ENG

KOR

SERVICE

System Certification Product Certification
Introduction Areas

Introduction

Management system certification refers to a service where companies or organizations are evaluated (audited) and granted certification based on management system requirements. These requirements are established on the basis of management system standards set by the International Organization for Standardization (ISO) or relevant industry associations. Companies or organizations seek certification from third-party certification bodies to objectively demonstrate the reliability of their management systems to customers and the market.

IAF

IAF Code KAB (Korean accreditation Body) IAOB IAQG APMG EFfCI
ISO 9001
(TL 9000)
ISO 14001 ISO 45001 ISO 22301 ISO 27001 ISO 37001 ISO 50001 ISO 37301 IATF 16949 AS 9100 ISO/IEC
20000-1
EFfCI GMP
1 Agriculture, forestry and fish
2 Mining and quarrying
3 Food products, beverages and tobacco
4 Textiles and textile products
5 Leather and leather products
6 Wood and wood products
7 Pulp, paper, paper products
8 Publishing companies
9 Printing companies
10 Manufacture of coke and refined petroleum products
11 Nuclear fuel
12 Chemicals, chemical products and fibres
13 Pharmaceuticals
14 Rubber and plastic products
15 Non-metallic mineral products
16 Concrete, cement, lime, plaster, etc.
17 Base Metal & Fabricated Metal Products 
18 Machinery and equipment
19 Electrical and optical equipment
20 Shipbuilding
21 Aerospace
22 Other transport equipment
23 Manufacturing not elsewhere classified
24 Recycling
25 Electricity supply
26 Gas supply
27 Water supply
28 Construction
29 Wholesale and retail trade; Repair of motor vehicles, motorcycles and personal and household goods
30 Hotels and restaurants
31 Transport, storage and communication
32 Financial intermediation; real estate; renting
33 Information technology
34 Engineering services
35 Other services
36 Public administration
37 Education
38 Health and social work
39 Other social services

FSSC

Certification scope (FSSC) Accredited scheme by KAB
ISO 22000 FSSC 22000
1 A1 Livestock and Fisheries - Animal breeding for butchering, milk, eggs and honey production
2 A2 Livestock and Fisheries - Aquaculture of Fish and Seafoods
3 B1 Cultivation - Plants (excluding grains and beans)
4 B2 Cultivation - Grain and Soybean
5 B3 Cultivation - pre-processing of plants
6 C0 Food, ingredients and animal feed manufacturing - Animal - 1st conversion
7 C1 Manufacture of food, ingredients and animal feed - Processing of perishable animal products
8 C2 Manufacture of food, ingredients and animal feed - Processing of perishable plant-based products
9 C3 Manufacture of food, ingredients and animal feed - Processing of perishable animal and plant products (mixed foods)
10 C4 Manufacture of food, ingredients and animal feed - Processing of products distributed at room temperature
11 D animal feed production
12 E catering/food service
13 F1 Transactions, Retail and E-commerce - Retail/Wholesale
14 F2 Trading, Retail and E-commerce - Food Brokerage/Trading
15 G Transportation and Storage Services
16 H Service
17 I packaging material production
18 J Equipment
19 K Chemical and biochemical products
Pre-audit
This audit has nothing to do with certification process for registering and maintaining certification, which is implemented when an applicant wants. This is an audit for giving an opportunity to improve a system by conducting an assessment on preparing certification, prior to audit.
Initial Audit
This is an audit for registering the first certification, which consists of stage 1 and 2.
Follow-up Audit
This is a site audit for checking results of corrective action for nonconformity and its conformity. (When an auditor decides to conduct on-site check after confirming the level of nonconformity and the written results of corrective action)
Surveillance Audit
This is a regular audit that certified body should get through to maintain once-issued certificate until its expiration date (for three years after certificate issuance) (This audit should be conducted at least more than once a year.)
Recertification Audit
This is an audit that certified body should get through before certificate's expiration date (three years after certification registration) if the body wants to get recertified for maintaining its certificate.
Special Audit
This is an audit conducted according to special matters such as confirmation of the effectiveness of corrective actions for Major nonconformities, confirmation of other changes in organizations, and customer requests (in the case of IATF)

An organization willing to register a certification for management system to KFQ is required to comply with the followings. The content of the requirements can be changed according to certification scheme related with national law, international standard and the process of KFQ. The latest information is posted on KFQ website (http://www.kfq.or.kr )

An ownership of the certificate and audit report contents related to the certification activities is held by KFQ. Also, organization's information can be uploaded and displayed on the accreditation body's database.

