ISO NATIONAL WORKSHOP

BUILDING CONFIDENCE
THROUGH CONFORMITY
ASSESSMENT

WORKSHOP MATERIAL
22 AUGUST, BANGKOK - THAILAND
 Session 1 –
Introduction to
ISO, IEC and
CASCO

ISO national workshop

Building confidence through conformity
assessment
22 August 2019, Bangkok - Thailand

Contents

 ISO
 IEC
 CASCO

2
 ISO

Introduction to ISO

 A global network of national standards bodies with one member per

country – 162 member countries
 ISO develops International Standards - > 22,000 so far
 300+ technical committees developing/revising 100+ standards every
month
 Coordinated by a Central Secretariat in Geneva

3
The ISO system

Represent ISO
Write the in their country
standards

Coordinates system

What members do?

 Represent ISO in their country

 Approve standards by voting
 Enable national experts and stakeholders to
participate in standards development
 Propose new standards

4
 What experts do?

 Write the standards

 Nominated by members but can also
come from partner organizations like the
United Nations and other key players

International standards – Key principles

• Transparency
• Openness
• Impartiality and consensus WTO TBT
Agreement
• Effectiveness and relevance
principles
• Coherence
• Development dimension
• Stakeholder engagement
Additional ISO
• Due process
principles
• National implementation/adoption

All have to be transposed into

national standardization principles
8

5
 What ISO/CS does?

 Facilitates participation in standardization

 Provides a neutral platform for the experts to
get together and achieve consensus
 Coordinates the standards development
process

What is a National Mirror Committee (NMC)?

 A national committee (technical) established (or delegated) with responsibility to

monitor and/or participate in the work of ISO technical groups
 The NSB should use this existing national committee in a capacity as an NMC if
it is interested in serving in such a capacity and able to fulfill the requirements of
such a role
 NMC should exist where an ISO member is taking part in the work of ISO
technical groups (either as a participating (P) or an observing (O) member)
 NMC acts as a forum to consult with and provide national stakeholder’s input
(comments and votes) on on-going work of ISO technical groups

6
Establishment of NMC

When?
 If you are already taking part in ISO technical work (either P- of O-member)
 A new work item of interest to the country is launched by ISO and no existing
national TC meets the subject concerned
 You have submitted a new work item proposal to ISO

How?
 Many variants exist…
• One-to-One: i.e. one national TC following only one ISO/TC
• One-to-Many: i.e. one national TC covering several ISO/TCs
• Many-to-One: i.e. Several national TCs covering only one ISO/TC

NMC structure
 There may be a one-to-one or one-to-many correspondence between the
NMC and ISO TCs
 In most developing countries (but not only in developing countries) a single
NTC could act as a NMC for many ISO TCs or SCs

ISO

TC for topic A TC for topic B TC for topic C

NSB

NMC for topic A NMC for topic C

12

7
Examples on NMCs for ISO CASCO WGs

Reference Title Country Administrated by Status

SABS/TC 0003 Conformity assessment (CASCO) South Africa SABS Active

SPRING/MSSC/WG WG-CASCO Singapore SSC Active

1
KEBS/TC 155 Conformity Assessment Kenya KEBS Active

UNI/CT 052 Valutazione della conformità Italy UNI Active

ISM/CT 43 Conformity Assessment Moldova ISM Active

IEC

8
IEC International Electrotechnical
Commission

Standards Development (SD)

 International Standards
 Since 1906
Conformity Assessment (CA)
 Global CA Systems
 Since 1974

Standards development (SD) &

Conformity assessment (CA) activities

SD CA
IEC  global services

ISO
 -

ISO/IEC ISO/IEC 17000 series

International Standards for CA

9
Standards development (SD) &
conformity assessment (CA) activities

Confidence = Value
Standards and Conformity Assessment
are like two sides of a coin…
…neither side has value without the other side
Standards + Conformity Assessment = Value
= Confidence

IEC Global conformity assessment

Systems
 IECEE
 IECEX
 IECCQ
 IECRE

 Requested by the market

 Paid for by the market
 Creating value for the market

10
IEC in figures
 IEC Family (Members & Affiliates)
86 + 85 = 171

 Number of Technical Committees 204

 Number of System Committees 5

 Number of experts approx. 20 000

 Number of publications in catalogue over 10 000
 Conformity Assessment Systems 4
 Number of CA certificates More than 1 million
 Number of CABs almost 1 000

IEC offices – on 6 continents

11
CASCO
Stands for “Conformity Assessment
Committee”

CASCO
 Is a policy committee that reports directly to ISO council and ensures a
consistent approach to conformity assessment.
 Develops standards jointly with IEC related to conformity assessment
practices. These are the ISO/IEC 17000 series standards referred to as the
CASCO Toolbox.
 Does not perform conformity assessment activities.

