Atyab International Services (AIS) Certifications

PROCEDURE FOR AUDIT PLANNING, CONDUCTING AND

REPORTING

Version 1.00

Prepared By: Certification Manager Date: 27.05.2022

Approved By: Assist GM Date: 27.05.2022

 INDEX

Sr. No. Name of Procedures Page No

Audit – Planning, Conducting and Reporting for

QP-09 5
Management System Standards

QP-09 A Audit – Planning, Conducting and Reporting for

Halal Certification of Slaughter House and Meat 26
Processing Plants

QP-09 B Audit – Planning, Conducting and Reporting for 31

Halal Certifications of Food Chain Products

QP-09 C Audit – Planning, Conducting and Reporting for

Halal Certifications of Cosmetics and Personal 41
Care Products

SAMPLING PROCEDURES FOR HALAL

QP-09 D 48
INSPECTIONS AND CERTIFICATIONS

Annexure -A Process Flow of Certification

QP-09 E 51
Process

References 52

Page 2 of 49
QP-09 AUDIT PLANNING, CONDUCTING AND REPORTING Version 1.00

1.Purpose
To describe the audit planning, conducting the audit at client premises, preparation of reports and
submitting the reposts.
2.Scope
This procedure covers audit planning, execution of audit and reporting for all types of audits as listed
below:
 Adequacy or Stage 1 audit
 Registration or stage 2 audit
 Follow up audit
 Surveillance audit
 Recertification audit
 Transfer audit
3.Responsibility
3.1 Quality Manager is responsible for Planning the audit and ensuring the audit reports are
received timely in the office and review of the audit reports
3.2 Audit Team Leaders/Auditors are responsible for execution of audit and preparation of audit
and submitting the audit reports
4.Description of Activity
4.1 Introduction
The objective is to provide consistent service delivery norms. Audit Team leaders and auditors are
responsible for ensuring the objectives of their assigned audits are fully met. The various activities
needed to be carried out are:

Document review / Adequacy Audit - Stage 1 Audit Surveillance Audit

Registration Audit - Stage 2 Audit Triennial Audit
Follow- Up Audit Special Visit

4.2 The term management system as applied in this procedure includes management system in
accordance to ISO 9001 and / or ISO 14001 standard(s). / ISO 45001 /ISO 22000 audit visits.
4.2.1 The purposes of the audit visits are to provide reasonable assurance that the auditee
organization’s quality management system conforms to the requirements of standard applied, as
stated in the Certification Contract, and to verify that the documented system has been
implemented. The audit also serves to verify that the management system is appropriate to auditee
organization’s activities.

Page 3 of 49
Audit Team Selection and Assingments: As per the AIS Quality Manual 14.1 & 14.2. Audit team
selection and assignments. Quality Manager or his designee is responsible for selection of the
audit team, using Auditor qualification summary. Unless required for technical reasons and
logistics, care shall be taken to ensure that same auditor does not visit the client more than three
consecutive visits. This shall ensure “no bias” and a fresh look at the system. All auditors /
subcontractors are responsible for identifying any conflict of interest with the specified client and
report to Q.M. Quality Manager shall review the same and take necessary decision which may
include replacing the person with some other auditor.
4.2.2 The team leader leads the audit in accordance with the referenced instructions. A set of
updated documents pertaining to audit like client details, open non conformances, surveillance
plan and comments from prior visits as applicable) is provided to every audit team. AIS
Certifications has a legal counsel for consultation, if required for ISO 14001/ISO 45001. Activities
include the opening meeting with the auditee organization, team briefings, audit interviews,
nonconformance issuance, auditee organization briefings, and the closing meeting with the
auditee organisation. The team leader issues an audit report reflecting the recommendation
concerning registration based on the team findings.
If nonconformance is found, the recommendation will be on hold until suitable corrective action
has been taken and evidenced.
4.2.3 During the audit if the auditor finds a breach of legislation i.e. legal/regulatory/ statutory
requirement not having been followed, the auditor will communicate his finding to the team
leader who in turn will notify the auditee organization’s management of the violation. The
auditor will further investigate the same and check as to why the auditee organizations
management has failed to detect and address the same. If and when after proper investigation,
it is clear that the auditee organizations management system has short comings / the
infringement of ISO standard is established, a major/minor nonconformance as appropriate will
be raised. Follow-up visits are made to verify that major nonconformance(s) are effectively
remedied before registration is granted. In case of legal / statutory / regulatory requirements by
the auditee organisation, the following policy shall apply.
In the event of the auditee organization conducting a violation of the legal requirement, the
auditee organization, as a part of the rules and regulations of AIS Certification. Certification will
inform AIS Certification on its own pro-actively and voluntarily. This pro-active information
communication by the auditee organization is not to be confined to onsite-audit activity but is
applicable to the complete registration period which the auditee organization is entitled to by
way of AIS Certification. In case of violation of legal requirements that is observed during the
course of a Registration Audit (Stage 2 Audit) or Surveillance Audit(s), AIS Certification. audit
team will notify the auditee organization’s management about the observation. Further the audit
team will conduct a proper investigation on the issue and check as to why the auditee
organization’s management system has failed to detect and address the same. Based on the
investigation of the audit team, if it is established that the management system has

Page 4 of 49
shortcomings / an infringement of ISO standard is observed, a major or minor non-conformance
note will be issued. Additionally, the auditee organization has to ensure and to provide evidence
to that effect to AIS Certification that the appropriate authorities have been notified of the
violation of legal requirements, as per the prescribed procedure instituted by the relevant
authorities. Where the organization may not be in legal compliance, it shall be able to demonstrate
it has activated an implementation plan to achieve full compliance within a declared date, supported
by a documented agreement with the regulator, wherever possible for the different national
conditions. The successful implementation of this plan shall be considered as a priority within the
Management System. Work instructions for audit guidelines is also available for the audit team.
During the audit the audit shall be so planned that about 60 % of the time is spent to audit the
critical processes.
4.2.4 Wherever needed the presence and justification of observers during an audit activity are
agreed to by the certification body and client prior to the conduct of the audit. The Observers are
witness auditors from the accreditation body. The audit team ensure that observers do not
unduly influence or interfere in the audit process or outcome of the audit.
4.2.5 The role of technical experts during an audit activity are agreed to by the certification body
and client prior to the conduct of the audit. The technical expert does not act as an auditor in the
audit team but can provide advice to the audit team for the preparation, planning or audit.
4.2.6 wherever needed auditor is accompanied by a guide/ translator, unless otherwise agreed
to by the client. The guide helps the audit team leader and the client establishing contacts and
timing for interviews, arranging visits to specific parts of the site or organization, ensuring that
rules concerning site safety and security procedures are known and respected by the audit team
members; witnessing the audit on behalf of the client; providing clarification or information as
requested by an auditor.

4.3 Audit Plan: AIS Certifications ensures that an audit plan is established for each audit identified
in the audit program to provide the basis for agreement regarding the conduct and scheduling of
the audit activities. This audit plan is based on documented requirements of the AIS Certifications.
The audit plan is appropriate to the objectives and the scope of the audit. The audit plan at
least includes the following:
a.) the audit objectives.
b.) the audit criteria.
c.) the audit scope, including identification of the organizational and functional units or processes
to be audited.
d.) the dates and sites where the on–site audit activities are to be conducted, including visits to
temporary sites, as appropriate.
e.) the expected time and duration of on–site audit activities.
f.) the roles and responsibilities of the audit team members and accompanying persons, such as
g.) observers or interpreters.

Page 5 of 49
The tasks given to the audit team is defined and made known to the client organization.
4.3.1 Adequacy Audit (AA) (Stage 1 audit)
Stage 1 Audit is a part of the registration process and not an optional activity. Stage 1 is carried out
onsite.

Objectives of Stage 1 audit:

During the Stage 1, it is to be established that the requirements of the standard(s) are being met by
the auditee organization. This can be done by review of the available evidence. This evidence may
take many forms and some cases need not be "documented". However, this does not alter the need
to adhere to the requirements for documentation contained in the ISO 9001/ ISO 14001/ISO 45001/
ISO 22000 depending upon the client`s management system
The objective of the Stage 1 audit is to provide to audit the client’s management system
documentation a focus for the planning of the Stage 2 Audit (e.g. resources, time allocation) by
review the client’s status and understanding regarding the standard w.r.t objectives and operations
of the management system, site activities, identification of environmental aspects and associated
impacts, identification of applicable legislation and licenses matching with site and activities of
auditee organization, discussions with client personnel regarding policy, objectives and the state of
preparedness of the auditee organization.
To evaluate the client’s location and site-specific conditions and to undertake discussions with the
client’s personnel to determine the preparedness for the stage 2 audit.
To collect necessary information regarding the scope of the management system, processes and
location(s) of the client, and related statutory and regulatory aspects and compliance (e.g. quality,
environmental, legal aspects of the clients operation, associated risks etc.)
To review the allocation of resources for stage 2 audit and agreeing with the client on the details of
the stage 2 audit.
To provide a focus for planning the stage 2 audit by gaining a sufficient understanding of the clients
management system and site operations in the context of possible significant aspects.
To evaluate if the internal audits and management system substantiates that the client is ready for
the stage 2 audit.
For Companies requiring transferring from another certification body.
If the company has an accredited certificate by another body then the auditors need only carry out a
partial (brief) Document Review in AIS Certification office. However, all of the paperwork still needs
to be completed using the combined Stage 1 Review .
If the company has a non-accredited certificate, then AIS Certification, normal procedures must apply
in full. Additional Requirement for IMS Auditing. The objectives of the stage 1 are to provide a focus
for planning the stage 2 audit by gaining an understanding of the organization’s IMS and the
organization’s state of preparedness for stage 2 by reviewing the extent to which: the organization
has identified PRP that are appropriate to the business (e.g. regulatory, statutory, customer and
certification scheme requirements),the FSMS includes adequate processes and methods for the

Page 6 of 49
identification and assessment of the organization’s food safety hazards, and subsequent selection
and categorization of control measures (combinations),relevant food safety legislation is
implemented, the FSMS is designed to achieve the organization’s food safety policy, the FSMS
implementation program justifies proceeding to the audit (stage 2),the validation of control
measures, verification of activities and improvement programmes conform to the requirements of
the IMS standard, the IMS documents and arrangements are in place to communicate internally and
with relevant suppliers, customers and interested parties, and there is any additional
documentation which needs to be reviewed and/or information which needs to be obtained in
advance. Where an organization has implemented an externally developed combination of control
measures, the stage 1 shall review the documentation included in the IMS to determine if the
combination of control measures is suitable for the organization, was developed in compliance with
the requirements of ISO standards, and is kept up to date.

The availability of relevant authorizations shall be checked when collecting the information
regarding the compliance to regulatory aspects.

For IMS, the stage 1 shall be carried out at the client’s premises in order to achieve the objectives
stated above. In exceptional circumstances, part of stage 1 can take place off-site and shall be fully
justified. The evidence demonstrating that stage 1 objectives are fully achieved shall be provided.
Exceptional circumstances can include very remote location, short seasonal production.

4.3.2 Stage 1 audit is intended to:

 Assess that the auditee has a documented management system, which is compliant to applied
standard.
 For EMS ensure that the EMS includes an adequate process for identification of environmental
aspects, impacts and determination of their significance.
 Ensure that the system includes identification of applicable regulatory requirements and that all
the required environmental licenses, permits and approvals are in place.
 For OH&SM, ensure that the OH&SM includes an adequate process for identification of hazards
and risks and determination of their significance. Identification of applicable regulatory
requirements and that all the required OH&S licenses, permits and approvals are in place
 In case of FSMS, no of HACCP Studies required to be justified.
 Ensure that the management system is designed to achieve defined policy, objectives and
targets.
 Establish that internal audit conforms to the requirements of respective standard and the
internal audits are effective and relied upon. Seeking evidence for competence, experience,
training & independence of internal auditors (ISO 19011); auditing procedure & methodology;
reference & standards; resource availability; organization & planning of audits; checks & reports;
timeliness & effectiveness of corrective action and management of audit follow-up.
 Establish that management reviews are conducted and cover continuing suitability, adequacy
and effectiveness of management system.
 Establish that relevant communication from customers / external interested parties is
documented and responded.

