prEN ISO/IEC 17067

SLOVENSKI STANDARD
01-september-2025
Ugotavljanje skladnosti - Osnove in smernice za sheme ugotavljanja skladnosti
(ISO/IEC DIS 17067:2025)
Conformity assessment - Fundamentals of and guidelines for conformity assessment
schemes (ISO/IEC DIS 17067:2025)
Konformitätsbewertung - Grundlagen und Leitlinien für
Konformitätsbewertungsprogramme (ISO/IEC DIS 17067:2025)
Évaluation de la conformité - Éléments fondamentaux et lignes directrices pour les
systèmes particuliers d’évaluation de la conformité (ISO/IEC DIS 17067:2025)
Ta slovenski standard je istoveten z: prEN ISO/IEC 17067
ICS:
03.120.20 Certificiranje proizvodov in Product and company
podjetij. Ugotavljanje certification. Conformity
skladnosti assessment
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

DRAFT
International
Standard
ISO/IEC DIS 17067
ISO/CASCO
Conformity assessment —
Secretariat: ISO
Fundamentals of and guidelines for
Voting begins on:
conformity assessment schemes
2025-08-01
ICS: 03.120.20
Voting terminates on:
2025-10-24
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENTS AND APPROVAL. IT
This document is circulated as received from the committee secretariat. IS THEREFORE SUBJECT TO CHANGE
AND MAY NOT BE REFERRED TO AS AN
INTERNATIONAL STANDARD UNTIL
PUBLISHED AS SUCH.
This draft is submitted to a parallel vote in ISO and in IEC.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
ISO/CEN PARALLEL PROCESSING
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS.
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION.
Reference number
© ISO/IEC 2025
ISO/IEC DIS 17067:2025(en)
DRAFT
ISO/IEC DIS 17067:2025(en)
International
Standard
ISO/IEC DIS 17067
ISO/CASCO
Conformity assessment —
Secretariat: ISO
Fundamentals of and guidelines for
Voting begins on:
conformity assessment schemes
ICS: 03.120.20
Voting terminates on:
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENTS AND APPROVAL. IT
IS THEREFORE SUBJECT TO CHANGE
This document is circulated as received from the committee secretariat.
AND MAY NOT BE REFERRED TO AS AN
INTERNATIONAL STANDARD UNTIL
PUBLISHED AS SUCH.
This draft is submitted to a parallel vote in ISO and in IEC.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
© ISO/IEC 2025
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
STANDARDS MAY ON OCCASION HAVE TO
ISO/CEN PARALLEL PROCESSING
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
BE CONSIDERED IN THE LIGHT OF THEIR
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
or ISO’s member body in the country of the requester.
NATIONAL REGULATIONS.
ISO copyright office
RECIPIENTS OF THIS DRAFT ARE INVITED
CP 401 • Ch. de Blandonnet 8
TO SUBMIT, WITH THEIR COMMENTS,
CH-1214 Vernier, Geneva
NOTIFICATION OF ANY RELEVANT PATENT
Phone: +41 22 749 01 11
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION.
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland Reference number
© ISO/IEC 2025
ISO/IEC DIS 17067:2025(en)
© ISO/IEC 2025 – All rights reserved
ii
ISO/IEC DIS 17067:2025(en)
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Conformity assessment schemes (programmes) and systems. 5
4.1 Schemes and systems .5
4.2 Objects of conformity assessment .7
4.3 Specified requirements .8
4.4 Methodology .8
5 Functional approach to conformity assessment . 9
5.1 General .9
5.2 Conformity assessment activities .9
5.3 Selection and determination .10
5.4 Review, decision and attestation.10
5.5 Surveillance .11
6 Content of a scheme .11
6.1 Functional approach implemented in the scheme .11
6.1.1 Sampling .11
6.1.2 Prior conformity assessment results .11
6.1.3 Outsourcing of the conformity assessment activities . .11
6.1.4 Surveillance . 12
6.2 Licensing and controlling the use of statement of conformity . 12
6.3 Reporting to the scheme owner . 13
6.4 Complaints and appeals. 13
6.5 Rules and procedures of a scheme . 13
7 Scheme owner responsibility .15
7.1 General . 15
7.2 Scheme owner .17
7.3 Ownership .17
7.4 Development .18
7.5 Management . . .18
7.6 Maintenance .18
7.7 Scheme integrity .19
8 Lifecycle of a scheme . .20
8.1 Identifying the need for conformity assessment schemes . 20
8.2 Development of schemes . . 20
8.3 Scheme documentation .21
8.4 Discontinuing a scheme .21
9 Categorization and types of schemes .21
Annex A (Informative) Conformity assessment schemes that include product, process or
service certification .23
Annex B (Informative) Conformity assessment schemes that include management system
certification .27
Annex C (Informative) Conformity assessment schemes that include certification of persons .29
Annex D (Informative) Conformity assessment programmes that include validation/verification .31
Annex E (Informative) Conformity assessment schemes that include inspection .33
Annex F (Informative) Conformity assessment schemes that include testing .34

