Toll Free Number: 1545 |

Email: info@kebs.org

| Webmail

| Office 365

Whistleblower

Tenders & Quotations

Policies

Public Notice

Careers

 
Home

Certification Schemes

Quality Management Systems (QMS) (ISO 9001:2015)
/wp-content/uploads/2023/09/6.png

Today, more than ever before, it is important to match your services and products to the needs of your customer. As the international business environment becomes increasingly competitive, customers are more and more demanding where quality is concerned. The adoption of QMS therefore should be a strategic decision by an organization to ensure Delivery of service and/or product that meets customer requirements.

ISO 9001:2015

Applies to the processes that create and control the products and services an organization supplies

Prescribes systematic control of activities to ensure that the needs and expectations of customers are met

Is designed and intended to apply to virtually any product or service, made by any process anywhere in the world

Below are some of the benefits that are enjoyed by companies implementing QMS:

    • Increased Efficiency
    • Improved Consistency
    • Improved quality of product/service
    • Better-Motivated Employees
    • Cost Savings
    • Fewer Mistakes
    • Less Re-work
    • Less Waste
    • Wider Market Opportunities
    • Increased Customer Satisfaction
    • Increased competitiveness
    • Increased profits
    • Better use of time and resources
    • Improved communication
Food Safety Systems Certification (ISO 22000)
/wp-content/uploads/2023/09/11.png

ISO 22000:2018 defines what an Operator must do to demonstrate her ability to control food safety hazards and ensure that food, feed or related products are safe for consumption or use. The purpose of ISO 22000:2018 is to empower an Operator to develop a robust Food Safety Management System (FSMS) that drives continuous improvement of all processes with an impact on the safety of end-products.

It specifies requirements for a FSMS to enable an organization that is directly or indirectly involved in the food chain:

  •  to plan, implement, operate, maintain and update a FSMS providing products and services that are safe, in accordance with their intended use;
  • to demonstrate compliance with applicable statutory and regulatory food safety requirements;
  •  to evaluate and assess mutually agreed customer food safety requirements and to demonstrate conformity with them;
  • to effectively communicate food safety issues to interested parties within the food chain;
  • to ensure that the organization conforms to its stated food safety policy;
  • to demonstrate conformity to relevant interested parties;
  • to seek certification or registration of its FSMS or make a self-assessment.
  • Aimed at all operators of food, feed and related products, regardless of size or sector, ISO 22000 translates food safety management into a continuously improving process. It takes a precautionary approach to food safety by helping to identify, prevent and reduce foodborne hazards in the food and feed chains.

When to transit
Due to the changes ISO 22000:2005, the standard will expire in June 2021. We advise our clients to make the transition to ISO 22000:2018 before June 29, 2021 in order to remain certified.

Benefits of ISO 22000 Certification
  • Achievement of ISO 22000:2018 certification helps operators to:
  • identify and control food safety hazards and reduce risk of food safety incidents.
  • generate food safety culture and increase operational control.
  • increase marketability, recognition, competitiveness, market access and customer trust
  • Continually improve and update implemented systems for efficiency and effectiveness
Upgrading ISO 22000 Certification

If already certified to ISO 22000, an Operator can make a smooth transition to FSSC 22000 to gain GFSI recognition. Transition to FSSC 22000 can be made by implementing the PRP standard relevant to your industry and the additional requirements set by FSSC.

Environmental Management Systems (EMS)
/wp-content/uploads/2023/09/9.png

Kenya Bureau of Standards (KEBS), the National Standards Body of Kenya has been providing service to the Kenyan industry for more than five decades by way of formulation of national standards and operation of product certification scheme.

KEBS launched Environmental Management Systems (EMS) Certification as per IS/ISO 14000 Series of Standards in the wake of increasing public awareness about the environment which has become an important factor in the decision making process of the organizations These standards are adoption of and identical to the internationally accepted ISO 14000 Series of Standards on Environmental Management Systems.

This Scheme envisages grant of Environmental Management Systems Certification License to organizations according to IS/ISO 14001, which is identical with ISO 14001:2004.

ISMS Information Security Management System (ISMS)- ISO/IEC 27001:2022
/wp-content/uploads/2023/09/8.png

 Information security management system information 

Kenya Bureau of Standards Certification Body (KEBSCB) offers Certification Services on ISO/IEC 27001 Standards- Information Security, Cyber Security, and Privacy Protection Information Security Management Systems among others. 

