Frequently Asked Questions

For a first-time (initial) certification, the typical timeline is 3–6 months from application to certificate, depending on the size and complexity of your organisation and the readiness of your management system. The process has two stages: Stage 1 (document review and readiness assessment, usually 1–2 days on-site or remote) and Stage 2 (full implementation audit, typically 1–5 days depending on your organisation size calculated per IAF MD 5:2023). After both stages, CAS conducts an independent technical review before issuing the certificate.

Stage 1 (Readiness Assessment) reviews your documentation, confirms the scope of certification, and checks whether your management system is ready for Stage 2. It identifies any gaps that must be addressed before the full audit.

Stage 2 (Certification Audit) is the full on-site audit that evaluates whether your management system is effectively implemented and meets all requirements of the standard. Nonconformities identified must be corrected before the certificate is issued.

Audit time is calculated in accordance with IAF Mandatory Document MD 5:2023 (for ISO 9001, 14001, 45001 and other ISO management system standards). The calculation is based on: the effective number of personnel in scope, the complexity/risk category of your activities, the number of sites, and any applicable adjustments for integrated management systems. CAS provides the full audit time calculation with your formal proposal.

Yes. CAS conducts integrated audits covering multiple ISO management system standards simultaneously, in accordance with IAF MD 11:2023. Combined audits reduce total audit time by up to 20% and are ideal for organisations implementing ISO 9001 + ISO 14001 + ISO 45001 (an Integrated Management System — IMS). You receive separate certificates for each standard.

After a successful Stage 2 audit, the audit findings are independently reviewed by a CAS technical reviewer who was not involved in the audit. If the review is satisfactory, CAS issues the certificate (valid for 3 years). The certificate includes a unique QR code for online verification. Annual surveillance audits (Year 1 and Year 2) maintain the certificate, and a full recertification audit occurs in Year 3.

A surveillance audit is a shorter, targeted audit conducted annually (typically in Years 1 and 2 of the 3-year certification cycle). It verifies that your management system continues to meet the requirements of the standard and that previously identified nonconformities have been addressed. Surveillance audits are usually 1–2 days depending on your organisation size.

A nonconformity (NC) is a finding where your organisation has not met a specific requirement of the standard. Minor NCs require a documented corrective action plan submitted within a defined timeframe. Major NCs require evidence of correction before the certificate can be issued. CAS auditors clearly explain each NC and support your team in understanding the root cause and required correction.

Yes. CAS is accredited by the Egyptian Accreditation Council (EGAC) under ISO/IEC 17021-1:2015 as a Management System Certification Body (CAB #012418 B). EGAC is a signatory to the IAF Multilateral Recognition Arrangement (MLA), which means CAS certificates are recognised in all IAF MLA member countries — over 100 countries worldwide. CAS is also registered with the Egyptian Organization for Standardization (EOS) as CB174.

The IAF (International Accreditation Forum) Multilateral Recognition Arrangement (MLA) is a network of accreditation bodies from 100+ countries that mutually recognise each other's accreditations. Because EGAC is an IAF MLA signatory, a CAS certificate issued under EGAC accreditation is accepted as equivalent to certificates issued by certification bodies in any IAF MLA member country — including the EU, UK, USA, GCC, and Southeast Asia. This eliminates the need for multiple certifications in different countries.

Yes. Every CAS certificate includes a unique QR code. Scanning it (or visiting cas.com.eg/certsearch/) allows instant online verification of the certificate number, scope, standard, and validity dates. CAS certificates can also be verified on the IAF CertSearch database at iafcertsearch.org.

CAS's EGAC accreditation covers all 32 IAF industry sectors (NACE codes) across the full scope of ISO 9001, ISO 14001, ISO 45001, ISO 22000, and ISO 50001. This includes manufacturing, construction, food and beverage, chemicals, healthcare, information technology, education, transport, and more. Contact us to confirm coverage for your specific sector.

Amendment 1:2024 (Climate action changes) was published in February 2024 and applies to ISO 9001:2015 and 10 other ISO management system standards. It adds two requirements: (1) §4.1 — The organisation shall determine whether climate change is a relevant issue. (2) §4.2 — A new NOTE stating that relevant interested parties can have requirements related to climate change. CAS incorporates these requirements into all certification audits effective immediately.