© ISO/IEC 2025 – All rights reserved
iii
ISO/IEC DIS 17067:2025(en)
Annex G (Informative) Conformity assessment schemes that include accreditation .35
Annex H (Informative) Conformity assessment schemes that include peer assessment .37
Annex I (Informative) Conformity assessment schemes that include declaration .39
Annex J (Informative) Conformity assessment schemes that include multiple types of objects of
conformity assessment .40
Annex K (Informative) Typical characteristics of schemes .43
Bibliography .46

© ISO/IEC 2025 – All rights reserved
iv
ISO/IEC DIS 17067:2025(en)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,
governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/
IEC Directives, Part 2 (see www.iso.org/directives or www.iec.ch/members_experts/refdocs).
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any
patent rights identified during the development of the document will be in the Introduction and/or on the
ISO list of patent declarations received (see www.iso.org/patents) or the IEC list of patent declarations
received (see https://patents.iec.ch).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso.org/iso/foreword.html.
In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by the ISO Committee on Conformity Assessment (CASCO).
This second edition cancels and replaces the first edition (ISO/IEC 17067:2013), which has been technically
revised.
The main changes are as follows:
— The scope of the standard expanded to apply to conformity assessment schemes in general;
— The title of the standard updated to reflect the extended scope;
— Individual clauses rephrased to apply to conformity assessment schemes in general;
— Clauses added to provide specifics (e.g. on product certification schemes) where necessary.

© ISO/IEC 2025 – All rights reserved
v
ISO/IEC DIS 17067:2025(en)
Introduction
0.1  This document provides fundamental concepts, principles and guidelines for conformity assessment
schemes (which are sometimes referred to as “conformity assessment programmes”).
0.2  Conformity assessment performed in accordance with a conformity assessment scheme can provide
assurance to interested parties via demonstration that specified requirements are fulfilled. Conformity
assessment can thus provide assurance to interested parties in areas, including but not limited to,
legal compliance, health and safety, suitability for intended use, performance, durability, compatibility,
environmental impacts, governance and social impacts, resource use efficiency and resource circularity,
management and use of information technology, climate change and sustainability matters.
0.3  This document is intended for those who have an interest in conformity assessment schemes,
particularly those who own or operate schemes, or are considering development of a scheme. These people
and their organizations can include:
a) governments and regulatory authorities;
b) industry, trade associations and organizations (e.g. retailers) within value chains;
c) procurement and purchasing agencies;
d) non-governmental organizations (NGOs);
e) consumer organizations; and
f) bodies undertaking conformity assessment activities.
0.4  A conformity assessment scheme can be operated at an international, regional, national, sub-national
level, or for a specific industry sector or value chain. A scheme can be documented or only orally created.
0.5  A conformity assessment scheme is defined as a set of rules and procedures that:
a) describes objects of conformity assessment;
b) identifies the specified requirements; and
c) provides the methodology for performing conformity assessment.
0.6  This document is part of the series of ISO/IEC and ISO documents on conformity assessment that is
developed and maintained by the ISO Committee on Conformity Assessment (CASCO). This series of ISO/
IEC and ISO documents is colloquially known as the “CASCO Toolbox” and contributes to the development of
“conformity assessment procedures” as referenced in the World Trade Organization Agreement on Technical
Barriers to Trade (WTO/TBT). This series is applied and used by ISO and its members, IEC and its national
committees, and organizations outside of ISO and IEC (e.g. regulatory authorities, NGOs and accreditation
bodies) for globally accepted conformity assessment practice.
0.7  In this document, the following verbal forms of expression are used:
— “should” indicates a recommendation;
— “may” indicates a permission;
— “can” indicates a possibility or a capability.
The modal verb "shall", which indicates a requirement, is not used because this document only provides
guidelines. Further details can be found in the ISO/IEC Directives, Part 2.
0.8  Unless explicitly stated otherwise, for ease of comprehension of this document, the terms conformity
assessment scheme and conformity assessment programme are considered synonyms, and referred to in this
document by the short term scheme.