Page 7 of 49
 Establish that the management system is designed to realize the concept of continual
improvement.
 Establish that the proposed scope of registration is appropriate to the auditee organization’s
business activities.
 Confirm the auditee organization’s readiness for registration audit.
Obtain information about the auditee organization’s operations which might have an impact on the
stage 2 audit including:
 Work hours and schedules  Size and complexity of the organization.
 Special safety requirements  Applicable statutory requirements & licenses.
 Security clearance requirements  Technology expertise necessary.
 Logistics
Prepare a detailed program including audit trails for the upcoming Stage 2 audit.
Review the adequacy of audit time for Stage 2 audit. Increase the time duration if required based
on the findings of audit; complexity / volume of processes; variation found from the data provided
by the client in Questionnaire.

4.3.3 When carrying out a review the auditor shall note his/her findings in the Stage 1 audit report
and record this against the relevant topic if such fails to satisfy the requirement of the standard.
Special requirements are listed in the Stage 1 audit report for that company i.e. guidance documents,
legislation etc. for reference at the audit.
The Document reviews are a part of the stage 1 audit and include at least the following:
Documentation including procedures with links to related requirements of respective standard. If
client has integrated systems, the documentation shall be reviewed w.r.t interfaces with other
systems.
The documentation must have been issued and would normally have been in place for a minimum
of three months.
 Description of organization and its on-site processes.
 Means and system for realizing continual improvement.
 An overview of applicable regulations and agreements with authorities.
 Internal audit program identified nonconformities and records.
 Records of incidents, breach of regulation and relevant correspondence and IMS related
communications with action taken.
 Records for management review
 Details of identified nonconformities and corrective action taken in last 12 months.
4.3.4 Process steps for Stage 1 audit
The assigned team leader is responsible for managing and documenting the results of the adequacy
audit. However, responsibilities for conducting the document review may be delegated to the other
audit team member. The process for the stage 1 audit can be briefly described as follows:
 AE advises the concerned auditor / TL of the assignment.

Page 8 of 49
 TL prepares the audit schedule and intimates the client normally a week before the planned
audit date. Audit Schedule contains auditor name. Auditor background details are provided to
client on request.
 An opening meeting is held to put the auditee organisation at ease, advise him/ her of objectives
of the document review and obtain the auditee organization’s cooperation.
 Generally, only one person is needed to perform the adequacy audit, but where a team is used
or an auditor under training is present, then a team briefing may be necessary.
 In order to prepare a detailed program for the audit, a tour of the facility to provide
familiarization with the auditee’s organization is essential.
 The main objective is to review the auditee organization’s readiness with respect to the points
listed above. Documents are reviewed only to the level necessary to establish compliance with
relevant standard. A record of documents reviewed is made.
 The auditor shall review for any discrepancy in any information provided in questionnaire and
contract review. This shall be reviewed by Quality Manager and may result in change in man-
days assigned for the contract.
 Auditee organisations debrief meeting is held to discuss the audit findings and obtain any further
information necessary to program the audit and decide on further action.
 The findings are collated and an audit report is prepared for handing over at the closing meeting.
On the basis of the findings, a recommendation is made to proceed / defer/ cancel the
registration. The auditor shall explain the reason for considering the documentation or system
unsatisfactory. In case of many or larger issues, the stage 1 audit may need to be carried out
again. This shall be discussed with the auditee and suitable date decided. This may require
working out an amendment to the contract.
 The visit ends with a closing meeting where points agreed with the auditee organisation are
confirmed. The Scope of Registration for audit is confirmed. Audit report is handed to the
auditee organisation and a copy forwarded to head office for review and processing. The report
will also include the audit program detailing expected times and duration for audit of each
activity.
 The client will be informed by the auditor that any discrepancies not closed out prior to the audit
will result in automatic non-conformance notices being raised. The discrepancies include non-
completion of scheduled internal audit programmes and management reviews.
 The Stage 2 audit shall be conducted within 6 months of stage 1 audit completion date. Any
further delay shall require stage 1 audit to be carried out again. There is no restriction on
minimum time duration. however, the general practice is at least 7 days, depending on the
findings of the stage 1 audit and client readiness.
4.3.5 Non-Conformity and Sentencing of major and minor non-conformances.
A non-conformity is defined as failure to fulfil one or more requirements of the management system
standard or a situation that arises serious doubts about a client’s management system to achieve its
intended output. Non conformities will be classified in two categories – Minor and Major
4.3.5.1 During an audit a minor non-conformity shall be deemed present when any activity is not
undertaken, and which is stipulated in the clients management system as a requirement or which was
undertaken and is relevant but is not controlled within the system, and is deemed to be of a minor

Page 9 of 49
nature (of little importance to the quality of the firm's product or service). Several non-conformities
in any one section, or procedure, shall constitute a major breakdown of the system.
4.3.5.2 A major nonconformance shall be declared when a system or procedure is not working at
all, or where there is complete failure to fulfil one or more requirements of the management system,
or where there is significant doubt that the client’s system can achieve the intended output, or where
a serious cumulative number of minor non-conformities are found overall, or when there is a complete
lack of system control. Several non-conformities may be grouped together as one major non-
conformity.
4.3.5.3 If all non-conformities have been rectified within three months of the audit, then the
award will be recommended. If not, a complete re-audit is to be carried out at the discretion of the
Director operations. If on a follow-up visit it is found that the major nonconformity has not been
satisfactorily addressed, then another visit is to be made within two weeks. If this fails then a full re-
audit must take place. All visits will be charged at the standard rate and the client invoiced. The
Quality Manager will confirm the time and auditors for the close out visit and will advise the AE about
the invoicing.
4.3.5.4 In all cases of "follow-up" the auditor must complete a continuation sheet indicating the
areas covered. Head the sheet "Close out Visit". Any small points not fully closed out may be re-
raised as minor discrepancies at the discretion of the Lead Auditor. After a "follow up" visit the audit
report will be completed again by the auditor. Clients whose systems are rejected on initial audit
and are accepted on "follow up" partial audit may have surveillance visits set at one extra to that
stated on the Contract Review for the first year of registration, if considered necessary by the Lead
Auditor i.e. depending on the severity of the major non-conformance. The time (half a day
minimum) for 'follow-up' partial re-audit is indicated by the Lead Auditor on the audit report along
with the suggested re-audit date.
4.3.5.5 Time frame for closing the Minor Concerns and Major Concerns shall be 90 days from the
date of the audit conducted.
4.4 Registration Audit (RA) (Stage 2 Audit)
The objective of the Registration Audit (Stage 2 Audit) is:
 To confirm that the auditee organisation adheres to its own policies, objectives and procedures.
 To conform that the management system of the auditee organisation conforms to all the
requirements of the current version of respective standard(s), normative document and
achieving the organization’s policy & objectives.
 To evaluate compliance to applicable legal and regulatory requirements.

4.4.1 The following activities will be carried out to meet the objectives of Stage 2 Audit:
Assess that the auditee organization’s management system has been implemented and objective
evidence is available to demonstrate its effective implementation in line with its policies, objectives
and procedures.

Page 10 of 49
Establish that all requirements of the standard are addressed where they apply to the activities
covered by the scope of registration.
Confirm that management system is appropriate to the product, process or service provided by the
auditee, with the capability of managing and improving performance.
Encourage auditee organizations to improve their management system on an on-going basis.
While accomplishing this, the registration audit must be conducted to satisfy the needs of the
auditee organisation and maintain the integrity of the registration process as a whole. The team
leader is responsible for managing and documenting the results of the registration audit. He may
delegate specific responsibilities for conduct of audit activities to assigned audit team members.
4.4.2 The registration audit (Stage 2 audit) addresses the implementation of all the elements in the
standard and focuses on:
 identification of environmental aspects & its effectiveness, defined criteria/ significance and
subsequent determination of their significance (for ISO 14001)
 identification of hazards & risk assessment, its effectiveness, defined criteria/ significance and
subsequent determination of their significance (for ISO 45001)
 identification of relevant PRPs, Food Safety Hazards control measures & its effectiveness (For
ISO 22000)
 Procedures to ensure compliance with legal & other requirements.
 Inconsistencies between organization’s policy, objectives & targets and its procedures to achieve
them or the results of their application. The registration audit team shall appreciate that it is for
the organization to define the means by which its policy commitment to continual improvement,
customer satisfaction and prevention of pollution is achieved and to develop processes for
achieving / measuring performance.
 Auditee’s procedure & application for investigation / development of opportunities for
improvement and programs for improvement.
 Auditee’s process for achieving continual improvement and its effectiveness.
 Operational control to maintain consistent performance and compliance to procedures.
 Performance monitoring, measuring, reporting & reviewing against the legislative requirement,
objectives and targets.
 Internal auditing, identification / evaluation of non-conformities and completion of effective
corrective actions.
 Management review and management responsibility for quality management system.
 Interfaces and links between policy, aspects & impacts, hazards & risks, enterprise risk, FSMS
hazards & PRPs , objectives & targets, responsibilities, programs & procedures, performance
data, internal audit and management review.
 Register of regulatory requirements (IMS ISO standards)
 Seeking evidence for competence, experience, training & independence of internal auditors;
auditing procedure & methodology; reference & standards; resource availability; organization &
planning of audits; checks & reports; timeliness & effectiveness of corrective action and
management of audit follow-up.
 Staff awareness of applicable requirement.

Page 11 of 49
If there are combined systems in place, e.g. QMS and EMS, then emphasis must be placed to ensure
that both standards are adequately addressed and monitored. Records and auditor notes must
demonstrate that adequate time has been given to each standard.
4.4.3 Process steps for Stage 2 Audit
Quality Manager or designee schedules the audit and informs the Audit team leader (TL). A set of
necessary documents like client details, Stage 1 audit report etc is given to TL. On receiving the audit
schedule from the AE, TL discusses the logistics and audit plan with auditee organisation. TL prepares
the audit Plan and intimates the client normally a week before the planned audit date and the same
is agreed upon prior to the audit. In case of any changes required by the client the same is captured
as part of the Incident Report and necessary actions taken. In case of any changes in the audit plan
during the audit the same is captured as part of the audit report. Auditor background details are
provided to client on request.
During the audit planning, the accreditation assessor sector specific guidelines and audit trails is
used to identify critical processes. At least 60% of audit time shall be used for auditing critical
processes.
Where the assignment is complex (multi-site, has specific technological requirements, and/or
utilizes a large audit team etc.), a team briefing may be planned before the scheduled audit date to
coordinate details.
An opening meeting is held to advise the auditee organisation of the objectives of registration audit,
details of the audit and schedule and obtain for the auditee organization’s cooperation.
Where more than one person has been assigned, daily team meeting may be scheduled after the
auditee organisation meeting / site visit to plan the days strategy and cover any points not included
in the pre-visit team meeting.
Changes to the auditee organization’s documentation since the previous visit is reviewed and
outstanding non-conformance(s) followed-up. The auditee organization’s management system is
assessed according to the schedule and audit trails identified during adequacy audit. Documents
reviewed, personnel interviewed and other pertinent data is recorded in the auditor's note pads.
Non-conformances are raised after proper investigation against activities found non-compliant. The
Observations are issued identifying areas of improvement only. The caution will be observed in
recording the Observations so that the issues pertaining to non-conformance are not reflected as
observations and vice versa. The recording of observations will be strictly confined to Opportunities
for Improvement only.
When audit is for more than a day, daily team debrief meeting is used to discuss findings, followed
by auditee organisation debrief to present the findings of day.
On the final day of the audit, the team discusses overall performance during the audit, review of
stage 1 report and prepares the audit report (F32). The team decision to approve or defer
registration is recorded in the report. Program for the next visit is also prepared (follow-up visit /
surveillance plan). An organization can be recommended only if no major non-conformance is found.
In case of a major non-conformance complete / limited audit is necessary and the audit time