The ISO/IEC 27001 standard provides organizations with a framework for designing, implementing, maintaining, and auditing Information Security Management Systems. It helps organizations in safeguarding the confidentiality, integrity, and availability of their information and information assets, while also ensuring business continuity. 

Currently, KEBSCB offers certification services based on the new standard ISO/IEC 27001:2022. Furthermore, it assists organizations previously certified under old standard (ISO/IEC 27001:2013) to transition, either during recertification or surveillance phases of the certification cycle. 

ISO/IEC 27001:2022 standard is designed to assist organizations to identify, assess, and mitigate risks associated with loss of confidentiality, integrity, and availability of information including cyber security and privacy protection issues. Annex A of this standard suggests some key controls that can address information security-related risks touching on the organization, people, technology, and physical infrastructure of the organization. 

 

Why adopt an Information Security Management System Standard? 

Adopting an Information Security Management System (ISMS) based on the ISO/IEC 27001 standard provides numerous compelling benefits, including the following: 

  1. Enhanced Information Security 

Implementing an ISMS standard helps organizations strengthen their information security posture by providing a structured framework for identifying, assessing, and mitigating information security risks. This can reduce the likelihood and impact of security incidents. 

  1. Risk Management 

ISO/IEC 27001:2022 standard is built on a risk-based approach, facilitating organizations in systematically identifying, assessing, and prioritizing information security risks for treatment. This ensures a more efficient allocation of resources to tackle the most critical vulnerabilities and threats in alignment with the organization’s risk appetite. 

  1. Legal and Regulatory Compliance 

Numerous industries and jurisdictions enforce specific regulations and legal obligations concerning information security, such as the Data Protection Act 2019, the Computer Misuse and Cyber Act 2018, and Access to Information Act 2016. Implementing an ISMS standard enables organizations to align with these requirements, thereby mitigating the risk of non-compliance and associated penalties. 

  1. Customer Trust and Confidence 

Demonstrating commitment to information security through ISMS standards can bolster customer trust and confidence. It assures customers that their sensitive information is being handled with diligence and security. 

  1. Competitive Advantage 

In certain industries, possessing ISO/IEC 27001 certification or compliance with other ISMS standards can confer a competitive advantage. It can enhance an organization’s appeal to clients, partners, and stakeholders who prioritize the security of information and related assets. 

  1. Improved Incident Response: 

ISMS standards provide guidelines for incident response and management, aiding organizations in formulating effective strategies for detecting, responding to, and recovering from information security incidents. 

  1. Cost Savings 

Through proactive identification and mitigation of security risks, organizations can potentially evade costly security breaches, downtime, and data loss. Prevention of incidents is frequently more cost-effective than managing the aftermath. 

  1. Business Continuity 

Efficient information security management plays a pivotal role in ensuring business continuity by mitigating the impact of disruptions stemming from security incidents. This enables organizations to sustain operations even amidst security challenges. 

  1. Better Supplier and Vendor Relationships 

ISO/IEC 27001 and comparable standards are progressively demanded by customers from their suppliers and vendors. Conformance to these standards can foster more seamless business relationships and partnerships, addressing information security concerns in supplier relations. 

  1. International Recognition 

ISO/IEC 27001 is a globally recognized standard. Obtaining certification can serve as a valuable credential for organizations with global operations. 

FAQs; 

  1. Q – What is the eligibility criteria for certification? 

Ans. – An organization must have established and implemented ISMS based on ISO/IEC 27001:2022 standard. 

  1. Q – What are the steps of Certification? 

Ans. 

  1. Client’s responsibilities in preparation for certification 
  1. Sensitize Top Management,  
  1. Train Implementers/champions. 
  1. Document ISMS procedures and policies. 
  1. Create awareness for all the staff on ISMS. 
  1. Implement and Maintain ISMS 
  1. Train ISMS internal auditors 
  1. Conduct internal audits. 
  1. Undertake management review. 
  1. Improve ISMS 
  1. Apply for certification by submitting an application on https://ims.kebs.org/ 
  1. ISMS Certification Process 
  1. Preliminary investigation and application: This is done to determine whether the client is sufficiently prepared for the audit process. The client is requested to complete the Initial questionnaire on the IMS system using this link https://ims.kebs.org/  
  1. Payment: If the client is found to be ready, a cost quotation is done, based on the information collected during the Preliminary investigation and application and sent to the client for payment. 
  1. Stage one audit: This is done offsite(documentation) and onsite to determine the Client’s preparedness for stage 2. The time period between stage 1 and stage 2 audit shall not be more than six months. 
  1. Stage two audit: This is done on-site to determine the implementation and effectiveness of the client’s ISMS. 
  1. Certification decision 

Based on stage 2 audit recommendations, a certification decision process is undertaken to certify a client on ISMS for 3 years. 

