+31 (0)73 - 220 2000 | info@brandcompliance.com
English
  • Dutch
  • English
  • Beglië
  • Dutch
  • English
  • Beglië
Brand Compliance
  • Certify
    • ISO 9001
    • ISO 22301 (BCM)
    • ISO 19770-1 (IT-assets)
    • ISO 27001
    • ISO 27017 and ISO 27018
    • BIO
    • ISO 27701 (Privacy)
    • NEN 7510
  • IT Assurance
    • SOC 2
  • Vacancies
  • Knowledge base
  • BC Academy
Contact
  • Information security
    • ISO 19770-1
    • ISO 27001
    • ISO 27017 and ISO 27018
    • ISO 27799
    • BIO
    • NEN 7510
    • SOC 2
    • ISAE 3402
  • Privacy
    • Whitepaper BC 5701
    • AVG standard BC 5701:2023 NL
    • GDPR standard BC 5701:2023 EN
    • GDPR standard BC 5701:2024 EN
    • BC 5701
    • ISO 27701
  • Quality
    • ISO 9001
    • ISO 14001
    • ISO 22301
  • Knowledge base
  • News
  • Academy
    • NIS2 training course
    • ISO 27001 training courses
    • BC 5701 training courses
  • About us
    • Start your certification journey
    • Accreditations
    • Compliment, complaint or tip
    • Privacy Statement
    • Vacancies
    • Contact

Certification process

10
  • Checklist certification
  • Do you have your first audit soon?
  • How long does ISO certification take?
  • What is a certification cycle?
  • Applying for a certification process
  • Initial audit Stage 1
  • Initial audit Stage 2
  • Nonconformities management system
  • Certificate suspended or revoked? This is how you solve it!
  • Transfer of certification

BC 5701

5
  • BC 5701 certification: where do you start?
  • Your record of processing activities and the GDPR
  • Your Data Protection Officer and the GDPR
  • Checklist for your BC 5701 certification
  • Data breach: What is it and how do you prevent it?

General

9
  • SOC 2 or ISAE 3402: which report suits your organization?
  • The Traffic Light Protocol (TLP): what does it mean for you?
  • The Brand Compliance glossary
  • What is a management system?
  • Internal or external audit?
  • Find out more about internal audits
  • Tips to describe a proper scope
  • Accreditation versus certification
  • The use of certification logos

ISO 27001:2022

3
  • Operational Capabilities: The Backbone of Information Security
  • ISO 27001:2022 – FAQ transition
  • ISO 27001:2022 – Transition process

Whitepapers

2
  • Whitepaper management system audits
  • Whitepaper GDPR Certification Standard and Criteria BC 5701

Best practices

3
  • Mastering GDPR compliance: best practices
  • Excelling in information security: best practices
  • Quality Management: best practices for success

NEN 7510

4
  • Transition to NEN 7510-1:2024
  • NEN 7510 without healthcare institution?
  • How to expand with NEN 7510
  • The differences between ISO 27001 and NEN 7510

NIS2 Directive

2
  • NIS2 liability
  • NIS2 & the Belgian CyberFundamentals
View Categories

The Brand Compliance glossary

3 min. leestijd

GlossaryIn the world of certifications, there are a lot of specific words and concepts that are not often used in daily life. What do they all mean? We can imagine that it makes you dizzy! That is why we have compiled this glossary. We provide a brief explanation for each term.

Accreditation
An accreditation is an independent confirmation by a competent authority about the expertise, impartiality and independence of a conformity assessment body (CAB) – see below for explanation CAB.

Audit
A process of examining to obtain objective evidence and objectively assessing this evidence to determine the extent to which the requirements of a particular standard are met.

Audit findings
The outcomes resulting from the assessment of the collected evidence from the audit, based on the audit criteria.

Audit conclusion
Final result of an audit after considering the audit objectives and all audit findings.

Audit criteria
The set of policies and procedures against which evidence is tested.

Audit cycle
An audit cycle concerns the validity period of a certification. A new certification starts with an initial audit (consisting of 2 stages). The following 2 years, an annual surveillance audit takes place, followed by a recertification, in which it is determined whether the certification can be maintained. When that is the case, a new audit cycle unfolds: another 2 years of a surveillance audit and then recertification. Etcetera.