Page 12 of 49
requirement is estimated by the auditor in discussion with Director Operations. The audit schedule
for the special audit is detailed and agreed upon with the client.
The visit ends with a Closing Meeting where the recorded findings and team recommendations are
formally presented to the auditee organisation and any follow-up actions agreed upon. Auditee
submits the corrective action plan for all non-conformances issued. Also, during the Closing Meeting
the Team Leader informs the Client for submitting the evidences of Corrective Action taken for
review and closure of the Minor Non Conformances identified. In case of major non-conformances
identified the client is informed whether an additional full audit or an additional limited audit is
necessary depending on the impact of the major non-conformance identified.
The Timeframe for the closure of the Major Ncs shall be 30 days and the Minor NCs shall be 90 days
from the date of the Audit .
The report (F32) is handed to the auditee organisation and a copy forwarded to Head Office for
review and processing. The program for next visit and auditor notes is forwarded to AE with the
report. Adequacy audit report issued is also returned to AE. The audit-trails are exclusive notes
strictly for use of auditors to carry out the audit and the team leader shall ensure that they are never
given out to the auditee.
The report is submitted only after satisfactory verification of corrective actions taken for the non-
conformance(s). The client shall submit the evidences of corrective actions taken within 3 months
of the audit. Failure to satisfactory closure shall result in complete re-audit.
4.5 Follow-up Audit (FA)
4.5.1 The purpose of follow-up audits is to conduct the follow-up of non-conformance(s) of a auditee
organization’s management system, identified during a visit, that were determined to require
corrective action. Follow-up audit is required where a major non-conformity is raised. Minor non-
conformity does not require formal follow-up visit and may be closed off site based on evidence
submitted. The time required for follow-up audit shall be determined based on number and nature
of major non-conformities issued.
4.5.2 The team leader will plan and determine the type of follow-up that is required. An off-site
follow-up may only be conducted when the corrective action can be objectively evaluated on the
basis of documented evidence sent to AIS Certification by the auditee organisation. If the follow-up
audit is not performed within three months of the registration audit, a partial Re-audit has to be
performed (the time required shall be about 50% of that of stage 2 audit). A complete Re-audit will
be carried out if the follow-up audit is not performed within 6 months.
4.5.3 The non-conformances should be updated to reflect the new status, where the corrective
actions are verified. These are reviewed by the team leader and then the Registration Committee.
Quality Manager initiate withdrawal/suspension procedures, if auditee organisation fails to
effectively respond to a corrective action request or if the corrective action is not satisfactory. Audit
report for Follow-up audit shall be the same as for Registration Audit.
4.6 Surveillance Audit (SA)
The registered management system should continue to meet the requirements of specific standard
and should be managed effectively by the auditee organisation. SA is intended to verify the

Page 13 of 49
continued effective maintenance of the auditee organizations management system, satisfy the
needs of the auditee organisation and maintain the integrity of the registration process as a whole.
4.6.1 SA is intended to:
Assess that the auditee organizations registered quality management system has been maintained.
Verify that changes to management system subsequent to the previous visit are in compliance with
respective standard and that objective evidence is available to substantiate implementation.
Re-confirm that management system is appropriate to auditee organization’s product, process or
service provided, with the capability of managing and improving performance.
Promote the effectiveness of quality management system.
Assess major changes in auditee organizations operations, technology that could affect the
certification / registration.
4.6.2 The various mandatory elements to be audited at every surveillance are:
 Management responsibility & review
 Changes to documented system
 Use of certificate and logo
 Legal regulatory compliance
 Corrective action
 Internal audits
 achievement of objectives and Continual improvements
 Document control
Appeals / Complaints / communication from external interested parties.
Effectiveness of quality management system to achieve auditee organization’s policy, objectives &
targets.
Progress of the planned activities and continuing operational
Follow-up on identified non-conformities (internal / certifying body)
Appeals / complaints received by AIS Certification.
The surveillance audit may be combined with the audits of other management systems. The report
should clearly indicate the aspects relevant for each management system.
4.6.3 Process steps for Surveillance Audit
The team leader is responsible for managing and documenting the results of SA. The team leader
may delegate specific responsibilities for conduct of audit activities to assigned audit team
members. Quality Manager is responsible for review of audit report to assess effectiveness.
Quality Manager or designee schedules the audit and informs the Audit team leader (TL). Care is
taken that the audit is scheduled within 12 months interval – date being last day of Certification
Audit. A set of necessary documents like client details, earlier audit report etc is given to TL. On
receiving the audit schedule from the AE, TL discusses the logistics and audit plan with auditee
organisation.
TL shall review the functions / processes audited in the earlier surveillances before finalizing the
audit plan. TL shall ensure that all critical processes are audited at least twice and rest at least once
in the three year period.
Where an assignment is particularly complex (i.e. begins at several different locations, has particular
technological requirements, and/or utilizes a large number of team members, etc.), it may be

Page 14 of 49
beneficial to call a team briefing some time before the scheduled surveillance date to coordinate
details.
An opening meeting is held to advise the auditee organisation of the objectives of audit, details of
the audit and schedule and obtain auditee organization’s cooperation. Auditee organisation brief
may be conducted if audit extends beyond a day.
Where more than one person has been assigned, a daily team meeting is scheduled immediately
following the auditee organisation meeting to plan the day's strategy and cover any points not
included in the pre-visit team meeting. Changes to the auditee organization’s documentation since
the previous visit are reviewed and outstanding non-conformances followed-up. The scope on the
certificate will be checked against the scope of activities being carried out by the company. If these
are not the same, the auditor will discuss this with the company and inform the Quality Manager or
appointed person for further consideration.
The auditee organization’s quality management system is assessed using the Audit Program.
Documents reviewed, personnel interviewed, and other pertinent data is recorded in the auditor's
note pads. This information is confidential and not part of the formal audit report. Non-
conformances are raised after proper investigation against activities found non-compliant. The
observations are issued identifying areas of improvement only. The caution will be observed in
recording the observations so that the issues pertaining to non-conformance are not reflected as
observations and vice versa. The observations will be strictly confined to areas of improvement only.
On the final day of the surveillance, the team discusses overall auditee organisation performance
and determines the recommendation (registration to continue or follow-up is required). The team
prepares the audit report (F32). The team decision is recorded on the Audit Report. Areas to be
reviewed at the next visit are also detailed.
The visit ends with a Closing Meeting where the findings and team recommendation are formally
presented to the auditee organisation and any follow-up actions agreed upon. The Record of
Findings is handed to the auditee organisation and a copy forwarded to Quality Manager for review
and processing.
At least one third of the management system will be checked by the auditor at each surveillance visit.
It is essential to ensure that the full system (as a minimum) is covered over a three year period by
surveillances. At each visit complaints, audits, registration marks, documentation changes, and
evidence of improvement will be reviewed.
Any auditee organization has to notify AIS Certification. in writing of any major change in the
management system and / or the scope of activities. Quality Manager decides if the verification of
changes can be assessed during next surveillance audit or if a special visit has to be scheduled. The
performance of the special visit shall be similar to normal surveillance and Quality Manager shall
inform the assigned auditor to audit the required changes in system.
4.6.4 Maintaining of Certificates
Certificates will be maintained provided that the certified clients continue to satisfy the
management system standard and based on positive recommendation from the audit team leader
during routine surveillance audits provided that any non-conformity or any other situations which

Page 15 of 49
may lead to withdrawal / suspension of certification. In such cases the audit team leader reports to
the Certification Committee to initiate a review by competent personnel, independent from those
who carried out the audit.
4.7 Recertification (Triennial Audits)
4.7.1 The purpose of the recertification audit is confirm the continued and effective management
system as a whole is followed and the continued relevance and applicability of the scope of
certification, commitement to enhance and maintain overall effectiveness and improvement of the
management system and whether the operations of a certified client contributes to the
achievement of the clients policy and objective.
The following steps should be followed when planning three-year re-approval visits:
The planning and extent of the visit are in accordance with the accreditation board requirements
and that determined at the last surveillance visit. The triennial visit is planned based on client’s
performance during the certification period, previous surveillance audit reports, trends in NC raised,
complaints received during the period and corresponding investigation reports etc.
Triennial audit may include stage 1, if there is considerable internal / external change in MS,
activities, location and scope of certification.
4.7.2 During recertification audit planning OD shall ensure auditor rotation in case the complete
cycle is carried out by a same auditor as Team Leader.
Triennial audit shall include review of effectiveness and improvements in the MS performance.
The triennial audit is a full audit of the auditee organizations management system and generally
follows the same process as the Stage 2 Audit.
Triennial audits and review follow the same instructions as those for initial audits. Care should be
taken for review of changed scope or activities of the client.
4.7.3 Decision on renewing the certificate will be made by AIS Certification. based on results of
recertification audit (review of report), review of the certified clients system over the period of
certification and any complaints received against the certified client over the certification period.
4.7.4 In accordance to ISO/IEC 17021–1:2015, the triennial audit, closure of all issues and
certification committee decision need to be completed prior to expiry date of the current certificate.
The new certificate shall then be considered as continuation of certification. “Certified since….” date
shall be the initial certification date. (The triennial audit should be completed about 2 months before
certificate expiry). In case of situation that corrective action is not submitted in time to complete
certification decision, an additional surveillance shall be planned after 6 months (for 12 months
surveillance schedule) or 1 day is added to first surveillance (for 6 / 9 months surveillance schedule).
4.7.5 Where the activity cannot be completed before certificate expiry, the client shall be considered
as a fresh case and man-days for stage 1, stage 2 and surveillance audit shall be given. Also, if the
surveillances are not done as per schedule, the client shall be considered as a fresh case.

Page 16 of 49
4.8 Special Purpose Visits
4.8.1 Registered management system must continue to comply with the current version of specific
standard and any changes to the system must also continue to comply. Also, the scope of
registration must continue to be appropriate to the auditee organization’s objectives and
appropriate for the auditee organization’s products and services. On the other hand, complaints,
appeals, request for change in scope, additional accreditation, audit visits, or surveillance visits may
disclose reasons for undertaking an additional visit.
If there are grounds for undertaking a special purpose visit, Quality Manager determines what level
of review will be required to maintain or extend registration, including but not limited to normal
surveillance, unplanned surveillance, partial re-audit, or full re-audit.
Before undertaking any visit, which is not under any contractual agreement, the auditee
organization must agree in writing to the new terms.
The scope of the audit shall be pre-determined and shall depend on the reason for the visit. In case
of any complaint / appeal / any information resulting in doubt on the effectiveness of system, the
audit of concerned and other related activity may be carried out.
Visit / audit report shall be recorded similar to initial audit. The report shall also be reviewed for risk
to AIS Certification. Certification committee may also discuss the findings with the audit team.
4.8.2 Extensions to scope change in management for clients already registered with AIS
Certification.
Questionnaire should be completed by the client and returned to AIS Certification.
Contract Review will always be carried out by the Quality Manager or appointed person to determine
whether a full or partial Stage 1 is required.
An off-site Stage 1 must be completed and sent to the Quality Manager or appointed person for
review. Under exceptional circumstances an on-site Stage 1 may be required.
Under no circumstances must the above visit be carried out at the same time as surveillances unless
extra time or extra auditor has been allocated. However, Stage 1 shall be completed before the on-
site audit.
Audits for the above reasons will be carried out in the same way as the initial audit. An Audit Report
must be completed in the normal way and submitted to the Certification Committee for approval. If
successful, a new certificate will be issued by AIS Certification.
Note: After certification, if the client changes anything which significantly affects the registration,
then AIS Certification must be informed. AIS Certification reserves the right to re-assess.
4.8.3 A special visit may be carried out on request of the client for additional accreditation. Client
may request for additional accreditation any time prior to certification audit or during the three year
period. In case the request is prior to stage 2 audits, the request shall be reviewed by Quality
Manager and verified if the client’s activities are within the AIS Certification scope of accreditation.
Stage 2 audit is carried out as described above. If the request is within the three year period, an
additional visit may be required to verify compliance. The commercials shall be communicated with

Page 17 of 49
the client. The visit may be merged with planned surveillance. Additional accreditation shall be
affected only after successful completion of the audit. The certificate shall be accordingly amended,
however the expiry date shall be the same. Fees may be charged towards additional accreditation
and new certificate issue.
4.8.4 Short Notice audits for clients registered with AIS Certification
These audits are necessary to investigate any complaints, changes in management systems, follow
up on suspended clients. Requirements of short notice audits are informed to client at time of
contract finalization through F 27 Client Agreement.
Special care will be taken in assigning the audit team for short notice audits.
4.9 Transfers
4.9.1 This applies only to transfers from other accredited certification bodies. Only transfers from
companies which have certificates covered by an accreditation of an IAF signatory should be eligible
for transfer. Certificates which are not accredited as below shall be treated as new clients.
4.9.2 Pre-transfer review
Carry out the normal contract review procedure, Quotation Preparation and Staff Allocation, and
possibly visit the client. There is no need for a document review, unless an extension is involved.
Check that the client’s scope on their certificate is as stated on the questionnaire.
Confirm the client’s certificated activities are compatible with that of AIS Certification.
Try to establish the reason for the client wanting to transfer.
Check that all of the sites that the client wants transferring are covered by their current registration
and not just Head Office.
Check that the certificate is Valid and has not expired and that it is accredited. Certificates that have
been suspended or withdrawn or are out of date shall not be considered for transfer. (Note: If the
certification body has ceased trading or had its accreditation withdrawn then the transfer can still
go ahead on the basis of this review procedure).
Check the status in their current certificate cycle, i.e., is we to take over the surveillance programme
or are they due for a triennial re-audit etc. If a triennial is due we must carry out a full triennial audit
including planning and site visits. Any extensions to scope will result in visits.
Request reports / checklists, non-conformances etc. from the previous certification body. The status
of any outstanding non-conformance notices must be known. Non-conformances must be closed
out by the previous certification body or sent to AIS Certification with evidence of corrective actions
taken for AIS Certification to close out.
Request verbal confirmation of the effectiveness of the complaint system. Request details of any
major problems.
For EMS and OH&SM request details of any legal engagement with statutory bodies.
If no further outstanding problems from the above review are identified, then a certificate may be
issued after authorization by the Certification Committee.

