QS-CAS-PROC/33

August 2015

COMMON ELEMENTS IN ISO/CASCO STANDARDS

Contents
1. Scope ............................................................................................................................................. 2
2. History ........................................................................................................................................... 2
3. General .......................................................................................................................................... 2
4. Process for maintaining and revising the Common Elements document .................. 3
5. Impartiality.................................................................................................................................... 3
5.1. Background and principles of impartiality .................................................................. 3
5.2. Requirements for impartiality.......................................................................................... 5
5.2.1. Obligatory requirements ................................................................................................ 5
5.2.2. Recommended requirements ......................................................................................... 5
6. Confidentiality ............................................................................................................................. 7
6.1. Background and principles of confidentiality............................................................. 7
6.2. Requirements for confidentiality .................................................................................... 8
6.2.1. Obligatory requirements ................................................................................................ 8
6.2.2. Recommended requirements ......................................................................................... 8
7. Handling of complaints and appeals ..................................................................................... 8
7.1. Background and principles of handling of complaints and appeals .................... 8
7.2. Requirements for handling of complaints and appeals ........................................... 9
7.2.1. Obligatory requirements ................................................................................................ 9
8. Management systems in ISO/CASCO documents ........................................................... 10
8.1. Background and principles of management systems ............................................ 10
8.2. Requirements for management systems ................................................................... 11
8.2.1. Instructions to Working Groups ................................................................................... 11
8.2.2. Obligatory requirements .............................................................................................. 11
8.2.3. Recommended requirements ....................................................................................... 12
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 2

1. Scope
This document is intended for use by ISO/CASCO WGs in the development of ISO/CASCO
standards and other deliverables specifying requirements for bodies performing conformity
assessment. It defines the wording for the obligatory and recommended elements of
"impartiality", "confidentiality", "complaints and appeals" and "use of management systems".
2. History
ISO/CASCO was requested by the ISO Council to define a set of common elements that could
be applied to all new and existing ISO documents on conformity assessment. The Publicly
Available Specifications (PAS) ISO/PAS 17001, Conformity assessment — Impartiality —
Principles and requirements, ISO/PAS 17002, Conformity assessment — Confidentiality —
Principles and requirements, ISO/PAS 17003, Conformity assessment — Complaints and
appeals — Principles and requirements and ISO/PAS 17004, Conformity assessment —
Disclosure of information — Principles and requirements were published in 2005. ISO/PAS
17005, Conformity assessment — Use of management systems in conformity assessment —
Principles and requirements, was published in 2008.
As these were developed as PAS documents they had a defined life span of 6 years after
which they would either fall away or be converted into another type of deliverable or internal
document. The ISO/CASCO Plenary decided not to revise the PAS documents through the
ISO formal revision process but to merge them into a single internal ISO/CASCO document.
3. General
This document describes the background, principles and requirements for four elements.1 This
document contains two categories of requirements, "obligatory " and "recommended".
ISO/CASCO working groups are obliged to incorporate the obligatory requirements and have
to give consideration to the recommended requirements. The following describes the
categories of requirements:
a) Obligatory requirements:
These are specific drafted requirements that shall be used by ISO/CASCO working groups
where the element has to be addressed, without modification, except for substitution of
more specific terms. For example, the phrase “Conformity assessment activities shall be
undertaken impartially”, may be substituted more specifically with “Management system
certification activities shall be undertaken impartially”. Working groups (WGs) do not have
the authority to change the wording of the obligatory parts without first obtaining the
approval of the ISO/CASCO Chairman's Policy and Coordination Group (CPC).
Justification is required from ISO/CASCO working groups that do not use these
requirements when dealing with the relevant common element.
b) Recommended requirements:
These are drafted requirements that working groups (WGs) may use if they wished to have
a greater degree of specification on the particular topic. It is permissible to adapt the
wording of the recommended requirements to suit the conformity assessment context.

1
The clause on "Disclosure" has been removed as it was not used in any standard to date.

2
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 3

This document provides obligatory and recommended language to be placed within related
clauses of the common structure defined in QS-CAS-PROC-01 (general, structural, resource,
process and management system).
This document includes clauses for background and principles concerning the common
elements. This text may be considered for inclusion in ISO/CASCO standards.
This document achieves the ISO/CASCO intent to have an agreed statement on elements that
are common to all conformity assessment activities and, at the same time, maintains some
flexibility for specific wording by individual ISO/CASCO WGs.

