3 Year Audit Cycle (ISO 17021:2011)

P

PaulChad69

#1
Hi,

I'm just after a bit of clarification over the 3 year audit cycle and this relates largely to 17021:2011 rather than 19011.

I'm aware the cycle is that of Initial Certification, Surveillance and Re-Certification and this is within a 3 year cycle.

The Cycle starts on the Certification decision date (Clause 9.1.1.2).

Surveillance audits shall be conducted at least once a year. The date of the first surveillance audit following initial certification shall not be more than 12 months from the last day of the stage 2 audit.(clause 9.3.2.2)

Fine I get that, however when does the subsequent Surveillance Audit(s) in the 2nd year begin or rather required to be completed by?

Does the second year surveillance audit require completing 2 years from the certification decision date or from 12 months of the first surveillance audit?

As an example;

If a Company has a Stage 2 Completed on the 1st Jan 2012, and the certification decision is not completed until the 1st Feb 2012 (the start of the 3 year audit cycle).

A 1st year surveillance must be completed by 31st Dec 2012 and the re-cert audit must be completed by the 31st Jan 2015.

However, if the surveillance was completed 6 months after the S2, on the 1st June 2012, is the 2nd year Surveillance due by 31st May 2013 (12 Months after 1st Surveillance), 1st Jan 2014 (24 Months after Stage 2) or 1st Feb 2014 (24 Months after Certification Decision)?

And if this 2nd year audit was thus completed earlier, then what repercussions does this have the 3rd year, would a surveillance be due prior to the Re-Certification.

I appreciate most Companies this would be combined, but I'm finding it difficult to understand the cycle and how audit dates impact upon future audits within the same cycle.

Your help in finding clarity would be much appreciated.
 
Last edited by a moderator:
Elsmar Forum Sponsor

Paul Simpson

Trusted Information Resource
#3
The Cycle starts on the Certification decision date (Clause 9.1.1.2).

Surveillance audits shall be conducted at least once a year. The date of the first surveillance audit following initial certification shall not be more than 12 months from the last day of the stage 2 audit.(clause 9.3.2.2)

Fine I get that, however when does the subsequent Surveillance Audit(s) in the 2nd year begin or rather required to be completed by?

Does the second year surveillance audit require completing 2 years from the certification decision date or from 12 months of the first surveillance audit?
Hi, Paul and welcome to the Cove. :bigwave:

The aim of the three year cycle and the definition of timelines between visits is to provide a consistent framework for certification. It is never going to be perfect and there will still be some variability in its application but the overall principle is that the initial certification date drives everything. The first visit should be within 12 months of cert date and visit 2 should be within 12 months of visit 1 (and 24 months of cert date) and visit 3 should be within 12 months of visit 2 (and 36 months of cert date). There is an added complication that visit 3 should be around 3 months before certificate expiry date (to allow for any corrective actions to be carried out and evaluated by the CB before the certificate expires).

Hope this helps. :)
 
Thread starter Similar threads Forum Replies Date
O Is a full Internal Audit cycle every year required? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
A TS 16949 Audit Cycle for Remote Locations IATF 16949 - Automotive Quality Systems Standard 17
J Within the 3 year certification cycle, is surveillance audit frequency changeable? General Auditing Discussions 3
B AS9100 Audit Cycle General Auditing Discussions 4
R Internal Audit Requirements - All clauses and subclauses covered over the audit cycle Internal Auditing 9
Q ISO 9001-2015 Internal audit finding Internal Auditing 12
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
P Audit check for IT company (ISO 9001) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
D Supplier audit Medical Device and FDA Regulations and Standards News 2
M Go Live With New ERP System before Recertification Audit General Auditing Discussions 6
A Add MDSAP to Internal Audit Schedule Medical Device Related Regulations 0
A Define timeline for Major and Miner Audit finding General Auditing Discussions 4
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
A API Monogram audit review process Oil and Gas Industry Standards and Regulations 4
S IATF 16949 Internal Audit Example IATF 16949 - Automotive Quality Systems Standard 7
B Remote IATF 16949 audit preparation General Auditing Discussions 10
M AS9100D Registrar pre-audit requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 15
I Do I need to sign off my annual audit calendar? Internal Auditing 2
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
M Nice and simple invitation email to an audit kickoff meeting Internal Auditing 1
M IATF 16949 - Audit of Remote Location/Support Site and IT IATF 16949 - Automotive Quality Systems Standard 4
Q IATF audit - Root Cause Analysis results IATF 16949 - Automotive Quality Systems Standard 5
Q Self-assessment audit information Quality Management System (QMS) Manuals 6
Le Chiffre Online training available for ISO/IEC 17021-1: Requirements for bodies providing audit and certification of management systems Training - Internal, External, Online and Distance Learning 3
xfngrs NIOSH Audit for N95 respirators US Food and Drug Administration (FDA) 1
Sidney Vianna IATF 16949 News Risked Based Audit Day Calculation IATF 16949 - Automotive Quality Systems Standard 2
T AS9100 audit due to facility move AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
M ISO 13485:2016 internal audit checklist Medical Device and FDA Regulations and Standards News 5
A Internal Audit Questions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
B SAP Audit trail Periodic Review EU Medical Device Regulations 1
N What are the software audit and control steps Reliability Analysis - Predictions, Testing and Standards 2
R Gap Audit Aerospsace and Rail QMS Quality Manager and Management Related Issues 0
salaheddine96 Internal audit planning Internal Auditing 2
A MDSAP Audit Questionnaire Medical Device and FDA Regulations and Standards News 7
H Obligations as a contract manufacturer during an MDSAP audit ISO 13485:2016 - Medical Device Quality Management Systems 5
M What are the basics of Medical Device Single Audit Program (MDSAP)? ISO 13485:2016 - Medical Device Quality Management Systems 7
Sidney Vianna IATF 16949 News Update on the IATF CARA Project (“Common Audit Report Application”) - 12/2020 IATF 16949 - Automotive Quality Systems Standard 1
R ISO 17025 vertical audit checklist wanted Document Control Systems, Procedures, Forms and Templates 2
Z Rapid audit template for plastic parts manufacturing process Manufacturing and Related Processes 12
M ISO 9001 Major Nonconformance Internal Audit Schedule/COVID-19 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
S Quality Audit Training Activities Quality Manager and Management Related Issues 2
G IATF Rules for COVID 5th revision - Re-certification audit timing IATF 16949 - Automotive Quality Systems Standard 3
E MDR internal audit Internal Auditing 1
Ed Panek Remote Audit GOTOMEETING thoughts Coffee Break and Water Cooler Discussions 22
B ISO 9001 - "Remote Audit Fee" Registrars and Notified Bodies 13
L IATF external audit virtual (remote) IATF 16949 - Automotive Quality Systems Standard 13
M Audit Criteria Training Materials Internal Auditing 1
K New supplier audit as per V3.1 by French Automotive OEM General Auditing Discussions 2
S Complexity Rating - CB adding another audit day for "high complexity" AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
U Internal Auditor not trained but done Audit for some process Nonconformance and Corrective Action 5

Similar threads

Top Bottom