Page 18 of 49
4.9.3 The programme of surveillance visits/triennials is to be adopted from the previous certification
body if applicable. Appendix Document is signed by the Chairman of the Certification Committee,
Chief Executive and Technical Expert (if applicable) to authorize issue of the certificate.
Note: If, as a result of the review, some of the criteria are not met, then a site audit will be required
to give confidence to certify by AIS Certification.
4.10 Opening and Closing Meetings
The Opening and closing meeting are a critical part of the audit process. Opening meeting ensures
that all parties understand what is going to happen and how best they can cooperate and coordinate
their efforts. Closing meeting ensures that all parties understand the relevance of findings, what
they need to do and what happens next. The meeting agenda contains a number of essential
requirements which must be advised to the auditee organisation in addition to other useful items
which make for a clearer understanding of what is expected from both parties. It is hence essential
that all the agenda items covered in this instruction, as appropriate and applicable to the situation.

Opening Closing
Thank client for selecting AIS Certification Mutual Introduction of ●
auditors and auditee
Thank auditee for hospitality Thank guides for their support. ●
Circulate attendance sheet ● ●
State and confirm the contracted scope for certification and objectives ●
of audit.
State that TL represents audit team. Determine auditee representative ●
and guides
Confirm the audit plan and verify no conflicts with the plan. Reconfirm ●
time and location for closing meeting. Make necessary amendments
on request
Explain the terms non-conformance (major & minor) and observation ● ●
Communicate the policy of notification by auditee for legal / statutory ● ●
violation.
Request sufficient sets of documentation, suitable room and office ●
support
Explain auditors responsibility to comply with code of conduct and ● ●
confidentiality (Certification Agreement F27 A)
Explain that audits are sampling exercises and other issues may exist. ● ●
Refer to the need of ongoing internal audit and ongoing surveillance.
For PA stress that the audit does not guarantee to identify all areas of
non-conformance

Page 19 of 49
 Request advice on safety requirements and availability of safety ●
equipment.
Explain the findings. Highlight strengths. State non-conformances and ●
observations. Explain the expectation of corrective action for non-
conformances, including how lack of corrective action will impact on
registration.
State conclusion and recommendation of audit team. Explain that the ●
team can only make recommendation. Explain the concept of
Certification committee. Explain that appeals process exists and is
available on request.
Obtain auditee organization’s signature on the audit report. Request ●
auditee to state the corrective action plan. Explain auditee’s
responsibility of submission of evidence for non-conformances
identified. Request for safekeeping of audit reports
Invite questions ● ●

4.11 Multi-site audits (refer to IAF Guide 62 Annex 3)

4.11.1 This procedure only applies in certain circumstances, e.g. distribution companies, recruitment
companies etc and it is the responsibility of the Contract Review process and the person planning the
audit to determine its use. The program is particularly suited to those organizations:

Engaged in distribution, having a number of strategically placed geographic distribution centers; or

Operating a multi-outlet wholesale business; or Performing simple, repetitive processing at a number
of different sites.
4.11.2 The program may be applied to the whole of the organization under an initial registration, or
only part of the total number of sites may be registered initially, with others to be added later at the
client’s convenience.
Be particularly careful when planning audits on multi-site companies to take into consideration the
working shifts and those that may require particular expertise. Ensure that the programme caters for
a representative sample of the activities undertaken. Follow work instruction WI 06
It is usual to audit the company Head Office and a sample of sites if all sites are working to the same
management system and activities on each site are the same (e.g. a recruitment agency). (Company
Head Office is usually where most of the system records are kept but this is not always the case, each
job is to be judged individually.)
4.11.3 There may be situations where sampling is not permitted due to the nature of the work or
because the activities on each site are not common to each other. In this situation, the programme
would need to allow for visiting each site, and would determine the need for a full audit with resulting
documentation at each site visited.

Page 20 of 49
If the activities are common and a sample is taken initially, a rolling programme of surveillance visits
must be established.
If additional sites need to be added, the client must be able to demonstrate that the new sites are
included in a controlled manner. These will normally be treated as an extension to scope. They must
be added to the rolling programme, increasing the amount of surveillance time and costs as
appropriate.
4.11.4 With large, multi-site companies it is usual to appoint a Project Leader who will be responsible
for on-going liaison with the client, arranging dates for surveillances, coordinating the rolling
programme, and dealing with any day to day queries and sorting out extensions to scope. This ensures
continuity with the client and that correct sites are visited on rolling programme.
It is not necessary to raise opening and closing meeting for every site visited, but a schedule is to be
available for each auditor.
4.12 Multi-site audits (For One Management System only)
4.12.1 Multiple site audits under the control of a single EMS are carried out in accordance with the
following.
All sites will be audited or the Head Office and a representative number of sites may be sampled by
the audit team providing:
All sites have been audited in accordance with the internal audit procedures
A central management review has been carried out.

4.12.2 The sampling of the sites must include a representative number. The selection of the sites
takes into account:

 The results of central and internal audits.  complexity of the EMS.

 The results of management review.  complexity of the sites.
 variations in the size of the sites.  variations in working practices.
 maturity of the system.  variations in activities undertaken.
 existing knowledge of the organization.  the significance of the aspects potential
 shift patterns. interaction with sensitive environments.
 personnel involved.  differing legal requirements.
 Repetitiveness of the work.  Communications from interested Parties.

These requirements will be considered by the Certification Committee before awarding certificates.
4.13 IMS Audits
4.13.1 Where there is a combined documented system the audits are carried out in accordance with
this procedure with the completion of the auditors reports showing that they have looked at the
requirements of ISO 9001, ISO 14001 & ISO 45001 Or Other Management Systems in the areas
allotted to them. The auditors assigned to the areas are trained in the requirements of the relevant
standard(s) and if necessary two auditors cover one area to ensure all requirements are addressed.

Page 21 of 49
4.13.2 The audit is carried out according to the audit plan produced at Stage 1 / Document Review,
with the Lead Auditor ensuring that the appropriately trained auditors are used for each area and
part of the individual standards. Care is taken to ensure that the appropriate amount of time is spent
on each area in the company and for ensuring full coverage of the standard requirements. The areas
covered are reported on with details of the time spent in the key areas and indications of non-
conformances. Where the auditors cover the requirements of more than one standard in one area
at the same time during the audit, then the report should indicate this and examples recorded should
show evidence of this.
A plan for surveillance visits is produced at the end of the audit taking into account the time needed
for each standard and the expertise for the various surveillance visits as well as the areas to be looked
at.
4.13.3 Where a non-conformance is applicable to both standards, only one report is raised and
referenced to both standards if appropriate.
4.13.4 If the recommendation is positive for both standards then one audit report (F31 or F32) is
raised. Similarly, if the recommendation is negative for both standards then one audit report is raised.
If the recommendation is positive for one standard and negative for the other, two audit reports will
be completed separately.
4.13.5 This procedure is followed for surveillance audits with the additional EMS sections being
completed in the audit report. The auditor must ensure that sufficient time is allowed in each area to
cover the requirements of both standards adequately. The auditors report must show clearly that the
requirements of both standards have been subjected to audit and evidence of compliance recorded.
4.14 Sampling plan and auditing time
4.14.1 As such there is no statistical or mathematical formula to establish the right number of samples
to be taken during an audit. Defining the number of samples to be taken to confirm conformity to the
requirements of the standard is not efficient and does not ensure conformity. Adequate sampling
would refer to a level of sampling taken during on site interviews and record reviews that give
sufficient confidence that the auditee’s IMS is implemented and maintained.
4.14.2 The auditor needs to perform interviews and check records and evidence during interview. The
number of samples to be taken depends on the complexity of the processes being audited and the
quality of information received from the auditee during the interview. It is also important that the
auditor maintains the schedule outlined in the audit plan. At the end of the day the auditor needs to
feel comfortable that the samples and the objective evidence seen are representative, in order to
draw appropriate conclusions regarding the implementation of IMS.
AIS Certification auditors will spend about 60% of the audit time for critical process audits.
4.14 .3 For Food Safety Management Systems (ISO 22000& HACCP)
Certification of multi-site organizations and multi-site sampling as described in ISO/TS 22003:2013
and ISO/IEC 17021:2015 is not applicable to the food chain categories C, D, E, L and M (CI – IV, DI, DII,
I and K of ISO 22003:2013) of the FSSC 22000 scheme. FSSC 22000 requires that every site shall have
a separate audit, a separate report and a separate certificate. Every site must be entered separately

Page 22 of 49
in database. Exceptions FSSC 22000 does offer exceptions for three main categories of organizations
that have multiple locations.
The three exception categories are:
1. Organizations where some functions pertinent to the certification are controlled by a head office
separate to the manufacturing location(s).
 Procurement policy.
 The approval of suppliers or Overall responsibility for the group quality management system
requirements.
In all cases where functions pertinent to the certification are controlled by a head office, FSSC requires
that those functions are audited directly in the presence of the person(s) described in the
documented FSMS as having responsibility for the functions. This will usually mean that the auditor.
must attend the head office to conduct that part of the audit. It is strongly recommended that the
head office audit is carried out prior to the manufacturing location audit. The lead auditor may decide
that it is acceptable for the responsible person from the head office to attend the audit at
manufacturing or operating site1. The conditions under which this will be allowed depend upon local
access to required files, records and other evidential material.
2. Organizations with different operations at one site.
3. Organizations with a ‘split’ process (where one or more process steps take place at a separate
location).
Responsibilities The functions at the head office are audited separately and every manufacturing site
belonging to the group shall have a separate audit, a separate report and a separate certificate. The
manufacturing site audit report and certificate shows which functions are audited at the head office.
An audit at the head office cannot assess the degree of implementation at manufacturing level. The
subsequent audit at the manufacturing site(s) must therefore include a confirmation that the
requirements set out by head office are appropriately incorporated into manufacturing documents
and implemented in practice.
Audit time A maximum of 20% audit time reduction can be allowed for each of the single
manufacturing sites belonging to the group where the shared functions are controlled by the (off-
site) head office. The 20% audit time reduction is applied to the minimum audit time (Ts) as per ISO/TS
22003:2013, Annex B

Page 23 of 49
5.Reference
Standards ISO 9001:2015, ISO 14001:2015, ISO 45001:2018, ISO 22001:2018
HACCP
Work Guidelines for Man Day Estimation for the:
Instructions WI 03 Man day estimation for QMS, EMS & OH&SMS.
WI 04 Man Day Estimation for FSMS and HACCP.
WI 06 Man-day Estimation for Integrated Management System and Extended
Audits.
WI 07 Man Day Estimation for Additional Accreditation and Transfer of
Certification.
Formats / F30 – Audit Notification F31 – Stage 1 Audit Report F32 – Stage 2 Audit
Exhibits Report
F 28 B Audit Man Day Calculator F29 Change to Contract
F 33 Cert Format F 34 Audit Review Checklist F 35 Deviation Note

Page 24 of 49
 QP09 A -HALAL CERTIFICATION OF SLAUGHTERHOUSE Version :1.00

1. PURPOSE: To ensure the compliance of certification procedure based on the requirements of

GSO 993:2015 – Animal slaughtering requirements according to Islamic Rules, GSO 2055 -
2:2014 Halal products - Part two: General Requirements for Halal Certification Bodies.

