Impartiality, Complaints & Appeals
Prescient Security's Commitment to Transparency and Fairness
Our policies and procedures are designed to eliminate threats to impartiality and ensure that we provide unbiased and trustworthy certification services. Explore our commitment to impartiality, the process for handling complaints and appeals, and how we maintain our reputation for fairness and integrity.
Impartiality, Complaints & Appeals
Prescient Security's Commitment to Transparency and Fairness
Our policies and procedures are designed to eliminate threats to impartiality and ensure that we provide unbiased and trustworthy certification services. Explore our commitment to impartiality, the process for handling complaints and appeals, and how we maintain our reputation for fairness and integrity.
Committed to Impartiality in Certification Activities
We define threats to impartiality as any relationship that could compromise our independence or perceived impartiality. These relationships include ownership, governance, management, personnel, shared resources, finances, contracts, marketing, and sales commissions for client referrals.
We conduct ongoing reviews and annual assessments to identify, analyze, and resolve conflicts of interest and threats to impartiality among prospects, clients, and personnel. Our leadership ensures compliance through management reviews, monitoring tools, internal audits, and risk assessments.
Prescient Security adheres to independence requirements set by organizations like the American Institute of Certified Public Accountants, ISO/IEC 17021-1:2015, ISO/IEC 17020:2012, ISO/IEC 17025:2017, FedRAMP, and HITRUST.
To maintain and demonstrate impartiality, we have established the following principles:
- Prescient Security Certificates are issued only after an independent, authorized, and competent member of the management team, who has not been involved in the audit, reviews and ensures that no interests predominate. This ensures that certification determinations are based on objective criteria and are not improperly influenced by bias or prejudice. Our auditors and personnel involved in the certification process are not pressured or influenced to reach specific conclusions about audit results.
- We do not offer management system consultancy or any other form of consultancy to companies or individuals, for any ISO standards.
- Prescient Security does not provide Internal audit services.
- We do not own or have any interest, financial or otherwise, in any other company that offers certification or management system consultancy services.
- Prescient Security does not establish or maintain relationships with companies that offer consultancy or other services that could impact the certification services provided by Prescient Security.
Granting, Maintaining, and Suspension of ISO Certification
Our certification body follows specific processes for granting, refusing, maintaining, renewing, suspending, restoring, withdrawing certification, and expanding or reducing the scope of certification:
1. Granting of certification: After completing an initial certification, recertification, or certification transfer audit process, Prescient Security's certification decision maker conducts a comprehensive review of the audit file to either issue or deny certification. The information provided by the audit team for the certification decision must include, at a minimum:- The audit report
- Comments on the nonconformities, and where applicable, the correction and corrective actions taken by the client
- Confirmation of the information provided to Prescient Security used in the application review (i.e., company name); and
- A recommendation whether or not to grant certification, together with any conditions or observations.
Prescient Security will make the certification recommendation on the basis of an evaluation of the audit findings, conclusions, and any other relevant information (e.g., public information). The certification decision will be provided to the client no more than four weeks after the conclusion of the audit (i.e, Stage 2 audit, Recertification Audit).
2. Maintaining certification: Prescient Security mandates annual surveillance audits in years two and three of the certification's life cycle, with a recertification audit required before certification expiration. Failure to perform required audits or address open non-conformities may result in certification suspension or withdrawal.
Once a client has received initial certification, it remains valid for three years, a cycle that will include subsequent surveillance audits. A surveillance audit is required to be performed at least once a year, with the first taking place no more than 12 months from the certification decision date of Stage 2. Failure to undergo annual surveillance audits will result in suspension and/or withdrawal of certification.
3. Suspension of certification: Certification suspension is initiated if a company fails to regain conformance with management system standard requirements within the allowable timeline, violates contract terms and agreements, or fails to perform the required audits. Under suspension, the client’s management system certification is temporarily invalid, and the client must refrain from further promotion of its certification.
Prescient Security's Rules for Logo Use
As a certification body, Prescient Security has developed a trademarked logo that signifies our clients' conformance with relevant ISO standards. Rules regarding the use of our name and logo in relation to ISO certifications are outlined in our contract's terms and conditions and reiterated upon successful certification. We monitor the use of our name and logo to ensure compliance with our contractual agreement and ISO standards. https://prescientsecurity.com/iso-mark
Appeals
Prescient Security's audit team aims to provide transparent justification for their inspection decisions. If a situation arises where a client disagrees with the audit team's decision, they can submit an appeal by emailing isocompliance@prescientsecurity.com. Prescient Security’s ISO Compliance Team will review the appeal and assign an independent point of contact, separate from the audit team or the individual(s) that made the certification decision, to investigate the appeal. The client will be informed of the disposition of the appeal decision.
Complaints
If you have a concern about Prescient Security’s services, you can easily submit a complaint by emailing isocompliance@prescientsecurity.com. The submission should include the reason for complaint, the date of the complaint, and any supporting evidence.
Upon receiving your complaint, Prescient Security commits to an impartial and comprehensive investigation. Our ISO Compliance Team is dedicated to ensuring that the individuals responsible for managing your complaint are entirely separate from those involved in the audit processes and certification decisions. This is in strict adherence to ISO/IEC 17021-1 requirements, guaranteeing impartiality and objectivity throughout the complaint resolution procedure.
We pledge to address your concerns swiftly and equitably, maintaining open communication with you at every step. Your privacy and the confidentiality of your information are paramount to us. In cases where your complaint pertains to a certified client, we will evaluate the efficacy of the client's certified management system as part of our investigation. Furthermore, any complaint directly concerning a certified client will be communicated to the said client at an appropriate juncture, in a manner that upholds the integrity of the investigative process and respects all parties' confidentiality.
Information Requests
Inquiries about Prescient Security, including our operational areas, certificate status, and information about our certified clients, can be submitted directly to us by emailing isocompliance@prescientsecurity.com.