Surveillance Audit: Surveillance audits are on-site audits, but are not necessarily full system audits. Surveillance audits planned together with the other surveillance activities so that the certification body can maintain confidence that the certified management system continues to fulfill requirements between re-certification audits. The surveillance audits conducted at least once a year and the date of the first surveillance audit following initial certification shall not be more than 12 months from the last day of the stage 2 audit.
The Assigned team leader is responsible for conducting and managing the assessment along with other team member, if any. The Team Leader shall be of Auditor status as a minimum. As far as possible, same team should be sent for surveillance audit for the certification cycle. The team leader also ensures that any Technical Expert / Specialist are not allowed to function independently and are always accompanied by Auditor/ Lead Auditor.
The objective of surveillance audit is to:
ü Ensure that the client’s management system which was basis of grant of certificate has been maintained on continuous basis.
ü Verify and ensure that any changes to management system which might have taken place since last audit meet the requirement of the standard/ specification and implemented effectively
ü Ensure on-site audits assessing the certified client's management system's fulfillment of specified requirements with respect to the standard to which the certification is granted.
ü Ensure that the management system continues to be appropriate to the product/ process/ service offered by client, with the capability of managing and improving performance.
ü Assess continual improvement in client’s management systems
SISTEMA CERTS shall review the client file, specially the last audit report to make note of any issues to be followed up, including the non conformities and corrective action plan. Audit plan shall be sent to clients in advance so that they can seek any changes with respect to timing etc, if found inconvenient due to administrative reasons. Audit should be conducted (at least annually and it shall be ensured that the date of first surveillance audit shall not be more than 12 months from the last day of stage 2 audit.) as per Surveillance audit plan given in the last audit report but if there is any change due to any justified reasons, the same should be recorded in auditor notes and surveillance audit plan shall be updated in the report. During opening and closing meeting, the attendance record sheet is circulated for recording name and designation of the client representative present. Either each person can record their name & designation or one person can do so for all present. During each surveillance audit, client’s management systems shall be audited in adequate depth to ensure continued effectiveness of implemented system. All areas shall be audited at least once over a period of the certification cycle of three years however mandatory areas shall be audited every time. Following parameters are verified during each surveillance audit.
ü Additionally client’s statements with respect to its operations (e.g. promotional material, website). Also reviewed during each surveillance audit.
ü enquiries from the certification body to the certified client on aspects of certification,
ü requests to the client to provide documents and records (on paper or electronic media),
ü Other means of monitoring the certified client's performance.
ü Internal audits and management review.
ü A review of actions taken on nonconformities identified during the previous audit
ü Actions taken on customer complaints.
ü Effectiveness. Of the management system with regard to achieving the objectives
ü Progress of planned activities aimed at continual improvement.
ü Continuing operational control.
ü Review of any changes and use of CB & AB marks.
The corrective action taken on non-conformities identified during last audit should be verified for its effectiveness. If the corrective action taken is not satisfactory/ non taken, the severity of the minor NC shall be re-issued escalated to Major and client shall be advised accordingly. In such a case, further action would be taken. Non-conformity reporting, report preparation, report distribution, requirement of CAP (in case NC is raised) shall be similar to certification audit procedure. In case a major NC is identified, the team leader shall review to look for the possibility whether the corrective action taken can be verified off site (i.e. on site verification is not required). In such case the suitable recommendation shall be made in the report.