© ISO/IEC 2025 – All rights reserved
vi
ISO/IEC DIS 17067:2025(en)
0.9  Where the context is unambiguous, scheme and system are used in short for the full terms conformity
assessment scheme and conformity assessment system, respectively.
0.10  Where the context is unambiguous, object is used in short for the full term object of conformity
assessment.
© ISO/IEC 2025 – All rights reserved
vii
DRAFT International Standard ISO/IEC DIS 17067:2025(en)
Conformity assessment — Fundamentals of and guidelines for
conformity assessment schemes
1 Scope
This document describes the fundamental principles and concepts of conformity assessment schemes
(programmes) and provides guidelines for understanding, developing, operating or maintaining them.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 17000:2020, Conformity assessment — Vocabulary and general principles
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 17000 (2020) and the following
apply. ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
conformity assessment
demonstration that specified requirements (3.3) are fulfilled
Note 1 to entry: The process of conformity assessment as described in the functional approach in Annex A of
ISO/IEC 17000 can have a negative outcome, i.e. demonstrating that the specified requirements are not fulfilled.
Note 2 to entry: Conformity assessment includes activities, such as but not limited to testing, inspection, validation,
verification , certification (3.17), and accreditation (3.18) .
Note 3 to entry: Conformity assessment is explained in Annex A of ISO/IEC 17000 as a series of functions. Activities
contributing to any of these functions can be described as conformity assessment activities.
Note 4 to entry: This document does not include a definition of “conformity”. “Conformity” does not feature in the
definition of “conformity assessment”. Nor does this document address the concept of compliance.
[SOURCE: ISO/IEC 17000:2020, 4.1, modified – Notes to entry 1 and 3, words "of ISO/IEC 17000" added.]
3.2
object of conformity assessment
object
entity to which specified requirements (3.3) apply
EXAMPLE Product, process, service, system, installation, project, data, design, material, claim, person, body or
organization, or any combination thereof.
Note 1 to entry: The term “body” is used in this document to refer to the conformity assessment body (3.19) and
accreditation body (3.20). The term “organization” is used in its general meaning and may include bodies according
to the context. The more specific ISO/IEC Guide 2 definition of an organization as a body based on membership is not
applicable to the field of conformity assessment (3.1).

