IJCA - Volume 2 - Flipbook - Page 9
2023 | Volume 2, Issue 1
9
DOI: doi.org/10.55459/IJCA/v2i1/LHDB
How Do Accreditation Bodies Manage Risk
Associated with the Accreditation Business?
WILL ISO/IEC 17011:2017 HELP TO MANAGE THE RISKS?
By L H D Bandusoma, Deputy Director (Accreditation), Sri Lanka Accreditation Board (SLAB)
-ABSTRACTAmong other factors, accreditation-focused
entities operating various accreditation schemes
for conformity assessment bodies are expected
to fulfill requirements of international standard
ISO/IEC 17011:2017 (Conformity Assessment –
Requirements for accreditation bodies providing
conformity assessment). Consideration should be
made of legal requirements. Additional requirements
of the International Accreditation Forum (IAF) and
International Laboratory Accreditation Cooperation
(ILAC) as well as the requirements of scheme
owners, such as CORSIA and GLOBAL G.A.P, etc.,
should adhere to the word “risk,” which appears in
different places of the ISO/IEC 17011:2017.
The main objective of ISO/IEC 17011:2017 is to ensure
competence, consistent operation, and impartiality
of accreditation bodies accrediting conformity
assessment bodies. The term “risk” is defined as the
“effect of uncertainty on objectives” (ISO 31000:2018,
clause 3.1). Therefore, it is required to consider all
possible uncertainties by accreditation bodies (ABs)
and initiate suitable actions to prevent or mitigate
such risks. Mandatory documents (MDs) published
by the International Accreditation Forum (IAF) have
addressed how accreditation bodies should consider
risks when they operate specific accreditation
schemes, such as EMS, FSMS, QMS, OH&SMS, etc.
There are no common viewpoints published or
discussed in relation to the risks associated with
accreditation bodies.
This aims to create awareness of possible risks
associated with accreditation bodies and share
experiences with examples of cases on how
accreditation bodies react to uncertain situations
with respect to achieving the intended objectives of
ISO/IEC 17011.
Keywords: ISO/IEC 17011:2017, Conformity Assessment
Bodies (CABs), Accreditation Bodies, risk management, Riskbased Assessment Techniques, International Accreditation
Forum, International Laboratory Accreditation Cooperation,
ISO 31000:2018
Introduction
In the accreditation and conformity assessment
arena, the organizational lifecycle is surrounded by
risk. Often, it is too sensitive to identify the sources
of risk and determine the frequency of occurrence
and consequences. Meanwhile, compliance and
quality are the most fundamental commitments of an
organization and must be managed very sensitively.
Among other factors, accreditation-focused
entities operating various accreditation schemes
for conformity assessment bodies are expected
to fulfill requirements of international standard
ISO/IEC 17011:2017 (Conformity Assessment –
Requirements for accreditation bodies providing
conformity assessment). Consideration should be
made of legal requirements. Additional requirements
of the International Accreditation Forum (IAF) and
International Laboratory Accreditation Cooperation
(ILAC) as well as the requirements of scheme
owners, such as CORSIA and GLOBAL G.A.P, etc.,
should adhere to the word “risk,” which appears in
different places of the ISO/IEC 17011:2017.
According to the ISO 31000:2018 (Risk Management
Guidelines) published by the International Standard
Organization, the word “risk” is defined as the “effect
of uncertainty on objectives.” The ISO 31000:2018
standard is a generic yardstick of product excellence,
and it provides a common approach for managing
risk encountered by any organization operating
under any context regardless of the size, type of
industry, or sector.
In the global ecosystem of accreditation of
conformity assessment bodies, the organizational
life cycle of an accreditation-providing institute is
also surrounded by risk. However, it is too sensitive
to identify the sources of risk and determine the
frequency of occurrence and its consequences.
Therefore, the attempt made in this document is to
explore how accreditation-providing institutes could
manage associated risks with their accreditation
processes and comply with the ISO/IEC 17011,
ILAC, and IAF requirements. The outcome of this
