Intent and Scope:

Determination of all parties for certification process and customer responsibilities by Kalitest
It includes all system certification activities to be performed by Kalitest.

Contents:

A) Revision Information
1) Definitions
2) Certification decision
3) Independency and objectiveness of certification
4) Adequacy of certification
5) Continuity of certification
6) Suspension and withdrawal of certificate
7) Organization responsibilities which has certificate
8) Wages to be paid by organization
9) Responsibilities of Kalitest

A. Revision Information

1. Definitions:

Certification Body:
The 3rd party establishment which audits and certifies the supplier’s quality management systems according to management system standards and any required additional document for systems
‘Kalitest Belgelendirme ve Eğitim Hizmetleri Ltd. Şti.’ Is certification body name and it will
be termed as ‘Kalitest’.

Supplier:
The party is responsible for representation of product, process or service and providing the quality management system applications.

Quality Management System:
Quality system is required for an establishment for management and control as quality aspect.

Environment Management System:
A management system is required for establishment, regarding the management and control of environmental effects and resource efficiency

Food Safety Management System:
Management system related to management of food safety risks and hazards of food chain of a company

Occupational Safety Management System:
Management system regarding workers’ health and occupational safety of a company, risk management

Information Safety Management System:
Regarding a company’s work risk approach, determination, performing, review, revising and carrying on and improvement of information safety

Certificate:
A document showing that the suppliers’ management system conformance with a particular management system standard and any required additional document in system

Certification System:
To make certification and following the continuity, for auditing the standard conditions, process and management rules of Kalitest.

ISO 9001:
Quality management system of company

ISO 14001:
Environment management standard

TS/ISO 16949:
Special conditions for automotive sector

OHSAS 18001:
Occupational safety standard

ISO 22000:
Food safety standards

ISO 13485:
Quality systems standard for medical device producers and distributors

ISO/IEC 27001:
Information safety management standard

Guide Documents:
Documents which are improved by industrial sectors and used for a helper for audit standard to audit companies which have been working at a particular industry sector

Certified Organization:
Deserving to get the certificate of a part of an organization of a company or whole company

Applicant:
Applicant to get a system certificate for a part of a company or whole of company and non-having a certificate yet

Independent Certification Committee:
The committee which makes a decision for certifying, suspension, withdrawals, continuance, renewal and scope changes and extensions of certificates This committee is gathered together under the circumstances of related procedures.

Complaint and Objection Committee:
A committee which evaluates all the complaints and objections It is totally independent from the committee which decides the audit and certification committee. This committee is gathered together under the circumstances of related procedures.

Company Manager:
Performs general management of KALİTEST.

Operation Manager:
Related to company manager. He/she performs receiving the applications, appointment of auditors, appointing of representative, marketing, presentation and training activities.

Certification Manager:
He is directly related to board of directors. He sets, enforces and provides continuity a system conformance with accreditation conditions.

Advisory Board:
Gives support to certification committee and certification manager regarding the adequacy and independency of certification and besides, make regulations to perform objectiveness. Concerning with system certifications such as ISO 9001, ISO 14001, ISO 22000, ISO 13485, ISO/IEC 27001, OHSAS 18001 and product certifications such as CE marking, GS marking, Procedure P-16 is followed.

Kalitest Logo:
A logo could be used for the companies which were approved or certified by Kalitest.

2. Certification Decision:

Certification decision is made as a result of reviewing the technical conformance by certification manager, checking the all documents and audit report which were filled out during the certification process and considering the lead auditor’s recommendation. If certification manager needs a technical expert’s view, he/she asks for advice from the member of Independent Certification Committee who has appropriate scope for that subject. Independent Certification Committee takes into consideration about scope, sector, standard, geographical region, company, auditor, accreditation, period and similar subjects to make decision. For instance; for ISO 22000 reports, technical expert’s regarding food safety, for ISO/IEC 27001 reports, technical expert’s for information safety point of views are taken into consideration. In addition to above mentioned subjects, IAF accreditation guides, accreditation standards, guides, instructions and rules of accreditation institute for concerning scope are considered.

