Suspension, Withdrawal, Reduction, Refusing & Restoring of Certification

Information below provides details on the certification body’s processes for issuing, refusing, maintaining, renewing, suspending, restoring, or withdrawing certification or expanding or reducing the scope of certification.

Issuing of certification:

SourcetekIT auditor will present the audit report, any corrective action plans and supporting evidence to the internal certification committee to perform a detailed review upon completion of the initial certification, recertification or certification transfer audit process. This review will conform that the Company’s management system is following the applicable CSC standard and non-conformities have been properly addressed. SourcetekIT will issue the certificate once after approval from the certification committee.

Refusing of certification process:

If SourcetekIT certification committee finds some open issues or non-conformities during a detailed review of the submitted audit package, the certification committee will provide a reasonable time to the company to resolve the non-conformities and hold the certification decision till that deadline. A new initial certification audit will be required once the Company fails to provide the remedy against those non-conformities prior to the deadline.

Maintaining certification process:

SourcetekIT maintains the record of certified clients and informs them whenever they are due for their annual surveillance audits in years two or a recertification audit prior to the expiration of the certification. SourcetekIT certification committee will review these audits finding and may suspend or withdraw the Company’s certification if the required audits are not performed or open non-conformities have not been properly addressed.

Restoring of certification process:

Restoring after certification cancellation will be on the same basis, and follow the same process, like that of initial application for a new client. This will require a full assessment, with optional document review at the discretion of SourcetekIT.

Suspension or Withdrawal of certification process:

The following reasons are considered grounds for suspension or cancellation:

  • Major non-conformance(s) or effective corrective action not implemented within a specified time period.
  • Improper use of the certificate, symbol or logo not remedied to the satisfaction of SOURCETEKIT
  • The client ceases to supply the product or service of the certified management system for an extended period of time.
  • The client’s certified management system has persistently failed to meet any of the requirements for certification including requirements for the effectiveness of the management system.
  • Client fails to meet financial obligations to SOURCETEKIT
  • The client makes a formal request to withdraw certification.
  • Infringement by the client of any contractual conditions between the client and SOURCETEKIT
  • The client is unable or unwilling to ensure conformance with revisions of standards.
  • Existence of a serious complaint, or a large number of second- or third-party complaints, which indicate that the Information security management system is not being maintained.
  • The client does not allow routine surveillance to be conducted at the required frequency

The suspension or cancellation can be initiated if the client does not allow routine surveillance to be conducted at the required frequency. The routine surveillance is carried out not more than 12 months from the last audit. In case the audit is not done within 12 months (13 months in case of yearly surveillance), the certificate is suspended and a letter is sent to the client requesting him to agree for the audit. In case of a delay of up to 3 months (15 months from the last audit), the audit time shall be extended by 50% of the routine surveillance time (at least 1 day). Successful completion of the audit within 15 months shall not impact the certification.

In case the audit is not done within 15 months, the certificate is canceled and the client shall be considered as a fresh case for certification. The above are for special conditions like strike, natural calamities, business operations (case to case basis), etc.

Expansion of certification process:

At the request of the Company through an application process, SourcetekIT will request and review documentation supporting the additional scope. Upon completion of the review, an on-site audit will be performed to determine the conformance of the Company’s additional scope with the applicable CSC standard. This may require an addendum to the contract and/or additional fees.

Reduction of certification process:

SOURCETEKIT shall wherever applicable reduce the scope of certification if during the time of routine surveillance audits / Re approval or Renewal audits it finds that the certified client has continually / seriously failed to meet the certification requirements for those parts of the scope of certification. The reduction in scope will be approved by the Quality Manager.

"Find out how you and your organization can be in compliance with the appropriate security controls and regulations.”

Contact Us