© ISO/IEC 2025 – All rights reserved
ISO/IEC DIS 17067:2025(en)
[SOURCE: ISO/IEC 17000:2020, 4.2]
3.3
specified requirement
need or expectation that is stated
Note 1 to entry: Specified requirements can be stated in normative documents such as regulations, standards and
technical specifications.
Note 2 to entry: Specified requirements can be detailed or general.
[SOURCE: ISO/IEC 17000:2020, 5.1]
3.4
conformity assessment scheme
conformity assessment programme
set of rules and procedures (3.21) that describes the objects of conformity assessment (3.2), identifies the
specified requirements (3.3) and provides the methodology (3.22) for performing conformity assessment (3.1)
Note 1 to entry: A conformity assessment scheme can be managed within a conformity assessment system (3.5).
Note 2 to entry: A conformity assessment scheme can be operated at an international, regional, national, sub-national,
or industry sector level.
Note 3 to entry: A scheme can cover all or part of the conformity assessment functions explained in Annex A of
ISO/IEC 17000.
[SOURCE: ISO/IEC 17000:2020, 4.9, modified – Note to entry 3, words "of ISO/IEC 17000" added.]
3.5
conformity assessment system
set of rules and procedures (3.22) for the management of similar or related conformity assessment schemes (3.4)
Note 1 to entry: A conformity assessment system can be operated at an international, regional, national, sub-national,
or industry sector level.
[SOURCE: ISO/IEC 17000:2020, 4.8]
3.6
owner
owner of a system
owner of a scheme
system owner
scheme owner
person or organization responsible for the development and maintenance of a conformity assessment system
(3.5) or conformity assessment scheme (3.4)
Note 1 to entry: A scheme owner does not necessarily operate the scheme (3.4).
Note 2 to entry: A system owner or a scheme owner can be a conformity assessment body (3.19) itself, a governmental
authority, a trade association, a group of conformity assessment bodies or others.
[SOURCE: ISO/IEC 17000:2020, 4.13]
3.7
participant
participant in a system
participant in a scheme
person or organization that implements or operates under the rules and procedures (3.21) of a conformity
assessment system (3.5) or scheme (3.4) without being involved in their development, revision or approval
[SOURCE: ISO/IEC 17000:2020, 4.11]

© ISO/IEC 2025 – All rights reserved
ISO/IEC DIS 17067:2025(en)
3.8
member
member of a system
member of a scheme
person or organization that is involved in the development, revision or approval of the rules and procedures
(3.21) of a conformity assessment system (3.5) or scheme (3.4)
[SOURCE: ISO/IEC 17000:2020, 4.12]
3.9
first-party conformity assessment activity
conformity assessment activity that is performed by the person or organization that provides or that is the
object of conformity assessment (3.2)
Note 1 to entry: The first-, second- and third-party descriptors used to characterize conformity assessment activities
in relation to a given object are not to be confused with the legal identification of the relevant parties to a contract.
EXAMPLE Activities performed by providers, designers or owners of the object, investors in the object, and
advertisers or promoters of the object.
Note 2 to entry: If an activity is performed by an external body acting on behalf of and controlled by a person or
organization that provides or is the object, the activity is still called a first-party conformity assessment activity (e.g.
internal audits performed by a consultant who is not part of the organization).
[SOURCE: ISO/IEC 17000:2020, 4.3]
3.10
second-party conformity assessment activity
conformity assessment activity that is performed by a person or organization that has a user interest in the
object of conformity assessment (3.2)
Note 1 to entry: The first-, second- and third-party descriptors used to characterize conformity assessment activities
in relation to a given object are not to be confused with the legal identification of the relevant parties to a contract.
EXAMPLE Persons or organizations performing second-party conformity assessment activities include, for
example, purchasers or users of products, or potential customers seeking to rely on a supplier's management system,
or organizations representing those interests. Examples of organizations representing user interest include consumer
advocacy organizations, regulatory authorities implementing legislation governing products and services for the
protection of consumer and public interests, centralized government procurement organizations and private sector
purchasing agents.
Note 2 to entry: If an activity is performed by an external body acting on behalf of and controlled by a person or
organization with a user interest, the activity is still called a second-party conformity assessment activity (e.g. supply
chain audits conducted by an external body on behalf of the purchaser).
[SOURCE: ISO/IEC 17000:2020, 4.4]
3.11
third-party conformity assessment activity
conformity assessment activity that is performed by a person or organization that is independent of the
provider of the object of conformity assessment (3.2) and has no user interest in the object
Note 1 to entry: The first-, second- and third-party descriptors used to characterize conformity assessment activities
in relation to a given object are not to be confused with the legal identification of the relevant parties to a contract.
[SOURCE: ISO/IEC 17000:2020, 4.5]

