KPMG Certification CVBA conduct audits according to ISO/IEC 17021:2015 which includes application, planning, initial certification and certification maintenance phases.
The client shall determine the desired scope of the audit and supply the relevant requested information, KPMG Certification CVBA shall determine whether the management system is auditable. KPMG Certification CVBA will develop a detailed audit programme to outline the activities required to determine the management system’s conformity to the certification standard. The audit programme includes an initial certification, surveillance audits in the first and second years following an initial certification decision and a recertification audit in the third year prior to expiration. The first surveillance audit shall be conducted no later than 12 months following the initial certification and will be conducted once a year excluding recertification years.
KPMG Certification CVBA will determine the time required for the audit, based on a number of factors such as complexity of the management system, prior audit results, regulatory context, the size and number of client sites and any risks of the organisation’s products or processes. KPMG Certification CVBA will establish the audit scope, criteria and objectives after discussion with the client. The audit objectives will include the determination of the conformity of the client’s management system with audit criteria and the audit scope will define the extent and the boundaries of the audit. Resourcing for the audit team will be determined by KPMG Certification CVBA and will be impartial and have the competence required to achieve the objectives of the audit.
KPMG Certification CVBA will draw up an audit plan which is appropriate for the objectives and scope of the audit. An agenda will be agreed and communicated for the audit. An initial certification is composed of two stages – stage 1 and stage 2. Stage 1 is a review and evaluation of the management system and documentation, this stage also allows KPMG Certification CVBA to obtain necessary information such as the levels of controls established. This allows KPMG Certification CVBA to raise any concerns for particular areas relevant for the audit. The stage 2 audit is an onsite audit to evaluate the implementation and effectiveness of the management system. Any audit findings will be reviewed against the audit objectives and criteria and conclusions from the audit conclusions will be agreed upon by the audit team. A written report from the audit will be provided to the client, opportunities for improvement will be identified but specific solutions will not be recommended.