SYSTEM CERTIFICATION

• Quality Management System Certification

The ISO9000 standard is a scientific summary of the practical experience of quality management in the world's economically developed countries, which is suitable for organizations of various types and different scales that provide different products. The establishment, implementation, maintenance and continuous improvement of the quality management system in accordance with the requirements of the quality management system standards will effectively enhance the management level of the organization, enhance customer satisfaction and enhance market competitiveness.

• Environmental Management System Certification

Guide the organization to establish a self-restraint mechanism of environmental management according to the PDCA model, handle the relationship between its own development and environmental protection, constantly improve environmental performance and the organization's environmental behavior, carry out effective pollution prevention, and finally realize the healthy development of the organization. ISO 14001 requires organizations to support environmental protection, pollution prevention and continuous improvement by establishing an environmental management system.

• Occupational Health and Safety Management System Certification

ISO 45001 reflects the systematic safety thought in modern safety science theory. It reduces work-related accidents, reduces occupational hazards, improves working conditions through systematic prevention and management mechanism, embodies people-oriented and arouses the enthusiasm of employees. The effective control of various occupational health and safety risks is also a powerful weapon to eliminate non-tariff trade barriers related to labor safety in international trade.

• Food Safety Certification

HACCP is used in the process from primary production to final consumption to ensure food safety by identifying and evaluating specific hazards and their control measures. ISO 22000 applies the HACCP principle as a method to the entire system; defines hazard analysis as the core of safe food implementation planning, harmonizes the global implementation of the food safety hazard analysis and Critical Control Point (HACCP) system management standards, ensuring that it does not vary by country or food involved.

• Energy Management System Certification

Energy Management System draws on the successful model of quality management system and environmental management system according to GB/T23331 and ISO 50001, combines the characteristics and special requirements of energy management, and provides an effective energy management tool for all kinds of organizations to carry out energy management work. It emphasizes the standardization of various energy management systems and measures, pays attention to the identification and use of appropriate energy-saving technologies and methods as well as the best energy management practices and experience, and achieves the purpose of energy conservation and emission reduction.

• Information Technology Service Management System Certification

ISO/IEC 20000 is the world's first international standard for information technology service management, which defines a set of comprehensive and closely related service management processes. The standard represents the basis for widely recognized principles for evaluating IT service management processes. IT applies to service providers and external service providers, as well as internal IT departments.

• Information Security Management System Certification

ISO/IEC 27001 is the most widely used and typical information security management standard in the world. Its purpose is to effectively protect information resources and protect the healthy, orderly and sustainable development of the information process. From the perspective of prevention and control, information security management system can ensure the security and normal operation of the organization's information system and business.

• Asset Management System Certification

GB/T 33173-2016/ISO 55001:2014 "Asset Management System Requirements" was officially implemented on May 1, 2017. Asset management system is used to guide, coordinate and control asset management activities, which can strengthen risk control and achieve asset management objectives, and have a positive impact on helping organizations successfully manage assets, improve customer service level, enhance customer satisfaction, effectively reduce equipment costs, and enhance market competitiveness and so on.

• Road Traffic Safety Management System Certification

Road Traffic Safety is a global concern. The implementation of road traffic safety management system by relevant organizations can help organizations re-examine the relationship between themselves and road traffic safety, strengthen safety management, and effectively reduce road traffic safety risks in a systematic way. ISO39001 is a unified operating standard developed by ISO for the road traffic industry. Its scope involves road traffic regulators, passenger transport companies, freight companies and supermarkets, schools and other road traffic safety related organizations.

• Business Continuity Management System Certification

The concept of "business continuity" is derived from the "disaster recovery" and "recovery plan" in computer technology, and is an indicator of the continuous operation of the whole or part of the process of an organization. After years of development, "business continuity" has been widely used in production and service organizations of all sizes, and has further developed into "ISO 22301 Business Connectivity Management System" (BCMS), which has become the core part of the overall management system of each organization.

• Supply Chain Security Management System Certification

ISO 28000 Supply Chain Security Management focuses on the security of enterprise logistics, information flow and capital flow, and the operation of supply chain security management system helps to improve the level of supply chain security management and provide customers with safe, convenient and accurate services. In the fierce market competition, reducing risks, providing safe and timely services, and enhancing customer trust and satisfaction are key factors for enterprise development. In today's economic globalization, all of the world's top 500 enterprises take global supply chain strategy as their core strategy.

• HSE Management System Certification

Health, Safety, and Environment (HSE) management is a global concern that has aroused great attention in the world. Because of China's sustained rapid economic growth, economic prosperity has also promoted the rapid development of the petroleum and petrochemical industry. With the innovation of petroleum development, refining and chemical production, the active implementation of HSE management system by relevant organizations can help organizations re-examine the relationship between their own development and health, safety and environment, strengthen system management, and effectively reduce safety risks in a systematic way.

• Good Manufacturing Practice of Cosmetic

ISO 22716 Good Manufacturing Practice of Cosmetic Products (GMPC) is a product hygiene and quality management system related to the cosmetic industry, which ensures that products are produced and controlled in accordance with quality standards. The GMPC aims to minimize risks associated with the production of cosmetic products that cannot be eliminated through inspection of the final product.

• Intellectual Property Management System Certification

To promote the national standards for the Management of Intellectual Property in Enterprises (GB/T 29490-2013), the Management of Intellectual Property in Institutions of Higher Learning (GB/T 33251-2016) and the Management of Intellectual Property in Scientific Research Organizations (GB/T 33250-2016), and strengthen the construction of the Intellectual Property Management System for innovation entities, is an effective means to continuously improve intellectual property capabilities and enhance core competitiveness.