© ISO/IEC 2025 – All rights reserved
ISO/IEC DIS 17067:2025(en)
3.12
review
consideration of the suitability, adequacy and effectiveness of selection and determination activities, and the
results of these activities, with regard to fulfilment of specified requirements (3.3) by an object of conformity
assessment (3.2)
Note 1 to entry: A description of “selection and determination activities” is included in Clauses 5.1 and 5.3 of this
standard and in ISO/IEC 17000 A.2 and A.3.
[SOURCE: ISO/IEC 17000:2020, 7.1, modified – Note to entry 1 added.]
3.13
decision
conclusion, based on the results of review (3.12), that fulfilment of specified requirements (3.3) has or has not
been demonstrated
[SOURCE: ISO/IEC 17000:2020, 7.2]
3.14
attestation
issue of a statement, based on a decision (3.13), that fulfilment of specified requirements (3.3) has been
demonstrated
Note 1 to entry: The resulting statement, referred to in this document as a “statement of conformity”, is intended to
convey the assurance that the specified requirements have been fulfilled. Such an assurance does not, of itself, provide
contractual or other legal guarantees.
Note 2 to entry: First-party attestation and third-party attestation are distinguished by the terms declaration (3.16),
certification (3.17) and accreditation (3.18), but there is no corresponding term applicable to second-party attestation.
[SOURCE: ISO/IEC 17000:2020, 7.3]
3.15
surveillance
systematic iteration of conformity assessment activities as a basis for maintaining the validity of the
statement of conformity
[SOURCE: ISO/IEC 17000:2020, 8.1]
3.16
declaration
first-party attestation (3.14)
[SOURCE: ISO/IEC 17000:2020, 7.3]
3.17
certification
third-party attestation (3.14) related to an object of conformity assessment (3.2), with the exception of
accreditation (3.18)
[SOURCE: ISO/IEC 17000:2020, 7.6]
3.18
accreditation
third-party attestation (3.14) related to a conformity assessment body (3.19), conveying formal demonstration
of its competence, impartiality and consistent operation in performing specific conformity assessment
activities
[SOURCE: ISO/IEC 17000:2020, 7.7]

© ISO/IEC 2025 – All rights reserved
ISO/IEC DIS 17067:2025(en)
3.19
conformity assessment body
body that performs conformity assessment activities, excluding accreditation (3.18)
[SOURCE: ISO/IEC 17000:2020, 4.6]
3.20
accreditation body
authoritative body that performs accreditation (3.18)
Note 1 to entry: The authority of an accreditation body can be derived from government, public authorities, contracts,
market acceptance or scheme owners.
[SOURCE: ISO/IEC 17000:2020, 4.7]
3.21
procedure
specified way to carry out an activity or a process
Note 1 to entry: In this context, a process is defined as a set of interrelated or interacting activities that use inputs to
deliver an intended result.
[SOURCE: ISO/IEC 17000:2020, 5.2]
3.22
methodology
systematic collection of methods
3.23
complaint
expression of dissatisfaction, other than appeal (3.24), by any person or organization to a conformity
assessment body (3.19) or an accreditation body (3.20), relating to the activities of that body, where a response
is expected
[SOURCE: ISO/IEC 17000:2020, 8.7]
3.24
appeal
request by the person or organization that provides, or that is, the object of conformity assessment (3.2) to
a conformity assessment body (3.19) or an accreditation body (3.20) for reconsideration by that body of a
decision (3.13) it has made relating to that object
[SOURCE: ISO/IEC 17000:2020, 8.6]
4 Conformity assessment schemes (programmes) and systems
4.1 Schemes and systems
4.1.1 The set of rules and procedures defined as a “conformity assessment scheme” or “conformity
assessment programme” relates to:
1) a description of the object of conformity assessment (see Clause 4.2);
2) identification of the specified requirements (see Clause 4.3); and
3) provision of the methodology (see Clause 4.4 and 5) for performing conformity assessment (e.g. rules
for persons and organisations involved in conformity assessment, procedures for individual activities,
rules and procedures for issuing statements of conformity).
4.1.2 Rules and procedures can be unique to a conformity assessment scheme or shared by multiple
schemes. The rules and procedures shared by multiple schemes can be described and documented separately

© ISO/IEC 2025 – All rights reserved
ISO/IEC DIS 17067:2025(en)
from the content of the individual schemes. Such common rules and procedures can relate to concepts (e.g.
specific to a sector or an application), structure, methodology, requirements, or other content shared by the
schemes. Documents providing such general contents for multiple schemes are different from documents
establishing an individual conformity assessment scheme. Sometimes these documents are referred to as
“frameworks”.
4.1.3 Depending on the object of conformity assessment, and the needs of users of conformity assessment,
a scheme can be used only once or repeatedly.
4.1.4 The rules and procedures in a scheme can be recorded in a single document or recorded in multiple
documents linked by reference. Documented schemes can be a set of rules and procedures in many
documents and can be intended for repeated use over a long period of time.
4.1.5 A conformity assessment system is also a set of rules and procedures. A conformity assessment
system can be applied to manage several conformity assessment schemes that are similar or related.
Whenever conformity assessment is performed a scheme always exists, but a system for managing schemes
is optional. Figure 1 illustrates the relationship between a scheme and a system.

© ISO/IEC 2025 – All rights reserved
ISO/IEC DIS 17067:2025(en)
Figure 1 — Relationship between conformity assessment scheme and conformity assessment system
4.2 Objects of conformity assessment
4.2.1 An object of conformity assessment can be, for example, a product, process, service, management
system, system, design, project, data, information, programme, material, installation, claim, person, body or
organization, or any combination thereof (e.g. a product and its production process, an installation and its
maintenance service). The conformity assessment scheme should clearly describe the object of conformity
assessment and its characteristics to which the specified requirements within the scheme will apply.
4.2.2 The object can be a single item or a group of items based on common characteristics (e.g. any area
of land used for a specific purpose, any person with a specific ability, any management system for a specific
discipline within organizations, or anybody performing a specific type of activity).

© ISO/IEC 2025 – All rights reserved
ISO/IEC DIS 17067:2025(en)
4.2.3 Schemes that describe multiple objects can identify different specified requirements to be used for
each object.
4.3 Specified requirements
4.3.1 Specified requirements applicable to the object of conformity assessment are needs or expectations
that are stated. The content of specified requirements can, but does not always, indicate the type of object of
conformity assessment to which it pertains.
4.3.2 Specified requirements are chosen for the scheme so that, when fulfilled, needs and concerns for
assurance are resolved.
4.3.3 Specified requirements are often in the form of provisions in normative documents such as
standards, technical specifications, codes of practice and regulations.
4.3.4 Specified requirements can be detailed (e.g. specific expression of measurements or data) or general
(e.g. properties and qualities, such as “safe to use” or “fit for intended purpose” or “fit for intended use”).
4.3.4 Where applicable, the specified requirements should be written in terms of results or outcomes,
together with limiting values and tolerances. The specified requirements should be stated unambiguously
using wording that is objective, logical, valid and specific and enable consistent application by organizations
as well as evaluation across conformity assessment bodies.
4.3.5 Identification of the specified requirements for the conformity assessment scheme can be made
by reference (e.g. to the applicable standards, technical specifications, regulation, or other normative
documents) or by documentation as content of the scheme itself.
4.3.6 Further guidance for drafting normative documents suitable for use for conformity assessment,
including documents which provide specified requirements, can also be found in ISO/IEC 17007.
4.4 Methodology
4.4.1 The rules and procedures for methodology that pertain to performing conformity assessment
activities in the functions described in ISO/IEC 17000:2020, Annex A (the Functional Approach) are one
element of a conformity assessment scheme. Individual demonstrations performed in accordance with the
same scheme will follow the same methodology provided by the scheme.
4.4.2 A method or procedure for a specific individual activity within the functional approach (e.g. a
sampling protocol, standardized method, test method, calibration method, inspection procedure, a general
plan for an audit of a management system, a general plan for validation or verification of a type of claim, the
formatting of a statement of conformity, etc.) can be included or referenced in the methodology provided in
a scheme. However, a method or procedure for a specific individual activity is not by itself a methodology for
demonstrating fulfilment of specified requirements as represented by the functional approach.
4.4.3 Methodology for performing conformity assessment can include, for example, rules and procedures for:
a) conformity assessment activities including methods for individual activities such as assessment,
auditing, design review, evaluation, examination, inspection, testing, validation, verification, review,
decision and attestation;
b) conformity assessment activities during surveillance; and
c) a certificate, mark, label, listing in databases or on websites, approval, consent, permission, licence,
marking, report, letter, or other statement of conformity issued to communicate that a successful
demonstration of fulfilment of specified requirement by a specific object of conformity assessment exists.

