Auditing is defined as a systematic and independent examination of data, statements, records, operations and performances of an enterprise for a stated purpose. Swiss Approval Auditors perceive and identify the propositions before examination, collect evidences, evaluate them on a standard matrix, and, eventually, formulate their judgment, which is communicated through the Audit Report to the Customer. Our inspectors evaluate the Management Systems of enterprises and organizations, in accordance to Privet / Brand, National or Internationally recognized Standards or based on specific Customers’ requirements / conformity criteria.
An accredited management system certification helps Customers to assure that they achieve maximum benefit and value, out of the service they pay for. By collaborating with an Independent International Organization for Certification with officially recognized, accreditations, worldwide, being integrally approved by International Accreditation Forum (IAF), customers, partners and stakeholders highly benefit from a solid, robust and controlled system of credibility. Once certified, a company’s management systems benefit from risk mitigation and improved operational efficiency, which leads to better performance, less waste, lower costs, and ultimately, greater profitability. A significant growth in the area of Management Systems certification has been observed in recent years. Swiss Approval has more than 1.000 certified customers, within a network that is continuously expanding.
The ISO 9000 family of quality management systems standards is designed to help organizations ensure that they meet the needs of customers and other stakeholders, while meeting statutory and regulatory requirements related. ISO 9000 family, as well as all related QMS’s, focuses on a continual improvement process to achieve the objectives related to the overall performance of an organization such as service delivery, production lines, administration, etc. SiSi is also acting as authorized Auditing Office on behalf of Swiss Approval, in the Quality Management Systems certification sector, offering to the Italian market, a smart and flexible solution for ISO 9001:2015 accredited certificates.
ISO 14000 is a family of standards related to «Environmental Management» that aims to help organizations:
As common practice with ISO 9000 auditing process, evaluation and certification for ISO 14001 is performed in a similar way according ISO 19001 audit standard, and when auditing is performed for both management systems, 9000 and 14000, compliance at once is achieved. ISO 14001 sets out the criteria for an Environmental Management System (EMS). It does not state requirements for environmental performance, but maps out a framework that a company or organization can follow to set up an effective EMS. It can be used by any organization that wants to improve resource efficiency, reduce waste, and drive down costs. Using ISO 14001 can provide assurance to company management and employees as well as external stakeholders, that environmental impact is being measured and improved. SiSi is also acting as authorized Auditing Office on behalf of Swiss Approval, in the Environmental Management Systems certification sector, offering to the Italian market, a smart and flexible solution for ISO 14001 accredited certificates.
OHSAS 18001 is an internationally applied British Standard for occupational health and safety management systems. It exists to help all kinds of organizations put in place demonstrably sound occupational health and safety performance. It is a widely recognized and popular as occupational health and safety management system. Organizations worldwide recognize the need to control and improve health and safety performance and do so with occupational health and safety management systems (OHSMS). The OHSAS 18000 Series consisted of two specifications: – 18001 provided requirements for an OHS management system and – 18002 gave implementation guidelines. SiSi is also acting as authorized Auditing Office on behalf of Swiss Approval, in the Work Safety Management Systems certification sector, offering to the Italian market, a smart and flexible solution for OHSAS 18001 accredited certificates.
ISO 50001:2011 Energy Management Systems (EnMS) – Requirements with guidance for use is a specification created by the International Organization for Standardization (ISO), for an energy management system. The standard specifies the requirements for establishing, implementing, maintaining and improving an energy management system, whose purpose is to enable an organization to follow a systematic approach in achieving continual improvement of energy performance, including energy efficiency, energy security, energy use and consumption. The standard aims to help organizations continually reduce their energy use, and therefore their energy costs and their greenhouse gas emissions. The system is modelled based on the ISO 9001 Quality Management System (QMS) and the ISO 14001 Environmental Management System (EMS), but adding the significant feature of improving the «Energy Management System» and the resulting «energy performance». Improving of quality and environmental performance is not described in the ISO 50001 as a requirement. SiSi is also acting as authorized Auditing Office on behalf of Swiss Approval, in the Energy Management Systems certification sector, offering to the Italian market, a smart and flexible solution for ISO 50001 accredited certificates.
