This article discusses the process for certification of Asset Management systems against the ISO 55000 suite of standards. It contains information that will be useful for individuals wishing to become ISO 55000 auditors, organisations wishing to become Conformity Assessment Bodies (CABs), as well as for organisations wishing to have their Asset Management systems assessed against the requirements of ISO 55001.
About the ISO 55000 suite
On January 10 2014, the International Organisation for Standardisation (ISO) published the ISO 55000 suite of standards for Asset Management. This suite consists of three separate documents:
- ISO 55000:2014 – Asset management – Overview, principles and terminology
- ISO 55001:2014 – Asset management – Management systems – Requirements
- ISO 55002:2014 – Asset management – Management systems – Guidelines for the application of ISO 55001
As the titles suggest, ISO 55000 contains definitions of key terms, as well as describing the principles which underpin the other two documents. ISO 55001 contains the specification of the requirements which an Asset Management system must meet in order to be certified compliant. ISO 55002 is a guidance document, intended to shed light on how ISO 55001 should be interpreted.
The key point here is that certification will take place against the requirements of ISO 55001 – not ISO 55000. However in order to interpret the (fairly broad) compliance statements contained within ISO 55001, it will be essential for auditors and those being audited to also understand the contents of ISO 55000, and, to a lesser extent, ISO 55002.
So how does this certification process work? Who can offer certification services? And what skills do certifying auditors have to have? To answer these questions, we need to understand the framework that is applied by ISO for certification against all of its management systems standards (for example ISO 9001 – Quality Management Systems, ISO 14001 – Environmental Management systems, etc.).
The ISO framework for certifying management systems
In ISO-speak, Conformity Assessment is the process used to show that a product, service or system meets specified requirements (see http://www.iso.org/iso/home/about/conformity-assessment.htm). Conformity Assessment is the process that an organisation must go through in order to for their management systems to be certified as complying with the requirements of any of the ISO Management standards (including ISO 55001 – Asset Management).
ISO itself doesn’t provide certification or conformity assessment – this service is provided by so-called “Conformity Assessment Bodies” or CABs. However ISO has produced standards to help make conformity assessment as consistent as possible amongst these CABs. These standards specify what a CAB needs to do to be seen as capable of performing conformity assessments such as management system certification. ISO has also assisted with the establishment of Mutual Recognition Arrangements (MRAs), whereby certification obtained in one country is recognised as being acceptable in other countries.
The ISO committee that performs these activities related to conformity assessment is called the Committee on Conformity Assessment (CASCO) . Amongst its other activities, CASCO has established liaisons with many international organisations involved in conformity assessment and certification in order to ensure the consistent application of assessment standards throughout the world. Amongst these is the International Accreditation Forum (IAF).
The IAF is the world association of Conformity Assessment Accreditation Bodies (CAABs). Its primary function is to develop a single worldwide program of conformity assessment. Once again, the IAF does not directly provided certification or conformity assessment. Instead, its membership is open to (mostly National) bodies that conduct and administer programmes by which they in turn accredit CABs. IAF members are required to join the IAF Multilateral Recognition Agreement (MLA) recognising the equivalence of other members’ accreditations to their own.
Members of the IAF include organisations such as:
- the Joint Accreditation System of Australia and New Zealand (JAS-ANZ), in Australia and New Zealand
- the United Kingdom Accreditation Service (UKAS), in the United Kingdom
- the American National Standards Institute – American Society for Quality National Accreditation Board LLC (ANAB), covering Management Systems accreditation in the USA
- the National Accreditation Board for Certification Bodies (NABCB), in India
- and many others
To see a complete list of IAF members, visit http://www.iaf.nu/articles/IAF_Members_&_Signatories/4%20
These National CAABs in turn certify CABs as being competent to perform assessments and issue certificates of conformance against specific standards. They also ensure that CABs are not subject to conflicts of interest. CAABs provide ongoing authoritative oversight of CABs in order to ensure that standards are being applied consistently and to an appropriate level of quality. One of the items to note, with regard to being independent of conflicts of interest, is that CABs are not permitted to both certify compliance with standards and also provide consultancy services to assist organisations to achieve compliance – not even if the certification is provided to an organisation for which no consultancy services were provided. This is considerably more stringent than the requirements for the Institute of Asset Management (IAM) Endorsed Assessors Scheme, used for assessing compliance with PAS 55, and many existing IAM Endorsed Assessors may have difficulty (or may choose not to) become CABs due to this requirement.