12
 ISO governance system
Reporting/responsibility
General Assembly Advisory

Council Standing Committees President’s committee

Council

TMB
Policy Development Committees

Technical Committees
23

ISO CASCO members

162 national members

120 full members

39 correspondent membres

3 subscriber membres

13
ISO/IEC 17000 series

The development of the ISO/IEC 17000 series allows a harmonized and

consistent approach to conformity assessment which positively impacts market
access and facilitates international trade

ISO/IEC 17000 series

Generic standards for the operation of:

 conformity assessment bodies

• laboratories,

• certification bodies

• inspection bodies

 accreditation bodies

 peer evaluation and other associated activities

 etc

14
CASCO structure
CASCO Plenary
Policy Technical
Policy Groups Working Groups
CPC WG1

CASCO
Chairman’s policy and
Development ISO/IEC
coordination group
17XXX
TIG
Technical Interface Group WG2
Development ISO/IEC
STAR 17XXX
Strategic Alliance and
Regulatory Group
etc

For more information

https://www.iso.org/casco.html

https://www.iso.org/resources-for-conformity-
assessment.html

15
 29

16
Session 2 –
What is
Conformity
Assessment
(CA)?

ISO national workshop

Building confidence through conformity
assessment
22 August 2019, Bangkok - Thailand

• Definition of conformity assessment

• Conformity assessment activities
• Who can perform conformity assessment
• How it all fits together
Contents • Selection of conformity assessment
activities
• Who benefits form conformity assessment

17
Definition of CA

• Demonstration that specified requirements

Formal relating to a product, process, system, person
definition of or body are fulfilled.
• (ISO/IEC 17000, Clause 2.1)
CA

18
And in plain English…

 An activity which results in determining whether or not products, services,

processes, management systems or persons meet the requirements of
standards or other specifications.

 People conduct conformity assessment every day in their lives when you
decide which car to buy based on your personal criteria.

Conformity assessment activities

19
 • Accreditation
• Certification
CA activities • Inspection

include • Validation
• Verification
• Testing

Some CA activities are

Accreditation
Third party attestation related to a conformity assessment body conveying
formal demonstration of its competence to carry out specific conformity
assessment tasks.

Certification
Third party attestation related to products, processes, systems or person

20
Some CA activities are

Inspection
Examination of a product design, product, process or installation and
determination of its conformity with specific requirements, or on the basis of
professional judgment with general requirements

Some conformity assessment activities

are
Validation
Confirmation of a claim, through the provision of objective evidence, that the
requirements for a specific intended future use or application have been
fulfilled

 Note 1: Objective evidence can come from real or simulated sources.

 Note 2: Validation is considered to be a process to evaluate the reasonableness
of the assumptions, limitations, and methods that support a claim about the
outcome of future activities.
 Note 3: Validation is applied to claims regarding an intended future use based on
projected information (confirmation of plausibility).

21
Some conformity assessment activities
are
Verification
Confirmation of a claim, through the provision of objective evidence, that
specified requirements have been fulfilled

 Note 1: Verification is considered to be a process for evaluating a claim based on

historical data and information to determine whether the claim is materially
correct, and conforms with specified requirements.

 Note 2: Verification is applied to claims regarding events that have already

occurred or results that have already been obtained (confirmation of truthfulness).

Some CA activities are

Testing
Determination of one or more characteristics of an object of conformity
assessment such as a product, material or process according to a procedure

22
 Bodies performing conformity
assessment

13

Bodies involved in CA

An accreditation body performs accreditation to assess the consistency,

impartiality and competence of a conformity assessment body.

A conformity assessment body performs conformity assessment services.

(examples are testing laboratories, inspection bodies, certification bodies,
verification and validation bodies).

23
 Who can perform conformity
assessment

15

• 1st party - which is a self declaration

made by, for example, the manufacturer
or the service provider
CA can be
performed by • 2nd party - which is a declaration made
by, for example, the client on the supplier
different
parties • 3rd party - which is a declaration made by
independent organizations such as
certification body, laboratory, inspection
body, accreditation body, etc.