© ISO/IEC 2025 – All rights reserved
ISO/IEC DIS 17067:2025(en)
5 Functional approach to conformity assessment
5.1 General
5.1.1 Conformity assessment is a series of functions that satisfy the need or demand for demonstration
that specified requirements are fulfilled.
NOTE See ISO/IEC 17000:2020, Annex A.
The functions are:
— selection, which involves planning and preparation activities in order to collect or produce all the
information and input needed for the subsequent determination function;
— determination, which relates to activities that are undertaken to develop or to gather complete
information regarding fulfilment of the specified requirements by the object of conformity assessment
or its sample;
— review, decision and attestation, which includes review as the final stage of checking before taking
the important decision as to whether or not the object of conformity assessment has been reliably
demonstrated to fulfil the specified requirements, and attestation, which results in a statement of
conformity communicating that fulfilment of specified requirements has been demonstrated.
5.1.2 The functional approach is the general structure for the methodology provided by conformity
assessment schemes.
5.1.3 The aspects of the functional approach addressed by the scheme’s rules and procedures for
methodology and the level of detail in those rules and procedures are decided when the scheme is developed
and can be altered as the scheme is maintained.
5.1.4 When the rules and procedures for methodology are general, the scheme can be flexible and used
broadly. However, leaving the choice of specific activities and details to bodies performing conformity
assessment can result in significant differences in individual demonstrations performed in accordance with
the scheme which can negatively impact the consistency of the assurance among these demonstrations. Very
detailed rules and procedures, on the other hand, result in highly consistent assurance among different
demonstrations performed in accordance with the scheme. However, very detailed rules and procedures
can result in the applicability of the scheme being very narrow or delay improvement or innovation in the
scheme. Implementing the appropriate balance between flexibility and consistency should be considered in
developing and maintaining a scheme.
5.2 Conformity assessment activities
5.2.1 Activities contributing to any of the functions can be described as “conformity assessment activities”.
5.2.2 The rules and procedures for methodology can specify, for example:
a) what activities are to be performed;
b) who performs activities ;
c) when activities are performed and their sequence;
d) where activities are performed;
e) how often activities are performed;
f) the method, plan, procedure, or instructions for individual activities.

© ISO/IEC 2025 – All rights reserved
ISO/IEC DIS 17067:2025(en)
5.2.3 Conformity assessment activities are performed in accordance with the rules and procedures of the
scheme by conformity assessment bodies or accreditation bodies (collectively “bodies”). Any activities or
details needed for demonstrating fulfilment of specified requirements but not addressed by the rules and
procedures in the scheme will be left for the bodies to decide when performing activities in accordance with
the scheme.
5.3 Selection and determination
5.3.1 Conformity assessment activities contributing to the selection function include but are not limited
to planning, sampling and sample preparation.
5.3.2 Conformity assessment activities contributing to the determination functions include, but are not
limited to, assessment, auditing, design review, evaluation, examination, inspection, peer assessment,
testing, validation and verification.
5.3.3 Rules and procedures for testing and inspection can include decision rules as a basis for stating
whether the items tested or inspected fulfil specified requirements. Such statements are part of the reported
results of testing or inspection, pertain only to the items tested or inspected, and are different from the
statement of conformity issued during attestation (
...