一带一路认可发展研讨会

“一带一路”认可发展研讨会TheBeltandRoadAccreditationDevelopmentWorkshop2017.9BeijingISO/IEC17021-1:2015Conformityassessment

—RequirementsforbodiesprovidingauditandcertificationofmanagementsystemsPart1:RequirementsISO/IEC17021-1Conformityassessment

—Requirementsforbodiesprovidingauditandcertificationofmanagementsystems

—Part1:Requirements17021-2 Environmentalmanagementsystem17021-3 Qualitymanagementsystem17021-4 Eventsustainabilitymanagement17021-5 Assetmanagementsystem17021-6 Businesscontinuitymanagementsystem17021-7 Roadtrafficsafetymanagementsystem17021-9 Anti-briberymanagementsystems17021-10 OccupationalhealthandsafetymanagementsystemISO/IEC27006ISMSCBISOTS22003FSMSCBISO50003EnMSCBISO28003SupplyChainSecurityMSCB1ScopeThispartofISO/IEC17021containsprinciplesandrequirementsforthecompetence,consistencyandimpartialityofbodiesprovidingauditandcertificationofalltypesofmanagementsystems.CertificationbodiesoperatingtothispartofISO/IEC17021donotneedtoofferalltypesofmanagementsystemcertification.Certificationofmanagementsystemsisathird-partyconformityassessmentactivity(seeISO/IEC17000:2004,5.5)andbodiesperformingthisactivityarethereforethird-partyconformityassessmentbodies.NOTE1Examplesofmanagementsystemsincludeenvironmentalmanagementsystems,qualitymanagementsystemsandinformationsecuritymanagementsystems.NOTE2InthispartofISO/IEC17021,certificationofmanagementsystemsisreferredtoas“certification”andthird-partyconformityassessmentbodiesarereferredtoas“certificationbodies”.NOTE3Acertificationbodycanbenon-governmentalorgovernmental,withorwithoutregulatoryauthority.NOTE4ThispartofISO/IEC17021canbeusedasacriteriadocumentforaccreditation,peerassessmentorotherauditprocesses.2NormativereferencesThefollowingdocuments,inwholeorinpart,arenormativelyreferencedinthisdocumentandareindispensableforitsapplication.Fordatedreferences,onlytheeditioncitedapplies.Forundatedreferences,thelatesteditionofthereferenceddocument(includinganyamendments)applies.ISO9000,Qualitymanagementsystems—FundamentalsandvocabularyISO/IEC17000,Conformityassessment—Vocabularyandgeneralprinciples3TermsanddefinitionsForthepurposesofthisdocument,thetermsanddefinitionsgiveninISO9000,ISO/IEC17000andthefollowingapply.3.1certifiedclientorganizationwhosemanagementsystemhasbeencertified3.2impartialitypresenceofobjectivityNote1toentry:Objectivitymeansthatconflictsofinterestdonotexist,orareresolvedsoasnottoadverselyinfluencesubsequentactivitiesofthecertificationbody.Note2toentry:Othertermsthatareusefulinconveyingtheelementofimpartialityinclude“independence”,“freedomfromconflictofinterests”,“freedomfrombias”,“lackofprejudice”,“neutrality”,“fairness”,“openmindedness”,“even-handedness”,“detachment”,“balance”.3.3managementsystemconsultancyparticipationinestablishing,implementingormaintainingamanagementsystemEXAMPLE1Preparingorproducingmanualsorprocedures.EXAMPLE2Givingspecificadvice,instructionsorsolutionstowardsthedevelopmentandimplementationofamanagementsystem.Note1toentry:Arrangingtrainingandparticipatingasatrainerisnotconsideredconsultancy,providedthat,wherethecourserelatestomanagementsystemsorauditing,itisconfinedtotheprovisionofgenericinformation;i.e.thetrainershouldnotprovideclient-specificsolutions.Note2toentry:Theprovisionofgenericinformation,butnotclientspecificsolutionsfortheimprovementofprocessesorsystems,isnotconsideredtobeconsultancy.Suchinformationmayinclude:—explainingthemeaningandintentionofcertificationcriteria;—identifyingimprovementopportunities;—explainingassociatedtheories,methodologies,techniquesortools;—sharingnon-confidentialinformationonrelatedbestpractices;—othermanagementaspectsthatarenotcoveredbythemanagementsystembeingaudited.3.4certificationauditauditcarriedoutbyanauditingorganizationindependentoftheclientandthepartiesthatrelyoncertification