FAQ 24

If an on-site assessment activity is postponed due to the suspension of the CAB, what is deemed acceptable when taking the period between on-site assessments into account (clause 7.9.3 of ISO/IEC 17011:2017)?

STANDARD: ISO/IEC 17011  ·  CLAUSE: Clause 7.9.3  ·  TOPIC: Accreditation Cycle


Prior to lifting the suspension of the CAB, an AB shall take into account the required two-year maximum allowed between on-site assessments. If the maximum has been exceeded, an on-site assessment shall be conducted to assess the CAB’s continued compliance with the accreditation requirements (including any suspension prerequisites) prior to reinstating the accreditation.

Note: Clause 3.18 of ISO/IEC 17011:2017 defines suspension as temporary restriction.

FAQ 23

When a reassessment activity and an accreditation decision are postponed due a CAB’s suspension status, is it acceptable for the accreditation cycle to be longer than 5 years?

STANDARD: ISO/IEC 17011  ·  CLAUSE: Clause 7.9.1  ·  TOPIC: Accreditation Cycle


No, the requirement in clause 7.9.1 of ISO/IEC 17011:2017 states that an accreditation cycle shall not be longer than five years. This is independent of the CAB’s accreditation status.

Note: As stated in IAF COVID-19 FAQ No. 27, due to complications with the COVID-19 pandemic, the assessment can be postponed up to 6 months, and the validity of the accreditation certificate prolonged by the same duration, on the condition that the next accreditation cycle starts from the original end date of the previous cycle.

FAQ 22

What is the role of Annex A? Is it informative in the document but normative in interpretation of clause 6.1?

STANDARD: ISO/IEC 17011  ·  CLAUSE: Annex A  ·  TOPIC: Competence of AB personnel


As stated in the standard, Annex A serves as a summary of the competence requirements found in sections to It is an informative annex that indicates which normative requirements of the standard relate to the identified “Accreditation activities” and “Knowledge and skills” associated with those activities. Annex A, while not normative, indicates which sections of the standard contain the normative requirements associated for the areas indicated in Table A.1.

FAQ 21

What is sufficient evidence that risk was considered in the development of an assessment programme for accreditation schemes established prior to the publication of ISO/IEC 17011:2017?

STANDARD: ISO/IEC 17011  ·  CLAUSE: 7.9.2 & 7.9.3  ·  TOPIC: Assessment program and accreditation cycle


The first exercise of establishing an assessment program based on risk will probably have to accept assumptions and hypothesis, since previous risk analysis may not have been documented as required by the current version of ISO/IEC 17011.

FAQ 20

Must the accreditation decision be made within the maximum 5 years’ assessment cycle?

STANDARD: ISO/IEC 17011  ·  CLAUSE: 7.9.1  ·  TOPIC: Assessment program and accreditation cycle


Accreditation cycle begins (according to 7.9.1) at or after the date of decision for granting or decision after the reassessment. Accreditation cycles shall not be longer than 5 years. Clause 7.9.4 requires the reassessment to be completed before the end of the cycle, but the standard does not state that the decision after the reassessment shall be taken before the end of the cycle. Nevertheless clause 7.6.8 requires AB to define time limits for the CAB to respond to the assessment reports and clause 7.7.5 requires AB to take decisions “without undue delay” so it is expected that the decision after the reassessment shall be taken in dates close (but not necessarily before) the end of the cycle.

FAQ 19

If accreditation information/certificates are issued by an Accreditation Body to the previous version of an accreditation standard, must the expiration date (if listed) be listed up to but not exceeding the stated transition deadline established by ILAC/IAF?

STANDARD: ISO/IEC 17011  ·  CLAUSE: 7.8.1 f)  ·  TOPIC: Validity of accreditation information


No, the date listed on the accreditation information/certificate can be the end date of the normal accreditation cycle of the AB, but it is the responsibility of the AB to ensure that all accredited CABs have transitioned by the stated deadline established by ILAC/IAF. If an accredited CAB has not completed the transition by the deadline then the AB must take the appropriate adverse action to ensure it is clear that the accreditation is no longer valid. The AB will also need to ensure that the accreditation information/certificates are updated appropriately when the transition process for the accreditation is completed.

FAQ 16

What is minimally required to be included in the assessment plan?

STANDARD: ISO/IEC 17011  ·  CLAUSE: 7.4.7  ·  TOPIC: Assessment plan


The goal of the assessment plan (also known as “agenda”) is to enable the assessment team to perform an efficient assessment, and for this the information included must be sufficient for the CAB to be prepared to perform the conformity assessment activities. Normally, this includes CAB’s scope (generic or specific), locations (physical and virtual) and personnel (names and/or functions) as well as a timetable or time schedule of activities to be performed and the persons involved – ISO 19011 can also be used to have additional guidelines.

FAQ 15

ABs will be adopting different and varying practices to cover and “record” the risks taken into consideration when preparing for an assessment.  What are types of records are acceptable evidence of compliance to this clause of the standard?

STANDARD: ISO/IEC 17011  ·  CLAUSE: 7.4.6  ·  TOPIC: Preparation for assessment


It is not possible to provide a prescriptive list of risk factors that impact on the development of an assessment plan. As stated in §7.4.6, ABs need to consider the activities to be covered, and how they will be assessed (e.g. by witnessing), the locations to be assessed and the CAB personnel to be considered. ABs need to take into consideration whether the assessment is an initial assessment or whether the plan is being developed for an accredited CAB which may alter the CAB’s risk profile.

The following will need to be considered:
1- If all risks have been considered,
2- if all risks have been evaluated,
3- whether residual risks remained and why they were deemed acceptable.