Confidentiality | ICS International Certification

CONFIDENTIALTY POLICY STATEMENT

Staff and Sub contractor Requirements

All information received by or available to ICS International Certification staff, sub-contractors or committee members (in whatever format) received in conducting audit activities, or during other certification activities, or during any dealings with an organisation for any other reason shall be regarded as strictly confidential and shall not be divulged to any 3rd party (unless specified in ISO 17021:2011) without the express permission of the organisation or individual concerned. The requirement to keep confidential any information will also include any organisation that has a legitimate right to audit or inspect ICS International Certification i.e. UKAS.

Where ICS International Certification is required by law to release confidential information to a third party the client or individual concerned shall, unless regulated by law, be notified in advance of the information provided

However where the organisation is seen to be operating contrary to legal requirements or has operating practices which pose a danger to staff, customers or the environment ICS International Certification reserves the right to immediately report any such incident to the relevant authority. Any such reporting will only be undertaken with the permission of a Director.

Access to Records

All records will be retained in a secure manner, only accessible to authorised staff via either paper records or password controlled electronic records. Sub-contractors will be limited to accessing information produced by them in conducting an audit. Records will only be made available to organisations who can demonstrate a legitimate (and legal) right to view those records and specifically to Accreditation Bodies eg UKAS.

Confidentiality Declarations

All staff, Sub Contractors, Directors and Committee Members will be required to agree to ICSS confidentiality policy and sign a confidentiality agreement. Sub-contractors will also sign an agreement which also contains the responsibility to maintain confidentiality.

IMPARTIALITY POLICY STATEMENT

ICS International Certification India Pvt. Ltd. is the legal entity responsible for certification activities; reference to ICS International Certification in this Policy and Public Statement refers to these legal entities.

ICS International Certification its Directors, Staff and Sub-contractors fully understands the importance of impartiality in undertaking its Certification Activities. ICS International Certification will therefore ensure that in all its dealings with clients or potential clients all employees or other personnel are and will remain impartial. To ensure that impartiality is both maintained and can be demonstrated the following principals have been established.

ICS International Certification are only issued following a review by an independent authorised and competent member of the management team (who has not been involved in the audit) to ensure that no interest shall predominate

ICS International Certification does not offer (and has never offered) management system consultancy or any other form of consultancy to companies or individuals.

ICS International Certification does not offer (and has never offered) an internal audit service to its certified clients.

ICS International Certification does not own or have any interest (financial or otherwise) in any other company that offers certification or management system consultancy services.

ICS International Certification does not have (and will not form) any relationships with companies who offer consultancy or other services that can be construed as having an impact on the certification services provided by ICS. Any proposed relationship between ICS International Certification and any other company will undergo a risk assessment by the Committee for Impartiality prior to that relationship being formalised. Any current relationships with companies, organisations and individuals will be risk assessed on a regular basis to ensure that the relationship does not impact upon the impartiality of the certification process.

Individuals employed by or otherwise contracted to ICS International Certification are required to document and record their current and past relationships with all companies. Any situation past or present which may present a potential conflict of interest is required by ICS International Certification to be declared. ICS International Certification will use the information to identify any threats to impartiality and will not use that individual in any capacity unless they can demonstrate that there is no conflict of interest.

ICS International Certification will not allocate a member of staff or sub-contractor to a management system audit where any past relationship has existed. Exceptionally and at the discretion of the Technical Manager or Directors an individual or sub-contractor may be allocated to a management system audit where a past relationship has existed but there has been no relationship for a minimum of 2 years.

ICS International Certification does not and will not offer any commission, (finders fees or other inducements) to any individual or company in respect of referrals of clients unless:

The terms and conditions of any such referral are clearly established and can be demonstrated and it can also be demonstrated that the fee is for a referral and the fact that a commission has been paid will in no way effect the outcome of an audit.
A risk assessment (to establish the potential for an unacceptable threat to impartiality) has been carried out on the process through which any such payment is made to an individual or organisation (normally a consultant) requesting the commission for referrals.
All such payments are documented, recorded, and traceable and accompanied by a purchase order and invoice.

ICS International Certification does not offer specific training to any company in respect of implementing a particular standard for that company. Any training offered by ICS International Certification is general in nature and available to all companies or individuals who wish to attend.

ICS International Certification will ensure that it is not linked or marketed in any way which links it with the activities of a management system consultancy and will take appropriate action should any such link be identified.

Auditors and others involved in the certification process are not and will not be put under any pressure and will not be influenced in any way to come to a particular conclusion regarding the result of an audit.

ICS International Certification Impartiality Norms:

No outsourcing of Audits to Consultancy Organisation.

No Referral Fees to be paid to Consultancy Organisation.

Facts based communication to Clients/ Consultancy Organisation.

Adherence to all Accreditation and other ICS International Certification Policies.

ICS International Certification shall not carry out any other conflicting services other than its core business of Certification.

ICS International Certification shall not employ any professional conflicting its ethical policies.

ICS International Certification shall not allow any of its auditors to market the services and conduct the audits for the same client.

ICS International Certification shall not allow any of its auditors to carry out financial transactions with clients / consultants.

ICS International Certification shall not carry out business with any consultant inducing pressures to compromise impartiality.

All employees of ICS International Certification shall disclose any situation impairing the business ethics.

ICS International Certification shall not allow any of the auditors to carry out audits for the client at least for 2 years from the date of relinquishment from their services for the client.

ICS International Certification shall not allow any auditor to compromise on the audit timing as required as per the accreditation/ ICS International Certification.

ICS International Certification shall not allow any auditor to conduct the audit for the client for which it has not been approved for.

ICS International Certification shall maintain transparency with regard to all information.

No auditor shall divulge any confidential information of the client to any third party without written consent from the client and approval by MD

No auditor shall carry any client information with them after the usage period. All client information shall be returned after usage.

Utmost care/verification to be carried out for granting the right scope of certification.

Any unethical practice observed should be notified to the management at the earliest.

ICS International Certification shall not allow any of its auditors to accept any gifts from client/consultant of value greater than INR 500.

ICS International Certification shall not allow any auditor to conduct audit for the organization where any of its family members / close relatives are involved at a decision making position.

Disciplinary actions for non-adhering to impartiality policies shall be taken by the Management in consultation with Impartiality Committee.