ISO 21001:2025 is the Second Edition (published July 2025) and cancels/replaces ISO 21001:2025. The main change is that assessment-related text has been revised to reflect current best practices in educational assessment. Organisations certified to ISO 21001:2025 should plan transition audits to the 2025 edition. CAS can advise on transition timelines.

ISO 37001:2025 is the Second Edition (published February 2025), replacing ISO 37001:2025 (2nd Edition, February 2025). Key changes: (1) Climate change subclauses added. (2) Compliance culture requirements strengthened. (3) Conflicts of interest explicitly addressed. (4) The anti-bribery function concept clarified. (5) Updated to the latest ISO Harmonized Structure. All new certifications are now to the 2025 edition.

ISO 55001:2024 is the Second Edition (published July 2024), replacing ISO 55001:2024. Key changes: (1) Adoption of ISO Harmonized Structure for easier integration with other ISO standards. (2) New subclauses on the Strategic Asset Management Plan (SAMP) and asset knowledge management. (3) Lifecycle management explicitly included in operational planning. (4) Clear distinction between addressing risk vs. opportunities. (5) "Preventive action" renamed to "predictive action" (§10.3). (6) Stronger leadership requirements.

ISO 28000:2022 is the current Second Edition (March 2022), published by ISO/TC 292 (Security and resilience). It cancels and replaces ISO 28001:2007 (Supply Chain Security). The 2022 edition adopts the PDCA management system model, adds alignment with ISO 31000 (risk management) in Clause 4, and strengthens Clause 8 with security strategies, security plans including response and recovery structures aligned with ISO 22301 (business continuity). CAS offers certification against both standards — the 2007 edition for existing certificates, and the 2022 edition for new certifications.

ISO 37001 addresses anti-bribery management systems specifically. ISO 37301:2021 is broader — it covers all types of compliance obligations including legal, regulatory, contractual, and ethical requirements across the whole organisation. ISO 37301:2021 replaced ISO 19600:2014, making compliance management certifiable for the first time. CAS audits ISO 37301 per ISO/IEC TS 17021-13:2021.

CAS is the exclusive Egypt partner of the Global Halal Control Office (GHCO). Our GHCO Halal certificate covers four standards simultaneously: (1) OIC/SMIIC 1:2019 — the standard of the Standards and Metrology Institute for Islamic Countries, adopted across 57 OIC member states. (2) GSO 2055-1:2015 — Gulf Standardization Organization, required for GCC market access. (3) UAE.S 2055-1:2015 — UAE National Standard, required for UAE imports. (4) BPJBH Decree Nr. 20 of 2023 — Indonesian BPJPH regulations for Indonesia market access.

GHCO Halal certification through CAS covers: Food and beverages (all categories), Meat and poultry (Zabiha/Halal slaughter verification), Cosmetics and personal care products, Pharmaceuticals and dietary supplements, Food ingredients and additives, and Logistics/cold chain operations storing or transporting Halal products.

CAS is the exclusive North Africa partner of KCJ — Kosher Certification Jerusalem, operating since 1989. The KCJ Kosher certificate is recognised by kosher-observant consumers and buyers in Israel, the USA, Europe, and worldwide. It covers Pareve, Meat (Fleishig), Dairy (Milchig), and Passover designations as applicable to your products.

The GHCO Halal certification process typically takes 4–8 weeks from application to certificate, depending on the complexity of your product range and number of ingredients requiring review. The process: (1) Ingredient review and supplier declarations, (2) Site audit by a GHCO-qualified auditor, (3) GHCO technical approval, (4) Certificate issuance. Certificates are valid for 12 months with annual renewal.

SA8000:2026 is the current edition (published January 2026) of the world's leading social accountability standard, developed by Social Accountability International (SAI). It covers nine elements: child labour, forced labour, health & safety, freedom of association, discrimination, disciplinary practices, working hours, remuneration, and management systems. SA8000 certification is required or preferred by many international brands for their supplier factories and is applicable to any organisation regardless of size, sector, or location.

