Proving Competence and Impartiality

A look at how conformity assessment bodies are accredited

Published: Wednesday, January 16, 2013 - 14:28

This article is about accreditation of conformity assessment bodies. Before proceeding further, however, it is important to provide some definitions in order for all of us to have the same understanding of key terms.

The first term is “conformity assessment body” (CAB). According to ISO/IEC 17000 a conformity assessment body is “the body that performs conformity assessment services.”

The second term is “conformity assessment.” Again, from ISO/IEC 17000, conformity assessment is “a demonstration that specified requirements relating to a product, process, system, person or body are fulfilled.” An example might be verifying that your quality management system meets the requirements of ISO 9001.

Finally, “accreditation.” Many of us are familiar with accreditation of educational institutions, hospitals, and other health service organizations. However, this article is about the accreditation of bodies that perform conformity assessment. The definition of accreditation, in ISO/IEC 17000, is “the third-party attestation related to a conformity assessment body conveying formal demonstration of its competence to carry out specific conformity assessment tasks.”

The CASCO toolbox

The collection of international standards that govern conformity assessment are referred to as the “CASCO toolbox.” These are standards developed by the International Organization for Standardization (ISO) based in Geneva, Switzerland. The Conformity Assessment Committee of ISO, commonly known as CASCO, develops these international standards governing conformity assessment. Another international standards organization, the International Electrotechnical Commission (IEC), works with ISO with regard to these international standards for conformity assessment. The standards developed by CASCO are balloted separately to ISO and IEC members and therefore are published as ISO/IEC standards. The CASCO toolbox includes the following international standards related to conformity assessment (this is not a comprehensive list):
• ISO/IEC 17000—“Conformity assessment—Vocabulary and general principles”
• ISO/IEC 17011—“Conformity assessment—General requirements for accreditation bodies accrediting conformity assessment bodies”
• ISO/IEC 17020—“Conformity assessment—General requirements for the operation of various bodies performing inspection”
• ISO/IEC 17021—“Conformity assessment—Requirements for bodies providing audit and certification of management systems”
• ISO/IEC 17024—“Conformity assessment—General requirements for bodies operating certification of persons”
• ISO/IEC 17025—“General requirements for the competence of testing and calibration laboratories”
• ISO/IEC 17065—“Conformity assessment—Requirements for bodies certifying products, processes and services”

Accreditation bodies are independent third-party organizations that conform to ISO/IEC 17011 and assess conformity assessment bodies to determine if they conform to the applicable ISO/IEC standard and are competent to perform the conformity assessment activities they undertake. Conformity assessment bodies include inspection bodies, management systems certification bodies, certifiers of persons, testing and calibration laboratories, and product certification bodies.

In addition to requirements for competence, the CASCO standards include requirements for accreditation bodies and conformity assessment bodies to be impartial. This means that each body should be free from biases and conflicts of interest so that it can make objective decisions with regard to conformity and nonconformity to requirements.

It is by demonstrating competence and impartiality that users of accredited conformity assessment, such as industry, consumers, and government, can have confidence in the accredited conformity assessment results, such as accredited certifications or accredited test reports.

Global conformity assessment infrastructure

There is a global standards and conformity assessment infrastructure comprised of three major international standards-development organizations: ISO and IEC, as mentioned earlier; and a third called the International Telecommunications Union (ITU). All three are headquartered in Geneva. Their members include many nationally based standards bodies, as well as other international and national bodies with an interest in standardization.

There are two major international organizations related to the accreditation of conformity assessment: the International Accreditation Forum (IAF) and the International Laboratory Accreditation Cooperation (ILAC). The members of IAF and ILAC are nationally based accreditation bodies comprised of associations of conformity-assessment bodies, industry, government, and other parties with an interest in conformity assessment. IAF members accredit conformity assessment bodies that certify management systems, products, and persons. ILAC members accredit conformity assessment bodies such as testing and calibration laboratories, and related bodies such as proficiency-testing providers and reference material producers, as well as inspection bodies. Many accreditation bodies are members of both IAF and ILAC.

The common objective of this global standards and conformity assessment infrastructure is to develop consensus standards for nearly everything affecting we humans, such as products, services, processes, systems, and persons, and then use conformity assessment to confirm conformance to the standards so that all of us—consumers, industry, government—can have confidence that we get what we pay for, and that it is safe or functions as it is supposed to.

IAF and ILAC members work closely with the World Trade Organization and with government and industry to promote acceptance of accredited conformity assessment results. As this is successfully achieved, it will facilitate trade by preventing costly and repeated conformity assessment. The slogans of IAF and ILAC, “Accredited, tested, or certified once and accepted everywhere” reflect this common objective.

So what does all of this really mean? In trying to answer this question, I will focus on what I know best, which is what ANAB does. ANAB is the recognized accreditation body in the United States for the accreditation of management systems certification bodies. ANAB accredits bodies that certify a company’s management system to standards such as ISO 9001 for quality, ISO 14001 for environment, ISO 22000 for food safety, or ISO 13485 for medical devices (to name just a few).

For example, a medical device manufacturer may decide to implement a management system conforming to ISO 13485. To comply with ISO 13485, the manufacturer’s medical device products must be safe and fulfill their intended function. Once the company implements the standards’ requirements and seeks certification to ISO 13485, it may decide to be audited by a third-party certification body. The certification body will conduct an audit to determine if the manufacturer’s management system actually does fulfill all of the requirements of ISO 13485. It does this by having competent auditors review documentation and records, observe people as they perform their work, and interview people who work for the company to obtain objective evidence of conformance. Then other competent personnel of the certification body will review the audit team’s report and make the decision to certify, or to not certify, the manufacturer.

If the decision is to certify the manufacturer, the certification body will issue formal certification documents and make this information publicly accessible. It is the manufacturer’s responsibility to conform to the standard; the certification body, as a competent and impartial third party, attests that the manufacturer conforms. On this basis, consumers can be confident they are getting a medical device that is safe and functions as intended.

My company, ANAB, which is an accreditation body, makes sure that the certification body is competent and impartial. We do this by conducting assessments of the certification body to confirm that it conforms to ISO/IEC 17021. ANAB conducts assessments of the certification body’s offices and observes its audit teams conducting audits of their clients (these observed audits are called “witnessed” audits). When a medical device manufacturer’s certification documents (e.g., ISO 13485 certificate) carry the ANAB mark, it means the manufacturer was audited by a certification body whose personnel and auditors have the knowledge and competence to determine that the manufacturer is conforming to ISO 13485.

The role of accredited conformity assessment is to provide confidence. If there is a problem with regard to a product or service provided by a company with an accredited certification, a person can make a complaint to the company, and if the company does not respond appropriately, escalate that complaint to the certification body and subsequently to the accreditation body. The international conformity assessment body standards (in our example, ISO/IEC 17021 for the certification body and ISO/IEC 17011 for the accreditation body) require ANAB to have processes for receiving and responding to complaints and appeals.

About The Author

Randy Dougherty

Randy Dougherty is the vice president of the ANSI-ASQ National Accreditation Board (ANAB). ANAB is jointly owned by the American National Standards Institute (ANSI) and the American Society for Quality (ASQ). Dougherty is also the elected chair of the International Accreditation Forum (IAF) and the co-convener of ISO/CASCO Working Group 21 which is responsible for the development of ISO/IEC 17021, the international standard for management systems certification bodies. Dougherty has worked 25 years in third-party conformity assessment. Before joining ANAB in 2001, he was president and CEO of NSF-ISR, Ltd., a management systems certification body.