FROM IMPLEMENTATION TO CERTIFICATION
The procedure of a certification process for IT service management acc. to the international standard ISO/IEC 20000 is broken down into the project phases described below. This procedure also applies to Managementsystems acc. to ISO/IEC 27001 as well as to integrated management systems
with combined audits.
Information: An initial interview with CIS furnishes details about the certification process.
This is followed by registration and project planning.
___________
Analysis: Evaluation of the individual requirements and assessment of existing measures
within the company. CIS as an independant Certification Body is not involved here.
Implementation: Establishing measures according to the requirements placed by the standard.
CIS as an independant Certification Body is not involved here.
____________
CIS Stage Review (voluntary preliminary): Upon request, CIS reviews
the conformance and usefullness of the implemented elements during the project.
CIS System & Risk Review (preliminary): CIS reviews interpretation of the requirements placed by the standard as well as the documentation. Deficiencies and opportunities for improvement will be laid down in a short report. Thus you are optimally prepared for the Certification Audit.
CIS Certification Audit: The CIS Auditor reviews the new managementsystem by making multiple samples on all levels of the organization. The audit report shows future opportunities for improvement.
___________
CIS Licence: By obtaining the “Certificate Issuance & Right to Use Licence”, you obtain the Attestation of Conformity, which will be valid for three years – the CIS Certificate, which makes quality of the managementsystem visible even to your customers.
CIS Surveillance Audit: The Surveillance Audit, which is conducted once a year, reviews effectiveness of the overall managementsystem as well as continual improvement.
CIS Recertification Audit: After 3 years, the Certificate, which has expired, can be renewed.