4. Process for maintaining and revising the Common Elements document

The Secretariat will initiate a ballot to Member Bodies to determine the need for revision of this
procedure if no revision of the procedure has been initiated or completed in the previous 5
years. The results of the ballot to the Member Bodies will be considered on the same basis as
results of ballots for Systematic Reviews of International Standards. In addition, any Member
Body can submit a New Work Item Proposal at any time to revise this procedure.
If the result of the ballot is positive, a working group is established to revise the procedure.
During the revision process, the output of the working group will be balloted at least one time
by the CASCO members who will have the possibility to submit comments. The acceptance
criteria for the ballot is that two-thirds majority of the votes casted by the CASCO P-members
are in favour and not more than one-quarter of the total number of votes casted are negative.

5. Impartiality
5.1. Background and principles of impartiality
5.1.1. Impartiality is an element made up of several components. These components are
attributes that are considered fundamental in a body that performs conformity
assessment activities. The components include:

a) undertaking conformity assessment activities in an objective manner without bias;

b) identification of existing and potential conflicts of interests and their active management
so as to ensure objectivity;

c) independence of the conformity assessment body, as well as the individuals performing

the conformity assessment activities, from any other organization or person having an
interest in the result of the conformity assessment activities;

d) awareness of the responsibility and liability that come with undertaking conformity
assessment activities and making conformity assessment decisions or/and attestations.

5.1.2. The lack of impartiality in conformity assessment activities could lead to incorrect or
flawed conformity assessment practices and results.

5.1.3. While carrying out conformity assessment activities, it is important:

3
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 4

a) to be objective,

b) to identify, avoid, mitigate and manage conflicts of interest, and

c) to ensure independence,

in order to increase the amount of trust, confidence and value that those activities have in the
market place.

5.1.4. The use of the term impartiality in this document is understood to be the presence of
objectivity. Objectivity is understood to mean that conflicts of interest do not exist or are
resolved so as not to adversely influence the activities of the body.

Note Impartiality is characterized by one or more of the following:

 objectivity,
 independence,
 neutrality,
 fairness,
 open-mindedness,
 even-handedness,
 detachment,
 balance,
 freedom from conflict of interests,
 freedom from bias,
 lack of prejudice.

5.1.5. It is essential for bodies and their personnel to be, impartial to give confidence in their
activities and their outcomes.

5.1.6. Threats to impartiality include bias that may arise from:

a) self-interest (e.g. overdependence on a contract for service or the fees, or fear of losing
the customer or fear of becoming unemployed, to an extent that adversely affects
objectivity in carrying out conformity assessment activities);

b) self-review (e.g. performing conformity assessment activity in which the body evaluates
the results of other services it has already provided, such as design or consultancy
services);

c) advocacy (e.g. a body or its personnel acting in support of, or in opposition to, a given
company, which is at the same time its customer, in the resolution of a dispute or
litigation);

d) over-familiarity, i.e. threats that arise from a body or its personnel being overly familiar
or too trusting instead of seeking evidence of conformity (e.g. in a management systems
conformity assessment context, the development of relationships over time between
conformity assessment personnel and the customer's personnel or organization that
adversely affects the objectivity and rigour in the provision of conformity assessment
activities for that customer; in the product certification and laboratory context, this risk is

4
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 5

more difficult to manage because the need for assessment personnel, with very specific
expertise, often limits the availability of qualified individuals);

e) intimidation (e.g. the body or its personnel can be deterred from acting objectively by
threats from or fear of, a client or other interested party);

f) competition (e.g. between the assessed company and a contracted technical assessor).

5.2. Requirements for impartiality

5.2.1. Obligatory requirements

Obligatory general Obligatory structural Obligatory resource

requirements requirements requirements

Conformity assessment Conformity assessment All personnel of the body,

activities shall be undertaken activities shall be structured either internal or external, that
impartially. and managed so as to could influence the conformity
safeguard impartiality. assessment activities, shall act
impartially.
The body shall be responsible
for the impartiality of its
conformity assessment
activities and shall not allow
commercial, financial or other
pressures to compromise
impartiality.
The body shall identify risks to
its impartiality on an on-going
basis. This shall include those
risks that arise from its
activities, or from its
relationships, or from the
relationships of its personnel.
However, such relationships do
not necessarily present a body
with a risk to impartiality. See
Note below.
If a risk to impartiality is
identified, the body shall be
able to demonstrate how it
eliminates or minimizes such
risk.
The body shall have top
management commitment to
impartiality.

