Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Principles for third-party certification bodies
   4.1 General
   4.2 Impartiality
   4.3 Competence
   4.4 Responsibility
   4.5 Openness
   4.6 Confidentiality
   4.7 Resolution of complaints
5 General requirements for management system certification
   bodies
   5.1 Legal and contractual matters
        5.1.1 Legal responsibility
        5.1.2 Certification agreement
        5.1.3 Responsibility for certification decisions
   5.2 Management of Impartiality
   5.3 Liability and financing
6 Structural requirements for management system certification
   bodies
   6.1 Organizational structure and top management
   6.2 Committee for safeguarding impartiality
7 Human resource requirements for management system certification
   bodies
   7.1 Competence of management and personnel
   7.2 Personnel involved in the certification process
   7.3 Use of individual external auditors and external technical
        experts
   7.4 Personnel records
   7.5 Outsourcing
8 Information requirements for management system certification
   bodies
   8.1 Publicly accessible information
   8.2 Certification documents
   8.3 Directory of certified clients
   8.4 Reference to certification and use of marks
   8.5 Confidentiality
   8.6 Information exchange between a certification body and its
        clients
        8.6.1 Information on the certification process and
               requirements
        8.6.2 Notice of changes by a certification body
        8.6.3 Notice of changes by a client
9 Process requirements for management system certification bodies
   9.1 General requirements applicable to any audit
   9.2 Initial audit and certification
        9.2.1 Application
        9.2.2 Application review
        9.2.3 Initial certification audit
        9.2.4 Initial certification audit reports
        9.2.5 Post-audit activities
        9.2.6 Initial certification decision granting or
               extending certification
   9.3 Surveillance activities
        9.3.1 Surveillance
        9.3.2 Surveillance audit
        9.3.2 Surveillance audit report
        9.3.4 Maintaining certification
   9.4 Recertification
        9.4.1 Recertification cycle
        9.4.2 Recertification audit plan
        9.4.3 Recertification audit
        9.4.4 Recertification audit report
        9.4.5 Recertification decision
   9.5 Special audits
   9.6 Suspending, withdrawing or reducing scope of certification
   9.7 Appeals
   9.8 Complaints
   9.9 Records on certified clients
10 Management system requirements for management system
   certification bodies
   10.1 General
   10.2 Quality manual
   10.3 Customer focus
   10.4 Management review
   10.5 Design and development
Annex A (normative) Stage 1 audit
Annex B (normative) Stage 2 audit
Annex C (informative) Auditor independence, impartiality and
        conflict of interest
        C.1 Scope
        C.2 Structure
        C.3 Threats to auditor independence
        C.4 Safeguards to auditor independence
        C.5 Assessing the level of independence risk
        C.6 Determining the acceptability of the level
             of independence risk
        C.7 Auditor independence - Organisational and
             structural issues
Annex D (normative) Correspondence between ISO 9001 and
        ISO/IEC 17021
Bibliography