Flow chart of Process
|1||Description of process steps
To initiate an order, the client must have submitted a formal, completely filled-in audit request application. This application must include the company data needed to ensure that factors affecting the cost estimate can be traced at all times.
The Audit Programme Responsible reviews the submitted application and the document attached and, if it is needed, contacts the audit client for more clarifications and additional information in order to ensure the readiness of the certification body to respond in a reasonable timeframe.
If the Review of application is positive, sent Quotation and client have to sign the quotation, in order to conclude the contract and then an order/Client number is assigned and entered in a data base. A further step in order initiation signed Certification Audit Agreement with client, setting up of a client-related project file in which all relevant documents are collected for archiving and verification purposes.
If the Review of application is negative, the client is informed accordingly with reasons for the refusal.
An audit programme must be established for the full three year certification cycle. The audit programme must identify the audit activities required to demonstrate that the client’s management system fulfils the requirements of the standard they are certificated to. The programme will include a two stage initial audit, surveillance audits and a recertification audit in the third year prior to expiry of certificate. It is the responsibility of the QCC Department and administrative staff to put the audit programme together and communicate to the client and auditors involved in the auditing process.
An audit team generally consists of a lead auditor and an auditor. In the case of specific technical problems, an additional expert may be called in to support the audit team. The expert act only together with an auditor.
Auditor trainees or observers who are acceptable to the program management and the lead auditor. Where a joint audit is conducted, agreement must be reached among the auditing organizations before the audit commences on the specific responsibilities of each organization, particularly with regard to the authority of the team leader appointed for the audit.
|4||Prepare Audit Plan and intimate Client (Audit registration)
In cooperation with the organization, the Lead Auditor will set up audit plan for performance of the audit and will inform the organization in time in writing. The audit plan contains all information required by the organization for the preparation of the audit.
When audit registration has been completed, the certification body carries out a review. The individual steps of the audit process may only be started after the audit has been released.
|5||1 St Stage Audit
The purpose of a stage 1 audit is to assess Clients organization’s documented policies and procedures
Against the requirements of the standard(s), and to identify and report any shortfalls prior to the stage 2 audit.
The stage 1 audit will typically consist of:
• An audit of Client management system documentation to ensure that all the applicable
requirements of the standard(s) have been addressed
• Confirmation that all legal/technical requirements are identified and documented
A site walk around and planning for Client stage 2 audit
• An evaluation of client location, processes and site conditions
• An evaluation as to Client readiness to proceed with stage 2 audit
We will also audit, wherever possible, if time allows and where sufficient records are available:
• Internal audit
• Management review
• Senior management commitment
• Objectives and targets
• Other key processes
We will compile a detailed report and agree an audit schedule/plan for stage 2. If deemed appropriate, a stage 2 audit date will be arranged at the closing meeting.
Normally Client stage 1 audit will take place at Client premises. This enables Clients to establish a rapport with auditor and may help reduce the incidence of non-conformances at the next stage. Occasionally, and for very small or simple organizations, stage 1 may take place at our offices.
2nd Stage Audit
At stage 2.
Following Client stage 2 audit, the auditor’s report is reviewed at our office by the certification review Responsible Individual or team. This includes the corrective actions Client have implemented to resolve any non-conformances raised. On satisfactory completion of these activities a certificate will be issued.
The certificates are monitored annually at the client's premises. Decisive for the date of surveillance is the date of certificate release by the certification body.
BAS's certification is normally valid for a three-year period. During this time we are required to conduct surveillance audits of Client organization at least once each year (the first of which is typically 6 months after your initial registration). All visits to your company are by appointment, thereby ensuring availability of relevant personnel.
The re-Certification cycle for Management System programs is three (3) yearly. Client reassessment audit must be conducted within three (3) years of the initial certification or last recertification. If not completed and processed within the required time frame, Client certification is no longer valid. The re-assessment audit must take place three (3) months prior to the expiry date. Extensions on the re-certification dates are not permitted.
Certificates which have been issued by an accredited certification body may be transferred. In this context, the following points must be observed:
All reports on audits previously carried out together with the certificate must be submitted by the company and evaluated by the auditor.
The client must file a formal, completely filled-in application.
Further procedures will be determined together with the certification body. The measures depend on whether the transfer is to be effected within the scope of an audit or between two audits. An on-site visit to the company will be required in any case.
The procedure to be applied will be the same as for new clients.
|11||Extension To Scope Of Certificate
Amendments or extensions to the initial certified scope are possible, for example, to include additional offices, or new areas of business. Audits for this 'extension' can be carried out with minimum disruption to Client organisation. The Obsolete Certificate is taken back by BAS. Further Surveillance/Re-Assessments of the Extended Scope is conducted as per the redefined assessor day’s allocation.
Short Notice Audit
BAS carry out, short-notice audits to investigate complaints, or in response to changes, or as follow-up on nonconformities / suspensions.