24
Claims of Conformity assessment
Test done by: Attestation type
1st party SDoC
Object
(the manufacturer, (Self Declaration
service provider) of Conformity)

2nd party
+ (the purchaser, Contract
the client)

3rd party - independent

(certification body, laboratory,
Requirements inspection body... Certificate

3rd party bodies can be accredited.

How it fits together

18

25
 Accreditation

How it fits together

body groups
(regional or
international)
ISO/IEC 17040

Peer
Conformity Assessment Bodies (CABs) Evaluates

Accreditation
Validation and body (AB)
Management Product, process Person Inspection
Verification Laboratory ISO/IEC 17011
system and service certification body
Body ISO/IEC
certification body certification body body ISO/IEC
ISO/IEC 17025
ISO/IEC 17021-1 ISO/IEC 17065 ISO/IEC 17024 17020 Accredits
17029

NOTE:
Accreditation
Audits & Audits & Audits & Inspects & Validates/Verifies Tests & applies only to 3rd
Certifies Certifies Certifies Reports & Issues Reports party CABs
Statements

Commodities,
Products, Products or
Company meets items,
processes and Person meets Claims samples
management facilities or
services meet specific scope confirmed or meet
system installations
specified competencies not specified
requirements meet specific
requirements requirements
requirements

Outputs from conformity assessment

Functional
Party performing conformity assessment
Conformity approach
Conformity
assessmen Selection, Surveillance
assessment Outputs
t standard Determination, (when needed) b
activity First party Second party a Third party
Review and
Attestation Stages
Certification
ISO/IEC
of management    Certificate
17021-1
systems
Certification
of products, ISO/IEC
   Certificate
processes and 17065
services
Certification ISO/IEC
   Certificate
of persons 17024
ISO/IEC
Inspection     Report
17020
Statement
Validation and ISO/IEC
    or
verification 17029
a Claim
ISO/IEC
Testing     Report
17025
Supplier's
ISO/IEC
declaration   Declaration
17050
of conformity
a
At present, ISO and IEC do not have specific International Standards or Guides for second-party conformity assessment systems. Second-party conformity
assessment systems can be developed to rely on first-party declarations, third-party attestations and certification, or second-party acceptance criteria.
b
Surveillance is part of the conformity assessment system and not an external market surveillance activity.

26
Selecting the what most
appropriate CA appropriate
CA activities
approach to meet
needs and
expectations
what needs
and
expectations what concerns
incl. which regarding the
party most product or
appropriate service failure
(1st, 2nd, or 3rd CA activities
party)

what what
appropriate consequence
balance of non-
between costs conformity
and benefits

• Consumers: Conformity assessment

provides consumers with confidence that a
product, service, process, management
system or person will perform as expected.

Who benefits • Service providers and manufacturers:

Conformity assessment provides assurance
from CA? that what they provide meet specifications and
deliver on customer expectations or meet
market requirements.

• Regulators: Conformity assessment gives

regulators the confidence that the
requirements in regulations have been met.

27
More on CA

http://www.iso.org/iso/home/about/conformity-assessment.htm

24

28
 Session 3 –
Conformity
assessment
standards

ISO national workshop

Building confidence through conformity
assessment
22 August 2019, Bangkok - Thailand

Contents

 Introduction and overview of the CASCO toolbox

 ISO/IEC 17011 AB’s
 ISO/IEC 17021-1 CB’s (Management)
 ISO/IEC 17020 Inspection Bodies
 ISO/IEC 17024 CB’s (Personnel)
 ISO/IEC 17025 Laboratories
 ISO/IEC 17029 Validation and Verification Bodies
 ISO/IEC 17065 CB’s (Product)

29
 Introduction and Overview of the
CASCO toolbox

Introduction

The following section is intended to be an introduction to the core standards of

the ISO/IEC 17000 series and not to cover them in detail.

More information can be found on iso.org where some presentations are

available on published standards that go in more details.

30
CASCO Toolbox Standards
Management 
Product Process Service People Inspection Claims Laboratory
Systems 
ISO/IEC 17021‐1 
ISO/IEC 17065 ISO/IEC 17024 ISO/IEC 17020 ISO/IEC 17029 ISO/IEC 17025
and parts

Example of 
Certification 
Fundamentals for  certification  Vocabulary for  Proficiency 
Audit duration  scheme for 
Core conformity  products ISO/IEC  schemes  personnel testing ISO/IEC 
ISO/IEC TS 17023 process 
assessment standards 17067 ISO/IEC TR  ISO/IEC 17027 17043
ISO/IEC 17032
17028
Reference 
Tangible products  material 
ISO/IEC TR 17026 producers ISO 
17034
Suppliers declaration ISO/IEC 17050 parts 1 and 2
Use of marks ISO/IEC Guide 23 and ISO Guide 27
Use of marks by third 
ISO/IEC 17030
parties
Good CA practices ISO/IEC Guide 60
Accreditation standard ISO/IEC 17011
Peer assessment ISO/IEC 17040 and ISO/IEC Guide 68
Terms and definitions ISO/IEC 17000
Guide for drafting 
ISO/IEC 17007
normative documents
The standards in yellow are further described in this slide deck Note: valid in 2019

Commonalities

31
CASCO Common structure
1 Scope
2 Normative references
3 Terms and definitions
4 Principles
5 General requirements
6 Structural requirements
7 Resource requirements
8 Information requirements
9 Process requirements
10 Management system requirements for CBs

Common elements
• Impartiality
• Confidentiality
• Appeals
• Complaints
• Competence
• Management systems

32
Principles
• impartiality
• competence
• responsibility
• openness
• confidentiality
• responsiveness to complaints
• risk-based approach

ISO/IEC 17011

10

33
ISO/IEC 17011: Conformity
Assessment –
Requirements for
accreditation bodies
accrediting conformity
assessment bodies

Purpose of ISO/IEC 17011

Introduction – “. . . specifies requirements for accreditation bodies

accrediting conformity assessment bodies.”
“. . . activities covered by accreditation include testing, calibration,
inspection, certification of management systems, persons,
products, processes and services, provision of proficiency testing,
production of reference materials, validation and verification.”
“This document can be used to support peer evaluation
mechanisms which have been created at regional and international
levels and through which confidence is provided that accreditation
bodies are operating in according with this document.”

34
 • The main changes compared to the previous edition are as follows:
• Alignment with the common structure for the 17000 series standards
and incorporation of CASCO Common Elements in clauses on
impartiality, confidentiality, complaints and appeal and management
system;

Key Issues
• Recognition of proficiency testing as an activity covered by
accreditation;

and Major
• Addition of new definitions for “accreditation scheme” (see 3.8),
“flexible scope of accreditation” (see 3.7), “remote assessment” (see
3.26) and “assessment programme” (see 3.27);

Edits • Introduction of the concept of risk and risk-based assessments;

• Incorporation of the IAF and ILAC documents where appropriate;
• Incorporation of competence criteria in the document, including an
informative annex on knowledge and skills; and
• Did not include a principles section in the new version.

ISO/IEC 17021-1

14

35
ISO/IEC 17021-1:
Conformity Assessment –
Requirements for bodies
providing audit and
certification of management
systems

Purpose of ISO/IEC 17021-1

To set out the requirements for certification bodies performing certification of

management systems.
Accompanied by a set of principles on which the requirements are based to
provide credible and reliable certification.
Requirements cover competence of persons involved in certification, the legal
status, resources and structure of the certification body, the certification
process, etc.

36
Purpose of ISO/IEC 17021-1

Requirements are generic and do not address specifically the detailed

requirements for a certification body as it implements the process and
resource requirements for a specific standard e.g. an Environmental
Management system or a Business Continuity Management system.
Additional requirements relating to certification of specific management system
standards can be found in related standards all based on ISO/IEC 17021-1

Some related
requirements for •
•
ISO/IEC 17021-2
ISO/IEC 17021-3
Competence for Environmental MS
Competence for Quality MS

certification •
•
ISO/IEC TS 17021-4
ISO/IEC TS 17021-5
Competence for Event Sustainability MS
Competence for Asset MS

bodies •
•
ISO/IEC TS 17021-6
ISO/IEC TS 17021-7
Competence for Business Continuity MS
Competence for Road Traffic Safety MS

performing • ISO/IEC TS 17021-8 Competence for Sustainable Development in

Communities MS

certification to
• ISO/IEC TS 17021-9 Competence for Anti-bribery MS
• ISO/IEC TS 17021-10 Competence for Occupational Health & Safety MS

different
• ISO/IEC TS 17021-11 Competence for Facility MS
• ISO TS 22003 Requirements for certification of Food Safety MS
• ISO 28003 Requirements for certification of Supply Chain Security

management • ISO 50003

MS
Requirements for certification of Energy MS

system (MS) • ISO/IEC 27006 Requirements for certification of Information Security

MS

standards

37
 • This part of ISO/IEC 17021 contains
principles and requirements for the
competence, consistency and impartiality of
bodies providing audit and certification of all
1. Scope types of management systems.