Note A relationship that threatens the impartiality of the body can be based on ownership,
governance, management, personnel, shared resources, finances, contracts, marketing
(including branding), and payment of a sales commission or other inducement for the referral
of new clients, etc.
5.2.2. Recommended requirements

5
QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 6

Recommended general Recommended structural Recommended resource

requirements requirements requirements

The body shall not offer or The body shall have a Personnel of the body who
provide conformity assessment mechanism for balanced have previously been
as well as design or involvement of stakeholders in employed or used by a
customer to design, manage,
consultancy services that relate a) developing principles and
or consult on the object of
to the same object of policies relating to impartiality, conformity assessment shall
conformity assessment for the b) counteracting any tendency not perform conformity
same customer, as this poses to allow commercial or other assessment activities in
an unacceptable threat to considerations to prevent the relation to that object within a
impartiality. See Note 1. consistent objective provision <insert specified period> of
of the conformity assessment their previous involvement. See
Note 5 and Examples 1, 2 and
activities, and
3 below.
c) advising on matters affecting
impartiality in conformity
assessment activities, including
public perception.
See Note 4.
Services that pose an Review and decision on The body shall manage the risk
unacceptable risk to impartiality conformity shall be made by to impartiality arising from over-
shall not be presented, people different from those who familiarity between its
explicitly or implicitly, in
carried out the selection and personnel and the customer.
association with the conformity
assessment activities. determination functions. See See Example 4.
Note 4.
Where the relationship
between a provider of design
or consultancy services and
the body poses an
unacceptable threat to the
impartiality of the body, the
body shall not provide
conformity assessment
services to customers who
have received design or
consultancy services related to
the same object of conformity
assessment for the same
customer. See Notes 2 and 3.
Contracts and agreements for
conformity assessment shall
take into account the
responsibilities of the parties to
ensure impartiality.
The body shall have a publicly
available statement that it
understands the importance of
impartiality in carrying out its
conformity assessment
activities manages conflicts of
interest and ensures objectivity

6
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 7

of its conformity assessment

activities.

Note 1 ISO/CASCO working groups can identify activities (or combinations of activities)
other than design or consultancy that could be perceived as an unacceptable risk to
impartiality.

Note 2 Allowing a specified period of time to elapse following the end of the design and
consultancy services is one way of reducing the threat to impartiality to an acceptable level.

Note 3 ISO/CASCO working groups can identify activities (or combinations of activities)
other than design or consultancy that could be perceived as an unacceptable risk to
impartiality.

Note 4 When this text is used in a specific ISO/CASCO standard, the phrase “selection and
determination functions” are to be replaced by the type of activities involved in the conformity
assessment covered by the ISO/CASCO standard (e.g. testing, inspection, auditing,
evaluation, assessment). For further explanation of the recognized conformity assessment
functions, see ISO/IEC 17000:2004, Annex A.

Note 5 The definition of a specified period should take into account the technical and other
developments in the specific sector.

Example 1 The quality management systems (QMS) manager in an organization who is

subsequently employed by a QMS certification/registration body should not be used to
undertake an external audit process, nor review and decision-making functions, resulting in
certification for his/her previous organization, unless at least 2 years have passed.

Example 2 An employee formerly engaged in the design, manufacturing, in-house testing

or inspection of products and subsequently employed by a product certification body should
not be used to undertake conformity assessment activities of products from his/her previous
organization, unless at least 2 years have passed.

Example 3 A former employee of a conformity assessment body who is subsequently

employed by an accreditation body should not be used to undertake an assessment, nor review
and decision-making activities, resulting in the accreditation of his/her previous organization,
unless at least 2 years have passed.

Example 4 A body should rotate assessment personnel amongst assignments with different
customers on an occasional basis.

6. Confidentiality
6.1. Background and principles of confidentiality
6.1.1. To gain access to the information needed to conduct effective conformity assessment
activities, the body needs to provide confidence that confidential information will not be
disclosed.

6.1.2. All organizations and individuals have the right to have protected any proprietary
information that they provide.

7
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 8

6.1.3. Managing the balance between confidentiality and public disclosure related
requirements affects stakeholders' trust and their perception of value in the conformity
assessment activities being performed.

