1.1 Scope and Applicability
These DQS Audit and Certification Regulations (“Regulations”) apply to all offers and/or services and all resulting contractual relationship(s) between DQS Holding GmbH, any affiliated companies or any of their agents (each “DQS”, together “DQS Group”) and any organization/person (“Client”) applying for or receiving audit and certification services.
A current list of all members of the DQS Group is available at https://dqsglobal.com/intl/about.
These Regulations cover all kinds of System Certification in accordance with international or national standards, including private standards, Product Certification in accordance with EU Directives or national legislation, Product and Service Certification in accordance with non-regulated normative documents, specifications, requirements or technical rules.
These regulations apply throughout all stages of the certification or audit process, including but not limited to service offers and quotations, contracts, purchase and/or work orders, schedules and addendums agreed to between DQS and Client, unless it is otherwise explicitly agreed in writing or so prescribed by statutory instruments.
These Audit and Certification Regulations become effective with immediate effect after their publication and remain valid until a new version is issued and published.
The current version of these regulations is available in English language at https://dqsglobal.com/intl/about/accreditation-and-notification/dqs-group-auditing-and-certification-rules or upon request from every DQS office. Should any discrepancy occur between a translated version and the English version of the document, the English version shall takes precedence.
Where a Certificate is issued to the Client, DQS will provide the services using reasonable care and skill and in accordance with the Codes of Practice then in force of the relevant DQS Certification Body. A copy of such Codes of Practice, and any amendments to it as may be issued from time to time, will be made available by the DQS Certification Body to the Client upon commencement of the Services.
1.2 Definition of terms
1.3 Audit and Certification Services
The auditing and certification of a management system, a process or of a product by an independent, competent third party, such as DQS, generates valuable benefits for the Client. A DQS certificate will serve as evidence for a suitable and effective management system, a process or compliant product with the capability to continuously meet customer expectations as well as regulatory and statutory requirements.
During an audit, qualified and experienced auditors review the management system and its processes or products for ongoing suitability and effectiveness in light of changing markets and environment. By identifying improvement potential, auditors enhance the organization’s ability to meet established goals and objectives, thus enhancing sustainable success for the Client. With a DQS certificate, customers may place confidence on the Client and the certified management system, process or product, which has been assessed and certified to recognized standards and specifications.
1.4 The Contract and Commercial Terms
These DQS Audit and Certification Regulations, and, as applicable, the application, the quotation, its acceptance, the Codes of Practice, the conditions of DQS Certification Marks and local business conditions or commercial terms constitute the entire agreement (the “Contract”) between the Client and DQS with respect to the subject matter hereof.
Local business conditions or commercial terms may include clauses on legal representation, jurisdiction, liability, tax, terms of payment and others, considering local legal requirements. The contract may be also constituted by individual agreements between DQS and the Client, containing always these DQS Audit and Certification Regulations as an integral part of it through direct inclusion or reference.
Save as otherwise provided no variation to the contract shall be valid unless it is in writing.
1.5 Contractual relationship to the DQS Certification Body
Whenever a DQS office provides a service under authorization or accreditation of another DQS Certification Body, it acts as an agent in name and in behalf on that entity. The offer/quotation identifies the respective DQS Certification Body and its acceptance and signature of the local contract constitutes a legally binding certification contract between Client and the DQS Certification Body. Although the agent is authorized to charge/invoice the Client for the service provision and certification, the responsibility for the certification activities and the operational control under a specific accreditation remains always with the DQS Certification Body which is responsible for, and retains authority for, its decisions relating to certification, including the granting, refusing, maintaining of certification, expanding or reducing the scope of certification, renewing, suspending or restoring following suspension, or withdrawing of certification.
DQS assesses the Client’s management system, processes, products or parts thereof, with the goal of determining its conformity with agreed and acknowledged requirements, such as international, national or sector-specific standards or specifications. The respective certification process may involve one or more steps, usually ending with an audit report, which documents the audit results. In the case of certification services, the respective DQS Certification Body will issue a customer-specific certificate, confirming conformity to the respective requirements, when the fulfillment of all applicable requirements has been evident.
If nonconformities with requirements of the respective standard or specification have been identified during an audit, corrective action shall be planned and carried out by Client within a specified time frame. Certificates will only be issued after the effective deployment of suitable corrective action has been demonstrated. The scope and duration of validity shall be stated on the certificate.
