(1) The examiner may request the following details while examining the performance of the certifying body:-
(a) Details of all work done by the certifying body throughout the year,
(b) details of certificates issued by the certifying body throughout the year,
(c) Matters related to the monitoring and evaluation done by the certifying body in relation to the work mentioned in the certificate issued in accordance with clause (b),
(d) Details of the amount received by the certifying body for issuing certificates throughout the year.
(2) After receiving the details in accordance with sub-rule (1), the examiner shall adopt the following procedure while examining the performance of the certifying body:-
(a) to observe the security measures adopted by the certifying body to protect its electronic records,
(b) Observing physical security methods for materials associated with electronic records,
(c) to assess the quality of information technology being used by the certifying body,
(d) To test the service provided to the customer by the certifying body,
(e) analyzing the overall certification practices of the certification body,
(f) To assess whether the terms of agreements and agreements concluded between the client or other related parties and the certifying body have been complied with,
(G) To assess whether the instructions given by the controller from time to time and the conditions mentioned in the license have been complied with according to the prevailing law.
(3) The examiner shall make an assessment according to sub-rule (2) and submit the report to the controller within three months from the date of commencement of work.
(4) In addition to other things, the report as per sub-rule (3) should contain the following things:-
(a) Defects observed during the year of performance of the certifying body which he has examined,
(b) the manner in which any further direction is to be given to the certifying body,
(c) Actions to be taken against the certifying body, if any.