How we work

  • Scope of the Assurance System
  • General Process Requirements
  • Partial certification
  • Group Certification
  • Standard owner and certification body
  • Organizational structure and top management
  • Organizational structure and top management
  • Qualification Criteria and Competencies of XertifiX’ auditors
  • Qualification Criteria and Competencies of XertifiX’ auditors
  • Evaluation, Review and Certification decision
  • Certification documentation
  • Surveillance, Termination, suspension or withdrawal of certification
  • Records
  • Impartiality and balancing the risks to impartiality
  • Non-Discrimination / Confidentiality
  • Publicly available information
  • Complaints and appeals

SCROLL

Scope of the Assurance System

XertifiX has developed a natural stone standard, last revised in 2018, which covers the fields of human rights, health and safe work places, fair employment, environmental protection, and business ethics. This standard has been broken down into 6 phases, which need to be fulfilled one after the other (Annex 1). That way, the XertifiX system ensures, that the approach is realistic and that every producer can fulfil the standard step-by-step. If the certification criteria are met in all quarries and processing units in a supply chain, XertifiX certifies the natural stones from that supply chain. The port of shipping and the traders (exporters and importers) are not audited themselves, unless this is required by some external requirements.

General Process Requirements

XertifiX as a certification organisation refers with its auditing and certification activities only to the XertifiX standard and no other standard scheme. XertifiX has the certification criteria written down in the XertifiX standard, which is revised every five years. XertifiX requires customers to disclose all relevant information of the supply chains, so that audits can be conducted. Normally, this works in a step-by-step process that each stage of the supply chain discloses the previous stage so that finally the full supply chain is disclosed to XertifiX. The information given to XertifiX include information such as the type of production (e.g. hand cutting or machine cutting), outsourced activities, and the exact physical location. XertifiX checks the obtained information whether they are conclusive and that all resources for the auditing process are available. XertifiX takes only the cases, which can be fulfilled regarding auditors’ availability and the required knowledge of the products and processes. XertifiX informs the producers in advance what the auditing is about and what normative criteria are relevant for the auditing process.

Partial certification

Quarries and factories can only be certified as full entities. It is practically not possible that only some part of an output of a quarry or factory is certified, and other parts are not. The reason is, that otherwise it would later not be possible to decide whether the certified products had been produced e.g. with the machines with all necessary safety measures or e.g. by staff, which gets all rights fulfilled.

However, it is allowed or even encouraged that a licence taker (exporter or importer) registers with XertifiX only one or several supply chains and others not. This is meant to give the importer or the exporter the incentive to start with the certification process in the first place and maybe extend it later to more supply chains when desirable or necessary. In this sense, partial certification is possible and desirable. For all outsiders, it is always possible to distinguish the certified from the non-certified products, since the certified products are labelled with XertifiX certificates, which are unique and printed by the XertifiX office in Germany.

 

Group Certification

XertifiX does not allow group certification, since each supply chain is too vulnerable to allow an auditing coverage on random base (or risk base). The reason is due to the nature of the matter: the work in quarries and factories is so dangerous, for example because of the existence of dust (which can cause the deadly silicosis disease), that it needs to be regularly checked through the auditing process. Unannounced audits are especially relevant here to make sure that the workers are using the appropriate PPE and that dust is reduced e.g. by wet processing. That’s why XertifiX cannot allow group certification.

Standard owner and certification body

XertifiX is the scheme owner and the certification body, which commissions auditors to conduct the audits in the supply chains. As certification body, XertifiX fulfils all criteria of ISO 17065 (except chapter 8 Management System requirements). XertifiX is a legal entity and can be made legally responsible for its certification activities. It has control over ownership / use / display of the XertifiX certification labels and applies a penalty fee in case of misuse of the XertifiX certification labels. XertifiX signs an agreement with all licensees, which defines the rights and duties of all involved parties (XertifiX “Lizenznehmer-Vertrag”) including the following points:

