.3), decision on certification (9.4), suspending, withdrawing or reducing the scope of certification (9.5), recertification process (9.6) and the use of certificates, logos and marks (9.7). Reason: IAF survey showed confusion for many of these processes. Additional detail was required to help make the clauses and requirements clear. Slide 20 4/13/2015 Major Changes in the New Revision Change: New appeals section (9.8), new complaints section (9.9), and new management systems requirements section (10). Reason: Required PAS documents. Slide 21 4/13/2015 Major Changes in the New Revision The mandatory PAS documents were incorporated into the revised standard: 1. ISO/PAS 17001 on Impartiality included in clause 4.3 2. ISO/PAS 17002 on Confidentiality included in clause 7.3 3. ISO/PAS 17003 on Complaints and appeals included in clauses 9.8 and 9.9 4. ISO/PAS 17004 on Disclosure of information included in clause 7.2 5. ISO/PAS 17005 on Use of management systems included in clause 10 Slide 22 4/13/2015 Major Changes in the New Revision Change: Principles section added in Annex A. Includes principles associated with impartiality, competence, confidentiality and openness, responsiveness to complaints and appeals, and responsibility. Reason: The revised standard cannot give specific requirements for all situations that can occur. The principles are designed to be applied as guidance for unanticipated situations. The principles serve as the framework for the entire standard. Slide 23 4/13/2015 Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 Introduction 1. Scope ISO/IEC 17024 2012 Introduction 1. Scope 2 Normative references 3 Terms and definitions 3.1 appeal 3.2 candidate 3.3 certification process 3.4 certification scheme 3.5 certification system 3.6 competence 3.7 complaint 3.8 evaluation 2 Normative references 3 Terms and definitions 3.19 appeal 3.14 candidate 3.1 certification process 3.2 certification scheme 3.9 examination 3.10 examiner 3.9 examination 3.10 examiner Slide 24 4/13/2015 3.6 competence 3.20 complaint Differences/Comments Same New note added regarding reference to Certification Body in this standard refers to Certification Body for Persons (CBP). Changed normative references. Changed normative documents for terms Same Slightly reworded Slightly reworded Slightly reworded Deleted and combined with Certification Process Reworded Slightly reworded Deleted and removed from the standard (replaced with “assessment”) Slightly reworded Slightly reworded Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 3.11 qualification Slide 25 4/13/2015 ISO/IEC 17024 2012 Differences/Comments 3.7 qualification Slightly reworded 3.3 certification requirements New definition 3.4 scheme owner New definition 3.5 certificate New definition 3.8 assessment New definition 3.11 invigilator New definition 3.12 personnel New definition 3.13 applicant New definition 3.15 impartiality New definition 3.16 fairness New definition 3.17 validity New definition 3.18 reliability New definition 3.21 interested party New definition 3.22 surveillance New definition Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 ISO/IEC 17024 2012 Differences/Comments 4 Requirements for certification bodies Deleted 4.1 Certification body Deleted 4.1.1. Clause deleted 4.1.2 4.1.3 Clause deleted 9.4.3 Slightly reworded 5 Structural requirements New section 4.2Organizational structure 5.1 Management and organization structure 4.2.1 5.1.1 4.2.1.a) Slightly reworded Clause deleted (added impartiality section) 4.2.1 b) 4.2 Slightly reworded 4.2.1 c) 5.1.2 Reworded and additional parties to be identified added. 4.2.1 d) 4 General requirements 4.1 Legal matters Reworded Slide 26 4/13/2015 Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 4.2.2 ISO/IEC 17024 2012 4.3 Management of impartiality 4.3.1 4.2.3 4.2.4 a) Differences/Comments Reworded Deleted. New section on development and maintenance of a scheme was added. CB does not have to appoint a scheme committee. Scheme owner can be outside of the CB. 4.4 Slightly reworded 4.2.4 b) Covered under new section on impartiality (4.3) 42.4 c) Covered under new section on impartiality (4.3) Slide 27 4/13/2015 4.3.2 New clause 4.3.3 New clause 4.3.5 New clause 4.3.6 New clause 4.3.7 New clause 4.3.8 New clause Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 4.2.5 ISO/IEC 17024 2012 Differences/Comments 5.2 New section covers old clause 4.2.5 and adds additional requirements 5.2.2 New clause 5.2.3 a) New clause 5.2.3 b) New clause 5.2.3 c) New clause 5.2.3 d) New clause 5.2.3 e) New clause 4.2.6 Entire sections for appeals and complaints added (see sections 9.8 and 9.9) 4.2.7 See new section on personnel (6.1) 4.3 Development and maintenance of a certification scheme See new section for certification schemes (8) Slide 28 4/13/2015 Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 ISO/IEC 17024 2012 Differences/Comments 4.3.1 See new section for certification schemes (8) 4.3.2 See new section for certification schemes (8) 4.3.3 9.2.2 4.3.4 Reworded and placed in new section on assessment (9.2) Deleted clause 4.3.5 4.3.4 5.2.1 Split into two sections (Impartiality 4.3 and Structure of the certification body in relation to training 5.2) 4.3.6 9.3.5 Moved to a new section on examination process 4.4 Management system 4.4.1 4.4.2 4.4.3 All of Section 10 All of Management System moved to a new section 10. 