ReadSafety.com
Home/Standards Library/ISO 17021:2015Last reviewed: July 2026
ISO 17021:2015 · Conformity Assessment

Management System Auditing & Certification

Free guide to ISO/IEC 17021-1:2015 - requirements for management system audit and certification bodies, covering audit programmes.

What you'll learn
  • Audit Program
  • Stage 1 & Stage 2 Audits
  • Certification Decision
  • Surveillance Audits
  • Recertification
Sign in to access the full clause-by-clause guide

Free access - just sign in

ReadSafety.com is completely free. Create a free account or sign in to unlock all ISO standard guides, the interactive Periodic Table, and the knowledge blog.

No credit card required
Free for individuals
All 7 ISO standards

About ISO 17021:2015 - Management System Auditing & Certification

ISO/IEC 17021-1:2015 specifies requirements for bodies providing audit and certification of management systems. It is the primary accreditation standard for third-party certification bodies that issue ISO 9001, ISO 14001, ISO 45001, ISO 27001, ISO 42001, and other management system certificates to organizations worldwide.

The standard establishes requirements for the competence, consistency, and impartiality of management system certification bodies. It covers the full certification process from initial application through stage 1 and stage 2 audits, certification decision, surveillance audits, recertification audits, and the suspension or withdrawal of certificates.

Clause 4 covers principles of certification including impartiality, competence, responsibility, openness, confidentiality, and responsiveness to complaints. Clause 5 addresses general requirements including legal responsibility and management of impartiality. Clause 6 covers structural requirements including the impartiality committee. Clause 7 specifies resource requirements including the competence of auditors, technical experts, and certification decision makers. Clause 8 covers information requirements including publicly accessible information about the certification body and its certified clients. Clause 9 specifies process requirements covering the entire certification cycle. Clause 10 covers management system requirements for the certification body itself.

A key concept in ISO 17021-1 is the audit programme - the set of audits planned for a specific time frame, directed at a specific purpose. Audit programmes must consider the complexity of the client's management system, the results of previous audits, and the significance of the management system to the client's operations.

ISO 17021-1 is supplemented by sector-specific competence documents (ISO/IEC TS 17021-2 for environmental management, ISO/IEC TS 17021-3 for quality management, ISO/IEC TS 17021-10 for anti-bribery management) that specify additional competence requirements for auditors in specific management system domains.

Source: ReadSafety.com - Free ISO Educational Resource by USQC · readsafety.com/iso/17021