• 3.10 technical area

area characterized by commonalities of
processes relevant to a specific type of
management system and its intended results

3. Definitions
• 3.17 duration of management system
certification audits
part of audit time (3.16) spent conducting
audit activities from the opening meeting to
the closing meeting, inclusive

38
 • 9.5 Certification decision
• Decision makers are competent and
different to those who carried out the audit
• Shall not contract out the decision must be
under organizational control of the CB
9. Process (legally enforceable agreement if not
employed)
requirements • Defines what is considered organizational
control
• CB shall conduct a review prior to making a
decision - MNC’s cleared MNC’s plan
• Defines the information needed to make a
decision

• 9.6 Maintaining certification

The CB can maintain certification based on
positive recommendation without further
9. Process independent review and decision provided
• an independent review is initiated when
requirements there is a MNC or other situation and
• competent personnel of the CB monitor
its surveillance activities including
auditors to ensure the certification
activity is operating effectively

39
 • 10.1 Options
10. The certification body shall implement a
management system in accordance with
Management either:
• Option A General management system
system requirements (see 10.2);
• or
requirements • Option B ISO 9001 (see 10.3).

ISO/IEC 17020

24

40
ISO/IEC 17020: Conformity
Assessment –
Requirements for the
operation of various types of
bodies performing
inspection

• To provide confidence in the bodies performing

inspection
• Contains requirements for the competence,
impartiality and consistent operation of inspection
bodies.
Purpose of • Specifies how an Inspection body should perform
assessments with the objective of providing
ISO/IEC information about the conformity of inspected items
with regulations, standards, specifications, inspection
17020 schemes or contracts.
• Specifies the competence of inspectors as many types
of inspection involve professional judgement to
determine acceptability against general requirements.
• Categorizes inspection bodies as type A, B or C which
is a measure of their independence

41
Purpose of ISO/IEC 17020

 Inspection can be an activity embedded in a larger process. For example,

inspection can be used as a surveillance activity in a product certification
scheme.
 Demonstrable independence of an inspection body can strengthen the
confidence of the inspection body's clients with respect to the body's ability to
carry out inspection work with impartiality.
 Inspection covers activities such as examination of materials, products,
installations, plants, processes, work procedures or services.
 Unlike others forms of conformity assessment the performing the assessment
(the inspector) makes the decision on conformity.

ISO/IEC 17024

28

42
ISO/IEC 17024:
Conformity Assessment –
General requirements for
bodies operating
certification of persons

Purpose of ISO/IEC 17024

 Standard for certification of persons.

 Official Title – General requirements for bodies operating certification of
persons
 Introduction – “. . . Has been drawn up with the objective of achieving and
promoting a globally accepted benchmark for organizations operating
certification of persons”
 Introduction – “. . .This international standard should be the basis for the
recognition of the certification bodies and their certification schemes, in
order to facilitate their acceptance at the national and international levels.”

43
Purpose of ISO/IEC 17024

 Achieve and promote a globally accepted benchmark for organizations

managing the certification of persons
 Create confidence in certification through globally accepted processes of
assessment, subsequent surveillance and periodic re-assessment
 Harmonize a system to develop and maintain certification programs
 Establish an environment for mutual recognition and global exchange of
personnel

• Unique in that it contains requirements for schemes

(clause 8)
• Certification of persons rather that personnel
certifications.

Some • Contains requirements around the provision of training

as this is considered a threat to impartiality.
comments Independence of training activities from certification
• Distinguishes between examiners, exam
on ISO/IEC administrators and invigilators

17024 • Contains requirements on security and the need to

have policies on this.
• Surveillance is if applicable
• Scheme reviewed and validated on an on-going basis
• Principles in the annex

44
 ISO/IEC 17025

33

ISO/IEC 17025:
General requirements for
the competence of testing
and calibration
laboratories

45
Purpose of ISO/IEC 17025

Provide framework for laboratories to demonstrate competence and

impartiality
Provide basis to harmonize a system to develop and maintain confidence in
the competence of laboratories and consistent generation of reliable results
Establish an environment for mutual recognition and global exchange of
results from laboratories

Purpose of ISO/IEC 17025

Scope: ….’specifies the general requirements for the competence,

impartiality and consistent operation of laboratories.’ Also addresses use
of the standard: ….’Laboratory customers, regulatory authorities, organizations
and schemes using peer-assessment, accreditation bodies, and others use
this document in confirming or recognizing the competence of laboratories.’

