Post on 20-May-2018
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
GENERAL REGULATION FOR
MANAGEMENT SYSTEM
CERTIFICATION
SPECIAL REQUIREMENTS
SA8000
Page 2 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
Índex
1. FOREWORD ................................................................................................................................................... 3
2. SCOPE ............................................................................................................................................................ 3
3. NOTICE OF CHANGES ..................................................................................................................................... 3
4. DEFINITONS ................................................................................................................................................... 3
5. GRANTING CERTIFICATION ............................................................................................................................ 5
5.1 CERTIFICATION PROCESS ............................................................................................................................ 5 5.2 APPLICATION ............................................................................................................................................... 6 5.3 SOCIAL FINGERPRINT PROCESS ................................................................................................................... 8 5.4 APPLICATION REVIEW ................................................................................................................................. 9 5.5 PRE-AUDITS ............................................................................................................................................... 10 5.6 AUDIT TEAM .............................................................................................................................................. 10 5.7 INITIAL AUDIT ............................................................................................................................................ 12 5.8 AUDIT REPORT........................................................................................................................................... 13 5.9 CERTIFICATION DECISION ......................................................................................................................... 14 5.10 CERTIFICATE AND USE OF CERTIFICATION MARKS ................................................................................... 15
6. SURVEILLANCE AND RECERTIFICATION AUDITS ............................................................................................15
6.1. SURVEILLANCE AUDITS ............................................................................................................................. 15 6.2. RECERTIFICATION AUDITS ......................................................................................................................... 16
7. SPECIAL AUDITS ............................................................................................................................................17
8. SANCTIONS ...................................................................................................................................................17
9. VOLUNTARY SUSPENSION OR WITHDRAWAL OF THE COMPLIANCE CERTIFICATE ........................................18
10. COMPLAINTS AND APPEALS ......................................................................................................................19
11. POSTPONMENTS .......................................................................................................................................20
12. CONFIDENTIALITY .....................................................................................................................................20
13. INFORMATION ..........................................................................................................................................21
14. FINANCIAL OBLIGATIONS ..........................................................................................................................22
15. NOTICE OF CHANGES BY THE ORGANIZATION...........................................................................................22
16. CERTIFICATION RECOGNITION AND TRANSFER .........................................................................................22
17. RESPONSIBILITY ........................................................................................................................................23
ANNEX A – CYCLE TIMELINE TO SA8000:2014 .......................................................................................................25
ANNEX B – INTEGRATION OF SF INTO SA8000:2014 CERTIFICATION ....................................................................26
Page 3 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
1. FOREWORD
1.1 This document presents the specific dispositions for the certification of Social Accountability
Management Systems according to SA8000 standard.
2. SCOPE
2.1 The present document applies to all SA8000 certification processes.
2.2 SA8000 certification is generally permitted in all countries and is applicable in all industries
except as designated in the exclusions below.
2.3 SA8000 certification is not permitted in Maritime Activities covered by the MLC sector.
Additionally, SAI published a SA8000:2014 Certification Exclusion List which shall be consulted for
up to date exclusions.
2.4 SA8000 certification is valid for a single organization or a multi-site organization with facilities
within a single country. Multi-site certification across multiple countries is not permitted.
2.5 SAAS developed an SA8000 certification country risk assessment process to categorize the
oversight and assurance process activities according to risk level. This methodology allows the
categorization of countries as highest, high and lower risk. The classification used is periodically
reviewed by the SAAS that communicates with APCER.
2.6 APCER can certify an entire organization; however, it is not possible to certify personnel in only
one department of a multi-department organization and not the other(s).
2.7 The reference documents for the SA8000 certification are the SA8000:2014 standard, the
Performance Index Indicator Annex, the Social Fingerprint and ISO/IEC 17021-1:2015.
3. NOTICE OF CHANGES
3.1 APCER reserves the right to amend the certification requirements during the period of validity of
the certificate, in particularly, if there are changes in the requirements defined by SAAS. Changes
to certification requirements imply the amendment of the present document, REG001C.
3.2 Any changes made to this document are communicated to Client Organizations.
4. DEFINITONS
4.1 For the purposes of this document the definitions given in the SA8000 standard, procedures 200,
201A and 201B shall apply.
4.2 For SA8000 certification there are four types of audit non-conformity findings:
- Critical non-conformity (CNC): a grievous breach of the SA8000 Standard that results in
severe impact to individual rights, life, safety and/or SA8000, SAI or SAAS’ reputation. That
includes:
Page 4 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
1. A breach of ethical standards;
2. Immediate threats to workers lives; and/or
3. Grievous and intentional violations of human rights.
Note: In the case of an SA8000 certified organization, the raising of a CNC results in the immediate
suspension of the organization’s SA8000 Certificate.
- Major nonconformity (MNC): one or more of:
The absence or total breakdown of a system to meet an SA8000 requirement. A
number of minor-nonconformities against one requirement can represent a total
breakdown of the system and thus be considered a major nonconformity;
A nonconformity that judgment and experience indicate is likely either to result in
the failure of the social management system in meeting its goals and expectations or
to materially reduce its ability to assure control of this policies and directives in the
workplace to protect its workers;
A minor non-conformity that has not been addressed, or for which no significant
improvement has been made by the time of a follow-up audit, in spite the
organization’s commitment to resolve the issue;
A nonconformity that poses an imminent and immediate but not life-threatening
threat to the health and safety of workers;
A Major non-conformity may be raised after the audit only in the case where an
auditor is concerned for their personal safety and the possible consequences that
might arise if they raised the Major NC at the time of the audit;
A Major non-conformity that has not been addressed or for which no significant
improvement has been made by the time of a follow up audit, in spite of the
organization’s commitment to resolve the issue, shall lead to the organization being
issued a warning and moved toward suspension;
- Minor nonconformity (NC): a failure or oversight in some part of the organization’s social
management system relative to SA8000 that is not systemic in nature, or a single observed
lapse in following one item of organization’s social management system.
- Time-Bound Non-Conformity (TB NC): special non-conformities that can only be raised as a
result of audit evidence and findings that show that the client organization meets the local law
but not the higher requirements of SA8000:2014 or vice versa. TB NCs can only be raised for
findings regarding Remuneration: the organization pays workers the legal minimum wage but
not a living wage.
- Opportunity for improvement (OFI): to indicate where practice is a little slack or inconsistent
or systems may be improved.
4.3 Other important definitions to consider for SA8000:2014 certification are described below.
Page 5 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
4.4 Maritime Activities: Those involving seafarers, i.e. any persons employed or engaged or working
in any capacity on board a ship. See also SAI’s SA8000:2014 Certification Exclusion List.
a. Maritime Activities are further broken down into those excluded from SA8000
certification and those that are not.
b. Maritime Activities excluded from certification are those covered by the ILO Maritime
Labor Convention, 2006 (NO. 186), (MLC).
c. Maritime Activities that may be eligible for certification are those that relate to
seafarers on vessels that navigate exclusively in inland waters or waters within, or
closely adjacent to sheltered waters or areas where port regulations apply.
d. The determination as to whether a ship is a certifiable workplace will depend on several
factors, including definitions supplied by local regulations.
4.5 Zero Tolerance: Violations observed during an SA8000 audit that, in the opinion of APCER’s audit
team, require immediate action by the organization, require the APCER’s SA8000 auditor to raise
a Critical or Major Non-Conformity at the time of observing the violation. The audit may be
aborted. May also be known as a critical or immediately reportable issue.
4.6 Micro-enterprises: a micro-enterprise is an organization with 10 or fewer personnel.
4.7 Breach of Ethical Standards: verified intentional attempts to corrupt or defraud the SA8000 audit
process.
4.8 Grievous and Intentional Violations of Human Rights: Intentional egregious violations of human
rights. As the aim of the audit process is to evaluate conformity with the SA8000 Standard,
efforts shall be made by the applicant or certified organization to rapidly bring about the
necessary changes to address these violations.
4.9 Duplicate Audit: An audit that repeats the audit that was performed previously to check if
findings are credible.
5. GRANTING CERTIFICATION
5.1 CERTIFICATION PROCESS
5.1.1 Initial certification audits to organizations not yet certified according to SA8000 include an
evaluation of the organization using Social Fingerprint. These organizations shall complete the
Social Fingerprint Self-Assessment through the SAI online training centre prior to the initial
SA8000:2014 Stage 1 Audit and consult the instructions made available by SAI - SA8000:2014
Social Fingerprint Self-Assessment Client Instructions.
5.1.2 Organizations already certified SA8000:2008 intending to make the transition to SA8000:2014
shall identify and implement all changes necessary to their existing SA8000-documentation in
order to meet the requirements of SA8000:2014 and the integration of Social Fingerprint into
the audit process. They shall conduct a gap analysis to understand the areas in their system
Page 6 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
that need to be revised and complete the SF Self-Assessment in the online SAI Training Center
before the Stage 2 Audit recertification.
5.1.3 APCER will assess the implementation of SA8000:2014 by the organization during an on-site
transition audit which may be completed during normally scheduled certification,
recertification and surveillance activities. Additional assessments may be conducted if
considered necessary by APCER. For the transition audit the organization shall perform the
Social Fingerprint self-assessment before the audit and an independent evaluation will be
performed by APCER.
5.1.4 If the organization has retained a consultant to help it achieve SA8000 certification, the
consultant may attend the Opening and Closing Meetings but may not represent the
management of the organization during the audit. If in attendance, they shall be silent
observers.
5.1.5 The organization shall give access to SAAS for the purposes of witness audits and other special
audits as needed.
5.2 APPLICATION
5.2.1 Before requesting SA8000:2014 certification, the organization shall:
- Have a management system fully implemented for at least 6 months according to reference
documents, and provide records to evidence its adequacy and effective operation and have
performed an internal audit to all SA8000 requirements and a management review before
APCER’s initial audit;
- Have completed the Social Fingerprint Self-Assessment through the SAI online training
centre;
- Organizations already certified SA8000:2008 shall have conducted a gap analysis to
understand the areas in their system that need to be revised
5.2.2 When sending the application form, the organization shall provide a simple layout
drawing/plan of their premises that includes all buildings and floors and canteen, dormitory,
clinic and crèche and all other employer provided worker service facilities as appropriate,
including any areas under construction or renovation.
5.2.3 Shell Companies, organizations without active operations, are prohibited from being certified
to SA8000. Therefore any organization applying for SA8000 certification shall:
- Have been engaged in its stated business for at least 6 months prior to its application for
SA8000;
- Have active contracts with its customer(s).
5.2.4 The candidate organization shall define the scope of certification according to the following
rules:
Page 7 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
- The geographic boundaries of the scope shall be clearly defined;
- The scope of a single SA8000 certificate shall include the entire legal entity’s structure and
cover all processes, properties and operations of a continuous process or premises;
- In cases where a subcontractor is used by the organization to deliver parts of its activities,
the scope statement shall clearly specify that some processes are delivered by
subcontractors and those parts are excluded from the scope;
- Working conditions for all personnel working on-site of the organization seeking
certification (including those employed by supplier organizations) are required to also
comply with the requirements of SA8000;
- Employment agencies shall include their contracted workers in their scope of certification.
5.2.5 The candidate organization shall post the SA8000 Standard in prominent locations including in
field offices.
5.2.6 Multi-site organizations may also require a certification process. The multi-site organization is
defined as an organization having an identified central function (central office or headquarters
or head office) at which activities are planned, controlled, and/or managed with a network of
offices, branches or sites at which activities are carried out. The organization shall have a
common management system which has established policies and procedures to manage all
sites. The sites shall be subject to internal audits, at minimum annually, and surveillance by the
head office. The results of these internal audits shall be available for review by the CB during
the headquarters audit.
