» Technical Bulletin – Update – Revision of IAF MD 4 – Use of Information and Communication Technology (“ICT”) for Auditing/Assessment Purposes

12 July, 2018

This Technical Bulletin is applicable to all Certification Bodies (CBs).

The revised IAF MD 4 was issued on 4th July 2018 with a 1-year implementation period, resulting in an application date of 4th July 2019. Certification Bodies should now be reviewing their processes and procedures to ensure that, where ICT is utilised, the provisions of the Mandatory Document are implemented, and should start to take actions where this is not the case in order to achieve implementation by the above application date.

This updated version introduces quite a significant change in that it now applies to the assessment activities of Accreditation Bodies as well as audit activities of Certification Bodes.

The document provides for a risk based approach to the use of ICT and is intended to achieve consistent application in auditing/assessment, using information and communication technology as part of the methodology. The document states that “The use of ICT is not mandatory, but if used as part of the audit/assessment methodology, it is mandatory to conform to this document.”

At each CB’s next head office assessment, UKAS will be assessing the level of implementation to date to ascertain that the CB is moving towards full implementation in time for the deadline.

As with all IAF Mandatory Documents, any related findings will be raised against the relevant clause of ISO/IEC 17021-1 with reference to the MD as appropriate.

Should you require any clarification on the above, please contact your Assessment Manager; Steve Randall: the Accreditation Specialist for Certification - Steve.Randall@UKAS.com; or Kevin Belson: Technical Manager - Kevin.Belson@ukas.com

Download printable version of this Technical Bulletin