,forthepurposeofcertifyingtheclient’smanagementsystemNote1toentry:Inthedefinitionswhichfollow,theterm“audit”hasbeenusedforsimplicitytorefertothirdpartycertificationaudit.Note2toentry:Certificationauditsincludeinitial,surveillance,re-certificationaudits,andcanalsoincludespecialaudits.Note3toentry:Certificationauditsaretypicallyconductedbyauditteamsofthosebodiesprovidingcertificationofconformitytotherequirementsofmanagementsystemstandards.Note4toentry:Ajointauditiswhentwoormoreauditingorganizationscooperatetoauditasingleclient.Note5toentry:Acombinedauditiswhenaclientisbeingauditedagainsttherequirementsoftwoormoremanagementsystemsstandardstogether.Note6toentry:Anintegratedauditiswhenaclienthasintegratedtheapplicationofrequirementsoftwoormoremanagementsystemsstandardsintoasinglemanagementsystemandisbeingauditedagainstmorethanonestandard.3.5clientorganizationwhosemanagementsystemisbeingauditedforcertificationpurposes3.6auditorpersonwhoconductsanaudit3.7competenceabilitytoapplyknowledgeandskillstoachieveintendedresults3.8guidepersonappointedbytheclienttoassisttheauditteam3.9observerpersonwhoaccompaniestheauditteambutdoesnotaudit3.10technicalareaareacharacterizedbycommonalitiesofprocessesrelevanttoaspecifictypeofmanagementsystemanditsintendedresultsNote1toentry:SeeNoteto7.1.2.3.11nonconformitynon-fulfilmentofarequirement3.12majornonconformitynonconformity(3.11)thataffectsthecapabilityofthemanagementsystemtoachievetheintendedresultsNote1toentry:Nonconformitiescouldbeclassifiedasmajorinthefollowingcircumstances:—ifthereisasignificantdoubtthateffectiveprocesscontrolisinplace,orthatproductsorserviceswillmeetspecifiedrequirements;—anumberofminornonconformitiesassociatedwiththesamerequirementorissuecoulddemonstrateasystemicfailureandthusconstituteamajornonconformity.3.13minornonconformitynonconformity(3.11)thatdoesnotaffectthecapabilityofthemanagementsystemtoachievetheintendedresults3.14technicalexpertpersonwhoprovidesspecificknowledgeorexpertisetotheauditteamNote1toentry:Specificknowledgeorexpertiseisthatwhichrelatestotheorganization,theprocessoractivitytobeaudited.3.15certificationschemeconformityassessmentsystemrelatedtomanagementsystemstowhichthesamespecifiedrequirements,specificrulesandproceduresapply3.16audittimetimeneededtoplanandaccomplishacompleteandeffectiveauditoftheclientorganization’smanagementsystem3.17durationofmanagementsystemcertificationauditspartofaudittime(3.16)spentconductingauditactivitiesfromtheopeningmeetingtotheclosingmeeting,inclusiveNote1toentry:Auditactivitiesnormallyinclude:—conductingtheopeningmeeting;—performingdocumentreviewwhileconductingtheaudit;—communicatingduringtheaudit;—assigningrolesandresponsibilitiesofguidesandobservers;—collectingandverifyinginformation;—generatingauditfindings;—preparingauditconclusions;—conductingtheclosingmeeting.Varieduses“durationofthemanagementsystemaudit”(9.1.4.2;9.1.4.3;9.1.4.4)“durationofon-siteauditactivities”(9.2.3.2)4Principles4.1General4.1.1TheprinciplesdescribedinthisclauseprovidethebasisforthesubsequentspecificperformanceanddescriptiverequirementsinthispartofISO/IEC17021.ThispartofISO/IEC17021doesnotgivespecificrequirementsforallsituationsthatcanoccur.Theseprinciplesshouldbeappliedasguidanceforthedecisionsthatmayneedtobemadeforunanticipatedsituations.Principlesarenotrequirements.4.1.2