2. SCOPE: This procedure applies to certification of animal slaughter houses including all stages of
operation from receiving, processing, labelling, handling, distributing, storing, displaying and
serving meat products

3. Responsibility: It is the responsibility of AIS as to establish and maintain the appropriate system
to satisfy accreditation bodies and client’s requirements in accordance to the accredited
certification system. It is the responsibility of AIS clients to provide all needed requirements as
per this product certification schemes approved by accreditation bodies and scheme owner to
ensure their products compliance to the applicable schemes and standards.
4. Mandatory Schemes and Applicable Standards
GSOS /GSO 1694:2007 General Principles of Food Hygiene/
UAE S. GSO 21:1984: Hygienic Regulations for Food Plants and their Personnel
GSOS GSO 713 :1997: Hygienic Regulations for Poultry Processing Abattoirs and heir Personnel
GSOS GSO 993 :1998: Animal Slaughtering Requirements according to Islamic Law
OIC/SMIIC 2: 2019 General Requirements for Halal Food,

5. Process
5.0 Application for Certification (Application Form):
5.1 Application to be filled by the client will contain all the necessary information needed by AIS
Certifications for conducting the certification Process, such important information is:
a) General information: Applicant Business activities & related business facilities & relationship
between their facilities, in relevance to the certification scheme applied for information about
outsourced Processes relevant to Product conformity.
b) Any other information needed related to certification requirements.
c) By signing the application form, the applicant and the manufacturer agrees to comply with
these General Rules covered by Registration / CB Certification.
4.2 Application form aligns all requirements of the specific standard to which client wishes to be
certified and which has to be submitted along with the application) as following:
1) 1.Filled up Application form (Complete with all information).
2) Test Report (as per the requirements)
3) Declaration of Conformity by the Applicant on the Product(s) for Registration using the
Applicant’s Official Letterhead.
4) Valid industry/Trade License
5) Health Certificate documented and approved by the competent authorities in the
country of origin to prove that the product is fit for Human health consumption.
6) Certificate of Origin
7) FSMS/HACCP/ISO 22000 certificates
8) Product label with proposed space for logo

Page 25 of 49
 9) Halal certification from other certification bodies (if available)

10) 10. Certificate of competent on Halal or any Halal training for the personal in charge in
Halal Implementation.

6. Application Evaluation:
 The application is Evaluated once the client pays the application fee along with the required
documents and certification agreement is signed. Documents are reviewed. In case of any
pending or additional documents and clarification required from the client, AIS Certification
sends Non-Conformity Report.
 Client send back the Non Conformity Report and documents requested.
 Audit Time is prepared as per the annex B of GSO 2055-2:2016 of the Halal Standard.
 AIS Certification prepares the Quotation Form based on the audit time and sends to the client
and the client in turn sends the stamped and signed quotation form AIS Certification sends the
Proforma invoice .
 Once the Payment is received, audit plan is prepared in consultation with the client and the
auditors.
7. Audit Team and Audit Preparation
6.1 An Audit Team appointed by AIS Certification shall conduct an audit of the operation of the
organization to verify that the requirements as mentioned are being satisfied. The Audit Team
shall be composed of:
a) Lead auditor
b) Halal technical auditors
c) Food safety auditors (in case of organization in the food chain)
d) Islamic affairs expert
The Lead auditor may also be the Halal technical auditor and food safety auditor if he/she
has the appropriate qualification.
6.2 Members of the Audit Team shall (collectively) have appropriate qualification and training in
the field of halal assurance management system auditing, and the specific area to be certified
(i.e. food production, food safety, slaughterhouse, food outlet, etc.).
6.3 The Lead auditor shall review the application and prepare an Audit Plan appropriate to the size
of the applicant organization and the complexity of their operation. The Audit Plan shall be
communicated to and agreed by the organization to be audited.

7.0 Audit Process: Audit process shall include the following:

7.1Stage 1 Audit:
7.1.1 Required documents from Step 4.2 are reviewed to assess compliance of the manufacturer’s
Food Safety Management System to the requirements of ISO 22000/ HACCP as supported by
interview with client’s representative(s) or additional documentation available on-site. The location
conditions and site-specific operations are also evaluated to gain sufficient understanding of status
of the client’s FSMS.
7.1.2 The following components of the FSMS documentation are evaluated:
A. Technical review of documents from Step 4.2 are used to assess preparedness for the Stage.
B. Audit The following components of the FSMS documentation are evaluated.
Page 26 of 49
 Document review (assessment of Halal Assurance Management System (HAMS) documentation) –
This shall be conducted prior to the field audit of the organization’s premises, and shall include
adequacy review of all relevant documentation including:
a) Halal (and food safety, if applicable) assurance manual.
b) Organizational structure pertaining to halal responsibilities and authorities.
c) Process flow and corresponding halal standard operating procedures (HSOP).
d) Halal assurance control point (HACCP) identification and their control plan.
e) other relevant documentation.
Refer Annex C for Specific Requirements of Category C
7.1 Results of the Stage 1 Audit
Stage 1 Audit findings are communicated to client using Stage 1 Audit Report. Non-Conformity
Report is send. In case of identified areas of concern that could be classified as nonconformity
during the Stage 1 Audit, the schedule of which depends on the length of time required by client
to perform appropriate CA, but should not be longer than 6 months. Otherwise, the whole process
of Stage 1 Audit (Step 2) will be repeated.

7.2 Corrective actions by the Client: Client send back Non Conformity Report, along with supporting
documentation for the CA. Effectiveness of implemented CA is evaluated and comments are
recorded in Non Conformity Report
7.3 Recommendation to proceed, postpone or cancel Stage 2 Audit is reflected in filled-up Non-
Conformity Report

8 Stage 2 Audit
8.1 Audit Plan for Stage 2 Audit is prepared in consultation with the client and the auditors.

8.2 Inspection to check that the animal or birds slaughtering requirements is fully implemented,
effective and in conformity to the requirements of GSO 993:2015 and GSO 2055-1. FSMS is also
checked for full implementation, effectivity and compliance to the requirements of ISO 22000/
HACCP. Parts of the FSMS that had been declared in conformity during the Stage 1 Audit need
not be re-audited, unless to check continuity of conformance.
8.3 The following forms are used:
a. F-31 HSA Stage 1 Audit Report for Slaughter House and Meat Processing Plant
b. F-30 Audit Plan
c. F-31 HSB Stage 2 Audit Report for Slaughter House and Meat Processing Plant

8.4 Supporting information and evidences are gathered as follows:

a) Performance data against safety objectives
b) Legal compliance
c) Operational controls
d) Competence of personnel
e) Internal audit findings and conclusions
f) Management Review Meeting
g) Responsibilities for attainment of safety policy

Page 27 of 49
8.5 Results of the Stage 2 Audit
Stage 2 Audit findings are communicated to client using the documents as per 4.3. Non-
Conformity Report is send if identified during the inspection.
8.6 Corrective actions by the Client: Client send back Non-Conformity Report, along with supporting
documentation for the CA. Effectiveness of implemented CA is evaluated and Any re-inspection
requirement is reflected as a recommendation in the Non-Conformity Report.
8.7 Verification of CA effectiveness is reflected in Non-Conformity Report All information and
evidence gathered during the Stage 1 and Stage 2 audits are consolidated and reviewed to agree
on the audit conclusions. The Audit Report uses Audit Checklist and Halal Assessment Report
reflecting the recommendation for certification.
8.8 These are submitted together with: All documents for application from step 1.2 to the Halal
Certificate Decision Committee.

8.9 Certification Decision

8.9.1 Evaluation of the audit findings and conclusion and any other relevant information (public
information, comments on the audit report from client) Halal Certification Committee shall
involve qualified personnel with knowledge and skills of the following:
- Islamic Rules related to Halal Certification
- Understanding of relevant Halal & FSMS requirements
- Relevant legislation and regulations (industry requirements)
Certification decision team shall not be less than 3, including:
- Technical expert
- Islamic Affair expert
Certification decision shall be taken unanimously, not majority of votes.

8.9.2 All comments are recorded in Non-Conformity Report. Reasons for rejection are identified
and communicated to auditors.
8.9.3 The Outcome of the Certification decision is communicated to the client. In case of
rejection, AIS will inform client by an Official rejection statement (Letter of certification Status)
stating the reason of rejection.

9.0 Approval
9.1 Monitoring Stamping slaughtered animal:
 Each meat consignment accompanied Halal certificate certified by the consulate of Oman.
 Institution accredited by the concern agencies requirement standard GSO 2055-2:2015.
 Affix stamp of the issuer of the Halal certificate
 Ink shall be stable with food grade.
 Packet of meat pieces shall be stamped with its representative.
 Slaughtering under direct supervision of the representatives of Islamic center

9.2 The following forms are prepared:

A. Certificate of Conformity Halal
B. Halal Schedule of Certification

Page 28 of 49
9.3 Client Notification: AIS Certification will notify the client of approval of products and
certificate availability and will also send Agreement on the Use of License, Certificate and Mark
of Conformity to client. The Client will return the agreement on the use of license and Mark of
Conformity after signing.
9.4 Directory: AIS Certification will update the directory by including the name of the certified
product or unit.
10.0 Surveillance
Surveillance Audit for evaluation of continuity in compliance to GSO 993:2015, GSO 2055-1, ISO
22000/ HACCP and standards once a year after the issuance of certificate.
Samples may be taken in case nonconformities are detected in the Halal product/service premise
that directly affect Halal product/service safety or any complaints received with regards to the
certified Halal product.
Annex A - Regulatory Requirements
1. Pest Control
2. Personal Hygiene Requirements
3. Food Safety Program for employees
4. Environmental Safety
5. Child Labor
6. Employee Fair Treatment

Annex B - Guideline Parameters for Electrical Stunning

On Head only with frequency 1500Hz and rated Voltage 300 Volts

Type of Animal Current (Amperes’) Time (Seconds)

Small Sheep 0.5 to 0.9 2:00 to 3:00
Goat 0.7 to 1.0 2:00 to 3:00
Large Sheep 0.7 to 1.2 2:00 to 3:00
Male Calves 0.5 to 1.5 3:00
Castrated Calves 1.5 to 2.5 2:00 to 3:00
Cows 2.0 to 3.0 2:50 to 3:50
Bulls 2.5 to 3.5 3:00 to 4:00
Buffaloes 2.5 to 3.5 3:00 to 4:00

Page 29 of 49
Annex C Specific Requirements for Halal Products/Services Category C

1. Slaughtering of Animals
To be following Halal assurance management system Requirements for organizations supplying
Halal products and services. Specific requirements for slaughterhouse and meat processing
operation and related standards
2.Other processing of food from animal source
Additional requirements:
 Raw materials to be from Halal origin and prevented from contamination with non Halal during
production, transportation, storage, and/or handling and testing plan to be implemented.
 In case of raw materials/additives containing emulsifiers and vinegar Halal Certificate and
frequent testing of raw materials is MUST.
 Meat and meat by product handling activities such as deboning, flaking, mincing, forming,
packing, chilling, thawing, defrosting, freezing, slicing, homogenization, fermentation, cold/hot
smoking, salting, dehydration, curing, marinating. etc. to be under Halal and Food Safety risk-
based procedures.
 Egg handling to ensure Salmonella control, hair cracks, dirt, humidity etc. to be under Halal and
Food Safety risk-based procedures.
 Sea food gutting, deboning, de-scaling, drying, salting, smoking, flaking, mincing, forming,
packing, chilling, thawing, defrosting, freezing, slicing, fermentation, cold/hot smoking, salting,
dehydration, curing, marinating etc. to be under Halal and Food Safety risk-based procedures.
 Nano-food from animal source to be identified and processing to be validated as per Halal and
Food Safety risk-based procedures.
 All activities to be verified to prevent intended alcohol production during handling and storage
in all stages.
 In case of using additives; usage of any to be within acceptable limits as per reference standard.
 Ready to eat items MUST be identified on proper labeling.

3.Traceability
The applicant shall establish, keep records and apply a traceability system that ensure the
identification of slaughtered batches and their relation to batches of processing and delivery
records.
The traceability system to identify incoming livestock from different suppliers.
Traceability records shall be maintained for a defined period for system assessment to enable the
handling of potentially hazards on Halalness, safety of products and in the event of any rejection.
Records shall be also in accordance with statutory and regulatory requirements and consumers
requirements.

