Apply

Certification Terms and Conditions

Below are the Terms and Conditions all Applicant / Certified Organization of the NIA Certification Service.

These Terms and Conditions shall come into full force and effect for the Applicant from the date on which a NIA Certification Service Request Form (NCSA-NISCF-CERT-NIA-RQTF) declaration’s is executed and sealed by the Applicant. These Terms and Conditions shall continue to be binding for the entirety of the Application and Certification lifecycles until they are either rejected, expired, withdrawn or terminated. 

  1.  Application Submission
    1. Upon the submission of an NIA Certification application request to NCSA, the organization submitting the application, herein referred to as “Applicant”, expressly consents to adhere to all the stipulated terms and conditions contained herein.
    2. Any Applicant seeking NIA Certification must submit to NCSA an application by ensuring the NIA Certification Request Form is completed in the prescribed format; and submitting the NIA Certification Service Request Form and any additional information and/or documents required.
    3. Where an application request submitted does not comply with the requirements, NCSA in its sole and absolute discretion, shall reject the application request and informs the Applicant thereof by written notice, specifying the reasons for rejecting the application request, including the outstanding information resulting in the application request not being accepted.
    4. NCSA shall commence the assessment of the application request (referred to NCSA-NISCF-CERT-NIA-RQTF) for all application requests upon receipt of duly signed Application Request Forms and the related information and/or documents required.
    5. The Applicant recognizes and acknowledges that the act of applying request does not guarantee the obtention of the NIA Certification and that the NIA Certificate of Compliance Award is dependent on a comprehensive assessment of the application request, an audit performed by an authorized NIA Accredited Auditor or NCSA and a decision to grant the NIA Certification by NCSA and the completion of all necessary administrative procedures.
  2. Documentation and Information
    1. The Applicant / Certified Organization is obligated to provide NCSA and the engaged NIA Accredited Auditor with precise and comprehensive documentation and information as necessitated by NCSA during the course of all audits and reviews (i.e., application request, maintenance, suspension, Special Audits or Re-Certification).
    2. The Applicant / Certified Organization agrees to cooperate fully with NCSA and the engaged NIA Accredited Auditor and provide any additional information or clarification as requested during the audits and reviews.
    3. Throughout the entire Certification Lifecycle, the Applicant / Certified Organization shall undertake the following obligations:
      1. Cooperate to the extent necessary to enable the engaged NIA Accredited Auditor to audit and NCSA to validate compliance with the NIA Certification requirements;
      2. Provide NCSA, its representatives and the engaged NIA Accredited Auditor access to the Applicant / Certified Organization / NIA Certification Subject personnel, information, documents, records and premises as necessary to verify fulfilment of requirements for NIA Certification; and
      3. Abstain from making inaccurate statements, such as asserting itself as Certified by NCSA (during application) or implying that NCSA has endorsed any product, process, service, management system, or individual.
    4. The Applicant / Certified Organization is hereby obligated to promptly and in writing notify NCSA of any material or significant changes to the application or the NIA Certification, which may impact the Applicant / Certified Organization adherence to these Terms and Conditions and all pertinent NIA Certification Requirements, or potentially affect the Applicant / Certified Organization capacity or extent to obtain or maintain the NIA Certification. Such changes encompass, but are not restricted to:
      1. Changes in the location(s) of the Applicant / Certified Organization / NIA Certification Subject or its contact details;
      2. Modifications in its legal, commercial, ownership, or organizational status;
      3. Changes related to the organization, upper management, and key personnel, including, but not limited to, Nominated Representatives (NRs) and authorized signatories;
      4. Impairment of the ability to adequately fulfill its scope of NIA Certification; 
      5. Changes to the scope of the Certified Information Security Management System, processes covered, information assets, or NIA controls applied; or
      6. Any issues that may influence the capacity to conform to the NIA Certification Requirements.