Definition for laboratory:…body that performs one or more of the following

activities:
- testing;
- calibration;
- sampling, associated with subsequent testing or calibration

46
 • From the Foreword of ISO/IEC 17025:2017:
• the risk-based thinking applied in this
edition has enabled some reduction in
prescriptive requirements and their
Other Main replacement by performance-based
requirements;
changes • there is greater flexibility than in the
previous edition in the requirements for
processes, procedures, documented
information and organizational
responsibilities;

• Defined range of activities for laboratory

• Excludes externally provided laboratory
activities on an ongoing basis
• Emphasis on “Impartiality” vs. “Independence”
• Process orientation
Other Main • Information Technology: Risks, data integrity,
confidentiality, validation of software,
changes (2) considering electronic documents
• Metrological traceability
• Decision Rules for statements of conformity
(pass/fail)
• Management system options A or B

47
 ISO/IEC 17029

39

ISO/IEC 17029:
Conformity Assessment –
General principles and
requirements for
validation and verification
bodies

48
Purpose of ISO/IEC 17029

Standard for validation and verification bodies – covering 1st, 2nd and 3rd party
assessment
Validation and verification as conformity assessment are understood to be a
confirmation of reliability of information contained in claims. Other terms in use
for the object of assessment by validation/verification are statement,
declaration, assertion, prediction or report
Validation is applied to claims regarding an intended use or projected effect
(confirmation of plausibility), while verification is applied to claims regarding
events that have already occurred or results that have already been obtained
(confirmation of truthfulness)...”

Purpose of ISO/IEC 17029

A programme for validation/verification is needed.

The document specifies definitions, principles, rules, processes, and
requirements for validation/verification process steps and competence of
validators/verifiers.
Programmes can be legal frameworks, international, regional or national
standards, global initiatives, sector applications as well as individual
agreements with clients of the validation/verification body’

49
Validation/verification as conformity assessment

Differentiation from each other:

 validation – confirmation of a claim through the provision of
objective evidence, that the requirements for a specific intended
future use or application have been fulfilled (confirmation of
plausibility)
occurance of
the claimed

claim

Validation/verification as conformity assessment

Differentiation from each other:

 verification – confirmation of a claim through the provision of
objective evidence, that specified requirements have been
fulfilled (confirmation of truthfulness)
occurance of
the claimed

claim

50
Purpose of ISO/IEC 17029

Assurance is provided and gives confidence to stakeholders and parties

interested in the claim. The programme can define levels of assurance, e.g. a
reasonable or limited level of assurance’
By defining validation/verification as confirmation, these activities are
differentiated from other CASCO tools as neither resulting in a characterisation
(testing) nor providing examination (inspection) or an attestation of conformity
for a defined period (certification)’
It does not apply to situations where validation/verification activities are being
undertaken as steps within the process of testing (ISO/IEC 17025, ISO 15189),
inspection (ISO/IEC 17020) or certification (ISO/IEC 17021-1, ISO/IEC 17065).

Some statements on ISO/IEC 17029

• Follows the functional approach
• Decision on specified requirements issued as a validation/verification
statement
• Excluded are statements of conformity as a result of:
- another conformity assessment activity (SDoC)
- V&V steps which are essential parts of a defined process of another
assessment activity
• The object of conformity is a claim (statement, declaration report etc.)
• Validation and verification is one period in time
• It has the 4 eyes principle

51
Purpose of ISO/IEC 17029

Achieve and promote a globally accepted generic approach to validation and

verification of claims
Harmonize a system to develop and maintain validation or verification
programmes
Create confidence in validation and verification (be they 1st, 2nd or 3rd party) thru
globally accepted processes of selection, determination and review and
attestation (including a decision on issuing a validation/verification statement).
Create confidence that a claim conforms with the initially specified requirements,
whether they are general or detailed, and is free from material misstatements.
Establish an environment for mutual recognition of validation and verification
bodies

ISO/IEC 17065

48

52
ISO/IEC 17065:
Conformity Assessment –
Requirements for bodies
certifying products,
processes and services

Purpose of ISO/IEC 17065

Standard for Products, Processes, Services Certification

Introduction – “. . . The overall aim of certifying products, processes or

services is to give confidence to all interested parties that a product, process
or service fulfill specified requirements. The value of certification is the degree
of confidence and trust that is established by an impartial and competent
demonstration of fulfillment of specified requirements by a third party….”