Most audit findings are based on a sampling process, targeted towards reliable evidence for effective implementation and compliance of the management system, process or product. Further business aspects may exist, positive or negative, which have not been reviewed by the audit team. It is the sole organization´s responsibility to investigate and evaluate the potential impact and scope of findings, thus continuously ensuring full compliance to the applied standard(s). In cases of non-compliance, DQS is not liable.
DQS is independent, neutral and objective in its audits and certifications. Audits are normally performed at Client’s place of operations (on-site) but may be partially conducted, substituted or complemented by remote auditing activities (off-site). The type, extent and time schedule of the procedure are subject to separate agreement by the parties. DQS strives to minimize any disturbances of the business process while conducting the audit on Client’s premises.
The Certification Process will generally include the following steps:
2.1 The process starts with the Client’s needs and expectations. DQS wants to learn about the Client’s organization, its management system, size and types of operation. Together both parties will define objectives for the audit and/or certification, including applicable standards and specifications.
2.2 DQS will provide a detailed offer for audit and certification services, tailored to individual Client needs, based on the information provided initially. A written contract will specify all relevant deliverables as well as applicable audit and certification criteria.
2.3 A pre-audit can serve as initial performance or gap analysis, identifying strengths and areas for improvement. For larger audit and certification projects a project planning meeting provides a valuable opportunity for the Client to meet the lead auditor and develop a customized audit plan for all functions and locations involved. Both services are optional.
2.4 Stage 1 audit: The certification procedure itself begins with review and evaluation of system documentation, goals, results of management review and internal audits. During this process, it will be determined whether the Client’s management system is sufficiently developed and ready for certification. The auditor will explain findings and coordinate any required activities to prepare for the Stage 2 audit. The Stage 1 audit is usually not applicable for the certification of processes and products.
2.5 Stage 2 audit: The assigned audit team will audit the Client’s management system, processes or products at the place of production or service delivery and/or by use of remote auditing techniques. Applying defined management system standards and specifications, the audit team will evaluate the effectiveness of all functional areas as well as all management system processes, based upon observations, inspections, interviews, review of pertinent records, and other audit techniques. The audit result, including a recommendation about the certification and all findings will be presented to the Client during the closing meeting and included in a written report. Required action plans will be agreed upon as necessary.
2.6 System Evaluation: The certification function of the respective DQS Certification Body will evaluate the audit process and its results, and decide independently about issuance of the certificate, based on objective evidence. Any recommendation given by the audit team and documented in the report is not binding for the DQS Certification Body and the decision to issue a Certificate is at the sole discretion of the DQS Certification Body. The Client receives the audit report, documenting the audit results and, when all applicable requirements are fulfilled, the Client also receives the certificate.
2.7 Surveillance audits: Either semi-annually or at least once per year, there will be an audit of the critical components of the management system. Improvement potential will be identified, with a focus on continual improvement and sustained effectiveness. For product certification, a surveillance audit is usually replaced by an annual re-audit.
2.8 Re-Audit: A certificate is valid for a limited period of time, mostly for a maximum of three years. At the end of this cycle, a re-audit will be carried out to ensure the ongoing fulfillment of all applicable requirements. Subject to this fulfillment, a new certificate will be issued.
For sector specific standards or process and product certification, the described certification process may differ.
3.1. Maintaining the Management System / conformity of processes and products
In order to obtain and maintain a certificate, the Client shall implement and maintain a documented management system which fulfils the requirements of the selected standard or specification. In case of process / product certification, Client is responsible for assuring ongoing conformity. The Client shall provide evidence of conformity and effectiveness of the assessed management system, processes or products, readily available for audit by the assigned audit team. The Client shall undertake all necessary actions to ensure that the management system and/or product is maintained in a conforming and effective manner at all times.
The Client will be notified of any changes to the certification program or new or revised requirements that affect the Client. In case the certification applies to ongoing production, the Client shall ensure that the certified product continues to fulfill the system or product requirements. DQS shall verify the implementation of changes by the Client and initiate required measures in the certification process.