  1. The licensee make all arrangements for evaluations, surveillance, and investigations of complaints;
  2. The information or claim of the licensee regarding the obtained certifications depends on the actual scope of the certification.;
  3. The licensee shall not bring XertifiX in dispute;
  4. After suspension/termination/withdrawal of the certification the licensee discontinues the usage of certification labels and stops marketing certified products;
  5. The licensee’s marketing should be in accordance with XertifiX’ requirements;
  6. The usage of the certification labels should be in accordance with XertifiX’s regulation (see the XertifiX licence contract);
  7. The certification documents should be copied in their entirety only
  8. The licensee keeps records of complaints and takes appropriate action and documents them
  9. The licensees inform XertifiX immediately in case of any changes (legal status; etc.)

Organizational structure and top management

XertifiX is an NGO, which has around 50 members and a board of presently seven members. The XertifiX board works honorarily, except the XertifiX CEO, who is XertifiX’s only full-time employee. Even though the organization as a whole is the certification body, strategic decisions are made by the board only. The XertifiX board is also responsible for the development of the organisation’s policies and of the certification requirements and related documents (as auditor manuals etc.) and decides upon the terms of reference. The XertifiX board also commiserates auditors, which are chosen according to specific auditor’s requirements (see next sections). The XertifiX board makes its decisions unanimously; if that is not possible (in very rare cases), decisions are made by majority voting.

Organizational structure and top management

The implementation of the policies, the coordination of the auditing activities, the audit reviews and the certification decisions, and the day-to-day-work is done by the XertifiX CEO. The XertifiX CEO is formally authorized to these activities through the XertifiX’s “Rules of Procedure for the CEO”. The XertifiX board supervises regularly the CEO’s activities and also the organisation’s finances. All personnel keep the information that has been obtained through the certification process confidential.

The XertifiX management – which is responsible for the auditing reviews, the certification decision, and the scheme’s and manual’s development – has a yearlong experience in the field and have attended several workshops and trainings. XertifiX has defined criteria for the auditors. XertifiX monitors the personnel by regularly checking the auditing processes. The XertifiX Board annually reports to the General Assembly.

XertifiX structures and manages the certification activities in a way that ensures impartiality: it has separated the audits from the review of the audit reports and the certification decision; it itself is not involved in any consulting activity; it is not very well acquainted with any personnel of the production plants; and a charging system has been developed that significantly reduces the risk of bias.

Qualification Criteria and Competencies of XertifiX’ auditors

The most important criteria for XertifiX auditors are their trustworthiness. XertifiX knows its auditing partners since a long time and they are also long-time partners of funding agencies or of European government agencies. Before XertifiX works with a new auditor, XertifiX needs to ensure by its reputation and by personal contact that this person fulfils the XertifiX’ main criteria of trustworthiness. The accreditation of its auditors by an independent party is therefore not possible nor necessary. XertifiX asks for a probationary period of 6 audits, where the new auditor is accompanied with a XertifiX representative or an experienced auditor who supervises the new auditor at the auditing process. XertifiX maintains a list of approved auditors.

Qualification Criteria and Competencies of XertifiX’ auditors

  • XertifiX requires its auditors to participate and complete successfully at least one “Social Systems Lead Auditor” training course (minimum five training days and the content being based on any kind of recognized social standard).
  • Before a new auditor starts his/her work for XertifiX, this person gets on-site training with quarry and factory audits from a XertifiX representative.
  • If logistically possible, auditors are also conducting regularly joint audits to ensure that all auditors work similarly.
  • XertifiX has developed an auditor’s manual, which gives the auditors objective criteria, how to check the standard criteria and how to assess their fulfilment.
  • On basis of this manual, a XertifiX representative gives the auditors at least every three years a theory training (half day) plus one on-site training in quarries and factories (two audits minimum). XertifiX expects their auditors to give feedback to XertifiX about new findings during the audits, so that they can be included into the auditor’s manual and/or the next XertifiX standard revision process.
  • As an ongoing evaluation, XertifiX participates on a regular basis the audits to keep track of the performances of its auditors. That’s why XertifiX does not see it as necessary to conduct further formal evaluations of its auditors, since through the ongoing supervision it has the best insight into the quality of their auditor’s performances.
  • In general, the participation of external stakeholders is not intended, but can be arranged, if the producer and the licence taker both agree.
  • In case of misbehaviour of an auditor, the case will be investigated by the committee, which is also active in the XertifiX complaint mechanism. In case of a grave misconduct such as corruption the auditor will be released immediately from his/her job and cannot continue with his/her audit service for XertifiX.