6.2. Requirements for confidentiality

6.2.1. Obligatory requirements

Obligatory general requirements Obligatory resource requirements

The body shall be responsible, through legally Personnel, including any committee members,
enforceable commitments, for the management contractors, personnel of external bodies, or
of all information obtained or created during the individuals acting on the body's behalf, shall
performance of conformity assessment keep confidential all information obtained or
activities. The body shall inform the client, in created during the performance of the body's
advance, of the information it intends to place in conformity assessment activities, except as
the public domain. Except for information that required by law.
the client makes publicly available, or when
agreed between the body and the client (e.g. for
the purpose of responding to complaints), all
other information is considered proprietary
information and shall be regarded as
confidential.
When the body is required by law or authorized
by contractual arrangements to release
confidential information, the client or individual
concerned shall, unless prohibited by law, be
notified of the information provided.
Information about the client obtained from
sources other than the client (e.g. complainant,
regulators) shall be confidential between the
client and the certification body. The provider
(source) of this information shall be confidential
to the certification body and shall not be shared
with the client, unless agreed by the source.

6.2.2. Recommended requirements

Recommended general requirements Recommended resource requirements

None The body shall have available and use facilities
for the secure handling (e.g. postage, e mailing,
record destruction) of confidential information
(e.g. documents, records) and objects of
conformity assessment (e.g. product samples).

7. Handling of complaints and appeals

7.1. Background and principles of handling of complaints and appeals
7.1.1. The complaints received by bodies fall into one of two categories. One category of
complaints is about conformity assessment and/or appeals and the way that the conformity
assessment system functions. This is the type of specific complaint that, if left unresolved, has
the potential to bring both the body and the system into disrepute.

7.1.2. Another category of complaints is about the level of service quality or delivery. Dealing
with these complaints is part of the normal business process, and is not the subject of this

8
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 9

document. ISO 10002 gives guidance on the complaints-handling process that could be used
to deal with these types of complaints.

7.1.3. The term “appeal” in this document should not be confused with the use of “appeal” in
a legal sense. Appeals and the appeals process in the context of conformity assessment in
this document is deliberately an internal process of the body whose conformity assessment
result is being appealed against. The decision on the appeal remains that of the body that is
being appealed against, and does not require a hearing or decision on the appeal by some
external agency or court.

7.1.4. It is not necessary to have two separate processes for the handling of complaints and
appeals.

7.1.5. Decisions on complaints or appeals should be recorded to provide a traceable resource

for future complaints and appeal investigations and to ensure consistent decision-making and
understanding of complaint or appeal trends.

7.1.6. The effective resolution of complaints and appeals is an important means of protection
for the body, its clients and other users of conformity assessment against errors, omissions or
unreasonable behaviour. Confidence in conformity assessment activities is safeguarded when
complaints and appeals are processed appropriately.

7.2. Requirements for handling of complaints and appeals

7.2.1. Obligatory requirements

Obligatory general requirements Obligatory process requirements

The conformity assessment body shall have a
documented process to receive, evaluate and
make decisions on complaints and appeals.
A description of the handling process for
complaints and appeals shall be available to any
interested party on request.
Upon receipt of a complaint, the body shall
confirm whether the complaint relates to
conformity assessment activities that it is
responsible for and, if so, shall deal with it.
The body shall be responsible for all decisions
at all levels of the handling process for
complaints and appeals.
Investigation and decision on appeals shall not
result in any discriminatory actions.
The handling process for complaints and
appeals shall include at least the following
elements and methods:
a. a description of the process for receiving,
validating, investigating the complaint or
appeal, and deciding what actions are to be
taken in response to it;
b. tracking and recording complaints and
appeals, including actions undertaken to
resolve them;
c. ensuring that any appropriate action is
taken.
The body receiving the complaint or appeal shall
be responsible for gathering and verifying all
necessary information to validate the complaint
or appeal.
Whenever possible, the body shall acknowledge
receipt of the complaint or appeal, and provide
the complainant or appellant with progress
reports and the outcome.
The decision to be communicated to the
complainant or appellant shall be made by, or
reviewed and approved by, individual(s) not
involved in the original conformity assessment
activities in question.
Whenever possible, the body shall give formal
notice of the end of the complaint and appeals

9
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 10

handling process to the complainant or

appellant.

8. Management systems in ISO/CASCO documents

8.1. Background and principles of management systems
8.1.1. Management systems are a recognized tool to support the consistent fulfilment of
requirements for bodies and their activities.

8.1.2. It is recognised that 'management system' is a broad term, and can be characterized
as being a system to establish policy and objectives and to achieve those objectives (as
defined in ISO 9000). A management system can be orientated to cover different needs, not
limited to quality.

