1. General descriptive information
2. Organization information
Indicate the total number of sites including the head office, please.
FTE = Full-Time Equivalent
3. Certification information
Please provide a description of the processes, infrastructure, operations, human and technical resources, functions and organizational relationships (eg organization chart) that will be included in the scope of the certification. If the information is too much to fit in the encoding field, please check the box "I want to attach files" and add up to 5 files maximum to document your declaration.
Add here a maximum of 5 files describing your organization (maximum size per file 2MB).
4. Information on the certification / qualification program
Select a type of certification scheme to be audited on. Certi-Trust is accredited on several certification / qualification schemes in France and Luxembourg. Check the program that best suits your expectations.
Indicate on which PSDC program your organization wishes to be certified.
Please indicate here which processes or areas of your organization you would like to see certified. If your organization opts for integrated certification (e.g. ISO 27001 & HDS or ISO 27001 & PSDC or even ISO 9001 & ISO 14001, etc.), please also indicate whether the certification scopes are the same or separate and, in this case , to what extent (the appendices at the end of the form make it possible to formalize this possible distinction).
Please indicate here the clauses of Annex A of ISO 27001 that you wish to exclude from the scope as well as the justification for these exclusions.
5. Technical appendices by certification or qualification scheme
The appendices appear below only according to the certification schemes that you have previously selected.
NB: It is not allowed to select certification or qualification schemes in different accreditation scopes (Management Systems AND Products/Services, for example). These requests must necessarily be the subject of separate quotes.
Annex A - Information Security Management System (ISO 27001)
This appendix must be completed if you have selected "ISO 27001" among the possible certification choices for your organization.
ISMS - Organizational & business aspects
NB: In the following sections, you can choose only one answer among those proposed below. If you feel that more than one answer may be applicable, always choose the one above that represents the highest level of exposure or impact for your organization.
ISMS - Technological and infrastructure aspects
NB: In the following sections, you can choose only one answer among those proposed below. If you feel that more than one answer may be applicable, always choose the one above that represents the highest level of exposure or impact for your organization.
Annex B - Quality Management System (ISO 9001)
This appendix must be completed if you have selected "ISO 9001" among the possible certification choices for your organization.
Annexe C - Système de Management de l'Environnement (ISO 14001)
This appendix must be completed if you have selected "ISO 14001" among the possible certification choices for your organization.
If you also checked "ISO 9001" and completed the previous questionnaire, select the option "My organization has already answered questions relating to ISO 9001 certification".
Appendix D - Health Data Host (HDS - aka "Hébergeur de données de santé)
This appendix must be completed if you have selected "HDS" among the possible certification choices for your organization.
If you have also checked "ISO 27001" and completed the previous questionnaire, select the option "My organization has already answered questions relating to ISO 27001 certification".
Annex F - Multi-site organization
This appendix serves to refine our understanding of the organizational mode that is implemented within your organization on its various sites of activity.