Theoverallaimofcertificationistogiveconfidencetoallpartiesthatamanagementsystemfulfilsspecifiedrequirements.Thevalueofcertificationisthedegreeofpublicconfidenceandtrustthatisestablishedbyanimpartialandcompetentassessmentbyathird-party.Partiesthathaveaninterestincertificationinclude,butarenotlimitedtoa)theclientsofthecertificationbodies;b)thecustomersoftheorganizationswhosemanagementsystemsarecertified;c)governmentalauthorities;d)non-governmentalorganizations;e)consumersandothermembersofthepublic.4.1.3Principlesforinspiringconfidenceinclude:—impartiality;—competence;—responsibility;—openness;—confidentiality;—responsivenesstocomplaints;—risk-basedapproach.NOTEThispartofISO/IEC17021setsouttheprinciplesofcertificationinClause4;thecorrespondingprinciplesrelatedtoauditingcanbefoundinISO19011:2011,Clause4.ISO19011:2011,Clause4Principlesofauditing—Integrity:thefoundationofprofessionalism—Fairpresentation:theobligationtoreporttruthfullyandaccurately—Dueprofessionalcare:theapplicationofdiligenceandjudgmentinauditing—Confidentiality:securityofinformation—Independence:thebasisfortheimpartialityoftheauditandobjectivityoftheauditconclusions—Evidence-basedapproach:therationalmethodforreachingreliableandreproducibleauditconclusionsinasystematicauditprocess4.2Impartiality4.2.1Beingimpartial,andbeingperceivedtobeimpartial,isnecessaryforacertificationbodytodelivercertificationthatprovidesconfidence.Itisimportantthatallinternalandexternalpersonnelareawareoftheneedforimpartiality.4.2.2Itisrecognizedthatthesourceofrevenueforacertificationbodyisitsclientpayingforcertification,andthatthisisapotentialthreattoimpartiality.4.2.3Toobtainandmaintainconfidence,itisessentialthatacertificationbody’sdecisionsbebasedonobjectiveevidenceofconformity(ornonconformity)obtainedbythecertificationbody,andthatitsdecisionsarenotinfluencedbyotherinterestsorbyotherparties.4.2.4Threatstoimpartialitymayincludebutarenotlimitedtothefollowing.a)Self-interest:threatsthatarisefromapersonorbodyactingintheirowninterest.Aconcernrelatedtocertification,asathreattoimpartiality,isfinancialself-interest.b)Self-review:threatsthatarisefromapersonorbodyreviewingtheworkdonebythemselves.Auditingthemanagementsystemsofaclienttowhomthecertificationbodyprovidedmanagementsystemsconsultancywouldbeaself-reviewthreat.c)Familiarity(ortrust):threatsthatarisefromapersonorbodybeingtoofamiliarwithortrustingofanotherpersoninsteadofseekingauditevidence.d)Intimidation:threatsthatarisefromapersonorbodyhavingaperceptionofbeingcoercedopenlyorsecretively,suchasathreattobereplacedorreportedtoasupervisor.4.3Competence4.3.1Competenceofthepersonnelofthecertificationbodyinallfunctionsinvolvedincertificationactivitiesisnecessarytodelivercertificationthatprovidesconfidence.4.3.2Thecompetencealsoneedstobesupportedbythemanagementsystemofthecertificationbody.4.3.3Itisakeyissueforthemanagementofthecertificationbodytohaveanimplementedprocessfortheestablishmentofcompetencecriteriaforthepersonnelinvolvedintheauditandothercertificationactivitiesandtoperformevaluationagainstthecriteria.4.4Responsibility4.4.1Thecertifiedclient,andnotthecertificationbody,hastheresponsibilityforconsistentlyachievingtheintendedresultsofimplementationofthemanagementsystemstandardandconformitywiththerequirementsforcertification.4.4.2Thecertificationbodyhastheresponsibilitytoassesssufficientobjectiveevidenceuponwhichtobaseacertificationdecision.Basedonauditconclusions,itmakesadecisiontograntcertificationifthereissufficientevidenceofconformity,ornottograntcertificationifthereisnotsufficientevidenceofconformity.NOTEAnyauditisbasedonsamplingwithinanorganization’smanagementsystemandthereforeisnotaguaranteeof100%conformitywithrequirements.4.5Openness4.5.1Acertificationbodyneedstoprovidepublicaccessto,ordisclosureof,appropriateandtimelyinformationaboutitsauditprocessandcertificationprocess,andaboutthecertificationstatus(i.e.thegranting,maintainingofcertification,expandingorreducingthescopeofcertification,renewing,suspendingorrestoring,orwithdrawingofcertification)ofanyorganization,inordertogainconfidenceintheintegrityandcredibilityofcertification.Opennessisaprincipleofaccessto,ordisclosureof,appropriateinformation.4.5.2Togainormaintainconfidenceincertification,acertificationbodyshouldprovideappropriateaccessto,ordisclosureof,non-confidentialinformationabouttheconclusionsofspecificaudits(e.g.auditsinresponsetocomplaints)tospecificinterestedparties.4.6ConfidentialityTogaintheprivilegedaccesstoinformationthatisneededforthecertificationbodytoassessconformitytorequirementsforcertificationadequately,itisessentialthatacertificationbodydoesnotdiscloseanyconfidentialinformation.4.7ResponsivenesstocomplaintsPartiesthatrelyoncertificationexpecttohavecomplaintsinvestigatedand,ifthesearefoundtobevalid,shouldhaveconfidencethatthesecomplaintswillbeappropriatelyaddressedandthatareasonableeffortwillbemadebythecertificationbodytoresolvethem.Effectiveresponsivenesstocomplaintsisanimportantmeansofprotectionforthecertificationbody,itsclientsandotherusersofcertificationagainsterrors,omissionsorunreasonablebehavior.Confidenceincertificationactivitiesissafeguardedwhencomplaintsareprocessedappropriately.NOTEAnappropriatebalancebetweentheprinciplesofopennessandconfidentiality,includingresponsivenesstocomplaints,isnecessaryinordertodemonstrateintegrityandcredibilitytoallusersofcertification.4.8Risk-basedapproachCertificationbodiesneedtotakeintoaccounttherisksassociatedwithprovidingcompetent,consistentandimpartialcertification.Risksmayinclude,butarenotlimitedto,thoseassociatedwith:—theobjectivesoftheaudit;—thesamplingusedintheauditprocess;—realandperceivedimpartiality;—legal,regulatoryandliabilityissues;—theclientorganizationbeingauditedanditsoperatingenvironment;—impactoftheauditontheclientanditsactivities;—healthandsafetyoftheauditteams;—perceptionofinterestedparties;—misleadingstatementsbythecertifiedclient;—useofmarks.5Generalrequirements5.1Legalandcontractualmatters5.1.1LegalresponsibilityThecertificationbodyshallbealegalentity,oradefinedpartofalegalentitythatcanbeheldlegallyresponsibleforallitscertificationactivities.Agovernmentalcertificationbodyisdeemedtobealegalentityonthebasisofitsgovernmentalstatus.5.1.2CertificationagreementThecertificationbodyshallhavealegallyenforceableagreementwitheachclientfortheprovisionofcertificationactivitiesinaccordancewiththerelevantrequirementsofthispartofISO/IEC17021.Inaddition,wheretherearemultipleofficesofacertificationbodyormultiplesitesofaclient,thecertificationbodyshallensurethereisalegallyenforceableagreementbetweenthecertificationbodygrantingcertificationandtheclientthatcoversallthesiteswithinthescopeofthecertification.NOTEAnagreementcanbeachievedthroughmultipleagreementsthatreferenceorotherwiselinktooneanother.5.1.3ResponsibilityforcertificationdecisionsThecertificationbodyshallberesponsiblefor,andshallretainauthorityfor,itsdecisionsrelatingtocertification,includingthegranting,refusing,maintainingofcertification,expandingorreducingthescopeofcertification,renewing,suspendingorrestoringfollowingsuspension,orwithdrawingofcertification.ServicesofferedbymanagementsystemCBNewapplicant: grantingorrefusingExistingclient:-maintaining,expanding,reducing,renewing-suspension,restoringaftersuspension,withdrawing5.2Managementofimpartiality5.2.1Conformityassessmentactivitiesshallbeundertakenimpartially.Thecertificationbodyshallberesponsiblefortheimpartialityofitsconformityassessmentactivitiesandshallnotallowcommercial,financialorotherpressurestocompromiseimpartiality.5.2.2Thecertificationbodyshallhavetopmanagementcommitmenttoimpartialityinmanagementsystemcertificationactivities.Thecertificationbodyshallhaveapolicythatitunderstandstheimportanceofimpartialityincarryingoutitsmanagementsystemcertificationactivities,managesconflictofinterestandensurestheobjectivityofitsmanagementsystemcertificationactivities.5.2Managementofimpartiality5.2.3Thecertificationbodyshallhaveaprocesstoidentify,analyse,evaluate,treat,monitor,anddocumenttherisksrelatedtoconflictofinterestsarisingfromprovisionofcertificationincludinganyconflictsarisingfromitsrelationshipsonanongoingbasis.Wherethereareanythreatstoimpartiality,thecertificationbodyshalldocumentanddemonstratehowiteliminatesorminimizessuchthreatsanddocumentanyresidualrisk.Thedemonstrationshallcoverallpotentialthreatsthatareidentified,whethertheyarisefromwithinthecertificationbodyorfromtheactivitiesofotherpersons,bodiesororganizations.Whenarelationshipposesanunacceptablethreattoimpartiality(suchasawhollyownedsubsidiaryofthecertificationbodyrequestingcertificationfromitsparent),thencertificationshallnotbeprovided.Topmanagementshallreviewanyresidualrisktodetermineifitiswithinthelevelofacceptablerisk.NOTE1Sourcesofthreatstoimpartialityofthecertificationbodycanbebasedonownership,governance,management,personnel,sharedresources,finances,contracts,training,marketingandpaymentofasalescommissionorotherinducementforthereferralofnewclients,etc.ResidualRisk:Theriskleftoverafteroriginalriskhasbeenreducedbyriskcontrols.Iftheresidualriskisstillunacceptable,thenriskmanagementprocessmustbeerepeateduntilitisreducedtoacceptablelevel,otherwisethecertificationshouldnotbeprovided.5.2Managementofimpartiality5.2.3Theriskassessmentprocessshallincludeidentificationofandconsultationwithappropriateinterestedpartiestoadviseonmattersaffectingimpartialityincludingopennessandpublicperception.Theconsultationwithappropriateinterestedpartiesshallbebalancedwithnosingleinterestpredominating.NOTE2Interestedpartiescanincludepersonnelandclientsofthecertificationbody,customersoforganizationswhosemanagementsystemsarecertified,representativesofindustrytradeassociations,representativesofgovernmentalregulatorybodiesorothergovernmentalservices,orrepresentativesofnon-governmentalorganizations,includingconsumerorganizations.NOTE3Onewayoffulfillingtheconsultationrequirementofthisclauseisbytheuseofacommitteeoftheseinterestedparties.5.2ManagementofimpartialityIfCABhasnotestablishedformalimpartialitycommittee,itmaybemorecomplicatedtodemonstratetheeffectivenessofthisprocess.IftheCABusesacommitteeofinterestedpartiestosatisfy5.2.3ABassessorscanseektoverifytheappropriatenessofconstitutionandeffectivenessoftheoperationofthecommitteeby:Checkingthecompositionof,theinterestsrepresentedbyandtheexpertisebroughttotheimpartialitycommittee(whennecessary);Verifyingtheobservanceofthedocumentedtermsofreferenceandrulesofprocedureandthewaythecommitteeachievesitstasksingeneral;ConsideringtheabilityoftheimpartialitycommitteetointerveneinatimelyfashioninresponsetothechangingneedsoftheCAB.Evaluatingtheadequacyandeffectivenessoftheoutputfromtheimpartialitycommittee.ConsideringthecontentandaccuracyoftheinformationfromtheCABtotheimpartialitycommittee,thisisexpectedtoincludemanagementreportsofCAB,resultsofexternalassessmentsandanyrecommendationsmadebytheAB.Assessorscouldcollectevidencesthrough:reviewingagendas,theminutesorotherdocumentsfromthemeetingsoftheimpartialitystructure;checkingtheparticipationatthemeetings(includingthepresenceoftechnicalorotherspecificexpertiseinthediscussions,wherenecessary),and/orhavingABrepresentativestakingpartinthemeetingasobservers.5.2ManagementofimpartialityIfCABoptsnottouseacommitteetosatisfytherequirementsonconsultationToconfirmeffectiveconsultation,assessorscouldlookforclearevidencesoftwowaycommunications,i.e.ononehanddocumentedinformationdemonstratingthatCABhasexplaineditsneedsforinputsfrominterestedpartiesonidentifyingandmanagingrisksrelatedtoimpartialityarisingfromprovisionofcertificationincludinganyconflictsarisingfromitsrelationshipsand,ontheotherhand,documentedinformationdemonstratingrelevantfeedbackfrominterestedpartiesonsuchissues.Inaddition,assessorsneedtoreviewtheidentificationofappropriateinterestedparties,e.g.whetherthepersonsreachedthroughconsultationcanactuallyrepresentrelevantpartiesandhavenecessarycompetenceinmattersrelatedtoe.g.riskassessment,managementsystemcertificationandgovernanceissues.Typicalexamplesofdocumentedinformationdemonstratingeffectivenessofthisprocesscouldberiskassessmentmatrixes,internalandexternalcommunications,correctiveactionrecords,orrelevantpersonalrecords.5.2Managementofimpartiality5.2.4Acertificationbodyshallnotcertifyanothercertificationbodyforitsqualitymanagementsystem.5.2.5Thecertificationbodyandanypartofthesamelegalentityandanyentityundertheorganizationalcontrolofthecertificationbody[see9.5.1.2,bulletb)]shallnotofferorprovidemanagementsystemconsultancy.Thisalsoappliestothatpartofgovernmentidentifiedasthecertificationbody.NOTEThisdoesnotprecludethepossibilityofexchangeofinformation(e.g.explanationoffindingsorclarificationofrequirements)betweenthecertificationbodyanditsclients.5.2.6Thecarryingoutofinternalauditsbythecertificationbodyandanypartofthesamelegalentitytoitscertifiedclientsisasignificantthreattoimpartiality.Therefore,thecertificationbodyandanypartofthesamelegalentityandanyentityundertheorganizationalcontrolofthecertificationbody[see9.5.1.2,bulletb)]shallnotofferorprovideinternalauditstoitscertifiedclients.Arecognizedmitigationofthisthreatisthatthecertificationbodyshallnotcertifyamanagementsystemonwhichitprovidedinternalauditsforaminimumoftwoyearsfollowingthecompletionoftheinternalaudits.NOTESeeNote1to5.2.3.5.2Managementofimpartiality5.2.7Whereaclienthasreceivedmanagementsystemsconsultancyfromabodythathasarelationshipwithacertificationbody,thisisasignificantthreattoimpartiality.Arecognizedmitigationofthisthreatisthatthecertificationbodyshallnotcertifythemanagementsystemforaminimumoftwoyearsfollowingtheendoftheconsultancy.NOTESeeNote1to5.2.3.5.2.8Thecertificationbodyshallnotoutsourceauditstoamanagementsystemconsultancyorganization,asthisposesanunacceptablethreattotheimpartialityofthecertificationbody(see7.5).Thisdoesnotapplytoindividualscontractedasauditorscoveredin7.3.5.2.9Thecertificationbody’sactivitiesshallnotbemarketedorofferedaslinkedwiththeactivitiesofanorganizationthatprovidesmanagementsystemconsultancy.Thecertificationbodyshalltakeactiontocorrectinappropriatelinksorstatementsbyanyconsultancyorganizationstatingorimplyingthatcertificationwouldbesimpler,easier,fasterorlessexpensiveifthecertificationbodywereused.Acertificationbodyshallnotstateorimplythatcertificationwouldbesimpler,easier,fasterorlessexpensiveifaspecifiedconsultancyorganizationwereused.5.2Managementofimpartiality5.2.10Inordertoensurethatthereisnoconflictofinterests,personnelwhohaveprovidedmanagementsystemconsultancy,includingthoseactinginamanagerialcapacity,shallnotbeusedbythecertificationbodytotakepartinanauditorothercertificationactivitiesiftheyhavebeeninvolvedinmanagementsystemconsultancytowardstheclient.Arecognizedmitigationofthisthreatisthatpersonnelshallnotbeusedforaminimumoftwoyearsfollowingtheendoftheconsultancy.5.2.11Thecertificationbodyshalltakeactiontorespondtoanythreatstoitsimpartialityarisingfromtheactionsofotherpersons,bodiesororganizations.5.2.12Allcertificationbodypersonnel,eitherinternalorexternal,orcommittees,whocouldinfluencethecertificationactivities,shallactimpartiallyandshallnotallowcommercial,financialorotherpressurestocompromiseimpartiality.5.2.13Certificationbodiesshallrequirepersonnel,internalandexternal,torevealanysituationknowntothemthatcanpresentthemorthecertificationbodywithaconflictofinterests.Certificationbodiesshallrecordandusethisinformationasinputtoidentifyingthreatstoimpartialityraisedbytheactivitiesofsuchpersonnelorbytheorganizationsthatemploythem,andshallnotusesuchpersonnel,internalorexternal,unlesstheycandemonstratethatthereisnoconflictofinterest.5.2Managementofimpartiality5.3Liabilityandfinancing5.3.1Thecertificationbodyshallbeabletode