First off, the term “self-certified” is a bit on an oxymoron since the term “certification” infers an evaluation by an outside organization. The ISO 9001, ISO 14001, and ISO 45001 allow organizations to demonstrate conformity using the following options:
- Option 1: making a self-determination and self-declaration
- Option 2: seeking confirmation of its conformity by parties having an interest in the organization, such as customers
- Option 3: seeking confirmation of its self-declaration by a party external to the organization
- ISO/IEC 17050 Supplier Declaration of Conformity: ISO/IEC 17050-1:2004 and ISO/IEC 17050-2:2004 give additional significance to a supplier’s declaration of conformity
- Option 4: seeking certification/registration of its management system by an external organization
For a management system to be considered certified, the certificate must be received from an independent, accredited certification body upon completion of an assessment against specific documented criteria. It’s possible to be certified by an unaccredited certification body, but these certificates may be of questionable value since they don’t carry the backing of an accreditation body.
It is important to understand that regardless of the method used to demonstrate conformance, the same management systems activities are required. So there it’s not less work to maintain a “Self-Declared” management system and no short cuts. We could argue the effectiveness of these processes but that’s for another article. Here are the requirements.
Option 1: making a self-determination and self-declaration
Just like it sounds, an organization implements the requirements of any of the standards (ISO 9001, ISO 14001, and ISO 45001) and “self-declares” that they have a conforming management system. ISO does not define any process by which this declaration is verified. However, the organization is stating they have implemented all requirements of the standard(s) and have ongoing processes to assess the conformance, performance, and effectiveness of their programs.
Option 2: seeking confirmation of its conformity by parties having an interest in the organization, such as customers
This option is mostly applicable to quality management (ISO 9001) programs. Here the organization has implemented a management system, self-declared their conformance and then had an “interested” party verify their conformance.
Option 3: seeking confirmation of its self-declaration by a party external to the organization
ISO/IEC 17050 has been developed with the objective of providing general requirements for a supplier’s declaration of conformity. It addresses one of the three types of attestation of conformity:
- Attestation undertaken by the first party – option 1.
- Second-party attestation
- Third-party attestation
Each of these three types is used in the market in order to increase confidence in the conformity of an object.
Option 4: seeking certification/registration of its management system by an external organization
This is the option selected by most organization choosing to implement and maintain a certified management system. They hire a 3rd party registration company that has been accredited to audit and certify the organizations (ex. ANAB).
All 4 options require that the same ISO requirements be implemented. This is the most common misconception is that a company can self-certify their management system and skip some of the requirements.
EHS-MS has worked with many organizations to assess their conformance to both ISO 14001:2015 and ISO 45001:2018. Please contact us if we can help you certify your management.