4.Sampling
1. For Initial Audit, representative samples of products related to applicant scope and raw
materials shall be drawn, as per GSO standards.
2. For Surveillance Audit, at least one representative sample shall be drawn to confirm continuous
keeping Halal Assurance and food safety parameters.

Page 30 of 49
Parameters Test MethodReference Sample Type Reporting UnitTime
Detection of PorkFE- 3129 Manual (S6014) Solid / Liquid % 2.5 Hrs
derivatives
Determination ofFE-2270 AOAC 986.12.200Solid / Liquid v/v 1 Hrs
Ethanol Content

Standards ISO/IEC 17065:2012: Conformity Assessment-Requirements for bodies

certifying products, processes and services.
ISO/IEC 17021:2015: Conformity Assessment-Requirements for bodies
providing audit and certification of management systems.
ISO/IEC 17025:2017: General requirements for the competence of testing
and calibration laboratories
GSO 2055 -2:2014 Halal products - Part two: General Requirements for
Halal Certification Bodies
GSO 713 :1997: Hygienic Regulations for Poultry Processing Abattoirs and
Their Personnel
GSO 993 :2015: Animal Slaughtering Requirements according to Islamic
Law
GSO 1694:2007 General Principles of Food Hygiene
GSO 21:1984: Hygienic Regulations for Food Plants and their Personnel
Work Instructions WI 05 Man-day Estimation for Halal Certifications
WI 06 Man-day Estimation for Integrated Management System and
Extended Audits.
WI 07 Man Day Estimation for Additional Accreditation and Transfer of
Certification.
Formats / Exhibits F30 – Audit Notification, F 31 HS – Stage 1 Audit Report, F32 HS – Stage 2
Audit Report
F 28 B Audit Man Day Calculator, F29 Change to Contract
F 33 Cert Format, F 34 Audit Review Checklist, F 35 Deviation Note

Page 31 of 49
 QP-09 B HALAL CERTIFICATION OF FOOD CHAIN PRODUCTS Version :1.00
1. PURPOSE: To ensure the compliance of certification procedure based on the requirements of
GSO 2055-1:2015 - Halal products Halal products - Part one: General Requirements for Halal Food
and GSO 2055 -2:2016 Halal products - Part two: General Requirements for Halal Certification
Bodies.

2. SCOPE: This procedure applies to certification of food products including all stages of operation
from receiving, processing, labelling, handling, distributing, storing, displaying and serving.
3 Responsibility: It is the responsibility of AIS Certifications as to establish and maintain the
appropriate system to satisfy accreditation bodies and client’s requirements in accordance to the
accredited certification system. It is the responsibility of AIS certifications clients to provide all
needed requirements as per this product certification schemes approved by accreditation bodies
and scheme owner to ensure their products compliance to the applicable schemes and standards.
4 Mandatory Schemes and Applicable Standards
GSOS 2055-1:2015 General Requirements for Halal Food
GSOS 993:2015: Animal Slaughtering Requirements according to Islamic Law/
GSO ISO 22000: 2007 Food Safety Management Systems -Requirements for any organization in the food chain
GSO 1694:2007 General Principles of Food Hygiene
OIC/SMIIC 2: 2019 General Requirements for Halal Food,
GSO 2500- Additives Permitted for Use in Food Stuff
GSO 2538 The Maximum Limits for Residues of Ethyl Alcohol (Ethanol) In Food
GSO 2231 General Requirements for The Materials Intended To Come Into Contact With Food
GSO 839 Food Packages - Part 1: General Requirements
GSO 1863 Food Packages - Part 2: Plastic Package - General Requirements

5 Process
4.1 Application for Certification (Application Form):
4.1.1 Application to be filled by the client will contain all the necessary information needed by AIS
Certifications for conducting the certification Process, such important information is:
A. General information: Applicant Business activities & related business facilities & relationship
between their facilities, in relevance to the certification scheme applied for information
about outsourced Processes relevant to Product conformity.
B. Any other information needed related to certification requirements.
C. By signing the application form, the applicant and the manufacturer agrees to comply with
these General Rules covered by Registration / CB Certification.
4.2 Application form aligns all requirements of the specific standard to which client wishes to be
certified and which has to be submitted along with the application) as following:
 Filled up Application form (Complete with all information).
 Test Report (as per the requirements).
 Declaration of Conformity by the Applicant on the Product(s) for Registration using the
Applicant’s Official Letterhead.
 Valid industry/Trade License.
Page 32 of 49
  Health Certificate documented and approved by the competent authorities in the country of
origin to prove that the product is fit for Human health consumption.
 Certificate of Origin.
 FSMS/HACCP/ISO 22000 certificates.
 Product label with proposed space for logo.
 Halal certification from other certification bodies (if available).
 Certificate of competent on Halal or any Halal training for the personal in charge in Halal
Implementation.
 Test report from recognized laboratory (Accredited ISO 17025) as per the requirement of
GSO standard of the product.
 Facility Map/Factory Layout/Farm Map standard of the product.
 Labelling Artwork.
 Table of Raw materials.
 Table of Finished products.
 Certificate for organic/Halal/or any other claims
 Brief description of Manufacturing process & plant equipment Lay-out in the form of a Halal
System Plant (HSP).
 Certificates of Raw materials & Packing material from the suppliers ensuring their Halal
Origin.
 Evidence of approval from other conformity assessment bodies (If approved).
 Certificate of competence on Halal or any Halal training for the personal in charge in Halal
implementation.
5 Application Evaluation:
 The application is Evaluated once the client pays the application fee along with the
required documents and certification agreement is signed. Documents are reviewed. In
case of any pending or additional documents and clarification required from the client,
AIS Certification sends Non-Conformity Report.
 Client send back the Non Conformity Report and documents requested.
 Audit Time is prepared as per the annex B of GSO 2055-2:2016 of the Halal Standard.
 AIS Certification prepares the Quotation Form based on the audit time and sends to the
client and the client in turn sends the stamped and signed quotation form, AIS
Certification sends the Proforma invoice.
 Once the Payment is received, audit plan is prepared in consultation with the client and
the auditors.

5.1 Audit Team and Audit Preparation

5.1.1 An Audit Team appointed by AIS Certification shall conduct an audit of the operation of the
organization to verify that the requirements as mentioned in the standards are being satisfied.
The Audit Team shall be composed of:
A. Lead auditor.
B. Halal technical auditors.
C. Food safety auditors (in case of organization in the food chain).
D. Islamic affairs expert

Page 33 of 49
The Lead auditor may also be the Halal technical auditor and food safety auditor if he/she has
the appropriate qualification.
5.2 Members of the Audit Team shall (collectively) have appropriate qualification and training in
the field of halal assurance management system auditing, and the specific area to be certified
(i.e. food production, food safety, slaughterhouse, food outlet, etc.).
5.3 The Lead auditor shall review the application and prepare an Audit Plan appropriate to the
size of the applicant organization and the complexity of their operation. The Audit Plan shall be
communicated to and agreed by the organization to be audited.

6 Audit Process: Audit process shall include the following:

6.1 Stage 1 Audit:
Technical review of documents from Step 1.2 are used to assess preparedness for the Stage 2
Audit. The following components of the FSMS documentation are evaluated:
Document review [assessment of Halal Assurance Management System (HAMS)
documentation)– This shall be conducted prior to the field audit of the organization’s premises,
and shall include adequacy review of all relevant documentation including:
 Halal (and food safety, if applicable) assurance manual.
 Organizational structure pertaining to halal responsibilities and authorities.
 Process flow and corresponding halal standard operating procedures (HSOP).
 Halal assurance control point (HACCP) identification and their control plan.
 Food safety documentation including HACCP (for organization in the food chain).
 Other relevant documentation.
Refer Annex B for Specific Requirements of Category E

6.2 Mandatory Stage 1 Audit

Product/Service Categories which require Product/Service Categories that require mandatory on-
an optional on-site stage 1 audit: site stage 1 audit
A-Farming (plants and animals, egg and C-Perishable animal products (slaughtering, eggs,
milk production, beekeeping, fishing, poultry, dairy, fish etc.).
hunting). D-Perishable vegetable products (fresh vegetables,
G-Food service (hotels, restaurants) juices, preserved fruits, etc.).
H-Distribution (wholesale and retail E-Products with long shelf life at room temperature
outlets). (canned, flour, snacks, oil etc.).
I- Services (water supply, cleaning, waste F-Feed production.
disposal, veterinary services, Islamic L-Chemical and biochemical manufacturing (food
financial services). additives, dietary supplements, cleaning agents,
J-Transport and storage. microorganisms etc.).
K-Equipment manufacturing. M-Packaging and wrapping material manufacturing.

6.3 Results of the Stage 1 Audit

Stage 1 Audit findings are communicated to client using Stage 1 Audit Report. Non-Conformity
Report is sent. In case of identified areas of concern that could be classified as nonconformity
during the Stage 2 Audit, the schedule of which depends on the length of time required by client

Page 34 of 49
 to perform appropriate CA but should not be longer than 6 months. Otherwise, the whole process
of Stage 1 Audit (Step 2) will be repeated.

6.4 Corrective actions by the Client: Client send back Non-Conformity Report, along with
supporting documentation for the CA. Effectiveness of implemented CA is evaluated and
comments are recorded in Non-Conformity Report
6.5 Recommendation to proceed, postpone or cancel Stage 2 Audit is reflected in filled-up Non-
Conformity Report
7 Stage 2 Audit
7.1 Audit Plan for Stage 2 Audit is done in consultation with the client and the auditors.
7.2 Inspection to check that the requirements is fully implemented, effective and in conformity
to the requirements of GSO 2055-1. FSMS is also checked for full implementation, effectivity
and compliance to the requirements of ISO 22000/ HACCP. Parts of the FSMS that had been
declared in conformity with the requirements of ISO 22000/ HACCP and GSO 2055-1 during
the Stage 1 Audit need not be re-audited, unless to check continuity of conformance.
7.3 The following forms are used:
 F-31 HFA Stage 1 Audit Report for Food Chain
 F-30 Audit Plan
 F-31 HFB Stage 2 Audit Report for Food Chain
7.4 Supporting information and evidence are gathered as follows:
 Performance data against safety objectives.
 Legal compliance.
 Operational controls.
 Competence of personnel.
 Internal audit findings and conclusions.
 Management review Management review.
 Responsibilities for attainment of safety policy
7.5 Results of the Stage 2 Audit
Stage 2 Audit findings are communicated to client using the documents as per 4.3. Non-
Conformity Report is send identified during the inspection.

7.6 Corrective actions by the Client: Client send back Non-Conformity Report, along with supporting
documentation for the CA. Effectiveness of implemented CA is evaluated and Any re-inspection
requirement is reflected as a recommendation in the Non-Conformity Report

7.7 Verification of CA effectiveness is reflected in Non-Conformity Report All information and

evidence gathered during the Stage 1 and Stage 2 audits are consolidated and reviewed to agree
on the audit conclusions. The Audit Report uses HACCP Assessment Report and Halal Product
Certification Audit Check List reflecting the recommendation for certification.
These are submitted together with: All documents for application from step 1.2 to the Halal
Certificate Decision Committee.

Page 35 of 49
8 Certification Decision
8.1 Evaluation of the audit findings and conclusion and any other relevant information (public
information, comments on the audit report from client)
Halal Certification Committee shall involve qualified personnel with knowledge and skills of the
following:
 Islamic Rules related to Halal Certification.
 Understanding of relevant Halal & FSMS requirements.
 Relevant legislation and regulations (industry requirements).
 Certification decision team shall not be less than 3, including.
 Technical expert.
 Islamic Affair expert
Certification decision shall be taken unanimously, not majority of votes.

8.2 All comments are recorded in Non-Conformity Report. Reasons for rejection are identified
and communicated to auditors.

9.0 The Outcome of the Certification decision is communicated to the client. In case of rejection,
AIS will inform client by an Official rejection statement (Letter of certification Status) stating the
reason of rejection.

9.1 Client Notification: AIS Certifications will notify the client of approval of products and
certificate availability and will also send Agreement on the Use of License, Certificate and Mark
of Conformity to client. The Client will return the agreement on the use of license and Mark of
Conformity after signing.