5.2.7 The multi-site organization shall have one designated and formally nominated SA8000
management representative and deputy at the organization headquarters for the whole group
of sites, as well as local management representatives at the additional sites, and the following
SA8000 requirements shall be managed centrally at a designated organization headquarters:
- Authorization and Control of the SA8000 Management System Documentation;
- Evaluation and control of corrective actions, including root cause analysis, correction
and preventive action;
- Centralized Management Review that addresses all sites;
- Centralized Hazard Analysis and Risk Assessment activities;
- Centralized internal audit planning, delivery and evaluation of internal audit results
(Client’s Lead Internal Auditor shall have taken and passed the SAI-approved 3-day and
2-day Basic SA8000 Auditor Course);
- Control of suppliers;
- Centralized management systems addressing HR function;
- Identification and management of training needs.
Page 8 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
5.2.8 For multi-site organizations, the certification scope shall be similar for all sites. The scope of
the certificate shall be transparent and clear for all stakeholders to understand exactly what is
included in the certification. Multi-site certification shall not apply to organizations where the
sites have fundamentally dissimilar or unrelated processes or activities, even though they may
be under the same management system.
5.2.9 If the scope of a SA8000 certificate includes workers that work at permanent sites not owned
and not controlled by the organization, for the multi-site certification:
- These activities can only be added to the organization’s SA8000 multi-site certification if
the organization formally audits the site and maintains records of such audits.
- A sample of these permanent sites shall be subject to internal audits each year by the
organization.
5.2.10 For multi-site organizations with workers that work at permanent sites not owned and not
controlled by client organisation (such as those workers employed by a staffing or cleaning
agency) for the multi-site certification:
- These activities can only be added to the Client’s SA8000 multi-site certification if
organization formally audits the site and maintains records of such audits.
- A sample of these permanent sites shall be subject to internal audits each year by the
organization as well as site audits by APCER.
- Should APCER not be permitted access to any of these permanent sites at any time for
whatever reason, the Client’s multi-site certification shall be cancelled and withdrawn.
5.2.11 In the case of multi-site certificates, if the organization fails to meet the requirements of
SA8000 over subsequent audits, then the entire multi-site certificate will be cancelled and
each site is required to be certified autonomously. It is not acceptable that, in order to
overcome the obstacle raised by non-conformities identified by APCER with respect to a
particular site, that the organization seek to exclude this site from the scope of the multi-site
certification process.
5.3 SOCIAL FINGERPRINT PROCESS
5.3.1 The Social Fingerprint is an assessment method of the SA8000 maturity system of each
organization and includes a Self-Assessment taken by the SA8000 applicant or certified
organization and an Independent Evaluation conducted by APCER’s auditors.
5.3.2 The Social Fingerprint Self-Assessment is considered valid for a period of 6 months.
5.3.3 By incorporating the Social Fingerprint into SA8000:2014, SAI aims to increase the integrity,
credibility and effectiveness of SA8000 certification and build the capacity of SA8000 certified
organizations to develop mature management systems.
5.3.4 The integration of Social Fingerprint assessment into the SA8000:2014 certification process is
explained in Annex B of this document.
Page 9 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
5.3.5 During the initial certification cycle, a Social Fingerprint Independent Evaluation will be
conducted by APCER during the following audits:
- Stage 1 Audit;
- Stage 2 Audit;
- Surveillance 2.
- Surveillance 4.
5.3.6 For organizations already certified SA8000:2008 that transition to SA8000:2014 at
recertification, a Social Fingerprint Independent Evaluation will be conducted by APCER during
the following audits:
- Recertification Stage 2 SA8000:2014 Audit;
- Surveillance 2;
- Surveillance 4.
5.3.7 For organizations already certified SA8000:2008 that transition to SA8000:2014 during a
surveillance audit shall complete the Self-assessment through the SAI online training centre
before the transition audit.
5.3.8 In this case, a Social Fingerprint Independent Evaluation will be conducted during the following
audits:
- The surveillance audit that serves as the transition audit to SA8000:2014.
- Two additional audits in addition to the next recertification audit:
o If transition audit occurs during a surveillance 1 or 2 Audit, the Social Fingerprint
Independent Evaluation occurs at the Surveillance 3 and Recertification Audit;
o If transition audit occurs during surveillance 3, 4 or 5 Audit, the Social Fingerprint
Independent Evaluation occurs at the Recertification Audit.
5.3.9 After completing the certification cycle with SA8000:2014, the Social Fingerprint process (self-
assessment and independent evaluation) occurs during the recertification audit every 3 years
except for organizations that transition to SA8000:2014 during a Surveillance 4 or 5 Audit (see
Annex A).
5.3.10 The organization that completes the Social Fingerprint process, including the self-assessment
and the independent evaluation, receives a Social Fingerprint Scorecard. This Scorecard
contains two sets of scores: 1) the self-assessment scores and 2) the independent evaluation
scores.
5.4 APPLICATION REVIEW
5.4.1 APCER reviews the application and communicates its result to the Organization.
Page 10 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
5.4.2 APCER reserves the right not to provide services, nor maintain contractual relationships with
organizations, nor to issue or maintain certification of an organization whose activities are in
conflict of interest with APCER's obligations stipulated in the accreditation agreement with
SAAS for SA8000 certification activities or, based solely in APCER’s opinion, with organizations
that may have a negative impact on APCER reputation. Organizations engaged in illegal
activities, or having a history of repeated non-compliance with the certification requirements,
among others, are in these circumstances.
5.4.3 APCER reserves the right to cancel the certification process if the initial audit does not occur in
a period of 6 months after the acceptance of the application, due to reasons not attributable
to APCER.
5.4.4 APCER reserves the right to cancel the certification process, if the certification is not granted,
in a two years period after the application, due to reasons attributable to the Organization.
5.4.5 Whenever the situations mentioned in 5.3.3 e 5.3.4 occur, APCER notifies, in writing, the
Organization of the process cancellation unless this communication is no longer possible
because APCER was not informed of any contact changes.
5.5 PRE-AUDITS
5.5.1 APCER provides pre-assessment audits as an optional service, upon request of the candidate
organization.
5.5.2 The pre-audit can only be performed prior to the initial Stage 1 audit and shall not be
performed in lieu of a Stage 1 audit. The pre-audit is formally documented in an audit report
and consists of non-binding findings.
5.6 AUDIT TEAM
5.6.1 APCER informs in writing the audit team composition, requesting the Organization’s
acceptance. Usually, the audit team includes a lead auditor and one or more auditors,
including technical experts. The size and composition of the audit team depends of various
factors, including the requested scope of certification.
5.6.2 The Organization can object to any particular appointed auditor. For that, the Organization
shall fundament in writing its reasons, in a 5 days period after receiving the communication. If
APCER considers valid the reasons presented by the Organization appoints other auditor. If the
objections raised by the Organization prevent the audit conduction by qualified auditors,
APCER reserves the right to cancel the certification process for non-feasibility.
5.6.3 The applicant organization expressly recognizes the independence of AT and undertakes to
refrain from any offers to the AT or to entities related to it, which can compromise its
independence, including the request for consultancy or other activities, within the time limits
Page 11 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
agreed between APCER and the Audit Team, namely two years before and two years after the
service.
5.6.4 The lead auditor is responsible for coordinating the audit and for establishing communication
between the audit team and the Organization, including setting the dates of the audit.
5.6.5 Other types of audit participants are auditors, technical experts (person who provides, to the
audit team, specific knowledge or expertise related to the organization, the process or activity
to be audited), translators, interpreters and observers.
5.6.6 Observers may be included in the audit team, without additional costs for the Organization,
but do not participate in the audit. The observers can be:
- APCER’s auditors in a qualification process;
- APCER’s auditors that are “Supervisors” included in the auditors’ supervision process, this
is, in situ evaluation of its performance;
- Evaluators of accreditation bodies as part of APCER's accreditation process, in particular in
witness audits.
5.6.7 The organization shall ensure that auditors have free access to premises, documents,
processes, areas, records and personnel relevant to the evaluation process of the management
system and verification of its application limits. The audit team shall have access to all parts of
the facility, during working hours (including night shifts) on an announced and unannounced
basis and so they can confirm all buildings and locations that the organization operates. This
includes any areas under construction or renovation, in which case auditors shall be provided
with protective equipment as necessary.
5.6.8 Relevant staff includes staff covered by the scope of certification of the management system,
including contracted staff, staff working on behalf the organization or employees external to
the organization.
5.6.9 The organization must be available to the Audit Team during the audit and contribute to its
realization, informing the AT about all the facts relevant to the assessment of the management
system.
5.6.10 All areas of the organization shall be able to be briefly toured (including canteen, dormitory,
clinic and crèche and all other employer-provided worker service facilities as appropriate).
5.6.11 The audit team shall take the following pictures for evidence of conformance:
- SA8000 standard(s);
- Evacuation exits;
- Organization building/premises;
- Evacuation drills;
- Work floor(s);
- Warehouse;
Page 12 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
- Dormitory;
- Supporting facilities (e.g. sewage treatment, boiler, generator);
- Canteen;
- Attendance record system;
- Chemical storage area;
- Work-in-progress;
- Personal protective equipment;
- H&S non-compliances;
- Firefighting equipment;
- Best practice
- All Organization’s documents reviewed as a part of the management systems.
5.6.12 Other than identified above photographs are kept to a minimum and not include those of
proprietary processes or individual workers.
5.6.13 If the client organization refuses permission to take photographs this will be clearly stated in
the audit report.
5.6.14 When required by the audit team, the organization shall provide their calculations of living
wage, minimum wage and lowest wage in the organization, adjusted to gross or net.
5.7 INITIAL AUDIT
5.7.1 The purpose of the initial certification audit is to evaluate if the Organization’s management
system fulfils the requirements of the applicable standard. The social accountability
management system implemented by the organization shall be in compliance with the SA8000
standard requirements, and requirements established by APCER in this document.
5.7.2 The initial certification process is generally conducted in three stages: stage 1 and stage 2
audits and Social Fingerprint Independent Evaluation in both stages. This evaluation is
performed during the audit.
5.7.3 The stage 1 audit is conducted during an on-site visit to the organization. In the case of micro-
enterprises, APCER may consider not necessary an on-site Stage 1 audit.
5.7.4 The stage 1 SA8000 audit includes a document review to confirm that the organization has
established procedures and processes, is knowledgeable of legal requirements, and is ready
for a Stage 2 SA8000 certification audit.
5.7.5 Stage 1 audit findings are documented and communicated to the Organization. In determining
the time period between stage 1 and stage 2 audits, consideration is given to the needs of the
Organization to solve audit findings identified during stage 1, but in no case can exceed 6
months.
Page 13 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
5.7.6 If any significant changes which would impact the management system occur, APCER may
consider the need to repeat all or part of stage 1. In this case, the Organization is informed
that the results of stage 1 may lead to postponement or cancellation of stage 2.
5.7.7 The stage 2 SA8000 audit confirms that the organization is effectively implementing a
management system and conforming to the requirements of the SA8000 Standard. At this
stage, workers are interviewed. It also involves a Social Fingerprint Independent Evaluation of
the organization’s Social Fingerprint Self-Assessment.
5.7.8 In extreme circumstances, an audit can be terminated for lack of proper or adequate system
implementation. In this case, a report is produced that covers the activities performed until
the audit was terminated. If a stage 2 audit is terminated, the audit shall be repeated from the
very beginning of the stage 2 process, if the applicant continues to seek certification.
5.8 AUDIT REPORT
5.8.1 The audit report provided by the audit team is APCER’s property.
5.8.2 The audit findings recorded in the audit report are classified according to 4.
5.8.3 A list of non-conformities is presented at the audit’s closing meeting.
5.8.4 The audit report is sent to the organization one month after the last day of the audit. Any
diverging opinions regarding the audit findings or conclusions that cannot be solved and
clarified at the closing meeting are recorded in the audit report.
