{"id":533,"date":"2016-05-18T16:45:19","date_gmt":"2016-05-18T16:45:19","guid":{"rendered":"http:\/\/www.proftesting.com\/blog\/?p=533"},"modified":"2016-05-18T16:52:54","modified_gmt":"2016-05-18T16:52:54","slug":"threat-analysis-safeguard-impartiality","status":"publish","type":"post","link":"https:\/\/www.proftesting.com\/blog\/2016\/05\/18\/threat-analysis-safeguard-impartiality\/","title":{"rendered":"How A Threat Analysis Can Help Safeguard Impartiality"},"content":{"rendered":"<p>For certification bodies (CBs) accredited to, or working toward, International Standard <em>ISO\/IEC 17024 Conformity assessment\u2014General requirements for bodies operating certification of persons<\/em>, meeting requirement <strong>4.3 Management of Impartiality<\/strong>, has likely resulted in revisions to the policies and practices of the organization. \u00a0Impartiality is a consideration across all aspects of the certification program and in the actions of the CB at all levels with all personnel.\u00a0 Section 3, Terms and definitions, 3.1.5 defines <strong>impartiality<\/strong> as \u201cpresence of objectivity.\u201d<a href=\"#_ftn1\" name=\"_ftnref1\">[1]<\/a>\u00a0 \u00a0At the point of implementation, impartiality requires that all decisions related to certification are fair and applied consistently across all applicants, candidates, and certified persons to assure that certification is awarded solely on the individuals\u2019 ability to meet and maintain certification requirements, and nothing else. \u00a0Achieving compliance with Section 4.3, among other things, requires documentation of policies and procedures, evidence of fairness, and implementation at the organizational level.\u00a0 It also requires the CB to publish its understanding of the importance of impartiality in all certification activities.<!--more--><\/p>\n<p>So how can CBs show such \u201cevidence\u201d?\u00a0 Annex A.2 of ISO\/IEC 17024, Impartiality (paraphrased below) is a good place for CBs to start.<a href=\"#_ftn2\" name=\"_ftnref2\">[2]<\/a><\/p>\n<ul>\n<li>2.1 certification of a person should be based on objective evidence through fair, valid and reliable assessment, and not be influenced by other parties.<\/li>\n<li>2 certification bodies need to be perceived as impartial in order to give confidence in their activities.<\/li>\n<\/ul>\n<p>Meeting this requirement should begin with a comprehensive policy on impartiality, which should include the CB\u2019s commitment to acting impartially; making certification decisions in accordance with policies and procedures; making public the policies and procedures affecting applicants, candidates and certified persons; and accurately conveying information about the certification to all interested parties.<a href=\"#_ftn3\" name=\"_ftnref3\">[3]<\/a><\/p>\n<p>Another way a CB can show \u201cevidence\u201d is by conducting a threat analysis, to identify any threats to impartiality<a href=\"#_ftn4\" name=\"_ftnref4\">[4]<\/a> which should be addressed first by policy.\u00a0 A sample policy may read: \u201cIn upholding its commitment to maintaining the highest level of impartiality and objectivity in its practices and decision making, CB personnel shall annually, or as circumstances may warrant, conduct a Threat Analysis in accordance with the impartiality analysis criteria.\u00a0 The Threat Analysis shall be conducted by the Certification Director\u201d.\u00a0\u00a0 Annex A, A.2.3<a href=\"#_ftn5\" name=\"_ftnref5\">[5]<\/a> lists threats to impartiality including (paraphrased):<\/p>\n<ul>\n<li>Self-interest\u2014threats that arise from persons acting in their own interests for self-benefit<\/li>\n<li>Subjectivity\u2014threats that arise when bias or subjectivity overrules objective evidence<\/li>\n<li>Familiarity\u2014threats that arise from a relationship that clouds objectivity<\/li>\n<li>Intimidation\u2014threats that prevent the CB from acting impartiality<\/li>\n<li>Financial\u2014threats arising from revenue sources.<\/li>\n<\/ul>\n<p>In addition to considering these types of threats, CBs should also identify the threats unique to their organizational structure and\/or operations.\u00a0 An example of such a threat is the CB or its parent enterprise offering training that can prepare persons for the certification exam.\u00a0 How the CB erects and maintains firewalls between training and certification would be assessed and documented during the threat analysis, and reported during the internal audit or at the time of management review.<\/p>\n<p>Once the categories of threat have been determined, CBs should define the desired level of impartiality, or <em>best <\/em>case scenario, which would be \u201cno threat\u201d and then define the \u201cthreat(s)\u201d to the best case and any threat level in-between.<\/p>\n<p>Let\u2019s take the example of certification and training. A CB that offers training has a potential threat to impartiality.\u00a0 How the CB mitigates the potential threat is what the CB needs to analyze in its threat analysis.\u00a0 One way to mitigate the potential threat is by implementing an organizational structure that assures the separation of certification activities from training, including courses that may help to prepare candidates for the certification examination.\u00a0 Another way is by establishing policies that place all certification decisions under the authority of the CB, and a management system that implements procedures to assure such authority.