About

Coalfire ISO is an ISO/IEC 27001 Certification Body accredited by the ANSI-ASQ National Accreditation Board (ANAB). The following statements and policies are a component of our commitment to impartiality and independence.

Audit and Certification process

Coalfire ISO provides ISO 27001 audit and certification services to our clients, utilizing the framework required in the ISO 17021-1:2015 and ISO 27006 Standards. The process is highly structured and follows a number of stages as described in the section on the Certification Process on this website. As part of that process, clients are informed of their rights and obligations when applying for certification of a management system and following the Coalfire ISO certification of the management system.

The scope, timing and deliverables of our services, as well as the rights and obligations of both parties are documented in the fully executed agreement between Coalfire ISO and you our client, prior to the commencement of any audit or certification services.

Impartiality

An essential component of Coalfire ISO’s certification service is the requirement for Coalfire ISO to remain completely impartial in our client assessment and certification process. Our company, as well as our personnel, will remain independent at all times from our clients. Certification determinations are based completely on objective criteria and the information presented by the client, and are not improperly influenced by bias or prejudice.

Coalfire operates in accordance with ISO 17021-1:2015 and has instituted an independent Impartiality Committee whose specific role is to ensure that the impartiality of our certification services is safeguarded on a continuous basis.

Processes for Granting, Refusing, Maintaining, Renewing, Suspending Certification

The processes for granting, refusing, maintaining, renewing, suspending, restoring or withdrawing certification or expanding or reducing the scope of certification to the ISO 27001 standard are documented and contained within the terms and conditions of the client agreement with Coalfire ISO, as well as additional documentation provided on completion of the certification process.

Each audit results in reports, supporting evidence, documentation and auditor recommendations being provided to the Coalfire ISO Certification Committee, which is the body responsible for making final Certification decisions, as well as all other possible outcomes (i.e. granting, refusing, maintaining, renewing, etc.)

A certification audit will not be finalized until decisions are made by the Certification Committee. Once the decision has been formalized, the proper and corresponding action with respect to the outcome of the audit will be taken by the audit team in communication to the client.

Certification Status

The current certification status of all Coalfire ISO clients may be referenced by utilizing our Client Directory. This directory allows any external entity to verify current certification status based on the client company name or certification number.

Suspension Policy

At all times Coalfire ISO reserves the right to suspend client certification if they fail to maintain compliance with the conditions of certification. A client's certification is invalid while in a suspended status. Any such suspensions are clearly reflected in the certificate status field of the clients entry in the Client Directory.

Appeals Process

Coalfire ISO clients may appeal certification and/or suspension decisions made by the company, when the client believes the assigned project team has not provided a suitable resolution. Appeals should be submitted using the appeals form. Upon receipt of an appeal, the project team will be notified and Coalfire ISO will appoint one or more qualified Coalfire ISO personnel who were not part of the assigned project team, to review the facts and provide an opinion in the matter. The client will be informed of the decision resulting from the appeal.

Complaints

Coalfire ISO takes complaints against itself or its clients seriously. Complaints about Coalfire ISO should be submitted using this form. Upon receipt of a complaint, Coalfire ISO will investigate the matter and deal with the complaint fairly and promptly. The person or entity responsible for submitting the complaint will be kept informed of the results of the investigation and the outcome determined.

Complaints against Coalfire ISO or its clients are not made public unless required by a court of law.

Coalfire ISO Name and Logo

As an accredited certification body, Coalfire ISO has developed a trademarked logo that attests to the verified conformance of our client’s ISMS with the requirements of the ISO 27001 standard.

The rules associated with the use of our name and logo with respect to ISO 27001 certifications are documented in the terms and conditions of our contract and again in further documentation provided upon successful certification for our clients.

Coalfire ISO monitors the use of its name and logo, to ensure compliance with our contractual agreement as well as the ISO 17021-1:2015 and ISO 27006 standards which govern Coalfire ISO operations as a Certification Body.

Complaints against Coalfire ISO or its clients are not made public unless required by a court of law.