3.2. Access to Information
The Client ensures that DQS has access to all necessary information and the required facilities to perform the assigned audit tasks. DQS may delegate the performance of all or part of the services to an agent or a subcontractor and Client authorizes DQS to disclose all information necessary for such performance to the agent or subcontractor. The Client commits all nominated representatives and employees to grant access to and provide the audit team with accurate and complete information and objective evidence in a timely manner concerning all processes which may be significant to the audit. Within the scope of certified management systems, processes and/or products, all records relating to complaints and their corrective actions shall be presented to DQS upon request.
3.3. Notification of Changes and Special Incidents
The Client is obliged to inform DQS immediately of any changes, which may influence the certified management system, processes or the certified products. This applies in particular to the purchase/sale of all or a portion of the company, any change in ownership, major changes in operations, fundamental alterations in processes, incidents such as a serious accident or a serious breach of regulation/legal obligation necessitating the involvement of the competent regulatory authority, or the filing for bankruptcy or composition proceedings. In any of these cases, DQS will consult with Client and determine how the certificate may be maintained.
The Client is obliged to immediately notify DQS in case of a product recall. The individual certification standards and their regulations use different time frames in terms of meeting this deadline. These specifications can be found in the respective standards and their applicable regulations.
3.4. Independence of the Audit
Client is obliged to avoid anything that might compromise the independence of the employees and auditors of DQS. This applies in particular to offers of consultancy, offers of employment, both salaried and sub-contracted, to separate agreements about fees or other monetary rewards.
3.5 Right to reject Auditor
Prior to confirmation of the audit date, the Client is entitled to review and reject the auditor(s) assigned by DQS with proper justification. In justified cases, e.g. in case of a threat to impartiality, and if applicable accreditation rules allow, DQS will assign a replacement for the rejected auditor.
3.6. Confidentiality and Information Security
The documents provided to the Client by DQS, including the Marks and the DQS certification symbol, are protected by copyright. Client specifically acknowledges that all documents which are provided or made available by DQS for examination remain the property of DQS, and that they may be used only for the internal needs of Client and not made available to third parties or be used for purposes other than those agreed upon herein or in writing. Client is obliged to maintain strict confidentiality about any information revealed within the terms of this Agreement as well as of all knowledge of matters relating to DQS, its employees and auditors. This obligation also applies after termination of the contract. Client similarly accepts this obligation on behalf of any vicarious agents and auxiliary persons. Client is permitted to forward the audit report in its entirety. The forwarding of extracts is not permitted.
3.7 Right to use Certification and Marks
With a valid DQS certification, the Client is entitled to use the certificate, the respective certification marks and in some cases, the accreditation marks for promotion purposes according to related rules published at the DQS website.
Authorized use of copyrighted DQS Certified Management System Mark®, the UL Registered Firm Mark® and other Certification or Accreditation Marks shall enhance confidence of customers in the Client’s certified management system and the respective performance. These marks are frequently used on company stationery, in brochures, the Internet, at exhibitions, on vehicles or in advertisements and are directly associated with the certified organization and its management system, processes or products. The use of certificates and marks is restricted to the scope and the period of validity of the certification and they shall not be used on a product nor product packaging nor in any other way that may be interpreted as denoting product conformity.
Every Client of DQS has the right to have services performed within the agreed scope in such a way that all reasonable expectations and requirements are fulfilled. In case of non-fulfillment, the Client is entitled to file a complaint with the respective DQS Company. DQS will request information necessary for analysis and improvement.
If a Client does not agree with a specific certification decision, Client may submit a written appeal and request reconsideration of the decision. A separate impartial technical reviewer of the respective DQS Certification Body, not involved in the conduct of the audit and the initial decision, makes the final decision on an appeal. The management of the DQS Certification Body is always informed about the status during the appeal process.
4.1. Auditing of Management Systems
DQS verifies the conformity and effectiveness of Client’s certified management system, processes or products by performing regular audits (usually on a semi-annual or annual basis). For these audit purposes DQS has the right to access Client’s facilities within the framework of planned audit visits, observe operations, inspect processes, products and services, interview employees and representatives, review documents and pertinent records, and to collect information with other audit techniques in order to get sufficient objective evidence upon which to base a certification decision. Should DQS receive information from third parties, which dispute the conformity or effectiveness of a management system, process or product, which DQS has certified, it is entitled to perform additional, non-routine audits after consulting with Client. In legally regulated areas, DQS is entitled to perform additional, unannounced audits, whenever justified.
