Scope
The international standard ISO/IEC 17021 contains the principles and requirements for competence, consistency and impartiality of the audit and certification of management systems of all types (e.g., quality management systems or environmental management systems) and for bodies providing these services. Certification bodies operating in accordance with this International Standard do not need to offer certification of all types of management systems. Certification of management systems is a third party inspection. The bodies providing this activity are third party inspection bodies (referred to as "certification bodies" in this International Standard).
ISO/IEC 17021-1 is applicable to the audit and certification of all types of management systems. It is assumed that some of the requirements, in particular those related to the competence of auditors, may be supplemented by further criteria in order to meet the expectations of stakeholders.
 
Structure:
ISO/IEC 17021 consists of the following parts:
Part 1: Requirements
Part 2: Competence requirements for auditing and certification of Environmental Management Systems
Part 3: Competence requirements for auditing and certification of Quality Management Systems
Part 4: Competence requirements for auditing and certification of Event Sustainability Management Systems
Part 5: Competence requirements for auditing and certification of Asset Management Systems
Part 6: Competence requirements for auditing and certification of Business Continuity Management Systems
Part 7: Competence requirements for auditing and certification of Road Traffic Safety Management Systems
 
ISO/IEC 17021-1 provides general requirements for such bodies that perform audit and certification in the field of quality, environment and other types of management systems. Such bodies are called certification bodies. Compliance with the requirements of the standard aims to ensure that certification bodies certify management systems in a competent, consistent and impartial manner, thus facilitating their recognition and acceptance of their certificates on a national and international basis. This part of ISO/IEC 17021 serves as a basis for the recognition of management system certificates in the interests of international trade.
Management system certification provides independent evidence that the organization's management system:
(a) meets certain requirements;
(b) is able to consistently achieve its policy and goals;
(c) is implemented effectively.
Conformity assessment with a certified management system provides value to the organization, its customers and the interested parties.
ISO/IEC 17021-1 describes the principles on which a certification is based. These principles help the user to understand the nature of certification set out in clauses 5 to 10. These principles are not in themselves requirements that should be checked. Clause 10 describes two alternative ways to the maintain management system and to demonstrate the consistent achievement of the requirements of ISO/IEC 17021-1 by the certification body.
The certification activities are separate activities that make up the whole process - from the review of the application to the termination of the certification. Appendix E illustrates how many of these activities interact.
 
ISO/IEC 17021-2 specifies the requirements for the competence of personnel involved in the process of audit and certification of environmental management systems (EMS) in addition of the existing requirements of ISO/IEC 17021-1.

All staff involved in the audit of an EMS must have a level of competence that includes the general competence described in ISO/IEC 17021, as well as knowledge of the EMS, such as specific terminology, environmental aspects, measurement methods and environmental monitoring, legal requirements, etc. Annex A to Part 2 presents tables summarizing the knowledge required to perform an EMS audit and certification.
 
ISO/IEC 17021-3 sets specific requirements for the competence of personnel involved in the certification process of Quality Management Systems (QMS), mainly based on ISO 9001. The personnel involved in QMS audits must have knowledge of the specific terms and definitions, the principles of quality management and their application, the process approach, the structure of the quality management documentation, etc. The tables in the Annex present a summary of the knowledge required to perform a QMS audit and certification.
 
ISO/IEC 17021-4 specifies the requirements for the competence to audit and certify Event Sustainability Management Systems (ESMS). The personnel involved in the ESMS certification must know the terminology related to event organization and sustainability, the context of sustainable development, the principles of event organization, their design and planning, operational control, legal requirements, etc. A table with the main activities in organizing sustainable events is presented as the Annex.
 
ISO/IEC 17021-5 clarifies the requirements for personnel involved in the certification and audits of asset management systems. This includes specific terminology and principles, good practices in asset management, regulatory documents and standards, etc.
 
ISO/IEC 17021-6 specifies competence requirements for the audit and certification of business continuity management systems. The personnel involved in the certification process must have highly specific knowledge of business processes, risk assessment, incident management, continuity plans, performance evaluation and legal requirements.
 
ISO/IEC 17021-7 clarifies the requirements for personnel involved in auditing and certifying of road safety management systems. The knowledge that such staff must have is related to the terminology, the context of the organization, the applicable legislation, the emergency preparedness and response, road traffic, the specifics of traffic organization, risks, etc. A summary of the required competence is presented in Annex A.
 
Benefits of implementing ISO/IEC 17021: