中国认可体系及信息安全 检测认证机构的认可要求 · pdf file(identical to...
TRANSCRIPT
中国认可体系及信息安全检测认证机构的认可要求
China Accreditation System & Accreditation Requirements of Testing and Certification Bodies in the field of
Information Security
2017年9月Sep. 2017
证实能力 传递信任
中华人民共和国认证认可条例
Regulations of the People’s Republic of China on Certification
and Accreditation
第三十七条 国务院认证认可监督管理部门确定的认可机
构,独立开展认可活动。Article 37 The accreditation body authorized by the certification and accreditation regulatory department of the State Council conducts accreditation activities independently.
1 基本法规Basic Regulations
证实能力 传递信任
2 国家认可机构National Accreditation Body
中国合格评定国家认可委员会(CNAS)是中国国家认证认
可监督管理委员会依照《中华人民共和国认证认可条例》授权
的中国国家认可机构,统一负责对认证机构、实验室和检验机
构等相关机构的认可工作。
CNAS is the China national accreditation body unitarily responsible for the accreditation of certification bodies, laboratories, inspection bodies and relevant bodies, authorized by the Certification and Accreditation Administration of the People’s Republic of China (CNCA)
History of CNAS
证实能力 传递信任
证实能力 传递信任
CNAS Organizational Structure
The Board of CNAS has 65 members respectively from:a. Government departments
b. Conformity assessment bodies
c. Clients of conformity assessment service
d. Users of conformity assessment
e. Professional bodies and technical experts
证实能力 传递信任
证实能力 传递信任
全体委员会、专门委员会和专业委员会 1049名委员
Board, Special Committees & Specialized Committees 1049 Members
评审员和技术专家 5000余名
Assessors & Technical Experts over 5000
工作人员 260余名
Staff over 260
证实能力 传递信任
3 认可制度 Accreditation Programs
证实能力 传递信任
3 认可制度Accreditation Programs
认证机构认可制度
Accreditation Schemes for Certification Bodies 159管理体系认证Management System Certification质量管理体系 Quality Management System 107环境管理体系 Environmental Management System 100职业健康安管理体系 Occupational Health & Safety Management System 95食品安全管理体系 Food Safety Management System 33良好生产规范 Good Manufacturing Practice 5信息安全管理体系 Information Security Management System 13能源管理体系 Energy Management System 28
证实能力 传递信任
产品认证 Product Certification常规产品 General Product 53(信息安全领域 1家)
有机产品 Organic Product 23良好农业规范 Good Agricultural Practice 17服务认证 Service 2森林认证 Forest 6
人员认证 Person Certification 2
软件过程及能力成熟度评估
Software Process and Capability Maturity Assessment 3注 Note:认可数量统计至2017年6月底 Figures by 30 June 2017
证实能力 传递信任CNAS认可的认证机构颁发的现行有效认证证书Certificates issued by Certification Bodies accredited by CNAS
质量管理体系认证 QMS 271,067 环境管理体系认证 EMS 102,837食品安全管理体系认证 FSMS 9,326 良好生产规范 GMP 152危害分析与关键控制点 HACCP 3,836 能源管理体系认证 EnMS 1410职业健康安全管理体系认证 OHSMS 86,713信息安全管理体系认证 ISMS 2,838信息技术服务管理体系认证 ITSMS 931自愿性产品认证 Voluntary Product 16,338 (Orgs: 3,413)(含信息安全领域)
强制性产品认证 Compulsory Product 567,170 (Orgs: 76,534)有机产品认证 Organic Product 14,933 (Orgs: 9,740)良好农业规范 China GAP 612 (Orgs: 600)服务认证 Service 581 (Orgs: 511)森林认证 Forest 121 (Orgs: 111)低碳认证 Low Carbon Product 16 (Orgs: 6)软件过程及能力成熟度评估 SPCA 13人员认证 persons QMS and EMS auditers 63,480注 Note:认证数量统计至 2017年6月底 Figures by 30 June 2017
Total: 1,078,90363,480
证实能力 传递信任
实验室及相关机构认可(含信息安全领域)Accreditation Schemes for Laboratory and Relevant Bodies
检测实验室 Testing Laboratories 7084校准实验室 Calibration Laboratories 966 医学实验室 Medical Laboratories 274实验室生物安全 Bio-safety of Laboratories 74能力验证计划提供者 Proficiency Testing Providers 57标准物质/标准样品生产者 Reference Material Producers 14
检验机构认可(含信息安全领域)Accreditation Schemes for Inspection Body 459
注 Note:认可数量统计至2017年7月底 Figures by 31 July 2017
实验室及相关机构认可Accreditation Schemes for Laboratory and Relevant Bodies
检测实验室 Testing Laboratories 7084
其中信息安全实验室 Information Security Laboratories 40-50
检验机构认可Accreditation Schemes for Inspection Body 459
其中信息安全检验机构 Information Security Inspection Body 50-60
证实能力 传递信任
认可准则 Accreditation Criteria
CNAS-CC01:2011 Requirements for bodies providing audit and certification of management system(identical to ISO/IEC17021:2011)《管理体系认证机构认可要求》
CNAS-CC02:2013 Requirements for Bodies Certifying Products, Processes and Services (identical to ISO/IEC 17065:2012) 《产品、过程和服务认证机构要求》
CNAS-CC03:2014 General requirements for bodies operating certification of persons (identical to ISO/IEC 17024:2012) 《人员认证机构通用要求》
证实能力 传递信任
认可准则 Accreditation Criteria
CNAS-CC17:2012 Requirements for information security
management system certification bodies
(identical to ISO/IEC27006:2011)《信息安全管理体系认证机构要求》
CNAS-CC18:2014 Requirements for food safety management system certification bodies(identical to ISO/TS22003:2013)《食品安全管理体系认证机构要求》
CNAS-CC51:2014 General requirements for software processand capability maturity assessment body
《软件过程及能力成熟度评估机构通用要求》
证实能力 传递信任
认可准则 Accreditation Criteria
CNAS-CL01:2006 Accreditation Criteria for the Competence of Testing and Calibration Laboratories(identical to ISO/IEC 17025:2005)《检测和校准实验室能力认可准则》
CNAS-CL02:2012 Accreditation Criteria for the Quality and Competence of Medical Laboratories(identical to ISO 15189:2012) 《医学实验室质量和能力认可准则》
CNAS-CL03:2010 Accreditation Criteria for Proficiency Testing Providers (identical to ISO /IEC17043:2010)《能力验证提供者认可准则》
证实能力 传递信任
认可准则 Accreditation Criteria
CNAS-CL04:2010 Accreditation Criteria for the Competence of Reference Material Producers (identical to ISO Guide 34 :2009) 《标准物质/标准样品生产者能力认可准则》
CNAS-CL05:2009 Accreditation Criteria for Laboratory Bio-Safety(identical to GB19489-2008)《实验室生物安全认可准则》
证实能力 传递信任
认可准则 Accreditation Criteria
CNAS—CI01:2012 Accreditation Criteria for the Competence of
Inspection Bodies
(identical to ISO/IEC 17020:2012)
《检验机构能力认可准则》
证实能力 传递信任
信息安全领域应用说明
CNAS—CL46:2013 Guidance on the Application of Testing and Calibration Laboratories Competence Accreditation Criteria in the Field of Information Security Testing
《检测和校准实验室能力认可准则在信息安全检测领域的应用说明》
证实能力 传递信任
开发新认可制度
Development of New Accreditation Programs
信息技术服务管理体系 IT Service Management System 供应链安全管理体系 Security Management Systems for Supply Chain温室气体审定核查 GHG Verification and Validation 低碳产品认证 Low Carbon Product Certification
证实能力 传递信任
4 支撑政府监管工作Supporting the Work of Regulators
CNAS为CNCA有关认证与检验检测的行政监管工作提供技术支撑
CNAS provides technical support to CNCA for relevant regulatory supervision on activities of certification, inspection and testing activities
有30余部法律、法规或行政规章等行政规定直接或间接涉及与认可相关的规定,涉及十多个政府部门的相关监管工作
More than 30 laws, regulations or administrative measures have provisions which directly or indirectly using accreditation as tool for demonstrating the competence of relevant CABs, related to the regulatory work of more than 10 governmental departments
证实能力 传递信任
5 国际合作International Activities
CNAS积极参加国际和区域认可组织活动
CNAS actively participates in the international and regional accreditation cooperation (IAF, ILAC, APLAC and PAC)
CNAS积极参加国际标准化组织合格评定委员会相关活动
CNAS actively participated in the relevant activities of ISO for conformity assessment (ISO/CASCO)
CNAS积极参加其他相关国际和区域组织活动
CNAS participated in relevant activities of other related international and regional organizations
证实能力 传递信任
JAS-ANZ Australia and New Zealand, JAB Japan, KAB Korea, KAN Indonesia, HKAS Hong Kong China, TAF Chinese Taipei, Uzstandard ,Uzbekistan, COFRAC France, DAkkS Germany, ESYD Greece, SAS Switzerland, ANAB USA, UKAS UK, RusAccreditation, Russia etc.
Cooperation between CNAS and Accreditation Bodies in countries relevant to ‘the New Silk Road Economic Belt and the 21st Century Maritime Silk Road initiative’ have been enhanced lately. Text of the Cooperation Agreement between CNAS and NCA have been finalized
On 2nd AUG 2017, CNAS and RusAccreditation signed the bilateral Cooperation Agreement in Shanghai.
开展双边国际合作Bilateral Cooperation
证实能力 传递信任
开展多边国际合作Multilateral Cooperation
1995.6 首批签署IAF谅解备忘录1998.1 首批签署IAF质量管理体系认证认可互认协议2004.10 签署了IAF环境管理体系认证认可互认协议2008.10 签署了IAF产品认证认可互认协议2014.10 签署了IAF全球良好农业规范认证认可互认协议2015.10 签署了IAF食品安全管理体系认可互认协议2016.12 签署了IAF信息安全管理体系认证认可互认协议
June 1995 Signed IAF Memorandum of Understanding (MOU)January 1998 Signed IAF Multilateral Recognition Arrangement (MLA) for QMSOctober 2004 Signed IAF Multilateral Recognition Arrangement (MLA) for EMSOctober 2008 Signed IAF Multilateral Recognition Arrangement (MLA) for ProductOctober 2014 Signed IAF Multilateral Recognition Arrangement (MLA) for Global GAPOctober 2015 Signed IAF Multilateral Recognition Arrangement (MLA) for FSMSDecember 2016 Signed IAF Multilateral Recognition Arrangement (MLA) for ISMS
证实能力 传递信任
1996.9 首批签署ILAC谅解备忘录(ILAC/MOU)2000.11 签署ILAC实验室(包括检测、校准)认可互认协议(ILAC/MRA)2012.10 首批签署ILAC检验机构认可互认协议(ILAC/MRA)
September 1995 Signed ILAC Memorandum of Understanding (MOU)November 2000 Signed ILAC Mutual Recognition Arrangement (MRA) for
Testing and Calibration October 2012 Signed ILAC Mutual Recognition Arrangement (MRA) for
Inspection
证实能力 传递信任
1995.4 首批签署 APLAC谅解备忘录1999.12 签署 APLAC实验室(包括检测和校准)互认协议2004.12 签署了APLAC检查机构互认协议2007.12 签署了APLAC标准物质/标准样品生产者(RMP)认可和医学实验室(ISO 15189)
认可相互承认协议2015.1 签署了APLAC能力验证提供者(PTP)认可相互承认协议
April 1995 Signed APLAC Memorandum of Understanding (MOU)December 1999 Signed APLAC Mutual Recognition Arrangement (MRA) for Testing
and CalibrationDecember 2004 Signed APLAC Mutual Recognition Arrangement (MRA) for InspectionDecember 2007 Signed APLAC Mutual Recognition Arrangement (MRA) for RMP and
Medical Laboratory (ISO 15189)January 2015 Signed APLAC Mutual Recognition Arrangement (MRA) for PTP
证实能力 传递信任
1995.7 首批签署PAC谅解备忘录(PAC/MOU)1998.1 首批签署PAC质量管理体系认证认可互认协议2004.7 签署了PAC环境管理体系认证认可互认协议2008.6 签署了 PAC产品认证认可互认协议2014.6 签署了PAC食品安全管理体系认可互认协议2016.6 签署了PAC信息安全管理体系认证认可互认协议
July 1995 Signed PAC Memorandum of Understanding (MOU)January 1998 Signed PAC Multilateral Recognition Arrangement (MLA) for QMSJuly 2004 Signed PAC Multilateral Recognition Arrangement (MLA) for EMSJune 2008 Signed PAC Multilateral Recognition Arrangement (MLA) for ProductJune 2014 Signed PAC Multilateral Recognition Arrangement (MLA) for FSMSJune 2016 Signed PAC Multilateral Recognition Arrangement (MLA) for ISMS
Thanks and Questions