4.5 Subcontracting 6.3 Outsourcing Changed subcontracting to outsourcing 4.5.1 6.3.1 9.4.2 Reworded and put into 2 clauses 4.5.2 6.3.2 Reworded Slide 29 4/13/2015 Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 ISO/IEC 17024 2012 Differences/Comments 4.6 Records 7 Records and information requirements 4.6.1 4.6.2 4.7 Confidentiality 7.1.1 7.1.2 7.1.3 Same Same Reworded and entire new section on Confidentiality added (7.3) 7.2 Public Information 7.2.1 7.2.2 7.2.3 New section New clause New clause New clause 7.2.4 7.3 Confidentiality 7.3.1 7.3.2 7.3.3 7.3.4 New clause New section for confidentiality added New clause New clause New clause New clause 7.3.5 New clause Slide 30 4/13/2015 Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 4.8 Security 5 Requirements for persons employed or contracted by a certification body 5.1 General ISO/IEC 17024 2012 Differences/Comments 7.4 Security New Section for security added 7.4.1 New clause 7.4.2 New clause 7.4.3 New clause 6. Resource Requirements New section for resource requirements added 6.1 General personnel requirements 6.1.1 New clause 6.1.2 New clause 5.1.1 6.1.3 Slightly reworded 5.1.2 6.1.7 Reworded 5.1.3 6.1.4 Reworded Slide 31 4/13/2015 Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 5.1.4 5.2 Requirements for examiners 5.2.1 5.2.2 Slide 32 4/13/2015 ISO/IEC 17024 2012 Differences/Comments 6.1.5 6.1.6 6.1.8 6.2 Personnel involved in the certification activities 6.2.1 General 6.2.2 Requirements for examiners Reworded New clause New clause New section for personnel added 6.2.2.1 6.2.2.2 6.2.2.3 6.2.3 Outsourcing 6.2.3.1 6.2.3.2 6.4 Other Resources 8 Certification Schemes 8.1 8.2 8.3 8.4 8.5 8.6 Reworded New clause New clause New section for outsourcing added New clause New clause New clause New section for certification schemes added New clause New clause New clause New clause New clause New clause that allows a scheme owner to be a body other than the certification body for persons Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 ISO/IEC 17024 2012 Differences/Comments 6 Certification process 9 Certification Process Requirements 6.1 Application 9.1 Application Process 6.1.1 9.1.1 Reworded 6.1.2 9.1.2 Reworded 9.1.3 New clause 9.2 Assessment Process New section for assessment process added 9.2.1 New clause 9.2.2 see 2003 version, clause 4.3.3 Section deleted 6.2 Evaluation 6.2.1 Clause deleted B) covered by new clause 9.2.5 6.2.2 9.3.1 Reworded. Added language to address equating of exam forms and comparability of the pass/fail decision. 6.2.3 9.2.3 Slightly reworded Slide 33 4/13/2015 Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 ISO/IEC 17024 2012 6.2.4 6.3 Decision on certification Slide 34 4/13/2015 Differences/Comments Clause deleted 9.2.4 New clause 9.2.5 New clause 9.2.6 New clause 9.3 Examination process New section for examination process added 9.3.2 New clause to address exam administration standardization 9.3.3 New clause to address exam administration standardization 9.3.4 New clause 9.3.5 Reworded from 2003 version clause 4.3.6 9.4 Decision on certification 9.4.1 New clause 9.4.2 Reworded from 2003 versions clause 4.5.1 9.4.3 Reworded from 2003 version clause 4.1.3 Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 6.3.1 ISO/IEC 17024 2012 Differences/Comments 9.4.4 9.4.5 New clause 9.4.6 New clause 6.3.2 9.4.7 6.3.3 9.4.8 Slightly reworded 9.4.9 New clause 6.4 Surveillance Section deleted 6.4.1 Clause deleted 6.4.2 Clause deleted Slide 35 4/13/2015 9.5 Suspending, withdrawing or reducing the scope of certification New section 9.5.1 New clause 9.5.2 New clause 9.5.3 New clause 9.5.4 New clause Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 6.5 Recertification ISO/IEC 17024 2012 9.6 Recertification Process 6.5.1 6.5.2 Differences/Comments Clause deleted 9.6.1 9.6.2 9.6.4 Reworded and split into three clauses 9.6.3 New clause 9.6.5 New clause 6.6 Use of certificates and 9.7 Use of certificates, logos and logos/marks marks 6.6.1 9.7.1 Same 6.6.2 9.7.2 Same Slide 36 4/13/2015 Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 6.6.3 Slide 37 4/13/2015 ISO/IEC 17024 2012 9.7.3 9.8 Appeals against decisions on certification 9.8.1 9.8.2 9.8.3 9.8.4 9.8.5 9.8.6 9.8.7 9.9 Complaints 9.9.1 9.9.2 9.9.3 9.9.4 9.9.5 9.9.6 9.9.7 9.9.8 9.9.9 9.9.10 Differences/Comments Reworded New Section for appeals New clause New clause New clause New clause New clause New clause New clause New section for complaints New clause New clause New clause New clause New clause New clause New clause New clause New clause New clause Cross Reference 17024:2003 to 17024: 2012 ISO/EC 17024 2003 Slide 38 4/13/2015 ISO/IEC 17024 2012 10 Management system requirements 10.1 10.2 10.2.1 10.2.2 10.2.3 10.2.4 10.2.5 10.2.5.1 10.2.5.2 10.2.5.3 10.2.6 10.2.6.1 10.2.6.2 10.2.6.3 10.2.6.4 10.2.7 10.2.8 Annex A – Principles Differences/Comments New section for management systems New clause New section New clause New clause New clause New clause New section New clause New clause New clause New section New clause New clause New clause New clause New clause New clause New Appendix (Principles)