4.2. Accreditation and Authorization
DQS Certification Bodies are authorized by various accreditation bodies and other Governmental and Non-Governmental Authorities or Program Owners to issue audit reports and certificates according to various standards and specifications. This includes the obligation to allow employees or auxiliary persons of these bodies to participate in audits. According to the applicable accreditation and authorization rules, DQS allows these individuals access to both its own documents and client-related data, subject to the confidentiality requirements set forth herein. In addition, whenever individual standards or specifications explicitly require, client-related data and audit results are passed on to these bodies. By accepting these Audit and Certification Regulations the Client consents to the applicable accreditation and authorization requirements in their current version (e.g. ISO/IEC 17021-1 or ISO/IEC 17065), including all of the foregoing.
DQS Certification Bodies are entitled to delegate the provision of all or part of the Services, with exception of any certification decisions, to other DQS offices, an agent or a subcontractor. Whenever certificates are issued by a DQS Certification Body, other than the Client’s local DQS partner, all relevant rights and obligations herein apply equally to the DQS Certification Body and the local service provider.
4.3 Assignment of Auditors
The assignment of competent auditors is the sole responsibility of DQS. DQS agrees to use only auditors, who are qualified for the task based on their technical qualification, their experience and their personal abilities. Auditors shall be authorized for the required standard(s) or specification(s) and will have appropriate experience in Client’s area of operation as well as in management and auditing. In many cases, DQS may assign an audit team, comprised of two or more auditors to a specific audit or certification process. On request, DQS will submit a short CV of the selected auditor to the Client.
Should an auditor become unavailable before or during the audit, DQS will strive to provide a suitable replacement auditor, as feasible.
4.4 Scheduling of Audits
DQS has the right and the obligation to schedule audits of the Client’s management system, processes or products. Audits shall be scheduled at the mutual convenience of both parties within the time frames mandated by the applicable requirements. Audit dates shall be agreed upon in writing. Once confirmed such audit dates are binding. Individual audit agreements may include provisions for compensation for canceling or postponing confirmed audits.
Certification may also include, depending on the standard, unannounced audits, which are either completely unannounced or announced on short notice. If an unannounced audit cannot be performed due to reasons the Client is accountable for (denial of entrance) DQS may charge the costs actually incurred by preparing for the unannounced audit to the Client's account. The certified site has to take the necessary steps to ensure access is granted to the auditor in the event of an unannounced audit.
4.5 Issuance of reports and certificates
DQS shall issue audit reports and a DQS Certificate (herein referred to as "Certificate”) and deliver it to Client upon Client’s fulfillment of all certification requirements and contractual obligations. The certification decision is the sole responsibility of the DQS Certification Body, based on the auditors’ recommendation for issue and all audit results, as recorded or referenced in the audit report. Any recommendation given in a report is not binding for the DQS Certification Body. The report and the certificates remain in the property of DQS; DQS grants to the client the right to use them in accordance with this Regulations. DQS certificates are valid for a limited period of time, usually a maximum of three years, commencing from the date of issuance.
4.6 Confidentiality and Data Protection
DQS commits itself to protect the confidentiality of all confidential information and personal data (e.g. according to article 4 GDPR and other applicable legal requirements) of Client and its employees that is not publicly available and that is made available to DQS in the context of its activities on Client’s premises, whether this information relates to internal matters of Client or to its business relations. This also applies to the verbal and written results of the audit. DQS will disclose confidential information to third parties only with the written authorization of Client, unless legally required or explicitly provided otherwise in these Audit and Certification Regulations. These commitments also apply after termination of the contract. In some sector certification schemes, part of the audit and client data are mandatorily handled in applications provided by the scheme owner (e.g. automotive, aerospace, food schemes); Client consents to this. Unless otherwise required by the relevant Accreditation Body or by law, DQS retains in its archive records associated with audits and certifications for a minimum of two certification cycles (usually six years). Applicable national or international legal requirements (e.g. from the GDPR) are fully taken into account. At the end of the minimum archive period, DQS retain or dispose of the materials at its discretion, unless instructed otherwise by the Client; fees for carrying out such instructions will be invoiced to the Client.