- Conformity Assessment Bodies are not required to be able to certify organisations against all the ISO Management Standards – they may elect to certify organisations against a subset of these standards. So, for example, some CABs may elect solely to assess compliance with ISO 9001, and their CAAB would only authorise them to certify against this standard. For a list of CABs in your country, and the standards that they are authorised to assess against, contact the relevant CAAB in your country (see http://www.iaf.nu/articles/IAF_Members_&_Signatories/4). These will often be listed on a page on the relevant website.
As an example, JAS-ANZ (the CAAB for Australia and New Zealand) has the following information on its website:
- A list of authorised CABs (http://www.jas-anz.org/index.php?option=com_content&task=blogcategory&id=44&Itemid=1)
- A list of Management Systems JAS-ANZ authorises CABs against (http://www.jas-anz.org/index.php?option=com_content&task=blogcategory&id=23&Itemid=1This)
As at 26 January 2013, the Asset Management Systems scheme is not yet listed, so there are currently no CAB’s authorised by JAS-ANZ to certify compliance with this scheme. This is hardly surprising, given the recency of issue of ISO 55000/1/2.
Similar lists exist for other countries. For example,
- UKAS (the UK CAAB) provides a list of CABs at http://www.ukas.com/about-accreditation/accredited-bodies/
- ANAB (the USA CAAB) provides a list of CABs at http://anabdirectory.remoteauditor.com/
- NABCB (the India CAAB) provides a list of CABs at http://www.qcin.org/nabcb/pop/rbodies.php
So the structure for certification authorities looks something like the following:
International Organisation for Standardisation (ISO)
Establishes standards
CASCO
ISO committee establishes standards for conformity assessment
International Accreditation Forum (IAF)
Ensures alignment and compliance between Confirmity Assessment Accreditation Bodies (CAABs)
Conformity Assessment Accreditation Bodies (eg. JAS-ANZ)
Appoints and monitors Conformity Assessment Bodies (CABs) and ensures they comply with conformance standards
Conformity Assessment Bodies (eg. Bureau Veritas)
Provide Conformity Assessment and Certification services, issues Certificates of Compliance
Ensuring the competence of assessors
One of the standards that has been established by ISO which applies to Conformity Assessment is ISO/IEC 17021:2011 – Conformity assessment – Requirements for Bodies Providing Audit and Certification of Management Systems. This contains principles and requirements for the competence, consistency and impartiality of the audit and certification of management systems of all types, including Asset Management Systems. It is a requirements standard intended for use by CAABs (e.g. JAS-ANZ or UKAS), when assessing and accrediting Conformity Assessment Bodies (CABs).
The expectation is that CABs that use ISO 17021:2011 will be able to ensure competent audit teams, with adequate resources, following a consistent process and reporting audit results in a consistent manner.
All CABs were given 2 years from the publication of ISO 17021:2011 on 1 February 2011 to demonstrate conformance with that standard, and so now, in early 2014, all CABs should be compliant (see http://www.iso.org/iso/iaf-iso-communique_iso17021-2011-transition-rev2rf.pdf for more details). Amongst other things, this requires them to demonstrate that they have established competence criteria for and performed evaluation of their auditors. ISO 17021:2011 defines competence as “the ability to apply knowledge and skills to achieve intended results”.
Of particular relevance to the assessment of Asset Management systems is the section of ISO/IEC 17021:2011 that relates to the competence of auditors assessing Asset Management systems. This is contained in Part 5 of ISO 17021:2011 (ISO 17021-5). As of February 3, 2014, this update to ISO 17021:2011 has not yet been published, but if it falls in line with the competency requirements contained in other parts of ISO 17021:2011 for other management systems, it is likely that auditors will need to demonstrate that not only do they have the requisite auditing skills and knowledge of ISO 55000, but also that they have sufficient experience in applying asset management principles and techniques in order to allow the organisations that they are auditing to be able to “achieve intended results”. This is likely to mean that auditors will need to demonstrate practical experience in applying Asset Management principles and techniques, and may also mean that they may need to demonstrate this experience within their client’s industry, or a closely related one.