53
Purpose of ISO/IEC 17065

Introduction – “. . .This international standard specifies requirements, the

observance of which is intended to ensure that certification bodies operate
certification schemes in a competent and impartial manner, thereby facilitating
the recognition of such bodies and the acceptance of certified products,
processes and services on a national and international basis and so furthering
international trade….”
Product certification is perhaps the most visible type of certification because it
is usually accompanied by a mark that is recognized and appreciated by
regulators, consumers and other stakeholders. It is therefore crucial ensuring
the reliability of these claims.

Purpose of ISO/IEC 17065

• It must not restrict the role of the scheme owners
• It must not set requirements for scheme owners
• It is for product, process and service
• Applicable to all types of CB’s simple to the complex
• Reflects the functional approach
• Annex B information on how to use the standards for process or service
• Certification scheme are a mandatory part of product certification

54
 53

55
 Session 4 –
Using
conformity
assessment by
regulators

ISO national workshop

Building confidence through conformity
assessment
22 August 2019, Bangkok - Thailand

Contents

 WTO TBT Agreement

 CA related articles in the WTO TBT Agreement
 Quality infrastructure and CA
 Buiding blocks of techncial regulaiton
 Examples on CA used in regulations

56
 WTO TBT Agreement

Scope of the WTO TBT Agreement

WTO TBT Agreement is applicable to

1.3 All products, including industrial and agricultural products,

shall be subject to the provisions of this Agreement.

WTO TBT Agreement is not applicable to

1.5 The provisions of this Agreement do not apply to sanitary and

phytosanitary measures as defined in Annex A of the Agreement
on the Application of Sanitary and Phytosanitary Measures.

57
WTO TBT Agreement – 5 Principles

 Most Favoured Nation principle

 The same treatment given to imports from all WTO Member States.

 National Treatment principle

 Imported and domestic products treated the same.

 Sham principle
 No disguised trade barriers.

 Least-Restrictive-Means principle
 Technical Regulations should minimize restrictions to trade.

 Transparency principle
 WTO members can comment on Draft Standards and Technical Regulations.

What is a
TBT
measure?

58
 CA related articles in the WTO TBT
Agreement

Conformity assessment procedure

A conformity assessment procedure is defined as…

“Any procedure used, directly or indirectly, to determine that relevant

requirements in technical regulations or standards are fulfilled.”

Explanatory Note: “Procedures for sampling, testing, and inspection; evaluation,

verification and assurance of conformity; registration, accreditation or approval
as well as their combinations.”
Source: Annex 1 of the WTO TBT agreement

59
Articles 5 to 9 – Conformity Assessment

 The results of conformity assessment procedures from other members

should be accepted, even when they differ from your own, provided that:
 they give assurance of conformity to the technical regulation or standard,
 the competence of the conformity assessment body can be shown.
 Members are encouraged to conclude mutual recognition agreements.
 Members are encouraged to permit participation of conformity assessment
bodies in the country of origin.
 International systems for conformity assessment should be adopted and
used.

Article 10 – Information

 A National Enquiry Point(s) has/have to be established to provide information

and documents regarding:
 technical regulations adopted or proposed,
 standards adopted or proposed,
 conformity assessment procedures adopted or proposed,
 membership of international or regional standardizing bodies and
conformity assessment systems, including any bi- or multi-lateral
arrangements.

60
Article 11 – Technical assistance

 Developing countries can prevail upon developed countries to provide

assistance regarding the establishment of standardization bodies, regulatory
bodies and conformity assessment bodies.
 Developed countries shall grant assistance to producers in developing
countries to access government and non-government conformity assessment
systems.

Quality infrastructure and CA

12

61
Quality Infrastructure: a definition

 The system comprising the organizations (public and private) together with the
policies, relevant legal and regulatory framework, and practices needed to support
and enhance the quality, safety and environmental soundness of goods, services
and processes.
 The quality infrastructure is required for the effective operation of domestic markets,
and its international recognition is important to enable access to foreign markets. It
is a critical element in promoting and sustaining economic development, as well as
environmental and social wellbeing.
It relies on:
metrology, standardization, accreditation, conformity assessment, and market
surveillance.