8.1.3. Within ISO/CASCO documents, management system requirements may cover any of
these needs depending on the scope of the document being developed.

8.1.4. It is recognised that in some fields specific management system requirements already
exist, such as ISO 9001 for quality management systems and ISO 14001 for environmental
management systems. ISO/CASCO working groups shall not write management system
requirements that contradict these established requirements where they exist.

8.1.5. Within conformity assessment activities, the management system is an internal

mechanism to assure consistent fulfilment of requirements by bodies and their activities. It is
generally understood that management systems are integral tools in achieving this fulfilment
or requirements. Therefore, ISO/CASCO documents should include requirements for
management systems as part of their overall requirements related to conformity assessment.

8.1.6. Assessment of whether a body or activity conforms to requirements may in some cases
include assessment of the fulfilment of management system requirements. This occurs when
the ISO/CASCO requirements include management system requirements.

8.1.7. Unless fulfilment of all the requirements of a specific management system standard is
explicitly included within a set of ISO/CASCO requirements, fulfilment of those ISO/CASCO
requirements shall not be presented as fulfilment of a specific management system standard.

8.1.8. Bodies that choose to have a quality management system that fulfils all of the
requirements of ISO 9001 shall gain benefit from this fulfilment and be able to use that same
quality management system, unless otherwise explicitly specified by the ISO/CASCO
document, to meet any conformity assessment requirements that cover quality management
systems.

8.1.9. Taking into consideration the above background, the following principles apply to
ISO/CASCO working groups when drafting management system requirements in ISO/CASCO
documents.

a) Wherever a management system is deemed necessary, ISO/CASCO documents should

include management system requirements;

b) ISO/CASCO documents may recommend the fulfilment of requirements in ISO 9001 for
the quality management system with more detail where needed;

10
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 11

c) management system requirements in ISO/CASCO documents are not intended to

conflict with the related requirements in ISO 9001 for quality management systems;

d) an ISO/CASCO document should not state that fulfilment of the requirements of the
ISO/CASCO document implies the management system requirements of another
standard are also fulfilled;

e) ISO/CASCO working groups should not draft requirements that lead to duplicate
management systems or induce duplicate management system assessments.

8.2. Requirements for management systems

8.2.1. Instructions to Working Groups

The ISO/CASCO working groups shall elaborate clauses throughout the document under
development covering the aspects listed below where the body:
a) identifies the processes needed for the management system and their application
throughout the body,
b) determines the sequence and interaction of these processes,
c) determines criteria and methods needed to ensure that both the operation and
control of these processes are effective,
d) ensures the availability of resources and information necessary to support the
operation and monitoring of these processes,
e) monitors, measure and analyse these processes, and
f) implements actions necessary to achieve planned results and continual
improvement of these processes.

8.2.2. Obligatory requirements

The body shall establish, document, implement and maintain a management system that is
capable of supporting and demonstrating the consistent achievement of the requirements
of this <insert correct description; e.g. International Standard>. In addition to meeting the
requirements of clauses <insert the relevant clauses of the International Standard in
question> the body shall implement a management system in accordance with option A or
option B.

Option A Option B
As a minimum the management system of A body that has established and maintains
the body shall address the following: a management system, in accordance with
the requirements of ISO 9001, and that is
 management system manual, including capable of supporting and demonstrating
policies and responsibilities the consistent fulfilment of the requirements
 control of documents of < insert correct description, e.g. this
 control of records International Standard or reference to the
 management review International Standard by number>, fulfils at
 internal audits least the management system section
 corrective actions requirements (insert the specific clause
 preventive actions numbers).
 complaints and appeals

11
 QS-CAS-PROC/33
Common elements in ISO/CASCO standards
Page 12

8.2.3. Recommended requirements

Recommended requirements
Any individual clause of ISO 9001

Note 1 ISO/CASCO working groups may add an informative annex showing the
correspondence between ISO 9001 and this < insert correct description, e.g. International
Standard > by stating:
a) which clauses of ISO 9001 apply directly,
b) which clauses of ISO 9001 are amplified by clauses of this < insert correct
description, e.g. International Standard >,
c) which clauses of ISO 9001 are met by clause of this < insert correct description,
e.g. International Standard >.

QS
Approval date Purpose of updating
Version

1 2014-11-19 New procedure

2 2015-08-04 Clause 8.2 amended to take into account decision taken at the 23rd CPC
meeting in May 2015

12