\u00a0 Policy should also apply to personnel, so SMEs are not engaged in training activities that may support certification.<\/p>\n<p>A threat to impartiality is the failure to mitigate threat, and would surface if the activities of the CB do not remain separate from training, and if specific training courses are considered \u201cexclusive\u201d or \u201cessential\u201d to exam preparation.\u00a0 Discounts on the certification examination as conditions of purchasing certification prep materials such as a study guide also pose a threat.\u00a0 And SMEs engaged in certification activities such as item writing and review who are not prohibited from participating in training not only pose a threat to impartiality, but also a conflict of interest.<\/p>\n<p>Let\u2019s apply this to a threat analysis rubric. Each category and threat level should be categorized and assessed. \u00a0The threat category can be \u201cTraining.\u201d The threat level can be \u201clow,\u201d \u201cmedium,\u201d and \u201chigh.\u201d \u00a0If a threat is detected, define the threat and threat level, assess the risk to impartiality, describe how the risk(s) will be mitigated and document follow-up activities.\u00a0 Here is an example:<\/p>\n<p style=\"text-align: center;\"><strong>Certification and Training<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-534 size-full\" src=\"http:\/\/www.proftesting.com\/blog\/wp-content\/uploads\/2016\/05\/impartiality-1.png\" alt=\"impartiality 1\" width=\"650\" height=\"156\" srcset=\"https:\/\/www.proftesting.com\/blog\/wp-content\/uploads\/2016\/05\/impartiality-1.png 650w, https:\/\/www.proftesting.com\/blog\/wp-content\/uploads\/2016\/05\/impartiality-1-250x60.png 250w, https:\/\/www.proftesting.com\/blog\/wp-content\/uploads\/2016\/05\/impartiality-1-120x29.png 120w\" sizes=\"auto, (max-width: 650px) 100vw, 650px\" \/><\/p>\n<p>Or, here is another example:<br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-535 size-full\" src=\"http:\/\/www.proftesting.com\/blog\/wp-content\/uploads\/2016\/05\/impartiality-2.png\" alt=\"impartiality 2\" width=\"655\" height=\"325\" srcset=\"https:\/\/www.proftesting.com\/blog\/wp-content\/uploads\/2016\/05\/impartiality-2.png 655w, https:\/\/www.proftesting.com\/blog\/wp-content\/uploads\/2016\/05\/impartiality-2-250x124.png 250w, https:\/\/www.proftesting.com\/blog\/wp-content\/uploads\/2016\/05\/impartiality-2-120x60.png 120w\" sizes=\"auto, (max-width: 655px) 100vw, 655px\" \/><\/p>\n<p>The format of the Threat Analysis rubric and report is at the discretion of the CB.\u00a0 Use whatever works best for you\u2014charts, narrative, check-sheets\u2014but be sure to document this procedurally, within the program\u2019s management system.\u00a0 In conducting a threat analysis, CBs are providing evidence of their commitment to managing impartiality and actively showing their \u201cdue diligence\u201d to determine threats, both real and perceived, of an individual, organization or product influencing or benefiting from certification.<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"#_ftnref1\" name=\"_ftn1\">[1]<\/a> International Standard <em>ISO\/IEC 17024 Conformity assessment\u2014General requirements for bodies operating certification of persons<\/em> (ISO\/IEC 17024), page 2.<\/p>\n<p><a href=\"#_ftnref2\" name=\"_ftn2\">[2]<\/a> ISO\/IEC 17024, page 19.<\/p>\n<p><a href=\"#_ftnref3\" name=\"_ftn3\">[3]<\/a> <strong>Interested party<\/strong> is defined as Individual, group or organization affected by the performance of a certified person or the certification body; ISO\/IEC 17024, page 3.<\/p>\n<p><a href=\"#_ftnref4\" name=\"_ftn4\">[4]<\/a> ISO\/IEC 17024, requirement 4.3.6, page 4.<\/p>\n<p><a href=\"#_ftnref5\" name=\"_ftn5\">[5]<\/a> ISO\/IEC 17024, page 19.<\/p>\n","protected":false},"excerpt":{"rendered":"For certification bodies (CBs) accredited to, or working toward, International Standard ISO\/IEC 17024 Conformity assessment\u2014General requirements for bodies operating certification of persons, meeting requirement 4.3 Management of Impartiality, has likely resulted in revisions to the policies and practices of the organization. \u00a0Impartiality is a consideration across all aspects of the certification program and in the&#8230; <a class=\"view-article\" href=\"https:\/\/www.proftesting.com\/blog\/2016\/05\/18\/threat-analysis-safeguard-impartiality\/\">View Article<\/a>","protected":false},"author":9,"featured_media":540,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,44],"tags":[47],"class_list":["post-533","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-industry-news","category-test-development","tag-certification-body"],"_links":{"self":[{"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/posts\/533","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/comments?post=533"}],"version-history":[{"count":6,"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/posts\/533\/revisions"}],"predecessor-version":[{"id":542,"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/posts\/533\/revisions\/542"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/media\/540"}],"wp:attachment":[{"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/media?parent=533"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/categories?post=533"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.proftesting.com\/blog\/wp-json\/wp\/v2\/tags?post=533"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}