ISO 17021-1

ISO/IEC 17021-1

ISO/IEC 17021-1 establishes the principles and requirements for the competence, consistency, and impartiality of bodies that audit and certify management systems. Published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), it is part of the ISO 17000 conformity assessment family and serves as the foundational standard for certification bodies operating across all types of management systems.

While the standard is sector-neutral, its relevance to the voluntary carbon market lies in its application to bodies that certify GHG-related management systems, including those governed by standards such as ISO 14064-1 and ISO 14068-1. Certification under ISO/IEC 17021-1 provides independent assurance that an organization's management system meets specified requirements, and that the body making that determination has done so competently and without bias.

Within the ICR Program, ISO 17021-1 is only relevant for certification bodies auditing under the EU Carbon Removal and Carbon Farming (CRCF) Regulation.

Key Principles of ISO/IEC 17021-1

The standard is built on seven fundamental principles that govern how certification bodies must operate:

• Impartiality: Certification bodies must remain independent and manage all risks to objectivity, including conflicts of interest between auditors and the organizations they certify.

• Competence: Personnel involved in audits and certification decisions must possess the knowledge, skills, and experience appropriate to the scope of the management system being assessed.

• Responsibility: Certification bodies bear full accountability for their certification decisions and must ensure those decisions are evidence-based and properly documented.

• Openness: Certification bodies must operate transparently, making information about their processes and certification criteria publicly accessible where confidentiality does not apply.

• Confidentiality: Sensitive information gathered during the certification process must be protected from unauthorized disclosure and handled in accordance with defined procedures.

• Responsiveness to Complaints: Certification bodies must maintain clear, accessible, and impartial procedures for receiving, evaluating, and resolving complaints and appeals in a timely manner.

• Risk-Based Approach: Certification bodies must identify and manage risks that could threaten the integrity of the certification process, applying a structured approach to safeguarding the reliability of their decisions.