DQS is entitled to maintain and publish a register of all Clients holding a current DQS certification. This publication contains the name and address of the certified organization as well as the scope and reference standard/specification and certification status. Client hereby consents to the publication of such information hereunder as well as to the publication of the same data into mandatory national and international databases managed by country authorities, accreditation bodies or program owners. Additionally, in the course of order processing customer data are stored and processed in external databases of scheme owners. The Client agrees with the acceptance of the offer that customer data can be stored, accessed and viewed by third parties in the corresponding databases.
4.8 Electronic Communication
Notwithstanding the foregoing, Client hereby authorizes DQS to transmit unencrypted confidential information and other information through the Internet or a public network to e-mail addresses or other locations provided by Client. Client acknowledges that DQS cannot guarantee the privacy and confidentiality of such transmissions. Client agrees that DQS’s transmission of confidential information via the Internet or other public network shall not be a breach of any confidentiality obligation under these Audit and Certification Regulations and that DQS shall not be liable for any damages resulting from such transmissions, provided that such confidential information is handled with the same degree of care as DQS handles its own confidential information.
If Client hyperlinks to DQS’s web site, Client agrees: (i) the information contained on DQS’s web site belongs to DQS; (ii) the linking web site will transfer the user directly to DQS’s web site as posted by DQS without imposing any frames, browser windows or third-party content; and (iii) the linking web site may not state or imply that Client or its products or services are endorsed by DQS.
5.1 Issuance of certificates and use of marks
The DQS Certification Body issues certificates confirming the conformity of the Client’s management system, processes or product to selected national and international standards as well as to recognized industry- or customer-specific requirements, when the Client has demonstrated in an audit that all applicable requirements have been fulfilled. The Client is entitled to use the certificate and the related certification marks to promote confidence with business partners.
Upon issuance of a Certificate, an ongoing surveillance service will be established to ensure that conformity of the management system, processes or products is maintained continuously. The establishment and maintenance of certification is contingent upon the execution of the audit and certification agreement and the continued adherence to its terms and conditions by the Client.
Client agrees to cooperate with DQS in ascertaining the facts if it is reported that Client's management system, processes, products or services are not in conformance with regulatory, statutory, certification or other applicable requirements, including sharing such information as Client acquires regarding the reported nonconformance, and to take and report to DQS on any corrective action necessary.
Client agrees that the surveillance service, such as surveillance audits, and any special audits conducted by DQS are designed to serve only as a check on the means the Client exercises to determine conformance of its management system, processes or products with certification requirements, and that Client is in no way relieved of its responsibility for its management system, processes, products and services within the scope of certification.
Certificates and Certification Marks may not be transferred to successors in title or other organizations. After a certification has expired or has been suspended, withdrawn or annulled, Client must desist from any promotion or other use of the certification. Client agrees to return any physically issued certificates, following withdrawal or annulment; the right of retention is specifically excluded.
5.2 Non-issuance of Certificates
The DQS Certification Body may only issue Certificates if all requirements of the selected standard(s), specifications and contracts have been fulfilled following the audit (initial/re-audit). In case of non-fulfillment, the auditor documents the shortcomings in a nonconformity report and/or otherwise identifies the restraints, which shall be complied with in order for a certificate to be issued.
All non-conformances or restraints shall be eliminated prior to the issuance of a DQS certificate. If necessary, DQS will repeat the audit partially or in full. If the non-conformances have not been eliminated or if the prerequisites for the granting of a certificate have not been achieved even after follow-up or special audit, the certification procedure will be concluded by the issuance of a report without a certificate.
5.3 Suspension, Withdrawal and Annulment of a Certificate
The DQS Certification Body is entitled to temporarily suspend a Certificate if Client violates certification, contractual or financial obligations towards DQS, including but not limited to:
The DQS Certification Body is also entitled to suspend a certificate if significant breaches of accreditation rules become known after the certification decision and in cases of force majeure (see 6.6).
DQS will notify Client of a proposed suspension in writing. If the reasons for the proposed suspension are not eliminated within two weeks, DQS will inform Client in writing of the suspension of the Certificate stating the reasons as well as the corrective actions necessary for the certification to be reinstated.