Road accidents belong to the most common causes of injury and death globally. It is estimated that millions of people are killed and injured on roads around the world each year. This fact leads Road traffic safety (RTS) to a global concern with incalculable human, social and economic impact and makes traffic safety increasingly important from year to year. ISO 39001 Standard specifies minimum requirements for a Road Traffic Safety (RTS) Management System interacting with the road traffic system to improve safety and reduce incidents and the risk of serious injury or death due to road traffic accidents. This International Standard is applicable to public and private organizations that interact with the road traffic system such as national and road authorities, Governments, safety groups and private companies. SiSi is also acting as authorized Auditing Office on behalf of Swiss Approval, in the Road Traffic Safety Management Systems certification sector, offering to the Italian market, a smart and flexible solution for ISO 39001 accredited certificates.
ISO 27001:2013 is an information security standard that was published on the 25th September 2013. It supersedes ISO/IEC 27001:2005, and is published by the International Organization for Standardization (ISO) and the International Electro-technical Commission (IEC) under the joint ISO and IEC subcommittee, ISO/IEC JTC 1/SC 27. It is a specification for an information security management system (ISMS). Organizations which meet the standard may gain an official certification issued by an independent and accredited certification body on successful completion of a formal audit process. The official title of the standard is «Information technology— Security techniques — Information security management systems Requirements». SiSi is also acting as authorized Auditing Office on behalf of Swiss Approval, in the Information Security Management Systems certification sector, offering to the Italian market, a smart and flexible solution for ISO 27001 accredited certificates. ISO 27001 is also very important for Companies that are handling information data, and they are interesting to fulfill the GDPR requirements.
The General Data Protection Regulation come into effect on 25 May 2018 and provides a modernized, accountability-based compliance framework for data protection in European Union Countries. The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a Regulation by which the European Authorities framework, intend to strengthen and unify data protection for all individuals within European Union market. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for International Business, by unifying the regulation within the EU. The figure of Data Protection Officers [DPO’s] will be at the heart of this new legal framework for many organisations, facilitating compliance with the provisions of the GDPR. Under the GDPR, it is mandatory for certain controllers and processors to designate a DPO. This will be the case for all Public Authorities and Bodies (irrespective of what data they process), and for other organisations that – as a core activity – monitor individuals systematically and on a large scale, or that process special categories of personal data on a large scale. Even when the GDPR does not specifically require the appointment of a DPO, Organisations may sometimes find it useful to designate a DPO on a voluntary basis. The Article 29 Data Protection Working Party, encourages these voluntary efforts. The concept of DPO is not new. Although Directive 95/46/EC3 did not require any organisation to appoint a DPO, the practice of appointing a DPO has nevertheless developed in several Member States over the years. DPOs act as intermediaries between relevant stakeholders (e.g. supervisory authorities, data subjects, and business units within an organisation). DPOs are not personally responsible in case of non-compliance with the GDPR. The GDPR makes it clear that it is the controller or the processor who is required to ensure and to be able to demonstrate that the processing is performed in accordance with its provisions (Article 24). Data protection compliance is a responsibility of the Controller or the Processor. Swiss Approval International, certifies the comliance of Companies and Organizations with the General Data Protection Regulation requirements, through assessment and audit, based on specific GDPR Swiss Approval compliance check List. SiSi is also acting as authorized Auditing Office on behalf of Swiss Approval, in the GDPR sector, offering to the Italian market, a smart and flexible solution for GDPR non-accredited certificates. Swiss Approval GDPR Compliance Certificate, is based on ISO 27001 accreditation, as there is no other related European Standard yet.
ISO 37001:2016 specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be stand-alone or can be integrated into an overall management system. ISO 37001:2016 addresses the following in relation to the organization’s activities:
ISO 37001:2016 is applicable only to bribery. It sets out requirements and provides guidance for a management system designed to help an organization to prevent, detect and respond to bribery and comply with anti-bribery laws and voluntary commitments applicable to its activities. ISO 37001:2016 does not specifically address fraud, cartels and other anti-trust/competition offences, money-laundering or other activities related to corrupt practices, although an organization can choose to extend the scope of the management system to include such activities. The requirements of ISO 37001:2016 are generic and are intended to be applicable to all organizations (or parts of an organization), regardless of type, size and nature of activity, and whether in the public, private or not-for-profit sectors. SiSi is also acting as authorized Auditing Office on behalf of Swiss Approval, in the Anti-Bribery Management Systems certification sector, offering to the Italian market, a smart and flexible Business Passport regarding ISO 37001, through accredited certificates (pending accreditation).