Additionally, audit team and lead auditor recommendation decision and scope which are mentioned into audit report are important for certification. Existence of objective evidence is must. Certification manager’s review and recommendation decision is conclusion. However, if there is any problem regarding that, according to independent certification committee, one of the below mentioned decisions is made:

- Disapproval of scope subject,
- Extension audit for mentioned scope,
- Bringing forward the following surveillance audit period,
- Warning for lead auditor/auditor to get enough objective evidence for following audit,
- Risk analyzes availability for environment management systems, food safety management systems, occupational safety systems and information safety systems. If advised scope has non-accredited scope, according to certification managers’ advice, one of the below mentioned decisions:
1) Disapproval of related scope point,
2) Scope change and application for scope extension to accreditation institute.
Regarding all management systems, legal conformity of organization is audited with respect to
scope. Permissions and authorizations are investigated. Otherwise, certification advice could
not be recommended. If there is a legal nonconformity, nonconformity report is prepared.
Regarding the nonconformities which were found out as a result of audit, evidences of corrective actions are also included into audit report by audit team. To make a certification decision, all minor and major nonconformities must be removed. Corrective actions which needs extra period to remove the minor nonconformities can be completed with a corrective action plan providing that measuring the actions during following audit. However, major nonconformities can be just removed by concerned corrective actions.

Nonconformities which have no need to re-audit, can be removed by lead auditor who performed the audit, any other lead auditor who has same scope as stated audit or certification manager. ISO 22000 nonconformities can be just removed by authorized ISO 22000 lead auditor.

Certification decision or disapproval decision is informed to the related institute by giving the
reasons via an information letter. Regarding quality management systems, environment management systems, information safety systems and food safety systems, above mentioned method are performed, too.

3. Independency and objectiveness of certification:
All certifications which are implemented by Kalitest, are performed with independence and equity. This situation is applied as below:

Independent certification committee includes the members who have been working at sectors of Kalitest’s field of activity. For gathering this committee, choosing independent certification committee and working procedure is performed. Committee is met with independent participants, as financial subjects.

Certification manager is also member of Independent Certification Committee. In case the certification manager is a partner of the company, he/she has no any decision authority not to affect equity. Otherwise, he/she has decision right. If he/she has adequacy for any sector, he/she can decide without any view of independent certification committee. However, if he/she performed the audit, he/she cannot decide; a person who is proxy of certification manager can decide. Certification decision can be made by the members who have no any activity for the audit, removal of nonconformities and related marketing activities.

Auditor/lead auditor and experts should have no any professional relationship with the audit activity to be realized since last two years. This situation is made certain with the Form-55 Auditor Authorization Contract to be signed by auditor/lead auditor or expert before the audit. Otherwise, lead auditor/auditor or experts’ employment is terminated. This decision is informed to all related national /international institutes by certification manager. (Accreditation Institute/ Auditor Certification Institute etc…)

Approval of the company which has a certification application confirms that auditor/lead auditor or technical expert before the audit. Thus; secrecy, equity and possible benefits are guaranteed.

All complaints which have been received are classified, analyzed and used for equity of the audit and certifications. Those kind of data analyzes are informed to concerned institutes. In addition to this, to determination and auditing of required politics in accordance with certification manager or Independent Certification Committee, it is applied to consulting councils. For checking the independency and equity of certification, consultancy council is gathered a least once in a year. Council members are totally independent and checked out the activities of Kalitest as aspect of equity and independency.

4. Adequacy of certification:
Kalitest will use just authorized auditors or experts for accredited scopes. Regarding nonaccredited
subjects, this is not essential; however, auditors and experts who performs the general approach and IAF rules with Kalitest procedures and instructions can be used.

International validation of certifications is important for Kalitest and Kalitest works with appropriate accreditation institutes.

If Kalitest could not find authorized auditor or expert at any sector, it does not make any certification.