In addition to the following requirements, the organization shall also comply with a specific requirements respectively by each audit standard.

  • 1 An organization applying for certification shall establish and document relevant system to comply with applicable standard (criteria), and effectively implement and maintain its activity according to defined procedure and method.
  • 2 An organization shall comply with the legal regulations related with certification scope, and with laws associated with certification scheme, accreditation body's requirements, and requirements for the certification registration maintenance by KFQ, and shall comply with the changes.
  • 3 In regard to operation of certification scheme, an organization has no right to refuse the witness audit and special audit directly conducted by an accreditation body or IATF. Also, the organization has no right to refuse the KFQ's internal witness audit for KFQ's own auditor qualification assessment.
  • 4 An organization has a record that they have conducted an internal audit and management review at least once a year, and the frequency shall be more than once a year.
  • 5 Stage 1 audit will be conducted before the stage 2 audit and it will be confirmed in stage 1 audit that an organization identified its system's status of implementation and documentation and is ready for the stage 2 audit. It is mandatory for organization to prepare for all required materials to be submitted, for the stage 1 audit.
  • 6 It is principle that the stage 1 audit shall be conducted in an organization. In case that stage 1 audit cannot be conducted due to organization's disagreement, it increase the possibility that audit activity can be stopped in middle of stage 2 audit.
  • 7 As a result of stage 1 audit, in case the decision of lack of preparedness for stage 2 audit, site audit cannot be conducted. The progress of certification process will stop so the organization will not be certified. Especially if preparedness for stage 1 audit is not ready, it is regarded as lack of preparedness for site audit.
  • 8 Initial audit stage 2 can be stopped when serious problem of system operation happen and audit team judges that completion of audit becomes meaningless. To get certificate after stopping audit, full audit process starting stage 1 audit shall be conducted.
  • 9 Either If an organization register its certification by transferring from other certification body or if transfer site audit and regular audit (surveillance and recertification audit) is conducted consecutively or if the requirement of transfer site audit is not fulfilled, the planned regular audit (surveillance and recertification audit) to be implemented consecutively might not be conducted and be stopped.
  • 10 The organization shall permit access to all place, opening relevant records, and interview with staff for confirming inspection and implementation of system setup-related documents which is needed for all audit for certification registration and maintenance of certification qualification.
  • 11 Throughout the entire process for the certification registration, the case that is impossible to be certified is the followings.
    • 1 In case the organization gives up the certification registration by sending the official document and/or the other means.
    • 2 In case the stage 2 audit isn't be conducted within 90 days after the stage 1 audit. (For recertification audit, in case the recertification audit isn't be conducted within the effective period)
    • 3 In case significant major nonconformity or various major nonconformities occur at the initial and recertification audit. (e.g. audit suspension due to breakdown of system)
    • 4 In case the causes of nonconformities found out from the initial or recertification audit are not eliminated, by the confirmation on the report of the corrective action and the follow-up audit, within 90 days after the audit.
    • 5 After the audit for certification registration, where resource and relevant group to meet the requirement of the certification scope don't exist or certification system is barely operated.
    • 6 In case the organization has no confidence in the certification system by claim or social trouble from interested party like customer.
    • 7 In case the requested information or document in the process of the application, audit plan and audit are not provided or turned out false.
    • 8 In case changes in organization's structure or significant issues in system or any changes are not unveiled.
    • 9 In case the organization violates the contract or agreement with KFQ.
    • 10 In case the organization doesn't pay the certification fee.
    • 11 In case the process of certification registration is stopped before completion due to dismantlement of organization or being out of contact.
    • 12 In case other system has significant issues.
  • 12 If there is a significant customer complaint or any violation of law an organization received regarding standard for certification before certification registration (from application of certification), the organization shall inform KFQ of it.

