ISO 17021

ISO 17021 is a series of standards that set out requirements for organizations who provide certificates of conformity to all types of management systems. These organizations are commonly referenced to as certification bodies (CBs) or registrars.

In particular, ISO/IEC 17021-1, Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 1: Requirements, sets out the general requirements and principles to be followed by third-party certification bodies.

The ISO 17021 standards are used by accreditation bodies (ABs) to assess the processes that certification bodies (CBs) have in place to ensure that they are impartial and the results of their assessments are consistent.

One of the key requirements set out in ISO 17021 is having processes in place to ensure that the CB personnel involved in the certification process are competent. These competence requirements are set out in discipline-specific annexes, including:

  • ISO/IEC 17021-2 for environmental management systems
  • ISO/IEC 17021-3 for quality management systems

The 2015 Changes to ISO 17021-1

The latest revision of ISO/IEC 17021-1 was published in June of 2015.

The majority of these third-party certification bodies are members of the International Accreditation Forum, Inc. (IAF).  The IAF has established a 2-year transition period for the organizations who are accredited pursuant to its certification scheme to meet the requirements set out in ISO/IEC 17021-1:2015 (click here for more information).

Several of these changes will impact organizations that are third-party certified.  They may also make third-party certification more expensive. Other changes will make it more difficult for an organization to change its certification body.

These changes in ISO 17021-1 include new requirements related to:

  • Addressing nonconformities and verification of corrective action
  • Timing of re-certification audits and the gathering of more information when a certificate is transferred to a different certification body
  • Taking into account shift work when performing audits
  • On-site auditing requirements when a registrar is providing certification to multiple management systems

For more information about the ISO 17021-1, click here.

Revision of ISO 17021-2 and ISO 17021-3

Both ISO 17021-2, Conformity assessment – Requirements for bodies providing audit and certification of management systems – Part 2: Competence requirements for auditing and certification of environmental management systems and ISO 17021-3, Conformity assessment – Requirements for bodies providing audit and certification of management systems – Part 3: Competence requirements for auditing and certification of quality management systems are in the process of being revised. A significant factor in both revisions is the impact of the new Annex SL language.

The Draft International Standard (DIS) of ISO 17021-2 was issued for comment on May 5, 2016 and the DIS of ISO 17021-3 was issued for comment on July 19, 2016. The comment period on both standards is now closed and revisions of both standards are expected to be published before the end of 2016.

Drafting of ISO 17021-10

ISO is currently in the process of drafting Part 10 of ISO 17021 which will define the competence requirements of OHS management system auditors (and other audit personnel).

The title of this standard is Conformity assessment — Requirements for bodies providing audit and certification of management systems — Part 10: Competence requirements for auditing and certification of occupational health and safety management systems.

This standard is being developed in parallel with the development of ISO 45001, Occupational health and safety management systems – Requirements with guidance for use. It is expected that ISO 17021-10 will be published at the same time as ISO 45001.

Last updated 9/20/2016


What is ISO 19011?

For more information about ISO 19011 and to download a FREE white paper on the revision of the standard, click here.