5.8.5 The Audit Report is validated by APCER, and can suffer changes by APCER.
5.8.6 The Organization submits to APCER a corrective action plan after the conclusion of the audit,
identifying for each nonconformity and major nonconformity a root cause analyses, correction
and corrective action taken or planned to be taken, the deadline and the person responsible
for it. The following timeline shall be complied with and actions shall be implemented and
verified prior to the expiration of certification.
5.8.7 The CNC, MNC and NC shall be addressed within the following time, from the last day of the
on-site audit:
Type of non-
conformity
Corrective Action Plan Sent To
APCER Within
Corrective Action
Completed Within
Critical NC 1 week 1 month
Major NC 1 month 3 months
Minor NC 2 months 6 months
5.8.8 The TB NC shall be addressed as follows:
- Nominal Corrective Action: 18 months;
Page 14 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
- Maximum Corrective Action Timeline: 24 months.
5.8.9 Corrective actions not completed within the allocated timing will result in upgrading the NC
and/or suspension or loss of the SA8000 certificate, depending on the nature of the lapse of
the social accountability management system.
5.8.10 APCER verifies the effectiveness of correction and corrective actions taken prior to closing an
NC through:
- On-site verification of effectiveness for closure of all Critical and Major NCs. There may be
very limited circumstances when a Critical or Major can be closed via documentation
review.
- The special audit to confirm effectiveness of corrective actions addressing Critical NCs shall
take place within 30 days of issuance of the Critical NC. The audit to confirm effectiveness
of corrective actions addressing Major NCs shall take place within 90 days of issuance.
- APCER may determine as necessary an on-site visit to confirm effective closure of a Minor
or Time-Bound NC.
5.8.11 APCER informs the Organization of the result of this review and verification. APCER may decide
the need to perform an additional full audit, an additional limited audit, or documented
evidence to verify effective correction and corrective actions.
5.9 CERTIFICATION DECISION
5.9.1 APCER appreciates the audit report, the corrective action plan and the evidences of the
implementation of the corrective actions taken.
5.9.2 The certification decision depends on the corrective actions submitted by the Organization
being considered appropriate by APCER.
5.9.3 On-site verification of effectiveness of the corrective actions implementation is required for
closure of all Critical and Major NCs. Only in very limited circumstances a Critical or Major can
be closed via documentation review.
5.9.4 The special audit to confirm effectiveness of corrective actions addressing Critical NCs shall
take place within 30 days of issuance of the Critical NC. The audit to confirm effectiveness of
corrective actions addressing Major NCs shall take place within 90 days of issuance.
5.9.5 If an on-site visit is required to confirm effective closure of a Minor or Time-Bound NC, this is
communicated at the end of the audit.
5.9.6 The certification decision can be positive or negative.
5.9.7 In the event of a negative certification decision, APCER justifies its decision and proposes a
follow up audit, to occur within a six month period.
5.9.8 The certification decision is communicated to the Organization, in writing, within one month
period following the reception of all necessary information, except in duly justified cases.
Page 15 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
5.10 CERTIFICATE AND USE OF CERTIFICATION MARKS
5.10.1 After a positive certification decision, APCER issues a certificate valid for three years and
authorizes the certified Organization to use the certification marks, according to the APCER’s
procedure “Rules for the Use of the Certification Mark”, IT034.
5.10.2 An SA8000-certified organization may use the SAAS accreditation mark for SA8000 only in
conjunction with the accredited APCER’s certification mark on the organization’s stationery,
literature, and website subject to the conditions below and to the CB’s own conditions for use
of its certification mark.
5.10.3 In no circumstances, the certification mark shall be used outside the scope of certification
identified in the Certificate.
5.10.4 The abusive use of the certification marks or certificate, by the certified Organization or by
thirds, gives APCER the right to exercise proper control of ownership and take proper actions,
including legal actions.
5.10.5 APCER verifies the proper use of the certification marks and certificate in the surveillance and
recertification audits, and the abusive use or the failure to fulfil the requirements of the
procedure “General rules for using the certification mark” is considered nonconformity.
6. SURVEILLANCE AND RECERTIFICATION AUDITS
6.1. SURVEILLANCE AUDITS
6.1.1. The SA8000 certification process comprises of 5 surveillance audits (one every six months),
with an independent evaluation of the Social Fingerprint during surveillance audits 1 and 2,
and a recertification audit at the beginning of the new cycle, also with an independent
evaluation of the Social Fingerprint.
6.1.2. The purpose of the surveillance audit is to confirm the continuing compliance of the certified
Organization with the requirements of the applicable standard, and is not necessarily full
system audits.
6.1.3. During an audit cycle, at least one surveillance audit is unannounced for all organizations. For
organizations in high and highest risk countries, another surveillance audit is unannounced.
6.1.4. The first surveillance audit is always announced and shall occur no later than 6 months from
the last day of the initial Stage 2 or recertification audit.
6.1.5. The second surveillance audit is the mandatory unannounced audit and will occur between the
4th and 8th month after the 1st surveillance audit.
6.1.6. A major nonconformity or persistent issues may indicate the need for an additional
unannounced audit during the period of certification.
6.1.7. The process is equivalent to the described in 5.
Page 16 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
6.1.8. At the request of the organization within the initial certification cycle, after the first six month
audit and the second [twelve month] audit, micro-enterprises may be allowed to move to an
annual surveillance schedule in lower risk countries only. If the number of personnel increases
to more than ten within the initial certification cycle, the frequency of the required SA8000
surveillance audits reverts to a 6 monthly semi-annual surveillance schedule for that
organization.
6.1.9. APCER reserves the right to apply sanctions without waiting for the corrective action
implementation, whenever the audit report analysis concludes that the conditions to maintain
the certified Organization status are not met.