    5. The Applicant / Certified Organization shall comply with the NISCF’s relevant NIA Certification Policies, Standards and Process rules as defined and communicated by NCSA to the public or specifically to the Applicant / Certified Organization.
    6. The Applicant / Certified Organization shall inform NCSA immediately of any significant incident detected to allow it to assess the situation and its impact on the NIA Certification and if necessary take appropriate actions.
    7. Whenever applicable, the Applicant / Certified Organization shall pay due fees to NCSA on time. Audit fees that shall be performed by a NIA Accredited Auditor as part of the NIA Certification process are not included in NCSA fees.
    8. The Applicant / Certified Organization shall agree that it can be necessary to perform short-notice or unannounced audits (Special Audits). In such situations, NCSA will specify the conditions under which these Special Audits will be conducted and it is not possible to object to members of NCSA and / or the engaged NIA Accredited Auditor access required to perform the Special Audits.
    9. Where necessary, the Applicant / Certified Organization shall obtain and maintain all necessary licenses and consents and comply with all relevant legislation in relation to the use of the equipment and facilities and providing personal data of the Applicant / Certified Organization / NIA Certification subject to NCSA and / or the engaged NIA Accredited Auditor.
    10. In reference to the National Information Security Compliance Framework (NISCF) Programs, the Applicant / Certified Organization shall agree to the engaged NIA Accredited Auditor to attend the audits that may take place within the premises of the Applicant / Certified Organization / NIA Certification subject and that NCSA can have access to and view the evidence, upon request in relation to the NIA Certification request, maintenance, suspension, scope expansion, Re-Certification and changes affecting the scope of the NIA Certification and / or the NIA Audit Accreditation of the engaged NIA Accredited Auditor.
    11. The Applicant / Certified Organization shall ensure the security and safety of NCSA members during the performance of their duties within the perimeter of the Applicant / Certified Organization / NIA Certification subject.
    12. The Applicant / Certified Organization shall implement corrective actions in accordance with the timelines shared with NCSA and / or the engaged NIA Accredited Auditor and in a manner that ensures conformance with the defined timelines of the NIA Certification process detailed in the NISCF’s relevant NIA Certification Policies, Standards and Process rules.
    13. The Applicant / Certified Organization shall perform a review to ensure that corrective actions have been implemented and are effectively operating before the next NIA Certification Audit taking place or before the agreed-upon timeline with the engaged NIA Accredited Auditor when the corrective actions are to be implemented within the timeline of an NIA Audit.
  3. Termination 
    1. NCSA shall be entitled to terminate any audit, review or application in accordance with the NIA Certification Requirements in the event of:
      1. The Applicant / Certified Organization failure to adhere to the relevant NIA Certification’s Policy, Standards, Processes, Agreement in force or obligations stipulated in the terms and conditions;
      2. Lack of cooperation by the Applicant / Certified Organization and/or the deliberate employment of tactics that impede or obstruct access to the Applicant / Certified Organization / NIA Certification Subject information or documents, resulting in substantial hindrance or obstruction;
      3. In the event that substantive evidence of fraudulent conduct is identified, or should the Applicant / Certified Organization deliberately provide false information to, or withhold material information from NCSA and / or the NIA Accredited Auditor pertaining to its application request or Certification, its operational activities, or the fulfillment of NIA Certification prerequisites;
      4. The unavailability of key personnel or the Nominated Representatives (NRs) designated by the Applicant / Certified Organization; or
      5. The Applicant / Certified Organization being adjudged or found guilty of contravening legislation that has a direct bearing on its Certification, and / or the Applicant / Certified Organization formal written request for voluntary termination of the application request or Certification. 
  4. Certification Symbols 
    1. The use of Certification Symbols must be in strict compliance with the stipulated requirements and procedures as outlined in the Certification Symbols - Usage Policy (NCSA-NCGAA-NISCF-UPCS) in force.
    2. The Applicant / Certified Organization shall act and communicate about the NIA Certificate of Compliance as only limited to the audited approved scope (as specified in the NIA Certificate of Compliance).