Client that have obtained system certification from the KFQ(Korean Foundation of Quality) shall comply with the following items during the valid period of certification. This information may be changed according to domestic laws in Korea, international standards, and procedures of the KFQ during the certification validity period, and the changed matters must be complied. Depending on the changes, it will be announced in document, publications issued by the KFQ, etc., and the latest information can be found on the website of the KFQ (http://www.kfq.or.kr).

  • 1 System shall be maintained according to applied standard.
  • 2 Regulations related to certification system shall be complied at all times.
  • 3 Related to managing certification system, the client cannot refuse witness audit and/or special audit conducted by Accreditation Body (KAB, IAOB, FSSC, IAQG, etc) and also cannot refuse internal witness auditor in KFQ witness audit of organization for the assessment of auditor in KFQ. Additionally, the organization shall comply with below in case of IATF 16949;
    • 1 the client cannot refuse an IATF witness audit of the certification body;
    • 2 the client cannot refuse the presence of a certification body internal witness auditor;
    • 3 the client cannot refuse the presence of an IATF representative or their delegates;
    • 4 the client cannot refuse the request of the certification body to provide the final report to the IATF;
  • 4 In case audit report and information related to certification and audit are required, the client is able to supply relevant Accreditation Body (including IATF).
  • 5 Management review and internal audit shall be conducted at least once a year.
  • 6 The client shall inform KFQ without delay of any significant changes about certification system like below. Certification can be withdrawn when notification has not been informed.
    • 1 Change of representative;
    • 2 Change in status of legal, commercial (e.g., joint venture, sub-contracting with other organizations), or ownership;
    • 3 Change of organization and management (e.g., key managerial, decision-making or technical staff);
    • 4 Change of site location of certified client;
    • 5 Bankruptcy, transfer, mergers and acquisitions;
    • 6 Change of operation cope of certified management system (e.g., extension or reduction of organization size, suspension of production or shut down);
    • 7 Significant change of management system and process (e.g., production processes, facilities, change of construction method);
    • 8 In case administrative disposition was imposed due to violation of the law related certified management system (including related legal suits)
      • In case of ISO 9001 certified client : when there is serious negative feedback from the market(customer and the public) due to problem about product or service provided or when legal issue is existed (e.g. product recall or compensation etc.)
      • In case of ISO 14001 certified client : when serious environmental accident or violation of a regulation is occurred
      • In case of ISO 45001 certified client: when serious safety accident or violation of a regulation is occurred
      • In case of ISO 22000/FSSC 22000 certified client: when critical nonconformity is issued or serious food sanitation or safety accident or violation of a regulation is occurred
      • In case of ISO 27001 certified client: when serious information security accident or violation of a regulation is occurred
      • In case of ISO 20000-1 certified client: when IT service was stopped to be provided for long period
      • In case of ISO 50001 certified client: when violation of a regulation according to the law related to energy is occurred
    • 9 In case of product recalls (for ISO 9001, IATF 16949, TL 9000 and FSSC 22000 (ISO 22000))
      • In case of IATF 16949 certified client : When there is official customer claim (Especially, in case of claim from BMW Group, Ford Motor Company, Geely Group, General Motors, IVECO Group, Jaguar Land Rover (JLR) Limited, Mercedes-Benz Group AG, Renault Group, Stellantis (ex FCA), Stellantis (ex PSA), and Volkswagen AG) or include case of significant claim received from customer.
    • 10 In case that co-certification with KOSHA-MS for ISO 45001 is suspended or withdrawn (for the client who has been certified for both ISO 45001 of KFQ and KOSHA-MS / ISO 45001 of KOSHA by co-certification audit)
    • 11 Transfer to new IATF recognition Certification Body (in case of IATF 16949)
    • 12 Key changes certification system
    • 13 Reissue request of the certificate, arising from damage and loss of the certificate and changes to the certificate
  • 7 Regular surveillance audit shall be conducted.
    • 1 Surveillance Audit Cycle
      • 1 Surveillance audit shall be conducted at least once a year. However, IATF 16949 certification audit shall be conducted within surveillance audit period as per determined audit cycle (determined surveillance interval shall be maintained for the three year audit cycle.)
      • 2 The date of the first surveillance audit following initial certification shall not be more than 12 months from the certification decision date of initial audit.
      • 3 Although a surveillance audit before the first recertification audit after the initial audit shall be conducted every six months in principle, the audit team leader may adjust the cycle in consultation with the audit organization in consideration of system establishment status and the content and number of nonconformities. But, the adjustment shall be made within a year.
    • 2 Key items for surveillance audit
      • 1 Requirements of applied certification scheme
      • 2 Confirmation of the corrective action's effectiveness on nonconformities at previous audit
      • 3 Usage state of certification mark
      • 4 The audit items specially designated as the audit items in the next audit by the previous audit team
  • 8 In addition to regular surveillance audit, KFQ can conduct special audit if there is a reason for a special audit, and the certified client shall comply with it. It may become necessary to conduct audits of certified clients as below:
    • 1 When site verification is needed, due to significant changes in the system as follows
      • 1 Core factors or overall changes to maintain and control the certified system including revision and abolishment of the manual and relevant procedures.
      • 2 Changes in the organization and management including merger & abolition and site closure of the relevant core departments along with merger & acquisition, joint venture, owner, board of directors and certified system.
      • 3 Major changes in articles of association, policies, processes and facilities
    • 2 As a result of analyzing complaints and information including social troubles and claims from customers, when site check is necessary.
    • 3 When site check is necessary, because of changes in KFQ's certification requirements and certification system