Auditee
The organization where the audit is performed.

Audit plan
The planning of the activities performed during the audit.

Audit programme
The set of audits scheduled in a specified period to grant and maintain a certification during the audit cycle.

Audit team
One or more Brand Compliance auditors performing the audit. The audit team can be supported by technical experts.

Certification
A certification in a independent confirmation by a conformity assessment body (CAB) that products, management systems or persons meet specific requirements.

Conformity
Meeting a requirement (of a standard). Conformity assessment is the process of demonstrating whether the established requirements for a product, process, service, system, person or body have been met.

Conformity Assessment Body (CAB)
A CAB is a body that carries out conformity assessment activities. There are different forms of conformity assessment, for example testing, certification and inspection. Certification is therefore one of the forms of conformity assessment.

Correction
Action based on a determined nonconformity. By means of a correction, what has gone wrong (in the past) is restored.

Corrective action
Action based on a determined nonconformity. In order to prevent a recurrence of a nonconformity, so-called ‘corrective actions’ must be taken in which the established cause, which underlies the nonconformity, is removed.

Documented information
Information that an organization must manage and maintain and the medium in which this information is recorded.

Guide
A person designated by the auditee to guide the audit team throughout the day.

(Lead) auditor
The Brand Compliance employee who performs the audit. The Lead Auditor is the main responsible when there is a team of several auditors.

Management system
All parts of an organization needed to establish policies and objectives along with the processes required to achieve those objectives. Continuous improvement is central to a management system, the so-called PDCA (Plan, Do, Check, Act) cycle.

Measurement
An established process (method) to determine a particular value.

Monitor
Determining the operation of a system, process, service or activity.

Nonconformity
An auditor, employee or customer can determine a nonconformity if a requirement from the standard to be certified is not met. A nonconformity must be resolved in order to proceed with certification. There are 2 levels of nonconformities: a major nonconformity and a minor nonconformity.

Normative
This determines how something should be in terms of rules and guidelines, and contains/ forms/ creates a norm. It can serve as a reference to check whether the rules/ norms are complied with or followed in a specific case. It provides clarity about what is and is not acceptable. It sets a standard.

Objective
A predetermined result to be achieved.

Objective evidence
Data that substantiate the existence or truth of something.

Observer
A person who accompanies the audit team, but does not formally act as an auditor. For example, an auditor in training who may perform parts of the audit under the supervision of the Lead Auditor.

Precautionary action
An action taken to prevent the cause of a possible future nonconformity.

Process
All activities that are deployed or used to deliver an intended result.

Scope
A scope is an activity/operation for which an organization is or wants to be certified.

Technical expert
A Brand Compliance employee who adds specific knowledge or expertise to the audit team, without acting as an auditor.

Verification
Confirmation that specified requirements have been met by providing objective evidence.

 

Hopefully our glossary has made you wiser or cleared things up for you. Do you still have questions or are you missing terms in the list? Please feel free to contact us.

Share This Article :
  • Facebook
  • X
  • LinkedIn
Updated on 25 February 2025
The Traffic Light Protocol (TLP): what does it mean for you?What is a management system?

Accreditation

RvA C548Brand Compliance B.V. has accreditation (C548) to certify ISO 27001, ISO 27701 NEN 7510 and ISO 9001 scope 33 information technology and 35 other services.

Brand Compliance B.V.

Hambakenwetering 8D2
5231 DC ‘s-Hertogenbosch

+31 (0)73 220 2000
info@brandcompliance.com

Chamber of Commerce nr.: 32101659
VAT nr.: NL8130.78.854.B01

Brand Compliance Belgie B.V.

Uitbreidingstraat 66
2600 Berchem (Antwerpen)

+32 (0)14 48 0730
be-info@brandcompliance.com

VAT nr.: BE0735.675.516

Brand Compliance Nordics AB

Vasagatan 16 2 TR
111 20 Stockholm

+31 (0)73 220 2015
info@brandcompliance.com

Org.nr: 559238-1387

© Copyright 2025 Brand Compliance