6.2. RECERTIFICATION AUDITS
6.2.1. The purpose of the recertification audit is to evaluate the continued fulfilment of all of the
requirements of the reference standard, confirming the effectiveness of the management
system as a whole and shall address the following:
- Effectiveness of the management system in its entirety in the light of internal and
external changes and its continued relevance and applicability to the scope of
certification;
- Demonstrated commitment to maintain the effectiveness and improvement of the
management system in order to enhance overall performance;
- The effectiveness of the management system with regard to achieving the certified
organization‘s objectives and the intended results of the management system.
6.2.2. The recertification audit shall be planned and conducted until 120 days before the certificate
expires to enable for timely renewal.
6.2.3. Organization response to the recertification audit report shall ensure that APCER has thirty
days to review it.
6.2.4. For any Critical or Major nonconformity, the corrective actions shall be implemented and
verified by APCER prior to the expiration of certification.
6.2.5. When recertification activities are successfully completed prior to the expiry date of the
existing certificate, recertification is recommended. A new certificate is issued for a new 3
years cycle based on the expiry date of the existing certificate.
6.2.6. If APCER has not completed the recertification audit or is unable to verify the implementation
of corrections and corrective actions prior to the expiry date of the certification, then the
recertification shall not be recommended and the validity of the certification shall not be
extended.
6.2.7. If the outstanding recertification activities are completed within 6 months following the expiry
date of certification, APCER can restore certification and the effective date on the certificate
Page 17 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
shall be the date of recertification decision and the expiry date shall be based on prior
certification cycle (less than 3 years).
6.2.8. If the outstanding activities are not completed as defined in 6.2.7 at least an initial stage 2
audit shall be conducted.
6.2.9. The recertification audit considers the performance of the management system over the
period of certification, and includes the review of previous surveillance audit reports and
possible complaints.
6.2.10. In situations where there have been significant changes in the management system, in the
Organization, or in the context in which the management system is operating, the
recertification audit activities may be conducted in two stages, following the methodology
defined for initial audits.
7. SPECIAL AUDITS
7.1 Special audits are typically performed for the following reasons and can be announced or
unannounced:
- Extension/expansion of a client organization’s scope of SA8000 certification.
- To investigate possible auditor bribery.
- To investigate a complaint, whether generated internally, from a stakeholder, from a client
organization or from SAAS.
- As part of a calibration/duplicate audit process.
7.2 The organization shall allow APCER to access organization’s premises to perform special audits,
when determined necessary.
8. SANCTIONS
8.1 The failure of the conditions established in this Regulation, as well as of the terms of the
application form, by certified Organizations may be subject to sanctions, for which APCER shall
consider the seriousness of the breach, persistence and repetition of the same.
8.2 Applicable sanctions are suspension and withdrawal of the certificate.
8.3 The sanctions imposed are always communicated to the certified Organization in writing by
registered letter with acknowledgment.
8.4 The suspension or the withdrawal of the certificate does not give the Organization any right to
reimbursement of payments made by that date, or to release from payment of services that are
still to pay.
8.5 If the organization does not accept that an audit of APCER is witnessed by SAAS, this will lead to
the withdrawal of the certificate.
Page 18 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
8.6 APCER suspends the certification when:
- the organization’s certified SA8000 management system has persistently or seriously failed
to meet certification requirements, including requirements for the effectiveness of the
management system;
- the certified organization does not allow surveillance or recertification audits to be
conducted at the required frequencies.
8.7 Under suspension, the SA8000 certification is temporarily invalid.
8.8 APCER restores the suspended certification if the issue that has resulted in the suspension has
been resolved. Failure to resolve the issues that have resulted in the suspension in a time
established in section 5.8 will result in withdrawal of certification.
8.9 If a Critical Non-Conformity is raised and leads to withdrawal of the SA8000 certificate, the
organization may re-apply for certification after a period of three years from the date when a
Critical Noncompliance Non-Conformity associated with audit integrity is issued.
8.10 If an organization has its SA8000 certificate withdrawn by APCER for any reason and the
organization decides, within 6 months, to re-establish its SA8000 certification with APCER, the
defined in section 6 of the present document shall apply. Any requests to re-establish its SA8000
certification after 6 months, or with a new CB, shall be treated as a new application and an initial
certification audit is required.
8.11 In case of multi-site certificates, if the organization fails to meet the requirements of SA8000 over
subsequent audits, then the entire multi-site certificate will be cancelled and each site will be
required to be certified autonomously. Additionally, if APCER is not permitted to access to any of
the permanent sites at any time for whatever reason, the organization’s certification will be
cancelled and withdrawn.
9. VOLUNTARY SUSPENSION OR WITHDRAWAL OF THE COMPLIANCE CERTIFICATE
9.1 The certified Organization may request the temporary suspension or the withdrawal of the
certificate.
9.2 The suspension or withdrawal requests shall be addressed to APCER by registered letter with
acknowledgment of receipt, within a minimum of 60 days, except in force majeure cases, prior to
the date of effect of the voluntary suspension or withdrawal.
9.3 In any case the suspension or withdrawal requests release the certified Organization from the
obligation to proceed with the payments due to APCER and do not give the Organization the right
to reimbursement of payments made by that date.
9.4 The voluntary suspension period is agreed between APCER and the Organization and determined
by the motivations that led to the voluntary suspension, being usually 6 months. For duly justified
cases this period may not be longer than one year.
Page 19 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
9.5 The revalidation of a suspended certificate implies the performance of an audit to assess the
compliance with all the requirements established by the applicable standard, and does not
replace the certification cycle audits.
9.6 During the voluntary suspension period, the organization cannot use the certificate and the
certification marks, or make any reference to the certification granted by APCER.
9.7 If an organization voluntarily decides to suspend its SA8000 certification granted by APCER and
then decides within 6 months to re-establish its SA8000 certification with APCER, the defined in
section 6 of the present document shall apply. Any requests to re-establish its SA8000
certification after 6 months, or with a new CB, are treated as a new application and an initial
certification audit is required.