    • 4 When confirmation for relevant procedures is necessary, because of administrative measures deriving from violation of laws related to the appropriate management system.
    • 5 When re-audit is decided to be necessary as a whole, due to suspicion of the entire system's confidence, deriving from the fact that reviewed content is unreliable and untrustworthy, although the corrective action report, which was received from the client, was reviewed.
    • 6 When measurement data are not delivered that should be submitted regularly to QuEST Forum has not been done in case of TL 9000 certification.
    • 7 When matters to check the site of the certified client take place.
  • 9 In case that planned audit failed to be completed due to serious problem of system management operation status of client in surveillance audit, the audit can be suspended under consultation. In this case, the certification qualification is suspended. If client is willing to maintain certification, after the condition (e.g. audit time limit) for re-audit is met and the consultation is completed, overall re-audit can be implemented. Unless the re-audit for surveillance audit is not implemented in case that condition is not met, certification can be withdrawn.
  • 10 The client shall cooperate to conduct independent audit normally.
  • 11 The client shall comply to 'Guideline for usage and promotion of certificate • certification mark (GA8100-02)'.
  • 12 The client shall pay fee related to certification like the fee for surveillance audit within time limit.
  • 13 All document related to certification in the process of certification application and qualification maintenance between KFQ and client shall be stored and maintained.
  • 14 The client can raise complaints in the process of certification application and qualification maintenance and appeals about audit result and certification decision to KFQ. Process implementation and schedule related to corrective action required by KFQ and certification decision may not be effected according to rule of Accreditation Body while appeals and complaints-handling process.
  • 15 Certified client shall record complaints and corrective action related to system acquired certification received from the interested parties, customer and personnel and submit the relevant record to KFQ when requested.
  • 16 In case of TL 9000 certification, measurement performance index shall be delivered to QuEST Forum UTD every quarter and shall be received data confirmation. And organization shall submit the copy of data confirmation to KFQ.
  • 17 In case of FSSC 22000 certification, after organization is announced that transition audit of version is to be implemented by KFQ organization that has made a contract with KFQ can maintain the certification without having an additional contract.
  • 18 Certification suspension decision is possible in the following cases in the audit and certification maintaining process.
    • 1 Certification Suspension Decision
      • 1 When the certified client voluntarily request suspension through a formal document and/or other methods;
      • 2 Without conferment, the surveillance audit is not conducted within the allowable intervals and timing;
      • 3 When serious or multiple major nonconformities take place in the audits for certification maintaining, such as a surveillance audit (Audit termination, due to breakdown of system, etc.);
      • 4 When nonconformity cannot be closed within ninety (90) calendar days from the issue date of the nonconformity;
      • 5 When there are no resources and no organization to meet requirements as a result of an audit for certification maintaining or when most certification system does not operate;
      • 6 When there is no confidence on the certification system, due to claims from interested parties including the organization or social trouble (In case of IATF 16949, suspension of certification can be decided by the type of claim received from the customer according to their specific requirements);
      • 7 When the information or documents requested during application, audit plan and audits are not provided or proved false;
      • 8 When critical issues such as reorganization or system changes are not disclosed;
      • 9 When violated the contract or agreements with KFQ;
      • 10 When certification fee is not paid;
      • 11 When suspended before registration procedure is completed, due to certified organization’s dissolution, no contact, etc.;
      • 12 When certification registration organization did not take any action towards a change in the certification system and a request to change requirements by KFQ;
      • 13 When PR method of certification obtainment including certification mark is deviated from the requirement;
      • 14 When mentioned or used certification beyond the certificate’s application scope;
      • 15 When measurement data are not submitted that should be submitted to QuEST Forum has not been done in case of TL 9000 certification;
      • 16 When improvement plan and evidence about improvement implementation including part identified as improvement point as a result of previous audit was not provided in case of KFQ 9004 certification;
      • 17 When a critical problem occurs in the system (Breakdown of system: audit termination);
    • 2 Certification Withdrawn
      • 1 When the certified client expresses an intention to give up the certificate through a formal document and/or other objective methods;
      • 2 When products within the scope are no longer produced;
      • 3 When certification effect was suspended at least three occasions within the effective certification period;
      • 4 When reinstatement may not be taken, due to reasons for suspension have not been removed during the suspension period;
      • 5 After certification was suspended, since the client had not received a surveillance audit, two months has passed without carrying out the surveillance audit;
      • 6 Although the client was notified of proving conformity from KFQ, because of change of certification system or standard requirements, when the client did not prove it;
      • 7 When the client did not comply with a request to submit the certificate of KFQ, after one month from the receipt of such a request;
      • 8 When the certified organization disappears or is not confirmed, due to dissolution, no contact, etc.;
      • 9 Although, a problem becomes the reason to suspend certification, when a withdrawal of certification is decided to be necessary, in consideration of the seriousness of the problem;
      • 10 When certification suspension was not resolved within 2 months, that was suspended because measurement data are not delivered that should be submitted regularly to QuEST Forum has not been done in case of TL 9000 certification.
      • 11 When a critical problem occurs in the system;
  • 19 Consultants to the client cannot be physically present at the organization’s site during the audit or participate in the audit in any way.