However, on January 29, 2014, the Institute of Asset Management (IAM) advised all of its current PAS55 Endorsed Assessors that, although ISO17021-5 has been approved, they do not anticipate that any country will launch Accreditation of Assessor Bodies in less than two years. For that reason, they propose to continue the existing Endorsed Assessor appointments. The IAM’s Assessment tool has been updated to allow its use for assessing conformance with either PAS55 or ISO55001 (at the time of writing, this last functionality is in final testing).
An IAM Endorsed Assessor cannot, unless it is a CAB, issue a Certificate of Conformance against ISO 55001 that will be globally recognised. However asset-owning organisations can have confidence that IAM Endorsed Assessors have been formally deemed to have the competencies and experience required by the IAM, and that they are equipped with the skills and tools to be able to accurately and efficiently identify any gaps that may prevent an organisation from achieving formal ISO 55001 certification. We are an IAM Endorsed Assessor.
So what does this all mean in a practical sense?
Does your organisation wish to be certified against ISO 55001?
There are a few things that you will need to consider if you wish to your Asset Management systems to be certified as compliant with the requirements of ISO 55001.
Formal certificates of compliance can only be issued by a certified Conformity Assessment Body (CAB). If you require a formal certificate of compliance, ensure that you select a CAB that is properly authorised by its CAAB to deliver a compliance assessment against the requirements of ISO 55001. At time of writing (February 3, 2014), there are no CABs that have been certified by their CAAB to deliver this service. To find an appropriate CAB, first go to the list of CAABs on the IAF website (at http://www.iaf.nu/articles/IAF_Members_&_Signatories/4), select your country, and then click on the link through to the CAAB that is relevant for your country. Then navigate your country’s CAAB website (or otherwise contact them) to find a CAB (or CABs) that has been authorised by them to deliver compliance assessments for the Asset Management systems scheme (ISO 5500X). Note that all CABs are required to comply with the requirements of ISO/IEC 17021:2011, and (once it has been released), the requirements of ISO 17021-5. These specify the competency requirements for auditors, and more specifically, the competency requirements for Asset Management systems scheme auditors.
Also, bear in mind that even though all authorised CABs will have met the minimum requirements to become ISO 5500X certification bodies, there are likely to be significant differences between them – particularly in terms of their experience within your industry, and their knowledge of the specific requirements and practices that exist within your industry. So it may be worth shopping around to make sure that you get the best value assessment for your $ – and this may not necessarily be the cheapest.
Finally, if your organisation is already certified against other Management Systems schemes (Quality Management, Safety Management, Environmental Management etc), you may wish to consider whether there are synergies in having all of these assessments done at the same time, by the same CAB – or whether there is value in engaging specialist CABs with the necessary experience to assess some, or all, of these systems separately.
Does your organisation seek a “gap assessment” against the requirements of ISO 55001?
If you do not require a formal certificate of compliance, but are only seeking to assess the extent of any gaps between your current Asset Management system and the requirements of ISO 55001 (for example, as part of a pre-certification audit, or in order to establish an Asset Management improvement program), then you have more options open to you. While formal certificates of compliance can only be issued by a certified Conformity Assessment Body (CAB), there are no restrictions on the organisations that can provide gap assessments and/or consultancy to assist with bridging those gaps. If all that you are seeking is a gap assessment (and potentially some assistance with bridging that gap), then you may be better served by approaching one of the many Asset Management consultancies (such as ourselves) who can provide this assistance, rather than a CAB. This is particularly the case during the early stages of adoption of ISO 55000, as at the time of writing this article there are currently no recognised specialist Asset Management consultancies that are CABs, and the restrictions on becoming a CAB will essentially mean that few, if any, of the stronger consultancies will apply to become a CAB. Equally, the existing CABs will be unlikely, in the early days, to have auditors who will have the requisite skills in Asset Management to provide a meaningful gap assessment. While this will undoubtedly change over time, auditor competence is likely to be a significant issue and barrier to effective compliance assessments, at least in the short term.