5. Continuity of certification:
Kalitest takes preventive measures to apply the continuity of certification. In case of any hesitation, certification manager, operation manager or auditor can request to bring forward the surveillance audit. Regardless of financial conditions between the certified company, Kalitest performs the audit and takes risk the losing money and required costs.

Kalitest minds the customer continuity and stability and it follows this subject as the responsibilities of certification manager and operation manager in accordance with policy and quality targets. To show its approach for this subject, it gives the plackets, promotions and rewards to 5, 10, 15, 20 yearly customers.

Certified companies audit performances are checked out continuously by operation manager and in case of necessity, corrective action is prepared.

If certification manager satisfied with applied company’s management system conformance and capability of keeping continuity of standards and the organization is really displays activity, Kalitest makes a decision to give the certificate. Certificate usage rights belongs to company, however property right belongs to Kalitest. Certificates are valid for 3 years since certification registration date. In this period, at least, once in a year surveillance audit must be realized.

As a result of surveillance audits, certificate continuance decision is made as certification decision; there is just one difference; expert’s view is not required, certification manager view is enough.
In case organization does not request the re-certification, this should be informed to Kalitest at least 2 months ago from due date.

6. Suspension and withdrawal of certificate:

7. Organization responsibilities which has certificate:

1) It must be sure that the certification rules are obeyed in any time.

2) Continuity and continuous improvement of system is the responsibility of organization. Validation of certificate depends on this application; this situation will be confirmed with the surveillance audits which will be implemented by Kalitest.

3) Usage of logo must be performed according to the conditions which are mentioned on ‘T-
01 Usage of Logo Instruction’. In case of successful audit, organization deserves to use the KALİTEST logo. Logo should be used by certified organizations and with addresses which are mentioned into certificate. In case it is requested to use the on correspondences, advertisements and promotions, it should be used with certificate number and as including the management standard. Logo should just be used for the scope of registration and organization who responsible for registration. Usage scope and conditions should not be raised any doubt. For any reason whatsoever the certificate duration is terminated, logo usage must be terminated, as well.

4) In required situations, in accordance with SO 9001, ISO 14001, OHSAS 18001, ISO/TS 16949, ISO 13485, ISO 22000, ISO/IEC 27001, the system documents and all studies or particular parts of studies should be reachable by operation manager for reference of studies concerned with Kalitest.

5) Applicant client should inform the revisions which were performed by certified organization, to Kalitest. If the revision is important (for instance cancellation of a procedure), information process should be performed via correspondence, immediately. In case the revisions are minor, these should be informed to Kalitest at following surveillance audit or review visit.

6) Organization should play along with Kalitest to reach the enough objective evidences to show the conformance with audit standard. Otherwise, it is a reason to suspend or withdrawal of certificate. procedure. Withdrawal of certificate and corrective action request from the client.
certificate is withdrawn. (All the decisions are made by certification manager). 3 In case of delaying of the planning audit date more than 2 months. Certificate is suspended. Suspension period is maximally 3 months. In case the audit is not performed at the end of 3 months, the certificate is withdrawn. 4 Due to any reasons (strike, natural disaster, stopping the production/service, etc.), company’s own request for withdrawal or suspension. Suspension period is arranged maximally 3 months as a decision of certification manager. After 3 months, if the audit is not realized, certificate is withdrawn. If the audit is performed after 3 months, certification process is made valid, according to normal conditions. 5 In case of losing the legal conformity of client or having no evidence for
this Certificate is suspended urgently and after 3 months withdrawn.

7) For certification process, a management representative and more than one proxy should be authorized. In case of in absentia of management representative or change of him, proxies are responsible for all activities which are required for certificate, and in case of any change about procedures or instructions and customer complaints, they have to confirm this via signed declaration to Kalitest, at call. Kalitest advised that all the customer complaints and corrective/preventive actions which were implemented into system.

8) For any reason whatsoever, if the certificate will be ended, usage of logo and advertisement materials which include the logo must be stopped immediately. In addition to this, in case of request of Independent Certification Committee, all the materials and information will be accepted as deleted.

