FROM IMPLEMENTATION TO CERTIFICATION

The procedure of a certification process for IT service management acc. to the international standard ISO/IEC 20000 is broken down into the project phases described below. This procedure also applies to Managementsystems acc. to ISO/IEC 27001 as well as to integrated management systems
with combined audits.

Information: An initial interview with CIS furnishes details about the certification process.
This is followed by registration and project planning.
___________

Analysis: Evaluation of the individual requirements and assessment of existing measures

within the company. CIS as an independant Certification Body is not involved here.

Implementation: Establishing measures according to the requirements placed by the standard.
CIS as an independant Certification Body is not involved here.

____________

CIS Stage Review (voluntary preliminary): Upon request, CIS reviews the conformance and usefullness of the implemented elements during the project.

CIS System & Risk Review (preliminary): CIS reviews interpretation of the requirements placed by the standard as well as the documentation. Deficiencies and opportunities for improvement will be laid down in a short report. Thus you are optimally prepared for the Certification Audit.

CIS Certification Audit: The CIS Auditor reviews the new managementsystem by making multiple samples on all levels of the organization. The audit report shows future opportunities for improvement.

___________

CIS Licence: By obtaining the “Certificate Issuance & Right to Use Licence”, you obtain the Attestation of Conformity, which will be valid for three years – the CIS Certificate, which makes quality of the managementsystem visible even to your customers.

CIS Surveillance Audit: The Surveillance Audit, which is conducted once a year, reviews effectiveness of the overall managementsystem as well as continual improvement.

CIS Recertification Audit: After 3 years, the Certificate, which has expired, can be renewed.