Organisations that are not CAB’s, but which provide “gap assessments”, such as consulting organisations, are not required to comply with the requirements of ISO/IEC 17021-5. Indeed they cannot receive certification against ISO 17021:2011, as this is only available to CABs. Most of the reputable consulting firms will have adequately skilled and experienced personnel who meet those requirements and are therefore capable of providing high quality advice, but caveat emptor. If you are procuring Asset Management consulting services it will be essential to check out the credentials of both the organisation you are hiring, and the staff that they are putting forward to assist you. One way of identifying organisations that have demonstrated competence in assessing Asset Management System gaps is by referring to the Institute of Asset Management’s (IAMs) list of Endorsed Assessors. At the time of writing this article, 39 organisations have been endorsed by the IAM as being competent to assess against the requirements of PAS 55, the precursor to ISO 55000. This includes Assetivity.
Does your organisation wish to become a CAB for ISO 55001?
The situation here is different depending on whether your organisation is already a certified Conformity Assessment Body (CAB) or not.
If your organisation is already a CAB, then you will first need to ensure that your audit team holds the competencies outlined in ISO 17021-5, when it is issued. This will, more than likely, involve recruiting or otherwise engaging additional personnel with those competencies. In addition, you will need to ensure that your organisation meets any additional requirements placed on it by your CAAB that are necessary to become accredited by your CAAB to certify against the requirements of the Asset Management Scheme and ISO 55001. It is likely that CAABs will not certify CABs as Asset Management System accreditors until such time as ISO 17021-5 is released and CABs can demonstrate that they meet the requirements contained within that standard. Even then, CAABs may place additional requirements on CABs before certifying them as Asset Management System assessing organisations. If you are a CAB, then I suggest checking with your CAAB regarding their specific requirements before going too far in promoting your capabilities in this area. While it should be expected that the requirements will be largely identical from country to country, some National CAABs may have slightly different ways of assessing those requirements.
On the other hand, if your organisation is not yet a CAB, then it will first be required to become one. This is not a simple exercise, and may take many months. As an example, the process for Australian or New Zealand organisations to become accredited by JAS-ANZ to become accredited as an ISO 9001 Quality Management System CAB involves five steps:
- Application – applying involves
- Meeting the accreditation criteria contained in nine separate documents – including ISO/IEC 17021:201
- Reviewing and ensuring that your organisation complies with eight separate policy documents
- Completing up to four separate application documents
- Desktop assessment of your organisation’s documented systems by JAS-ANZ
- On-site assessment of your organisation’s documented systems and competence by JAS-ANZ – including witnessing your organisation performing a Quality Management Systems assessment
- Review of JAS-ANZ’s report on your documented systems by JAS-ANZ’s Accreditation Review Panel (ARP)
- Final Decision regarding your organisation’s application
(See http://www.jas-anz.org/index.php?option=com_content&task=blogcategory&id=21&Itemid=1 and http://www.jas-anz.org/index.php?option=com_content&task=view&id=46&Itemid=1)
The criteria and processes in other countries are likely to be different, but no less rigorous. Check with the CAAB in your country for the exact process that applies.
The first hurdle to be overcome in order to become a CAB (for most organisations with an interest in, and competencies in, Asset Management) is to demonstrate independence and a lack of conflict of interest. This generally will not only mean that your organisation (as a CAB) must not provide consultancy services in Asset Management (although the provision of training is generally considered acceptable), but that your organisation must not be organisationally related to another organisation which provides consultancy services in Asset Management (such as may exist, for example, if a subsidiary organisation, parent organisation, or organisation sharing a same parent organisation as yours provides consultancy services). This fairly strict restriction is clearly intended to avoid the situation where the application of creative corporate ownership structures is used to give the appearance of independence, when, in fact, organisational independence and freedom from conflicts of interest are compromised.