Certificates are suspended for a restricted period (usually a maximum of 90 days). If the required measures have been implemented demonstrably and effectively by the established deadline, the suspension of the Certificate is cancelled. If the required measures have not been implemented within the established deadline, the DQS Certification Body may withdraw the Certificate as set forth below.
The DQS Certification Body is entitled to withdraw Certificates or to declare them invalid upon written notice to Client if:
The DQS Certification Body is entitled to annul Certificates, or retroactively declare them invalid, if:
6.1 No Partnership or Agency
The Parties acknowledge that DQS provides the Services to the Client as an independent contractor and that the Contract does not create any partnership, agency, employment or fiduciary relationship between DQS and the Client.
Client acknowledges that DQS neither takes the place of Client or any third party, nor releases them from any of their obligations, nor otherwise assumes, abridges, abrogates or undertakes to discharge any duty of Client to any third party or that of any third party to Client.
6.2 Limitation of liability and indemnity
DQS exercises the skill, due care and diligence in the performance of the services as it may be reasonably expected of a reputable provider of similar services and accepts responsibility for damages only in cases of proven negligence.
Nothing in these Regulations shall exclude or limit the liability of DQS to the Client for death or personal injury or for fraud or any other matter resulting from DQS´ negligence for which it would be illegal to exclude or limit its liability.
Unless otherwise agreed, the total liability of DQS to the Client in respect of any claim for loss, damage or expense of any nature shall be limited, in respect of any one event or series of connected events, to an amount equal to the double of fees paid to DQS under the contract.
DQS shall have no liability for claim for loss, damage or expense unless arbitral proceedings are commenced within one year after the date of the performance by DQS of the service that gives rise to the claim or in the event of any alleged non-performance within one year of the date when such service should have been completed.
6.3 No assignment
Unless not expressly regulated differently or agreed in writing by the parties, the contract is personal to the parties and neither party may assign, transfer, charge, mortgage, subcontract, or deal in any other manner with any or all of its rights and obligations under the Contract. Each party confirms it is acting on its own behalf and not for the benefit of any other person.
Notwithstanding the before mentioned, DQS may assign, transfer or subcontract any or all of its rights and obligations under the contract to a DQS affiliated company and partners or any of their agents.
6.4 Code of Ethics and Anti Bribery and Corruption Policy
DQS conducts its business strictly in accordance with the principles laid down in its Code of Ethics, which also contains the Anti Bribery and Corruption Policy. The DQS Code of Ethics may be found at the DQS website.
DQS employees, agents and other representatives are prohibited from giving or receiving money or gifts, which could be construed as bribes, or entering into arrangements that are construed as corrupt practices. DQS maintains in place during the entire term of the Contract policies and procedures, and will enforce them where appropriate, to ensure compliance with the aforementioned.
6.5 Partial invalidity
If one or more provisions of these Regulations are found to be illegal or unenforceable in any respect, the validity, legality and enforceability of the remaining provisions shall not in any way be affected or impaired thereby.
6.6 Force majeure
Neither DQS nor the Client shall be in breach of these Regulations, nor liable for any failure or delay in performance hereunder if the cause of such failure or delay is attributable to events beyond the reasonable control of the affected party, including but not limited to war, armed conflict, terrorist attack, civil war, riots, toxic hazards, pandemics, epidemics, natural disasters, extreme weather, fire, explosion, failure of utility service, strike, breakdown of infrastructure, transport delays, or any public restrictions following any of the incidents above, or any other force majeure occurrence.
In the event of a force majeure occurrence, the affected party shall notify the other party without undue delay of the particulars of the situation and the estimated duration. Either party shall be entitled to terminate the Contract with immediate effect should the force majeure occurrence endure for more than ninety (90) days.
Unless specifically agreed otherwise, all disputes arising out or in connection with these Regulations shall be governed by the laws of the country of domicile of the DQS Certification Body and be finally settled under the Rules of Arbitration of the International Chamber of Commerce by one or more arbitrators appointed in accordance with the said rules. The arbitration shall take place in Paris (France) and be conducted in the German or English language.
For some sector specific management system or product certification and audit services, additional mandatory program requirements may apply, including but not limited. These “program requirements” are available at https://dqsglobal.com/intl/.
DQS regler för revision och certifiering från och med den 5 maj 2022
Innehållet på denna sida kan laddas ner.