Evaluation, Review and Certification decision

XertifiX sets an auditing plan and assigns the different XertifiX auditors to conduct the audits. In case that an audit brings the result that there are non-conformities, this will be made explicit in the audit reports and the report summaries. The licensee receives the report summaries with the request to correct the non-conformities in a given timeframe. All audit reports are kept for at least 10 years in the digital XertifiX archive.

For XertifiX, the CEO reviews every audit report and is permanently in contact with the auditors in case of any unclarities. The CEO reads the reports into the XertifiX database and produces the summaries, which are then sent to the licensees. For XertifiX, the CEO makes the certification decision based on the evaluation result and informs the licensees and the auditors about the decision. This decision is made on an objective basis: The announced and unannounced audits give evidence about the conformities and the non-conformities with the XertifiX criteria in a certain production site of the supply chain. On this basis and the clear and transparent certification rules, about which criteria need to be fulfilled in which stage of certification year, the decision about the certification or the non-certification can be retraced for any internal or external observer in an objective manner.

Certification documentation

XertifiX gives a yearly certificate to the licensees, which contains all important relevant information: XertifiX’s name as the issuer of the certification, the name and address of the licensee, the information about the supplier, the stone name, the period of validity of the certificate and the date of the issuing of the certification. These certificates are signed by the XertifiX CEO, who is responsible for the audit reviews and the certification decision. XertifiX issues the certificates only, if the certification criteria are fulfilled. The licensee can maintain the certification only, if the suppliers improve the working conditions and environmental protection step-by-step according to the XertifiX’ certification plan.

Furthermore, the certified stones are marked with physical labels that are printed in the XertifiX office in Germany and sent to the factories in the production countries. The certification labels contain the XertifiX logo, the licensees name, the label ID number, the factory’s ID, and the date of printing. The suppliers are directed to keep a list about the usage of the labels. In this list, each individual certification label is assigned to the crates and/or container number for which it has been used. This list is sent to XertifiX on a regular basis (usually every six months). The mixture of certified and non-certified natural stones is strictly prohibited.

Surveillance

XertifiX instructs the auditors to check the usage of the labels in the factories. XertifiX makes random checks at the licensee’s stocks to examine the correct usage and the correct documentation of the labels’ usage by the licensees.

Changes affecting certification

If there are any changes in the XertifiX certification scheme, these changes are communicated in time to the licensees. In case of changes that require efforts on the supplier’s side to adapt to these changes, XertifiX gives the suppliers enough time (usually one year) to implement these changes.

Termination, suspension or withdrawal of certification

In case of a nonconformity in one production site, XertifiX gives time (maximum one year) to correct the non-conformities. This is communicated to the licensee with the request to inform the supplier immediately. Subsequently, the supplier needs to communicate as soon as the improvements have taken place. The improvements need to be verified with a new round of audits. If the improvements have not taken place in a given time, the certification is withdrawn for these production sites. In case of the withdrawal of the certification, the use of the certification labels is not authorised anymore and any kind of public advertisement regarding the XertifiX certification is interdicted.

Records

XertifiX keeps all records as audit reports, photo documents, etc. for at least ten years. In case of an external request, confidential information is handed over in a way that the confidentiality of the data continues to exist.