9) In case of any important situation, especially any crime or case status, Kalitest Belgelendirme ve Eğitim Hizmetleri Ltd. Şti. Will be informed as soon as possible.

10) Kalitest is entitled to demand the expenses during giving the service.

11) Türkak can make audits with any announcement or without warning. Certified organization
has to accept these audits and show all the systems to Türkak.

8. Wages to be paid by organization:

Annual Wage per Certificate (including surveillance audits): The wage to be paid at the end of the audits for the companies which are deserved to get the certificate. This wage is not paid back in no wise.
Additional Costs: Transportation, accommodation, re- certification and approval, extra flag, etc…
Audit Cost: It has to be paid in any case. (Even that the clients request not to keep the certification)

In addition to this, other expenses for adjustments/revisions related to organization are taken
into consideration. All the costs belong to following steps for certification process. For instance, application wage should be paid before revising the documents, audit wage should be paid before the audit and surveillance audit wage should be paid before the surveillance audit. For 1st annual wage should be paid following the successful audit, before the delivery of certificate to the client.

9) Responsibilities of Kalitest:
1) Kalitest is responsible for the all decisions regarding for preparing the contracts, arranging the audit team, usage of external auditors/experts, realization the audits, giving the certificates, validity of certificates, scope extensions, limitation of the scope, change of address, audits which are performed under the special conditions, suspension of certificates and withdrawal of certificates.

2) Suppliers’ audit planning, visit and period announcements (these visits are performed at least once in a year, in case it is requested, twice in a year).

3) Giving information to the clients about applicable guides and revisions for standards and applied to enough periods to them to revise the concerned processes and procedures as requested.

4) It applies to keep private the information excluding the exclusive for public.

5) Kalitest informs the received customer complaints which belong to the suppliers products.

6) If the certified organization cannot suit the rules temporarily, Independent Certification Committee can request the clients to stop the usage of Kalitest logo and other rights up to period when it is persuaded or up to denial subject is ended.

7) If the certified organization fails to perform these rules, Certification Manager, if he/she requires, can decide to take back the certificate, limitation the certificate scope, not to give the certificate, or not to renewal of certificate. These decisions and decision reasons are informed by Operation Manager via correspondences.

8) Certification Manager can decide to back out the certificate, not to give the certificate or not to renew the certificate in case of bankruptcy of client, closing the deal regulation with the payables, selling out as voluntary or by force (excluding renovation). Those kind of decisions and reasons will be informed to the organization in written.

9) In case the organization or applicant client makes an objection conformance with certification rules for any decision which made by board of directors, this request must be made in 15 days since announcement date which is informed to the establishment officially. Complaint and denial committee will inform to the protestant about the interview which will be performed in 30 days place and date, at least 7 days ago. Protestant will be informed about the committee details and how to deny. Kalitest company manager can make a change for constitution of committee, as requested. Last decision belongs to company manager to constitute the denial committee. Operation manager and certification manager, if they want, have a right not to give their opinion on denial subject during participation of committee where the protestant will also participate. After the committee presidents’ certain and unrecallable explanation with all the participants, the meeting is
ended.

10) These rules can be changed by company manager. In case there are changes to be informed to the company in written by certification manager and in case these changes affect the logo usage conditions and other services, at least 6 monthly permission periodis given to the client to make the related changes.

11) Kalitest services are open for all potential clients. Our services are up and running without any discrimination and without using any excuse for financial conditions. The organizations which are registered by Kalitest, have a list which is announced publicly. If it is requested a printed one, it can be supplied for a small fee.

12) In accordance with the situations which are required for these rules, if there is need to make contact with Kalitest, this process should be performed in written and signed by normal posting, by registered post (pre-paid) or reply paid for determined addresses. Per information which sent us by posting (until the contrary proved) is accepted as 48 hours before posted. To receive the correspondences more effectively, it should be sure about the address information is accurate and correct.