The certification process

What is accredited certification?

Having a certified management system supports your journey towards business improvement. It is also often used as a term of contract. But what is accredited certification and how does the certification process work?

What is accreditation? 

Accreditation verifies the certification body/registrar’s competence. To fulfill the accreditation criteria, an accrediting authority assesses the certification body/registrar to verify that the certification body/registrar complies with existing requirements. This is the authorities’ way of auditing the auditors, such as certification bodies like DNV  GL - Business Assurance.

What is third party accredited certification? 

Accredited certification of management systems is used to demonstrate compliance to a standard. Third party certification bodies/registrars provide auditing services to companies that wish to obtain certification to specific standards.

Risk Based Certification™ - the Journey

Risk Based Certification is our exclusive approach to all management system certification. Knowing where to focus improvement efforts is critical to being in control of risk elements that can threaten your business success. With our Risk Based Certification approach, the certification process is tailored to evaluate your select business risks and provides a tool for an improvement journey. 

You provide input on what operational processes are most crucial to your business success. We evaluate how you perform in these focus areas and help identify where to concentrate improvement efforts, while also checking compliance with elected standards. The outcome is still a certificate, if the management system is found compliant. Additionally, an evaluation of your performance in the focus areas is generated.

How do I become certified by DNV GL? 

A successful management system is one that is improved on a continual basis. Both your management system and certificate have to be maintained. Therefore, accredited certification consists of two stages: The initial certification, and maintenance of the certificate thereafter. We apply our Risk Based Certification approach to both stages.

Initial certification

1. Input dialogue

To tailor the audit, we need to know what is important to your organisation. We have to get a clear understanding of your business strategy and conditions that affect your ability to reach said strategy. Subsequently 1-3 focus areas on which the audit will focus are identified. The focus areas should be linked to the management system and reflect the risks or opportunities that are most important to you. Agreeing on focus areas is a collaborative effort, and our auditors can help suggest focus areas if necessary. Top management should be involved at this stage.

2. Documentation review 

Our lead auditor evaluates your management system documentation. The documentation review report summarizes any findings from this process.

The report indicates if your organisation is ready to proceed with the certification audit. The documentation review can be performed prior to or conducted as part of the initial visit.

3.  Initial visit

Before the actual certification audit, we will normally make a preliminary visit to your organisation. The initial visit can be combined with the documentation review. The purpose of the initial visit is twofold:

  • To check your readiness for the certification audit, i.e. to review your manual, check procedures, to see your facilities, and briefly check the implementation of your management system.
  • To review focus area input and agree on one to three particular focus areas upon which the audit will focus.

Based on this, the scope and audit plan are agreed upon.

4. Certification audit 

The certification audit consists of informal interviews, examinations, observations of the system in operation and review of relevant documentation. During this process, we assess your management system’s degree of compliance with the requirements of the elected standard and performance in identified focus areas. When found compliant, we issue the certificate. Findings, including non-conformities, and conclusions are presented at the end of the audit in a closing meeting and included in the audit report. After the audit you need to address and respond to non-conformities within an agreed deadline.

5. Certification decision and issuance of certificate

Our lead auditor will verify that you have properly addressed the nonconformities. Based on a positive outcome, he/she will recommend certification. The certification decision is taken after an independent DNV GL internal review. Following a positive decision you will receive the certificate shortly thereafter.

Maintenance of certificate

At this stage you have completed the initial certification and can move on to maintenance of your certification.

The scope of certification may need to be changed during the 3 year certification cycle. In case of expanding the scope the process will restart at section 2 with a documentation review (if needed) and will further follow the normal process from section 4 with a (scope extension) certification audit.

6. Periodic audits

Each issued certificate has a three-year life period. Upon certification, we will create a periodic audit schedule for regular audits over the three-year period. These audits confirm your company’s on-going compliance with specified requirements of the standard while re-evaluating performance in focus areas. At least one periodic audit per year is required.

7. Re-certification audit 

After the three years are up, your certification will be extended through a re-certification audit.

Suspension or withdrawal of certificates

What happens if an organisation fails to maintain their management system and certification?

DNV GL - Business Assurance has a transparent procedure for suspension or withdrawal of certificates. This is applicable in situations where an organisation persistently and seriously fails to maintain compliance with the management system standard or due to other situations, as defined in the procedure for suspension and withdrawal of certificates.

Who makes the certification decision?

The scope of certification is agreed at an early stage in the certification process. The scope of certification may however need to be expanded or reduced due to factors such as acquisitions, downsizing, adding new divisions etc.

The decision to grant initial certification, renew certification or to expand or reduce the scope of certification, is made by competent and authorized personnel in DNV GL who are different from those carrying out the audit. This decision is made based on a review of the certification process and associated documentation.

Similar review also applies in cases of suspending or restoring certification or withdrawing the certification.

How we can help you?

Contact us