10. COMPLAINTS AND APPEALS
10.1 The complaints addressed to APCER can be related to the service provided by APCER or
complaints about Organizations certified by APCER.
10.2 The complaints and appeals are dealt with in accordance with the procedures established for this
purpose and publicly available.
10.3 Complaints received by APCER on organizations it has certified under the scope of the respective
certificates are communicated to the holders of the certificate and are investigated by APCER
with the interested organization or other relevant stakeholders and may lead to additional
investigation actions.
10.4 The certified organization is committed to timely collaborate with APCER throughout the
investigation process on the eventually received complaints about the organization, and any
additional actions that APCER deems necessary.
10.5 APCER considers as an appeal any complaint presented by the Organization concerning the
certification decision, within 30 days following the communication of the decision.
10.6 The appeals are evaluated by the Appeals Committee of APCER, which is composed by members
that are independent from the certification process subject of the appeal. There is no appeal
from the deliberations of this Committee.
10.7 If the decision of the Appeal Committee is not favourable to the appellant, the cost of the appeal,
any actions and movements, you will be charged to him.
10.8 After receiving a complaint against an SA8000 certified organization, if the complaint is accepted
by APCER, an investigation is conducted in accordance with the APCER’s complaints handling
procedure.
10.9 The complaint investigation may be aided by an unannounced audit and through interviews with
outside stakeholders, such as trade unions, NGOs, and the complainant.
Page 20 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
10.10 The relevant complainant may wish to remain anonymous. In such cases, SAAS shall act as the
intermediary; APCER shall send all correspondence to SAAS, which shall liaise with the
complainant.
10.11 If SAAS receives a complaint regarding APCER or an APCER’s client, SAAS may elect to investigate
the APCER's actions in investigating the complaint by conducting an additional audit of the APCER
and/or certified organization.
10.12 Non-confidential information about complaints is published on the SAAS website:
http://www.saasaccreditation.org/complaints.
11. POSTPONMENTS
11.1 Postponements concerning the audit planning are not allowed, except in exceptional and duly
justified cases.
11.2 Any postponement request that goes beyond the period between audits defined by APCER, or any
unavailability of the Organization for planning and conducting the audit can lead to the decision
of suspension of certification, as defined in point 8 of this Regulation.
11.3 The cancellation by the Organization of a scheduled audit, with 15 days or less from the planned
date is subject to a penalty payment of 50% of the cost of that audit.
12. CONFIDENTIALITY
12.1 APCER controls access and manages as confidential all information, data and documents of the
Organization obtained during the certification process, at all levels of its structure, including audit
team composition, commissions and bodies or external people that act in the name of APCER.
APCER also manages as confidential the information of the Organization from sources other than
itself (e.g., entities presenting complaints, regulatory body).
12.2 APCER or its representatives can subscribe and accept additional requirements of confidentiality,
on Organization's request.
12.3 If any additional requirements of confidentiality prevent the execution of conformity assessment
or may not be ensured, APCER reserves the right not to provide the service.
12.4 There shall be no duty of confidentiality in the following cases:
When the information received is in the public domain;
When the information is not confidential because it was publicly disclosed by the Organization;
When it concerns the fulfilment of a legal obligation or binding orders issued by competent
authorities, including courts or courts of arbitration.
12.5 APCER undertakes to inform in advance the Organization of the information to be made available
to the public domain, in addition to that transmitted in this Regulation and in the applicable
Special Requirements. When the disclosure of confidential information by APCER is required by
Page 21 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
law or authorized by contractual arrangements, the client organization or person concerned will
be notified of the information provided, unless prohibited by law.
12.6 APCER reserves the right to provide confidential information to representatives and auditors of
the accreditation bodies, in order to provide documented evidence of compliance with the
applicable standards and / or procedures of the certification activity.
12.7 All SA8000 audit reports are made available to Social Accountability Accreditation Services (SAAS)
upon request, at any time.
12.8 The confidentiality of all information contained therein is guaranteed by agreement between
APCER, SAAS and SAI, as part of the oversight system.
13. INFORMATION
13.1 The updated information on the certificates of conformity issued, suspended or cancelled is
available on the APCER's website www.apcergroup.com. This information includes the
identification of the organization, the standard, the scope of certification and the geographical
location (city and country) of the Organization, and may be supplemented by other information
defined in the applicable Special Requirements.
13.2 The information concerning the withdrawn certificates is made available during a year, after the
certificate is cancelled.
13.3 APCER, upon request of the Organization, confirms the validity and scope of a particular
certification.
13.4 APCER provides upon request information about the status of a given certification, and the name,
related normative document, scope and geographical location (city and country) for a specific
certified client.
13.5 SAAS maintains a publicly accessible list of accredited SA8000 certificates which includes the
name of the certified organisation and sites, address, scope of certificate, date of initial and
subsequent certifications, the name of the CB that issued the certificate, and the certificate
number.
13.6 The certified Organization shall maintain an effectively implemented management system during
the certificate’s validity.
13.7 The certified Organization agrees to inform APCER without delay, of any major changes to the
organizational structure and its management system, such as:
The legal, commercial, organizational status or ownership;
Organization and management (e.g. key managerial, decision-making or technical staff);
Scope of operations under the certified management system;
Major changes to the management system and processes;
Changes on locations (head office and sites).
Page 22 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
13.8 When appropriate, these changes can imply conducting a special audit.
14. FINANCIAL OBLIGATIONS
14.1 The certification process involves the payment of the costs associated with the different
assessment activities (application review, preliminary visit if applicable, and audit), which are
invoiced when the services are provided, and are an obligation of the Organization, regardless of
the results.
14.2 APCER reserves the right to not issue a certificate until the settlement of invoices concerning the
assessment process.
14.3 APCER may, in any phase of the certification process, demand advance payments of the
certification activities to be conducted.
