1. Purpose

The purpose of this document is to explain the certification process followed by Essential Standardization Institution (ESI) for organizations seeking management system certification.
The process is aligned with ISO/IEC 17021 and other applicable international standards governing certification bodies.

This guide also provides visibility into key certification and supporting back-office activities to ensure transparency and confidence for applicant organizations.

2. Scope

This procedure applies to all Management System Certification services provided by ESI, including initial certification, surveillance, re-certification, transfer, and special audits.

3. Key Definitions

• Certification Audit – Independent audit conducted by ESI to assess conformity of an organization’s management system.
• Impartiality – Objective and unbiased decision-making without conflict of interest.
• Client – Organization applying for or holding certification from ESI.
• Auditor – Qualified professional who performs the audit.
• Technical Expert – Specialist providing sector-specific knowledge to the audit team.
• Competence – Demonstrated ability to apply skills and knowledge effectively.

4. Reference Standards

• ISO/IEC 17021-1:2015 (Clauses 9.1 – 9.6)

5. Pre-Certification Activities

5.1 Application

• ESI offers certification services to legally registered organizations worldwide.
• Applicants must submit a Request for Quotation (RFQ) with details including:
  • Organization name & country
  • Contact person details
  • Management system standard(s)
  • Scope of certification
  • Number of employees & sites
  • Existing certification status (if applicable)
  • Consultancy involvement (if any)
• ESI may request additional information before proceeding.

Pre-conditions for application

• Management system implemented for minimum 3 months
• At least one internal audit & management review completed

5.2 Application Review

ESI reviews the application to ensure:

• Adequate information is available for audit planning
• Scope and certification requirements are clearly understood
• ESI has appropriate competence and resources
• Impartiality risks, language, safety, and site conditions are addressed

5.3 Application Decision

Based on review:

• Application may be accepted or declined
• Reasons for rejection (if any) are documented and communicated
• Audit team competence requirements are identified

5.4 Audit Programme Development

ESI prepares a 3-year audit programme covering:

• Stage 1 Audit
• Stage 2 Audit
• Surveillance Audits
• Re-certification Audit

Audit time & sampling

• Audit duration is calculated as per documented methodology
• Multi-site sampling (where permitted) is justified and documented

5.5 Quotation & Agreement

• A detailed quotation is issued covering audit scope and costs
• Upon acceptance, a Certification Agreement is shared
• Certification proceeds only after agreement acceptance

5.6 Readiness Review (Gap Assessment)

• Conducted before initial certification audit
• Confirms implementation maturity
• Helps avoid major issues during Stage 2
• Audit may be postponed if gaps are significant

6. Certification Audit Activities

6.1 Audit Scope & Objectives

ESI defines audit objectives, scope, and criteria in consultation with the client.
Clients must inform ESI of any major organizational or system changes during the certification cycle.

6.2 Audit Team Selection

• Audit team selected based on competence & impartiality
• Client is informed in advance and may raise justified objections
• Confidentiality of client information is strictly maintained

6.3 Audit Planning

• Detailed audit plan shared minimum 7 working days in advance
• Includes audit scope, objectives, sites, timelines, and responsibilities
• Audit dates finalized with client consent

6.4 Certification Audits

Stage 1 Audit

Focuses on:

• Management system documentation review
• Readiness for Stage 2
• Legal & regulatory understanding
• Internal audit & management review verification

Outcome

• Proceed to Stage 2
• Follow-up audit required
  (Maximum gap between Stage 1 & Stage 2: 90 days)

Stage 2 Audit

Focuses on:

• Effective implementation of management system
• Legal compliance
• Operational controls
• Performance monitoring
• Internal audit & management review effectiveness

Possible Outcomes

• Recommendation for certification
• Follow-up / limited re-audit
• No recommendation (re-audit required)

6.5 Audit Reporting

• Formal audit report issued for every audit
• Includes findings, non-conformities, conclusions, and recommendations
• Audit is based on sampling methodology

7. Certification Decision

• Certification decision made by independent decision committee
• Committee members are separate from the audit team
• Certificate validity:
  • 3-year certification cycle
  • Certificate issued annually, maintained via surveillance audits

8. Certificate Issuance Criteria

Certificate is issued only after:

• Closure of all non-conformities
• Payment of applicable fees
• Approval of audit reports
• Completion of surveillance obligations

9. Suspension, Withdrawal & Termination

Suspension

May occur due to:

• Failure in surveillance audits
• Non-payment of fees
• Misuse of certification marks
• Significant system non-conformity

Withdrawal

Occurs if:

• Suspension reasons are not resolved
• Continued misuse of certification
• Repeated audit failures
• Client request or insolvency

Partial / Complete Termination

Applied in cases of:

• Scope misuse
• Refusal of audits
• Certification expiry without re-certification
• Misrepresentation of certification status

---

10. Certification MaintenanceSurveillance Audits

• Conducted annually
• Ensures continued compliance
• Non-conformities must be closed within defined timelines

Re-Certification Audit

• Conducted before certificate expiry
• Confirms long-term system effectiveness
• May be single or two-stage audit

Special Audits

• Scope expansion
• Short-notice audits (complaints, major changes, risk indicators)
• Transfer of certification from another certification body