    3. The Certified Organization shall not reproduce the NIA Certificate of Compliance without the prior written consent of NCSA. Neither the Certified Organization nor any third party is entitled to rely on any reproduction or copy of a NIA Certificate of Compliance for which the prior written consent of NCSA has not been obtained.
    4. The Certified Organization shall cease to use the NIA Certification symbols and market the organization as Certified by NCSA for the Certified scope as soon as the Certificate of Compliance is no longer valid (i.e., expires, is terminated or withdrawn).
    5. The scope of the NIA Certification is listed in English language. A translation into other languages can be provided upon request and only in good faith. In case of doubt or objection, only the English version of the Certificate is binding.
    6. Upon termination of the right to use the symbols and the Certificate of Compliance, the organization shall collect and destroy all Certificate copies and cease to advertise itself as Certified for the scope of the Certificate of Compliance.
  5. Duration 
    1. The Applicant / Certified Organization shall abide with the Terms and Conditions until:
      1. Its specified expiry date, as delineated in the Certification Policy, Standard and Agreement; or
      2. It is terminated in accordance with section C.
  6. Certification Lifecycle
    1. The Certification lifecycle shall be govern as stipulated in requirements and procedures as outlined in the NISCF Standard for Management Systems Certification (NCSA-NISCF-CERT-SMSC) in force.
    2. The Applicant / Certified Organization is obligated to promptly report any identified illegal activities to the relevant authorities in accordance with the applicable laws and regulations of the State of Qatar.
  7. Renewal of Certification
    1. The provisions outlined in sections A, B and C shall apply, 'with necessary modifications,' to the process of Re-Certification, subject to the following conditions:
      1. Re-Certification must be requested as per requirements outlined in the NISCF Standard for Management Systems Certification (NCSA-NISCF-CERT-SMSC) in force; and
      2. Re-Certification is contingent upon NCSA's review and the completion of a full audit of the scope, and any unresolved complaints against the Certified Organization, instances of Certification Requirements violations by the Certified Organization, misuse of the Certified Organization Symbol by the Certified Organization, and any concerns that have arisen during the Certification lifecycle regarding the compliance of the scope to NIA Certification requirements.
  8. Suspension, Reduction Expansion and Withdrawal of Certification
    1. All Suspensions, Scope Reductions, Scope Expansions, changes affecting the scope and Withdrawals of NIA Certification must be in strict compliance with the stipulated requirements and procedures as outlined in the NISCF Standard for Management Systems Certification (NCSA-NISCF-CERT-SMSC) in force. 
    2. These Terms and Conditions shall remain in force during the period of suspension in terms of this sections C to J.
    3. NCSA has the right to suspend or withdraw the NIA Certificate of Compliance, and therefore the right to use the symbols and the NIA Certificate of Compliance, if it subsequently becomes aware of situations or information that would have affected the audit and review of the NIA Certification process or its results.
  9. Termination of Terms and Conditions
    1. These Terms and Conditions shall remain in full force and effect for the duration of the Certification Lifecyle. Upon the withdrawal, expiry or termination Certification and the consequent termination of these Terms and Conditions:
      1. Clauses 4 , 5, 6, 10, to 12 of the signed NIA Certification Service Agreement shall endure and survive such termination; and
      2. All Certification fees accrued and outstanding, owed by the Applicant / Certified Organization to NCSA until the date of termination, shall become immediately due and payable. 
  10. Appeals and Complaints
    1. Any appeals and/or complaints must be submitted in strict compliance with the stipulated requirements and procedures as outlined in the NISCF General Appeals and Complaints Policy (NCSA-NISCF-GACP) and Appeals and Complaints Processes (NCSA-NISCF-ACPO) in force. 
  11. Fees and Terms of Business
    1. The Applicant / Certified Organization shall make payment for the stipulated and billed fees, as determined by NCSA, before the initiation of the audit of application request, the award of the Certification, its reinstatement or its renewal. 
    2. All fees must be paid to NCSA, within thirty (30) days from the billing of the fees.
    3. All fees are non-refundable, regardless of the outcomes.
    4. Exemptions from fees payable toward NCSA shall only be decided by NCSA and at the full discretion of NCSA.

Copyrights © 2019-2024