Q- What are the factors to consider when determining the certification cost? 

Ans.  

The cost varies depending on several factors: 

  1. Size of the scope of activities covered by the ISMS. 
  1. The type(s) of business performed within the scope of the ISMS. 
  1. Previously demonstrated performance of the ISMS 
  1. Extent and diversity of technology utilized in the Implementation of the various components of the ISMS. 
  1. The extent of outsourcing and third-party arrangements used within the scope of the ISMS. 
  1. Number of sites and number of Disaster Recovery (DR) sites 
  1. Type(s) of business and regulatory requirements. 
  1. Level of establishment of the Management System 
  1. Q- What is the validity period for certification? 

Ans. The certification body shall sign a certification contract with the client for three years.  

  1. Q- Where can an organization get trained on ISMS? 

Ans. Kenya Bureau of Standards under the National Quality Institute (NQI) offers training services for various management systems such as ISO/IEC 27001:2022, ISO 9001:2015, ISO 22301:2019, etc.  

For more information contact NQI via nqi@kebs.org or refer training calendar on the KEBS website https://www.kebs.org/training-calendar-2/  

  1. Q- How can an organization transition from ISO/IEC 27001:2013 to ISO/IEC 27001:2022? 

Ans. Please access the transition guide through this link https://www.kebs.org/wp-content/uploads/2023/12/Transition-Guide-IEC-27001-Issue-1.pdf  

 

Contacts Information. 

Tel: +254 (20) 694 8000 or 6005550 or +254 (20) 6948263 

Email: certification@kebs.org or kimutaid@kebs.org 

Food Management System Standard
FSSC 22000 Certification

FSSC 22000 is based on the widely recognized Food Management System Standard ISO 22000, the industry relevant Pre-Requisite Program (PRP) and FSSC defined additional requirements (which includes food defense, food fraud prevention and allergen management among others).

The Scheme is owned by an independent non-profit organization and it is GFSI benchmarked. KEBS CB is licensed to offer FSSC 22000 certification for both food manufacturing and food packaging sectors

Benefits of FSSC Certification
  1. Increased market access because FSSC 22000 is GFSI benchmarked, recognized and accepted globally
  2. Identification and control of food safety hazards hence reduced risk of food safety incidents.
  3. In depth and rigorous food safety audits
  4. Creation of food safety culture and increased operational control.
  5. Increased marketability, recognition, competitiveness and customer trust
  6. Continually improve and update implemented systems for efficiency and effectiveness
FSSC 22000 V5.1

FSSC published version 5.1 of FSSC 22000 on 20 November 2020. The main reasons for publishing a revised version included:

  • Incorporating the GFSI benchmarking requirements version 2020.1
  • Strengthening the licensing process and the integrity program.
  • Minor editorial changes or amendments to the V5 scheme requirements.
Conduct of FSSC Audit

The standard method for conducting FSSC 22000 audits is either through full on-site audits as described in Part 3 of the Scheme or partial on-site audits using the ICT Audit Approach as described in Annex 9, both of which are GFSI recognized options.

The FSSC 22000 full remote option is an accredited, non-GFSI recognized, voluntary option that can only be utilized where access to the premises of the certified organization is not possible as a direct result of a serious event (refer Appendix 1 of the Scheme), supported by a risk assessment. Mutual agreement between the CB and the certified organization is required prior to conducting the full remote audit.

A full remote audit is defined as an audit that takes place entirely at a location other than that of the certified organization through the use of ICT.

Good Manufacturing Practice (GMP) Certification
/wp-content/uploads/2023/09/12.png

Good Manufacturing Practices are procedures and best practices undertaken to remove, reduce and control physical, chemical and biological hazards in the processing setting. The practices are important enrichment to an Operators’ food safety management system, increasing customers’ confidence in your commitment to producing and trading in safe products. GMP can form a foundation upon which Operators could develop and implement other food safety systems such as HACCP and ISO 22000. GMP certification ensures the integrity of an Operators food manufacturing processes as well as compliance with food safety regulations.