9.2 Directory: AIS Certifications will update the directory by including the name of the certified
product or unit.
10.0 Surveillance
Surveillance Audit for evaluation of continuity in compliance to GSO 2055-1, ISO 22000/ HACCP
and standards once a year after the issuance of certificate
Samples may be taken in case nonconformities are detected in the Halal product/service premise
that directly affect Halal product/service safety or any complaints received with regards to the
certified Halal product.
11.Traceability
The applicant shall establish, keep records and apply a traceability system that ensure the
identification of batches and their relation to batches of processing and delivery records.
The traceability system to identify incoming Material from different suppliers.
Traceability records shall be maintained for a defined period for system assessment to enable the
handling of potentially hazards on Halalness, safety of products and in the event of any rejection.
Records shall be also in accordance with statutory and regulatory requirements and consumers
requirements.

Page 36 of 49
 12.Sampling
1. For Initial Audit, representative samples of products related to applicant scope and raw
materials shall be drawn, as per GSO standards with respect to Products.
2. For Surveillance Audit, at least one representative sample shall be drawn to confirm continuous
keeping Halal Assurance and food safety parameters.
Parameters Test MethodReference Sample Type Reporting UnitTime
Detection of PorkFE- 3129 Manual (S6014) Solid / Liquid % 2.5 Hrs
derivatives
Determination ofFE-2270 AOAC 986.12.200Solid / Liquid v/v 1 Hrs
Ethanol Content

Annex A - Regulatory Requirements

1) Pest Control
2) Personal Hygiene Requirements
3) Food Safety Program for employees
4) Environmental Safety
5) Child Labor
6) Pollution Control
7) Employee Fair Treatment

13.0 References
Standards ISO/IEC 17065:2012: Conformity Assessment-Requirements for bodies certifying products,
processes and services.
ISO/IEC 17021:2011: Conformity Assessment-Requirements for bodies providing audit and
certification of management systems.
ISO/IEC 17025:2011: General requirements for the competence of testing and calibration
laboratories
GSO 2055-1:2015 General Requirements for Halal Food
GSO 993:2015: Animal Slaughtering Requirements according to Islamic Law
GSO ISO 22000: 2007 Food Safety Management Systems -Requirements for any organization
in the food chain
GSO 1694:2007 General Principles of Food Hygiene
Scheme to control halal products, no. 10 of 2014
Work WI 05 Man-day Estimation for Halal Certifications
Instructions WI 06 Man-day Estimation for Integrated Management System and Extended Audits
WI 07 Man Day Estimation for Additional Accreditation and Transfer of Certification
Formats / F30 – Audit Notification, F 31 HF – Stage 1 Audit Report, F32 HF – Stage 2 Audit Report
Exhibits
F 28 B Audit Man Day Calculator, F29 Change to Contract
F 33 Cert Format, F 34 Audit Review Checklist, F 35 Deviation Note

Page 37 of 49
 QP-09 C HALAL CERTIFICATION OF COSMETICS AND PERSONAL CARE Version :1.00

1. PURPOSE: To ensure the compliance of certification procedure based on the requirements of

GSO 2055-1:2015 - Halal products Halal products - Part one: General Requirements for Halal
Food and GSO 2055 -2:2016 Halal products - Part two: General Requirements for Halal
Certification Bodies, GSO 2055-4: 2014 Halal products – part 4 requirements for cosmetics
and personal care.
2. SCOPE: This procedure applies to certification of food products including all stages of operation
from receiving, processing, labelling, handling, distributing, storing, displaying and serving.
3.Responsibility: It is the responsibility of AIS Certifications as to establish and maintain the
appropriate system to satisfy accreditation bodies and client’s requirements in accordance to the
accredited certification system. It is the responsibility of AIS certifications clients to provide all
needed requirements as per this product certification schemes approved by accreditation bodies
and scheme owner to ensure their products compliance to the applicable schemes and standards.
4. Mandatory Schemes and Applicable Standards
GSOS 2055 - 4:2014 Halal Products- Part 4: Requirements for Cosmetics and Personal care products
GSOS GSO ISO 22716 Cosmetics - Good Manufacturing Practices (GMP) - Guidelines on Good Manufacturing Practices
OIC/SMIIC 2: 2019 General Requirements for Halal Food,

5. Process
4.1Application for Certification (Application Form):
4.1.1. Application to be filled by the client will contain all the necessary information needed by AIS
Certifications for conducting the certification Process, such important information is:
- General information: Applicant Business activities & related business facilities & relationship
between their facilities, in relevance to the certification scheme applied for information about
outsourced Processes relevant to Product conformity.
- Any other information needed related to certification requirements.
- By signing the application form, the applicant and the manufacturer agrees to comply with these
General Rules covered by Registration / CB Certification.
4.2 Application form aligns all requirements of the specific standard to which client wishes to be
certified and which has to be submitted along with the application) as following:
 Filled up Application form (Complete with all information).
 Test Report (as per the requirements).
 Declaration of Conformity by the Applicant on the Product(s) for Registration using the
Applicant’s Official Letterhead.
 Valid industry/Trade License.
 Certificate of Origin.
 GMP certificates.
 Product label with proposed space for logo.
 Halal certification from other certification bodies (if available).
 Certificate of competent on Halal or any Halal training for the personal in charge in Halal
Implementation.

Page 38 of 49
  Test report from recognized laboratory (Accredited ISO 17025) as per the requirement of
GSO standard of the product.
 Facility Map/Factory Layout/Farm Map standard of the product.
 Labelling Artwork.
 Table of Raw materials.
 Table of Finished products.
 Certificate for organic/Halal/or any other claims
 Brief description of Manufacturing process & plant equipment Lay-out in the form of a Halal
System Plant (HSP).
 Certificates of Raw materials & Packing material from the suppliers ensuring their Halal
Origin.
 Evidence of approval from other conformity assessment bodies (If approved).
 Certificate of competence on Halal or any Halal training for the personal in charge in Halal
implementation.
5. Application Evaluation:
 The application is Evaluated once the client pays the application fee along with the
required documents and certification agreement is signed. Documents are reviewed. In
case of any pending or additional documents and clarification required from the client,
AIS Certification sends Non-Conformity Report.
 Client send back the Non Conformity Report and documents requested.
 Audit Time is prepared as per the annex B of GSO 2055-2:2016 of the Halal Standard.
 AIS Certification prepares the Quotation Form based on the audit time and sends to the
client and the client in turn sends the stamped and signed quotation form, AIS
Certification sends the Proforma invoice.
 Once the Payment is received, audit plan is prepared in consultation with the client and
the auditors.

5.1. Audit Team and Audit Preparation

5.1.1 An Audit Team appointed by AIS Certification shall conduct an audit of the operation of the
organization to verify that the requirements as mentioned in the standards are being satisfied.
The Audit Team shall be composed of:
E. Lead auditor.
F. Halal technical auditors.
G. Food safety auditors (in case of organization in the food chain).
H. Islamic affairs expert
The Lead auditor may also be the Halal technical auditor and food safety auditor if he/she has
the appropriate qualification.
5.2 Members of the Audit Team shall (collectively) have appropriate qualification and training in
the field of halal assurance management system auditing, and the specific area to be certified
(i.e. cosmetics and personal care etc.).
5.3 The Lead auditor shall review the application and prepare an Audit Plan appropriate to the
size of the applicant organization and the complexity of their operation. The Audit Plan shall be
communicated to and agreed by the organization to be audited.

Page 39 of 49
6. Audit Process: Audit process shall include the following:
6.1. Stage 1 Audit (Mandatory and Onsite Audit)
Technical review of documents from Step 1.2 are used to assess preparedness for the Stage 2
Audit. The following components of the GMP documentation are evaluated:
Document review [assessment of Halal Assurance Management System (HAMS) documentation).
This shall be conducted prior to the field audit of the organization’s premises, and shall include
adequacy review of all relevant documentation including:
 Halal (if applicable) assurance manual.
 Organizational structure pertaining to halal responsibilities and authorities.
 Process flow and corresponding halal standard operating procedures (HSOP).
 Halal assurance control point (HACCP) identification and their control plan.
 Documentation including GMP (for organization).
 Other relevant documentation.
Refer Annex B for Specific Requirements of Category E

6.2 Results of the Stage 1 Audit

Stage 1 Audit findings are communicated to client using Stage 1 Audit Report. Non-Conformity
Report is sent. In case of identified areas of concern that could be classified as nonconformity
during the Stage 2 Audit, the schedule of which depends on the length of time required by client
to perform appropriate CA but should not be longer than 6 months. Otherwise, the whole process
of Stage 1 Audit (Step 2) will be repeated.

6.3 Corrective actions by the Client: Client send back Non-Conformity Report, along with
supporting documentation for the CA. Effectiveness of implemented CA is evaluated and
comments are recorded in Non-Conformity Report
6.4 Recommendation to proceed, postpone or cancel Stage 2 Audit is reflected in filled-up Non-
Conformity Report
7. Stage 2 Audit
7.1. Audit Plan for Stage 2 Audit is done in consultation with the client and the auditors.
7.2. Inspection to check that the requirements is fully implemented, effective and in
conformity to the requirements of GSO 2055-4. GMP is also checked for full
implementation, effectivity and compliance to the requirements of ISO 22715 :2008 and
ISO 22716 :2009.
7.3. The following forms are used:
 F-31 HCA Stage 1 Audit Report for Cosmetics and Personal care
 F-30 Audit Plan
 F-31 HCB Stage 2 Audit Report for Cosmetics and Personal care
7.4. Supporting information and evidence are gathered as follows:
 Performance data against safety objectives.
 Legal compliance.
 Operational controls.
 Competence of personnel.

Page 40 of 49
  Internal audit findings and conclusions.
 Management review Management review.
 Responsibilities for attainment of safety policy
7.5. Results of the Stage 2 Audit
Stage 2 Audit findings are communicated to client using the documents as per 4.3. Non-
Conformity Report is send identified during the inspection.

7.6. Corrective actions by the Client: Client send back Non-Conformity Report, along with
supporting documentation for the CA. Effectiveness of implemented CA is evaluated and
Any re-inspection requirement is reflected as a recommendation in the Non-Conformity
Report

7.7. Verification of CA effectiveness is reflected in Non-Conformity Report All information and

evidence gathered during the Stage 1 and Stage 2 audits are consolidated and reviewed
to agree on the audit conclusions. The Audit Report uses GMP Assessment Report and
Halal Product Certification Audit Check List reflecting the recommendation for
certification.

These are submitted together with: All documents for application from step 1.2 to the
Halal Certificate Decision Committee.

8. Certification Decision
8.1 Evaluation of the audit findings and conclusion and any other relevant information
(public information, comments on the audit report from client)
Halal Certification Committee shall involve qualified personnel with knowledge and skills
of the following:
 Islamic Rules related to Halal Certification.
 Understanding of relevant Halal & GMP requirements.
 Relevant legislation and regulations (industry requirements).
 Certification decision team shall not be less than 3, including.
 Technical expert.
 Islamic Affair expert
Certification decision shall be taken unanimously, not majority of votes.

8.2 All comments are recorded in Non-Conformity Report. Reasons for rejection are identified
and communicated to auditors.

9. The Outcome of the Certification decision is communicated to the client. In case of rejection,
AIS will inform client by an Official rejection statement (Letter of certification Status) stating
the reason of rejection.

9.1 Client Notification: AIS Certifications will notify the client of approval of products and
certificate availability and will also send Agreement on the Use of License, Certificate and Mark

Page 41 of 49
of Conformity to client. The Client will return the agreement on the use of license and Mark of
Conformity after signing.

9.2 Directory: AIS Certifications will update the directory by including the name of the certified
product or unit.
10.0 Surveillance
Surveillance Audit for evaluation of continuity in compliance to GSO 2055-1, GSO 2055-4, ISO
22716 :2009 and standards once a year after the issuance of certificate
Samples may be taken in case nonconformities are detected in the Halal product/service premise
that directly affect Halal product/service safety or any complaints received with regards to the
certified Halal product.
11.Traceability
The applicant shall establish, keep records and apply a traceability system that ensure the
identification of batches and their relation to batches of processing and delivery records.
The traceability system to identify incoming Material from different suppliers.
Traceability records shall be maintained for a defined period for system assessment to enable the
handling of potentially hazards on Halalness, safety of products and in the event of any rejection.
Records shall be also in accordance with statutory and regulatory requirements and consumers
requirements.