SA8000 is a certification standard — your organisation receives a 3-year certificate and is listed in SAI's public Certified Facilities Database. SMETA is an audit methodology (not a certification) — it produces an assessment report shared on the Sedex platform, with no pass/fail certificate. Both evaluate social accountability, but SA8000 requires formal corrective actions and involves ongoing surveillance, while SMETA is used for buyer supply chain visibility and transparency.

SMETA 7.0 (published August 2024) is the current version of the Sedex Members Ethical Trade Audit methodology. Key changes: (1) Issue titles were refined with fixed criticality levels (Critical, Major, Minor). (2) New "Collaborative Action Required (CAR)" finding type for systemic issues that require buyer-level intervention (e.g. living wage, freedom of association in restricted environments). (3) Enhanced focus on identifying root causes of non-compliances rather than just documenting them.

CAR is a new finding type introduced in SMETA 7.0. It identifies systemic issues where the supplier facility alone cannot remediate without support from buyers, brands, or other stakeholders in the supply chain — for example, living wages, freedom of association where legally restricted by national law, or structural working hours issues. A CAR finding triggers buyer engagement rather than solely supplier corrective action.

For brands that are SLCP signatories (including H&M, Levi's, PVH, Patagonia, and 200+ others), the SLCP Converged Assessment Framework (CAF) data can replace SMETA audit reports. However, some brands require SMETA specifically, and SLCP is a data collection tool rather than an audit — not a certificate or pass/fail assessment. CAS advises on which is required based on your specific buyer requirements.

CAS certificates can be verified in two ways: (1) Scan the QR code printed on the physical or digital certificate — it links directly to the CAS CertSearch portal. (2) Visit cas.com.eg/certsearch/ and enter the certificate number. The system confirms the certificate number, certified organisation, standard, scope, issue date, and expiry date in real time.

Yes. CAS certificates issued under EGAC accreditation can be verified on the IAF CertSearch database at iafcertsearch.org. This global database lists certificates from all IAF MLA-accredited certification bodies worldwide, confirming the validity and accreditation status of the certificate.

Every CAS certificate shows: Organisation name and registered address, Scope of certification (activities/products/services covered), Applicable standard and edition (e.g. ISO 9001:2015 + Amd.1:2024), Certificate number, Date of initial certification, Date of issue, Expiry date, Audit cycle (surveillance/recertification schedule), CAS accreditation mark (EGAC), IAF MLA mark, and a unique QR code for online verification.

If you believe a certificate is fraudulent, has been misused, or is presented after its expiry date, please contact CAS immediately at info@cas.com.eg or via our Complaints & Appeals form. You can also file a complaint directly through the CAS CertSearch system. CAS will investigate all reports and take appropriate action in accordance with ISO/IEC 17021-1:2015 §9.8.

CAS certification costs are calculated based on audit time, which is determined per IAF MD 5:2023 (for ISO management system certifications). The main factors are: effective number of personnel in scope, complexity/risk category of your activities and sector, number of sites, and any applicable discounts for integrated management systems. CAS provides a fully transparent, fixed-cost proposal within 2 business days of receiving your application.

No. CAS proposals are fixed-cost and include all audit fees for the initial certification (Stage 1 + Stage 2 audits), the certificate issuance fee, and the first-year surveillance audit fee. The only potential additional costs are: travel and accommodation if your site is outside our standard coverage area, and any additional audit time if your scope significantly changes.

Certification is on a 3-year cycle with annual fees. Year 1: Stage 1 + Stage 2 (initial certification). Year 1 surveillance audit. Year 2: Surveillance audit. Year 3: Recertification audit (renewal). CAS provides a full 3-year cost schedule with the initial proposal so you can plan your certification budget accurately.

Yes. Integrated Management System (IMS) audits covering multiple standards simultaneously (per IAF MD 11:2023) can reduce total audit time by up to 20%. This is particularly relevant for ISO 9001 + ISO 14001 + ISO 45001 combinations. CAS calculates combined audit time using the IAF MD 11 formula and reflects the saving in the proposal.