Good Hygiene Practices (FSCE) Certification
/wp-content/uploads/2023/09/13.png

We also offer hygiene certification for food establishments and restaurants based on KS 2573. This certification helps hotels, restaurants and catering establishments to implement and operate a food safety scheme based on good hygiene practices to ensure they offer safe food to their customers at all times. Certification to this scheme basically helps such establishments demonstrate commitment offer safe products to their customers.

Occupational Health and Safety Management Systems (OHSMS)
/wp-content/uploads/2023/09/5.png
ISO/IEC 45001:2018 Occupational Health and Safety Management Systems

The purpose of an OH&S management system is to provide a framework for managing OH&S risks. The intended outcomes of the OH&S management system are to prevent work-related injury and ill health to workers and to provide safe and healthy workplaces; consequently, it is critically important for the organization to eliminate hazards and minimize OH&S risks by taking effective preventive and protective measures. When these measures are applied by the organization through its OH&S management system, they improve its OH&S performance. An OH&S management system can be more effective and efficient when taking early action to address opportunities for improvement of OH&S performance.

Implementing an OH&S management system conforming to this document enables an organization to manage its OH&S risks and improve its OH&S performance. An OH&S management system can assist an organization to fulfil its legal requirements and other requirements.

ISO 45001:2018 ADDRESSES THE FOLLOWING KEY AREAS:

  • Hazard Identification, Assessment of risks and opportunities.
  • Managing OH & S risks
  • Legal and Other Requirements
  • OHS Objectives and planning to achieve them
  • Resources, Roles, Responsibility, Accountability and Authority
  • Competence, Training and Awareness
  • Communication, Participation and Consultation
  • Operational planning and Control
  • Emergency Preparedness and Response
  • Monitoring, Measurement, analysis and Performance evaluation
  • Improvement.
The Benefits
  • OHSMS promotes a safe and healthy working environment by providing a framework that allows organizations to consistently identify and control their health and safety risks, reduce the potential for accidents, aid legislative compliance and improve overall performance (Prevent work-related injury and ill health to workers and to provide safe and healthy workplaces)
  • Improves the efficiency of internal operations
  • Improved employee safety and the quality of the working environment
  • Compliance with applicable legal requirements
  • Demonstrate high levels of occupational health and safety when bidding for international contracts
  • Improves the reliability of your internal operations to meet customer requirements and overall performance
  • Gain significant improvement in staff motivation and commitment and understanding of their responsibility in helping ensure workplace safety
Welder Certification scheme
/wp-content/uploads/2023/09/5.png
Welder Certification Scheme
Non-Destructive Testing Persons (NDT)
/wp-content/uploads/2023/09/5.png
Non-Destructive Testing Persons (NDT)
Auditor Certification Scheme
/wp-content/uploads/2023/09/5.png
Non-Destructive Testing Persons (NDT)
Other Certification Schemes
/wp-content/uploads/2023/09/10.png
/wp-content/uploads/2023/09/4.png

Other Certification Schemes Offered Include :

  • ISO 30401- Knowledge Management Systems
  • Integrated Management Systems
  • ISO 22301 – Business Continuity Management Systems
  • KS 2573 – Hygiene Certification for food establishments and restaurants
  • ISO 39001 – Road Transport Safety Management Systems
  • ISO 50001 – Energy Management Systems
  • ISO 13485 – Medical Devices certification
  • ISO 14024 – Ecolabelling
  • ISO 18788 – Management system for private security operations.
  • Eco mark Certification Scheme
  • SANS 10330 Hazard Control Critical Plan
/wp-content/uploads/2023/09/14.png
/wp-content/uploads/2023/09/2.png

Online Services

Quick Links

Related Links

Contact us

Managing Director
Kenya Bureau of Standards
Popo Road, Off Mombasa Road
P.O. Box 54974 - 00200 Nairobi, Kenya.
Tel : + 254 (20) 694 8000
Mobile : 0722 202 137/ 0722 202 138
PVOC : 0724 255 242
info@kebs.org
PHP Code Snippets Powered By : XYZScripts.com