If a CAB engages an Asset Management consultant, under contract, in order to provide the necessary competent personnel required to conduct an assessment, this may also breach the requirements relating to independence and conflict of interest. The specific requirements may vary from country to country, but as an example, in Australia, JAS-ANZ states that individual assessors (including contract assessors) would have a conflict of interest if any of the following conditions apply either to them personally, or to the organisation that they work for:
- having worked with, or consulted to the organisation (being assessed) in the past two years; or having reasonable future prospect of such work;
- having any immediate family member working with or consulting to the organisation (being assessed) in the past two years; or having reasonable future prospect of such work;
- owning shares or any immediate family member owning shares in the organisation (being assessed) or its parent organisation;
- having, or immediate family member having any other commercial or voluntary arrangement or directorship with the organisation (being assessed);
- having a relationship with either an applicant or an accredited CAB; or
- is in direct competition with an applicant or accredited CAB.
(See http://www.jas-anz.org/images/stories/Documents/Procedures/procedure07.pdf).
What this all means is that, essentially, organisations will need to decide whether they wish to be a CAB or a consulting organisation in the field of Asset Management. Unlike the situation that exists at the moment for IAM Endorsed Assessors, one organisation cannot be both a consultant and official certifier. It should be emphasised, however, that there is nothing to stop consultancies from providing “gap assessments” against ISO 55001 or providing other ISO 55001 assessment services. They cannot, however, issue certificates of compliance that will be formally recognised by CAABs and the international community. The rigour associated with becoming a CAB also means that it is highly unlikely that sole traders will invest time in becoming a CAB.
Given all of this, the most likely outcome is that existing CABs will extend their current service offerings to embrace certification against ISO 55001. They will clearly need to engage competent Asset Management professionals in order to do so.
Do you wish to become an ISO 55000 assessor/auditor?
Once again, you have a choice to make. As an individual, if you wish to become an “official” ISO 55000 Assessor/Auditor – one who is part of a team that can officially accredit organisations as being compliant with the requirements of ISO 55001 – then you will need to either be employed by, or contract your services to, a Conformity Assessment Body (CAB) which is, in turn, accredited by a CAAB to provide Asset Management System certification. It is possible that you could form an organisation specifically to provide ISO 55001 accreditation services – but your organisation would need to follow the process outlined in the previous section in order to become a CAB.
You will also need to ensure that you meet the competency requirements outlined in ISO/IEC 17021:2011, and in particular those contained in ISO 17021-5, when it is issued. In general terms, it is expected that these competencies would include:
- Understanding of, and demonstrated competence in, auditing in general
- Detailed knowledge and understanding of ISO 55000, ISO 55001 and ISO 55002
- Understanding of, and demonstrated ability to practically apply the key Asset Management processes and tools being assessed (such as Risk Management, Life Cycle Cost Analysis, Asset Management Strategy development etc.)
- Understanding of, and demonstrated ability to understand and apply any industry-specific Asset Management requirements or tools relevant to the organisation being assessed
While some of these competencies can be acquired through training and study (for example, in order to obtain the detailed understanding of the ISO 5500X suite of standards), much of this competence can only be acquired through practical experience in actually “doing” Asset Management. As such, those that are already experienced in Asset Management will have a head start on those that do not, in terms of meeting the Auditor competency requirements.
If you do not wish to become an “official” ISO 55000 Assessor/Auditor – or if you simply wish to build your knowledge and skills prior to becoming an official Assessor/Auditor, then you may wish to consider working for a consultancy that assists organisations to become compliant with ISO 55000. This will give you exposure to the performance of ISO 55000 gap assessments and will also provide you with a more detailed knowledge and understanding of ISO 55000, 55001 and 55002 and how to apply these standards in practice.
In either case, I believe that it is likely that there will be increasing demand for experienced Asset Management consultants and assessors over the next few years as ISO 55000 gains currency and traction.
Conclusion
In summary, we are heading into exciting times regarding Asset Management – times that are full of both promise and, for many, the unknown. I hope that you have found this article useful in providing some clarity around the ISO 55000 certification process. Should you wish to discuss this article further, please feel free to contact me.