12.Sampling
3. For Initial Audit, representative samples of products related to applicant scope and raw
materials shall be drawn, as per GSO standards with respect to Products.
4. For Surveillance Audit, at least one representative sample shall be drawn to confirm continuous
keeping Halal Assurance and food safety parameters.

Parameters Test MethodReference Sample Type Reporting UnitTime

Detection of PorkFE- 3129 Manual (S6014) Solid / Liquid % 2.5 Hrs
derivatives
Determination ofFE-2270 AOAC 986.12.200Solid / Liquid v/v 1 Hrs
Ethanol Content

Annex A - Regulatory Requirements

8) Pest Control
9) Personal Hygiene Requirements
10) Food Safety Program for employees
11) Environmental Safety
12) Child Labor
13) Pollution Control
14) Employee Fair Treatment

Page 42 of 49
 13.0 References
Standards ISO/IEC 17065:2012: Conformity Assessment-Requirements for bodies certifying products,
processes and services.
ISO/IEC 17021:2011: Conformity Assessment-Requirements for bodies providing audit and
certification of management systems.
ISO/IEC 17025:2011: General requirements for the competence of testing and calibration
laboratories
GSO 2055-1:2015 General Requirements for Halal Food
GSO 1694:2007 General Principles of Food Hygiene
GSO 1943:2010 Cosmetic products - Cosmetic Products safety requirements.
GSO 2055 -4:2014 Requirements for Cosmetics and Personal Care
GSO ISO 22715 :2008 Cosmetics -Packaging and Labelling
GSO ISO 22716 :2009 Cosmetics - Good Manufacturing Practices (GMP) -
Scheme to control halal products, no. 10 of 2014
Work WI 05 Man-day Estimation for Halal Certifications
Instructions WI 06 Man-day Estimation for Integrated Management System and Extended Audits
WI 07 Man Day Estimation for Additional Accreditation and Transfer of Certification
Formats / F30 – Audit Notification, F 31 HF – Stage 1 Audit Report, F32 HF – Stage 2 Audit Report
Exhibits F 28 B Audit Man Day Calculator, F29 Change to Contract
F 33 Cert Format, F 34 Audit Review Checklist, F 35 Deviation Note

Page 43 of 49
QP-09 D SAMPLING PROCEDURES FOR HALAL INSPECTIONS AND CERTIFICATIONS Version :1.00

1. Purpose & Scope:

This procedure aims to describe the steps adopted by Atyab International Services- Halal
Certifications for sampling of products during certification or inspection process

2. Responsibilities:
It is the responsibility of the Quality Assurance Manager and Conformity Manager to ensure the
appropriate implementation of this procedure.

3. Definitions:
QM: Quality Assurance Manager
QP: Quality Procedures
QM: Quality Manual

4. Procedures:

4.1. Sampling Options:

Sampling can be done during either:

A. Certification Process:
 Site Assessment/Audit: Sampling at certification site
 Product Certification:

B. Inspection Process, such cases include

 Pre-shipment inspection - sampling takes place at the site of shipping

 Post Market Surveillance - sampling takes place at the point of sale/ outlet where
products intended for testing are displayed

4.2. Procedure for sampling:

4.2.1. Sampling during Certification Process

 Sampling is carried out by a suitably trained person assigned by the audit team leader.
 Selection of Sampling Points: Determine total number of areas where products is
produced and stored (Manufacturing sites warehouses, etc…), those are considered as
sampling points. Out of this number, random selection of sampling points will be made
based on size of area, please refer to Table 1.

Page 44 of 49
  Samples shall only be taken from the finished product ready for commercial distribution.
 All factories, stock rooms and warehouses containing finished products shall be included
in the population to be sampled (Table 1)
 Sampler should randomly select TWO Samples of the same product intended for sampling
collect samples , one sample to be sent to the laboratory, and one sample to be packaged
and sealed and kept with manufacturer site for further needed demonstration of integrity
of sampling method
 If more than sample will be needed for the lab testing (No of units to be identified to client
prior of sampling, otherwise number of samples will be total of TWO).
 Atyab International Services- Halal Certifications sampler shall bring written details
(sample request form FHC/4.1/R2) of the purpose of test, containing details about the
product, testing, and number of units to be taken from each similar product
 Three copies of sample request form shall be provided; one for the sampler's record, a
second to be packed with the samples that will be sent to the laboratory, and a third for
the manufacturer to act as a receipt for the goods taken.
 Atyab International Services- Halal Certifications sampling shall be well documented and
contain the name of the Product, the name of the sampler, sampling locations and date
of sampling.
 The sampling request form-the part filled in by Atyab International Services- Halal
Certifications shall include the following particulars:
o Dates between which sampling was carried out.
o Area (sampling point) from which samples were drawn (or the area served by
the factories/warehouses sampled);
o Number of times sampling was carried out and the number of increments
sampled.
o Number of places sampled, principles of factory/warehouse sampling.

4.2.2. Sampling during Inspection Process

 Selection of Sampling Points: Determine total number of areas where products are
displayed (Sales outlets, shipments, etc.), those are considered as sampling points. Out of
this number, random selection of sampling points will be made based on size of area and
product risk (please refer to Table1).
 Sampling shall only be carried out at another kind of sampling point after two
unsuccessful attempts have been made at the specified points.
 Divide your field (Shipping Area, Warehouse) into areas, each area will contain an equal
Number of products/Sales Units either available individually or packed together in boxes.
 Take random sample from each area as described in table1.
 Label each sample bag with Sampler name, company (AIS) name and sample
identification, the label information should correspond to the sample I.D. listed on the
sample request form
 Identify test parameters needed

Notes:
a. From each sales unit take product in equal proportions for the laboratory samples

Page 45 of 49
 b. If several laboratories are to run tests, an equal number of Products/sale units from each
sampling point shall be contained in each laboratory.
c. Each laboratory sample shall be so labeled as to link it with all the manufacturing or packaging

Information that is relevant to the use of the data produced from tests upon it, such as:
 Name of the product
 Clear Description
 date of sampling
 Sampling point
 Destination (i.e. the laboratory to which the samples are destined).
d. All the samples shall be packed securely with adequate protection against damage (e.g.
mechanical damage, severe changes in humidity, temperature) and sent to each laboratory
by the most expeditious means.
e. A list of samples in each dispatch on that day shall be sent to each laboratory, under separate
cover in a separate mailing.

4.2.3. Packaging and Shipment instructions:

 Place sample bags in a sturdy, spill-proof container and pack tightly to prevent opening
and spillage in shipment.
 Label each sample bag with Sampler name, company (Atyab International Services- Halal
Certifications ) name and sample identification, the label information should correspond
to the sample I.D. listed on the sample request form
 Place completed sample request form in an envelope and attach to outside of the
package.
 Samples should be shipped by local courier services.

Table 1:
No of Sampling Points to perform
Total No*
sampling at (2 identical units each point)
2 – 10 1
11 – 25 3
26 – 50 7
51 – 80 13
81 - 100 18

*Total Number (No) Considered would be either: Sampling points (Outlets-Manufacturing Sites,
Warehouses) Or Total no of packaged finished products contained in one application for
certification/ consignment/ Shipment which are available in each sampling point

5. Related Forms:
Listed Agreements, SOPs, Records related to the SOP26 as follows:

Master List of Documents

Sample request form

Page 46 of 49
 QP-09 E ANNEXURE -A PROCESS FLOW FOR MS CERTIFICATION
Initial certification Three year certification
decision / recertification
Ongoing surveillance activities
Initial
Client submits certification Initial Surveillance audits shall Re-certification
application for certificatio be conducted at least once Re-certification activities
planning / a calendar year. The date
initial conducting n decision to be completed before
of the first surveillance expiry of certification
audit following initial
certification shall not be
Exchange of Select and more than 12 months from
information between appoint the certification decision
client and certification competent stage Granting of date
initial
certification Exchange of information between client and certification
Review of and body (e.g. change of scope); determine if change to
Planning for issuance of
application for audit programme required
stage 1 certification
certification
documents
Initial
Identification of certification
areas of concern Conduct decision
and request for stage 1
additional
information Confirm audit programme and communicate to client
Resolve stage 1
areas of concern
Development of (If applicable)
audit programme Confirm appoint competent audit team

Confirm / appoint
Proposal for competent stage-
Plan for Plan for re-
certification and 2 team
surveillance certification
confirmation of audit audit
audit programme
Plan for Conduct Conduct
Stage 2 surveillance recertificatio
Client and
certification body audit n audit(s)
engage in formal
arrangements for Conduct Resolve Resolve
certification Stage 2 surveillance recertification
audit areas of audit areas of
concern concern
(if (if
Resolve stage 2
areas of concern Surveillance Recertificatio
(If applicable) audit n audit
conclusions conclusions

Initial certification
audit conclusions Independen Recertificatio
t review of n decision
certification
(if required) Granting of
recertification
and issuance of
certification
Confirm or adjust audit programme and appropriate audit follow-up and surveillance activities documents
including frequency and duration. Special audits must also be taken into consideration.

Page 47 of 49
 1.1 References:
a) ISO 9000: Quality management systems - Fundamentals and vocabulary.
b) ISO/IEC 17000: Conformity assessment - Vocabulary and general principles.
c) ISO/IEC 17025: General requirements for the competence of testing and calibration
d) laboratories.
e) ISO/IEC 17020: General criteria for the operation of various types of bodies
f) performing inspection.
g) ISO/IEC 17021: Conformity assessment - Requirements for bodies providing audit
h) and certification of management systems.
i) ISO 17021-2:2016: Competence requirements for auditing and certification of environmental
management systems
j) ISO 17021-3:2017: Competence requirements for auditing and certification of Quality management
systems
k) ISO 17021-10:2018: Competence requirements for auditing and certification of Occupational Health
& Safety Management Systems
l) ISO 22003:2013 -FSMS-Requirements for bodies auditing and certifying the FSMS
m) ISO/IEC 17030, Conformity Assessment — General requirements for third-party marks of conformity.
n) ISO 19011: Guidelines for auditing management systems.
o) GAC document: FAD-12: Supplementary accreditation requirements for Halal Certification Bodies, in
addition to applicable scheme and Standards
p) ISO Guide 23:1982 Methods of indicating conformity with Standards for third-Party certification Systems
q) ISO Guide 27:1983 Guidelines for corrective action to be taken by a certification body in the event of
misuse of its mark of conformity
r) GSO S 2055-2 ; 2016 Part 2 General Requirements for Halal Certification Bodies
s) GSO 1694:2007 General Principles of Food Hygiene
t) GSO ISO 22716 Cosmetics - Good Manufacturing Practices (GMP) - Guidelines on Good Manufacturing
Practices
u) GSO 21:1984: Hygienic Regulations for Food Plants and their Personnel
v) GSO 993: Animal Slaughtering Requirements According to Islamic law.
w) GSO 2055-2: General Requirements for Halal accreditation bodies accrediting Halal certification bodies.
x) GSO 9: Labeling of pre-packaged foodstuffs
y) GSO 2500- Additives Permitted for Use in Food Stuff
z) GSO 2538 The Maximum Limits for Residues of Ethyl Alcohol (Ethanol) In Food
aa) GSO 2231 General Requirements for The Materials Intended To Come Into Contact With Food
bb) GSO 839 Food Packages - Part 1: General Requirements
cc) GSO 1863 Food Packages - Part 2: Plastic Package - General Requirements
dd) IAF MD 1:2018 Certification of Multiple Sites Based on Sampling
ee) IAF MD 2:2007 Transfer of Accredited Certification of Management Systems
ff) IAF MD 4:2018 Use of Computer Assisted Audited Techniques (“CAAT”) for Accredited Certification
of Management Systems
gg) IAF MD 5: 2019 Determination of Audit Time of Quality, Environmental, And Occupational
Health & Safety Management Systems
hh) IAF MD 11:2013 Application of ISO/IEC 17021 for Audits of Integrated Management Systems
ii) IAF MD 16:2015 Application of ISO/IEC 17011 for the Accreditation of Food Safety Management
Systems (FSMS) Certification Bodies
jj) IAF MD 22: 2019 Application of ISO/IEC 17021-1 for the certification of occupational health and
safety management systems (OH&SMS)
kk) EA-07/04 M:2017 Legal Compliance as a part of Accredited ISO 14001:2015 certification.

Page 48 of 49
ll) OIC/SMIIC 2: 2019 General Requirements for Halal Food,

Page 49 of 49