14.4 APCER reserves the right, in any phase of the certification process, to cancel the process and
suspend or withdraw the certificate, when the financial obligations of the Organization to APCER
are not settled in time, without prejudice to the use of the legal means at APCER disposal.
15. NOTICE OF CHANGES BY THE ORGANIZATION
15.1 The certified Organization shall maintain an effectively implemented management system during
the certificate’s validity.
15.2 The certified Organization agrees to inform APCER without delay, of any major changes to the
organizational structure and its management system, such as:
The legal, commercial, organizational status or ownership;
Organization and management (e.g. key managerial, decision-making or technical staff);
Scope of operations under the certified management system;
Major changes to the management system and processes;
Changes on locations (head office and sites).
15.3 When appropriate, these changes can imply conducting a special audit.
16. CERTIFICATION RECOGNITION AND TRANSFER
16.1 APCER accepts the certificate transfer from other accredited CB’s within the rules defined by
SAAS.
16.2 The preferred time of such a change is at the end of the 3-year certification cycle, if an
organization elects to change its CB and to continue certification to SA8000 at any point.
16.3 For transfer during or at the end of the certification cycle, the organization’s certificate shall be
valid, with no open critical or major nonconformities. If open critical or major NCs exist, no
Page 23 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
transfer audit may be undertaken. If the client is currently suspended with its existing CB, a
transfer may not take place. Any open minor nonconformity shall be addressed by a corrective
action plan.
16.4 APCER shall perform and document an on-site audit equivalent to a recertification audit to effect
a transfer of certificate; a Social Fingerprint Independent Evaluation shall be conducted as per
the recertification requirements.
16.5 The client organization shall complete a Social Fingerprint Self-Assessment prior to the transfer
audit if more than 6 months have passed since it performed a Self-Assessment.
16.6 APCER may determine the need of an additional Stage 1 Audit prior to the transfer audit. If the
stage 1 audit is required, the organization shall complete a Self-Assessment prior to the stage 1
audit.
16.7 A new certification cycle shall commence with the issuance of a new SA8000 certificate to a
transfer client.
16.1 When the organization intends to transfer to another certification body, APCER remains the right
to provide copies organization’s SA8000 reports to a new CB.
16.2 Clients certified by organizations not accredited by SAAS are not considered recognized valid
SA8000 certificate holders. Therefore, those clients are not considered eligible to undergo the
transfer process and initial certification audits will be conducted.
17. RESPONSIBILITY
17.1 The certified client, and not the certification body, has the responsibility for consistently
achieving the intended results of implementation of the management system standard and
conformity with the requirements for certification.
17.2 APCER is not responsible before third parties for any personal or material damage, capital or non-
capital, resulting directly or indirectly from the activities of the certified Organization.
17.3 The certificate is issued according to methodologies internationally recognized and proves that
the certified Organization has implemented a management system that has been found, based
on the audit sampling and any subsequent information, to be in compliance with the established
requirements in the applicable standard and that is capable of maintaining its performance.
APCER is not responsible, in any case, for any actions or eventual mistakes of the certified
Organization.
17.4 Certification by APCER does not absolve in any case the Organization of the detention of
warranties and liabilities relating thereto as the current legislation obliges, whatever
management system is certified. APCER is not responsible, in any case, for any noncompliance by
the certified Organization of current legislation or noncompliance derived from the
Organization’s activity.
Page 24 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
17.5 APCER is not responsible in the case a third party does not recognize or recognizes partly the
certificate issued by APCER.
17.6 As a result of default or defective compliance of the contract that is celebrated with the
Organization, it shall not be required from APCER a compensation superior to the costs of the
respective services, except in situations of deceit or serious fault.
17.7 Except as established in the law as mandatory, APCER is not responsible for acts committed by
the people used to fulfil the obligations under this contract, except in situations of deceit or
serious fault.
Page 25 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
ANNEX A – CYCLE TIMELINE TO SA8000:2014
Type Stage
1 Stage
2 Surv. 1 Surv. 2 Surv. 3 Surv. 4 Surv. 5
Stage 2 (Recert.)
Surv. 1 through Surv. 5
Stage 2 (Recert.)
New SA + IE
IE IE IE SA + IE SA + IE
Recertification
SA + IE
IE IE SA + IE SA + IE
Transition occurs in Surveillance 1
SA + IE IE IE SA + IE SA + IE
Transition occurs in Surveillance 2*
SA + IE IE SA + IE* IE SA + IE
Transition occurs in Surveillance 3*
SA + IE IE SA + IE* IE SA + IE
Transition occurs in Surveillance 4**
SA + IE SA + IE**
IE IE SA + IE
Transition occurs in Surveillance 5**
SA + IE SA + IE**
IE IE SA + IE
* Companies that transition during Surveillance 2 and Surveillance 3 will be certified if they meet the requirements of
SA8000:2014, but still need to conduct an additional IE anytime during their second recertification cycle.
** Companies that transition during Surveillance 4 and Surveillance 5 will be certified if they meet the requirements of
SA8000:2014, but still need to conduct 2 additional IEs anytime during their second recertification cycle.
Page 26 of 27
GENERAL REGULATION FOR MANAGEMENT SYSTEM CERTIFICATION SPECIAL REQUIREMENTS – SA8000
REG001C-EN/8
ANNEX B – INTEGRATION OF SF INTO SA8000:2014 CERTIFICATION
Figure 1 shows the integration of the Social Fingerprint and the SA8000:2014 during the initial certification
cycle. The candidate organization shall complete the SF self-assessment prior to the stage 1 audit. During
stage 1 and 2 audits, APCER performs the SF Independent Evaluation. After these 2 audits are completed
and the certification granted, the SA8000:2014 certification cycle starts.
During the certification cycle, the SF Independent Evaluation is performed at the 2nd and 4th surveillance
audits and at every recertification audit, as shown in figure 2 below.
Figure 1: SF and SA8000:2014 Integration during Initial Certification.