Skip to Main Content
GOVERNANCE & ASSURANCE

Impartiality Policy

We are committed to objective, independent certification and maintaining the safeguards that keep every certification decision free from outside influence.

PURPOSE

Why this policy exists.

The purpose of this policy is to define and document VikingCloud Audit & Certification’s commitment to impartiality in its certification activities, in compliance with ISO/IEC 17021-1:2015 and ISO/IEC 27006-1:2024. This policy ensures that all certification decisions are based solely on objective evidence of conformity and are not influenced by other interests or relationships.

SCOPE

Who this applies to.

This policy applies to all personnel, including management, staff, contractors, and committee members involved in the certification processes carried out by VikingCloud Audit & Certification.

POLICY STATEMENT

Our commitment to impartiality.

VikingCloud Audit & Certification recognizes the importance of impartiality in carrying out its certification activities and manages conflict of interest to ensure the objectivity of its certification services.

We are committed to:

  • Ensuring that certification decisions are made independently of any commercial, financial, or other pressures.
  • Identifying, analyzing, evaluating, and managing all potential conflicts of interest.
  • Maintaining transparency in our certification processes and decisions.
  • Continually improving our impartiality framework in alignment with applicable standards.
GOVERNANCE & RESPONSIBILITIES

How impartiality is governed.

  • The executive leadership team of VikingCloud Audit & Certification has overall responsibility for impartiality and shall ensure that the certification activities are conducted objectively.
  • An Impartiality Committee has been established to monitor and advise on matters affecting impartiality.
  • Certification decisions at VikingCloud Audit & Certification are made independently and objectively by the Certification Committee.
  • No internal or external influences will compromise the integrity of our decision-making process.
  • All personnel involved in certification activities are required to disclose any potential conflicts of interest upon engagement and on an ongoing basis.
  • VikingCloud Audit & Certification will not certify another certification body for its quality management system.
CONFLICT OF INTEREST MANAGEMENT

Safeguarding objectivity.

To safeguard impartiality:

  • VikingCloud Audit & Certification (and any part of the same legal entity) does not provide management system consultancy or internal auditing services to the clients it certifies.
  • Remuneration of auditors and personnel involved in certification decisions is not dependent on the number or outcome of certifications.
  • When certifying a Management System, specific risks to impartiality such as prior IT consultancy or security service engagements are considered.
  • Auditors must demonstrate independence from any involvement in the design, implementation, or maintenance of the Management System being certified.
  • Auditor and decision-maker roles are kept separate to prevent any compromise in objectivity.

VikingCloud Audit & Certification ensures that decisions related to certification are based on the merits of the assessed entity and compliance with relevant standards, without any bias or unfair influence.

OPERATIONAL CONTROLS

Controls in practice.

  • Risk assessments related to impartiality are carried out regularly and reviewed by the Impartiality Committee.
  • Certification activities are structured and assigned to prevent any bias or undue influence.
  • Complaints and appeals processes are established to handle concerns related to impartiality.
CONTINUOUS MONITORING AND IMPROVEMENT

Keeping the framework current.

VikingCloud Audit & Certification is committed to regularly reviewing and improving this policy and associated procedures to uphold the highest standards of impartiality. Any concerns raised by clients, auditors, or third parties regarding impartiality will be addressed promptly and transparently.

COMMUNICATION

How this policy is shared.

This Impartiality Policy will be communicated to all relevant personnel, clients, and stakeholders to ensure awareness and understanding of VikingCloud Audit & Certification’s commitment to impartiality and objectivity, and it is made available here or upon request.

CONFIDENTIALITY

Protecting certification information.

To maintain impartiality, VikingCloud Audit & Certification will ensure the confidentiality of information related to its certification activities. All personnel are required to handle such information with the utmost care, in accordance with relevant confidentiality agreements and legal requirements.