The company or institution (hereinafter, referred to as “certification registration organization”), which acquires KFQ’s management system certification, can publicize its certification fact and use the certification mark and certificate as well. Concerning details of observance items in time of publicity, please refer to 'Guideline for usage and promotion of certificate · certification mark' at the bottom of the page.

  • The certification registration organization can use the certification mark in general document, at the top of a letter, invoice, and brochure, etc., or can publicize their certification in the manner of “A business acquired 000 Certification from KFQ.'
  • Nevertheless, it's not allowed to publicize to induce people to be misunderstood as 'Product Certification' in promotional activity.
  • All certification registration organizations are required to publicize on only the sort & scope of acquired certification. The same is true of the certification & accreditation mark.
  • Even the certification registration organization which acquired IATF 16949 Certification is not allowed to use IATF Logo. Nevertheless, To utilize IATF Certificate itself for publicity is allowed.
  • Even in case IAF mark is indicated in the issued certificate, a certification registration organization is not allowed to use IAF MLA Mark in whatever ways.
  • A certification registration organization is required to use an accreditation body's accreditation mark together with KFQ certification mark and to use them with distinct identity of a certification registration organization(organization name and certificate No., etc.)

    The Figure is suggest by suppoing the case of acquiring ISO 9001 which is registerd with Korea Accreditation Support Center's Accreditation.
    Please use KFQ mark and Accreditation mark according to the sort of the acquired certification.

  • IQNET Certification mark should be used together with KFQ Certification mark as shown below, and they should be used also together with the distinct identity (name of organization, certificate No.) of a certification registration organization.

    The Figure is suggest by suppoing the case where IQNET certification is issued and ISO 9001 certification is acqired.
    Please use KFQ mark and Accreditation mark according to the sort of the acquired certification.

  • In case the certification mark file by standard including Certification mark, please make inquires to KFQ.
    Use of Certificate & Certification Mark and Sub-procedure for Publicity
    Download