Impartiality and balancing the risks to impartiality

XertifiX undertakes its certification activities impartially and has no commercial, financial or other pressures to compromise its impartiality. XertifiX is itself not producing the certified products or offer any kind of consultancy. Even though one of XertifiX’s auditing partners is also offering licensees additional consultancy, this does not compromise XertifiX’s impartiality regarding certification decisions, since XertifiX makes sure, that the partner organization or the auditors are not involved directly in the decision-making process of certification. XertifiX makes sure that it is in no way asking licensees to engage consultancy by its partner organisations and that consultancy is only an additional service, which can be ordered without direct effect on the certification. XertifiX has no financial advantage, if some consultancy is given to licensees.

Impartiality and balancing the risks to impartiality

XertifiX is financed through the yearly licence fees that the licensees pay directly to XertifiX. XertifiX has established a mechanism, that significantly reduces the risk of partiality: The annual importer’s fee needs to be paid to XertifiX irrespective of a successful certification. Likewise, the audit fees are payable after the audits, regardless of the success of the audits. In this way, XertifiX ensures that there is no incentive for certification and reduces the risk of partiality.

Since most auditors keep auditing the same production sites over a longer time, there could be the remote risk to impartiality through over-familiarity with responsible staff at the supplier’s side, where the audits are conducted. That’s why XertifiX keeps accompanying the auditors regularly on a random base to check the detachment of the auditors from the suppliers. Furthermore, the audit results of the joint audits with XertifiX are always compared with the previous audit results and in case of any statistical outlier the matter is discussed and resolved with the auditors.

In case that XertifiX auditors are intimidated by any supplier they report this and XertifiX gives a report of the incident to its licensee. Consequently, the audits of this production site are immediately cancelled and cannot be revoked, not only to reduce the risk to impartiality, but even to protect the auditor’s well-being.

 

Non-Discrimination

The service and the certification, which XertifiX offers, is open to any kind of importer, as long as they follow the procedures and rules, fixed in the contract with all licensees.

Confidentiality

XertifiX makes sure through a legal binding in the licensee’s contract that all information obtained through the certification process are fully confidential and not shared with third parties. In the case that XertifiX is by the law required to share confidential information with third parties, XertifiX will inform the licensee accordingly. In the case that XertifiX gets confidential information through third parties other than through the direct interchange with the licensee’s suppliers, this information will be treated confidentially, too. XertifiX ensures its licensees that no confidential data will be given to any third party without the approval of the licensees themselves and that any communication with the media will be only on a general level. Concrete information with reference to specific details to the supply chains of a specific licensee are not disclosed.

Publicly available information

XertifiX shares all information about the certification scheme and the rules and requirements how to obtain the certification on its website. This includes information about the rules, when the certification needs to be withdrawn. XertifiX publishes on the website the yearly reports with the financial statement. The licensees’ contract, which can be downloaded from the XertifiX website, contains information about the rights and duties of applicants and licensees, including requirements or limitations on the use of XertifiX’ name and certification mark. XertifiX uses for all production sites internal codes, which are used to give externals information about the audits, when they have been conducted, and about the certification criteria that have been fulfilled in this supply chain. That way it can be retraced for an outsider whether the certified products have been audited and on what basis they have been certified.

Complaints and appeals

The effective resolution of complaints and appeals is an important means for the protection of XertifiX and the organisation’s trustworthiness. Confidence in XertifiX’s conformity assessment activities is safeguarded by way of an adequate complaints’ mechanism:

Any complaints and appeals shall first be tried to be solved between XertifiX and the complaining party. If that is not possible within 4 weeks, the XertifiX board transfers the case to an independent committee (three persons from different stakeholder groups such as civil society, business, unions), which handles the complaints on behalf of XertifiX. It is ensured that the committee has no conflict of interest with the specific complaint and appeals case. After the closure of the case, the appellant, the XertifiX members, and the XertifiX advisory board will be formally informed about the outcome. Anyone can ask XertifiX at any time about submitted complaints and appeals.

Liability / Financing

XertifiX works financially in a way that there are no liabilities that cannot be covered by the financial reserves from XertifiX or by the regular income.