Source: DCMAS (2017)

National Quality Infrastructure

Definition of units National Metrology 
National Standards Body
Institute
(as required in standards)

Calibration of 
Accreditation body National Accreditation 
reference/working 
Body
standards measurement standards

Certification body  Inspection body  Testing  Calibration 

standards standards laboratory  laboratory 
standards standards

Calibration 
Certification Bodies Inspection Bodies Testing Laboratories
Laboratories

Standards for 
products, 
processes and  Inspection report Calibration 
Certification Test report
systems certificate
ENTERPRISES

Market surveillance
Standards for 
technical  PRODUCTS AND SERVICES
regulations

AUTHORITIES, CONSUMERS AND GENERAL PUBLIC

Source: World Bank 
14

62
Conformity assessment and trade costs

CAP is the first

burdensome NTMs
faced by both agri-food
and manufacturing
exporters

Conformity assessment and trade costs

Product certification and

testing represent
80% of CAP obstacles

63
Balancing costs and benefits

 Choice and design of CAPs involves trade off between:

 Costs to suppliers (administrative, compliance, information)
 Benefits of preventing non-compliant products form reaching the
market (risk)
 Guiding principle: analysis of choice and design of CAPs should be aligned
with the risk posed by the product/sector:
 High risk product = stricter CAP
 Low risk product = less strict CAP

Buiding blocks of techncial

regulaiton

18

64
Technical Regulation Building Blocks

Impact -Self regulation

Policy Assessment
-Awareness
-Education

Technical Regulation

Product/Process Administrative
Characteristics Legislation Procedures

Technical Conformity
Regulatory Authority Sanctions
Requirements Assessment

Outputs from conformity assessment

Functional
Party performing conformity assessment
Conformity approach
Conformity
assessmen Selection, Surveillance
assessment Outputs
t standard Determination, (when needed) b
activity First party Second party a Third party
Review and
Attestation Stages
Certification
ISO/IEC
of management    Certificate
17021-1
systems
Certification
of products, ISO/IEC
   Certificate
processes and 17065
services
Certification ISO/IEC
   Certificate
of persons 17024
ISO/IEC
Inspection     Report
17020
Statement
Validation and ISO/IEC
    or
verification 17029
a Claim
ISO/IEC
Testing     Report
17025
Supplier's
ISO/IEC
declaration   Declaration
17050
of conformity
a
At present, ISO and IEC do not have specific International Standards or Guides for second-party conformity assessment systems. Second-party conformity
assessment systems can be developed to rely on first-party declarations, third-party attestations and certification, or second-party acceptance criteria.
b
Surveillance is part of the conformity assessment system and not an external market surveillance activity.

65
 Examples on CA used in regulations

21

Toys safety in Brazil

 All toys placed on the Brazilian market must be certified by an accredited

certification body.
 The toy safety certification process can use different certification systems that
comprise specific technical regulations:
1. MERCOSUR Standard on Toy Safety NM 300:2002, Parts 1-6;
2. NM 300 – 1:2002, Safety of Toys, Part 1: General, mechanical and physical
properties, which are based on ISO 8124-1:2000;
3. NM 300 – 2:2002, Safety of toys, Part 2: Flammability, with normative references to
ISO 2431:1993;
4. NM 300-4:2002, Safety of toys Part 4: Experimental sets for chemistry and related
activities, with normative references to ISO 8317:1989- Child – resistant packaging;
5. Additional requirements or methodologies such as the one to approve the
Procedure for Certification of Toys and toxicological testing.

66
Fire Safety in Singapore

 The Singapore Civil Defence Force (SCDF) regulates fire safety products in
Singapore through a Product Listing Scheme (PLS) which was implemented
in 1998.
 The scheme ensures that fire safety products conform to safety, reliability and
performance standards.
 Since 15 Apr 2008, Certification Bodies (CBs) based in Singapore have to be
accredited by the Singapore Accreditation Council (SAC) or any SAC
Multilateral Recognition Arrangement (MLA) partners for product certification
of regulated fire safety products before they are accepted by SCDF.

Steel and steel products in India

 The Indian Directorate General of Foreign Trade has relaxed its import rules
of steel and steel products, and will rely on the ILAC and IAF arrangements
to maintain quality assurance.
 Quality certification should be either from a product certification body (ISO
Guide 65/ISO 17065) accredited by an IAF MLA signatory, or from an ISO
17020 inspection body accredited by an ILAC Signatory.

67
Resources

https://www.iso.org/sites/casc
oregulators/05_examples.html

26

68