• Cloud Service Information Security Management System Certification

The ISO/IEC 27017 standard is used in conjunction with the ISO/IEC 27001 family of standards to provide cloud service providers and cloud service customers with information security control over cloud service processes. ISO/IEC 27017 clarifies the roles and responsibilities of both cloud service providers and cloud service customers in helping to ensure that cloud services are secure and reliable.

• Protecting PII in Public Clouds

ISO/IEC 27018, also known as "Cloud Privacy Protection Certification", is an international standard certification developed by the British Standards Institute (BSI), mainly for cloud service providers to protect the security of personal data in the cloud. It aims to provide a code of practice for cloud personally identifiable information processors to protect personally identifiable information (PII) in the public cloud from infringement. It is the most authoritative, the most stringent, and the most widely accepted and applied information security system certification in the world.

• Privacy Information Management System Certification

The Privacy Information Management System standard is an extension of ISO/IEC 27001 and ISO/IEC 27002 in management, and its objective is to enhance the existing information security management system (ISMS) through new requirements in order to establish, implement, maintain and continuously improve the privacy information management system (PIMS). The standard outlines the framework applicable to Personally Identifiable Information (PII) controllers and PII processors for the management of privacy controls to mitigate various risks to personal privacy.

• Compliance Management System Certification

ISO 37301 sets out the requirements for organizations to establish, operate, maintain and improve a compliance management system and provides guidelines for its use, applicable to organizations of any type, size, nature and industry worldwide. ISO 37301 can be applied in at least four ways:

1. As the basis for self-declaration of various organizations;

2. As the basis for certification bodies to carry out certification;

3. As the basis for government supervision;

4. As the basis for judicial organs to sentence and supervise and accept enterprises that violate the rules.

• Enterprise Integrity Management System Certification

The Enterprise Integrity Management System focuses on the improvement of the enterprise's own level. By guiding the enterprise to enhance its sense of social responsibility, identify the integrity elements in all links of production and business activities, strengthen integrity self-discipline, and constantly improve the ability to meet the requirements of customers and other stakeholders, it can achieve sustainable and healthy development of the enterprise, and then achieve the purpose of continuously improving the integrity management level of the enterprise.

• Brand Certification

According to GB/T 27925-2011 "Commercial Enterprise Brand Evaluation and Corporate Culture Construction Guide", brand certification reviews the service ability, quality, reputation, corporate culture, impact and other aspects of the enterprise brand, and evaluates its service level.

• Medical Device Quality Management System

ISO13485 is a special standard for medical devices based on ISO9001, the main purpose of which is to facilitate the implementation of the regulatory requirements of a coordinated quality management system. All requirements of ISO13485 are specific to organizations that supply medical devices, regardless of the type or size of the organization.

• Social Responsibility Management System

The international standard system of social responsibility is a management standard system based on the Charter of the International Labor Organization (ILO), the United Nations Convention on the Rights of the Child, and the Universal Declaration of Human Rights, with the main content of protecting the working environment and conditions and labor rights. It is the world's first international standard of ethics. Its purpose is to ensure that the products supplied by suppliers meet the requirements of social responsibility standards

• Measurement Management System

ISO 10012 Measurement Management System is an international standard developed and published by the International Organization for Standardization, which is specifically for the measurement management of enterprises and a set of interrelated or interacting elements necessary for the completion of measurement confirmation and continuous control of the measurement process.

• Data Security Risk Management Certification

CQM and China Academy of Communications and Information Technology have cooperated in Data Security Risk Management Certification (Zhuoxin Big Data Plan) business.By testing the platform system and its data sensitive interface, sensitive data, data security and other factors, and evaluating the system and implementation of its data life cycle (collection, transmission, storage, use, sharing, destruction) risk management, We canverify the security of the platform system and its data, and whether the risk management measures are appropriate and meet the relevant requirements.

• Personally Identifiable Information Protection Certification

ISO/IEC 29151:2017 sets out control objectives and guidelines for the implementation of controls, with the aim of preventing the intentional or accidental unauthorized disclosure, alteration, destruction or unauthorized identification, control or use of personally identifiable information by systems. In essence, it is to fully protect the personally identifiable information of the organization and give confidence to relevant parties, and enhance the public trust of the enterprise itself.

• ESG Management System Certification

The establishment and operation of the ESG management system aims to systematically guide enterprises to carry out good practices for sustainable development, facilitate the conversion of good practice results into credible ESG data and information, continuously improve ESG practices in a targeted manner and enhance corporate image, value and competitiveness, participate in global activities in an environmentally friendly, socially harmonious, safe and efficient way, and enhance capacity for sustainable development.

• Artificial Intelligence Management System

In December 2023, ISO published the world's first Artificial Intelligence Management System standard, ISO/IEC 42001. Designed for entities that provide or use AI-based products or services, the standard specifies requirements for establishing, implementing, maintaining and continuously improving Artificial Intelligence management systems (AIMS) within an organization to ensure the responsible development and use of AI systems.

• Information technology — Security techniques — Storage security

With the rise of mobile phones and other functional equipment, cloud computing technology, and new industrialization (industrial digital transformation), our lives have been surrounded by data information, in the face of the explosive growth of data, the performance of storage devices must also be improved accordingly, and storage security must also be guaranteed. ISO published and implemented ISO 27040:2015 Information Technology - Security Techniques - Storage Security, which refers to the storage security methods proposed by international organizations, European and American countries.

• Information technology — Governance of data

Data has become the fifth core factor of production after land, labor, capital and technology. Data governance brings not only the compliance requirements of laws and regulations for enterprises, but also the opportunities for value innovation and service extension.

ISO published and implemented ISO 38505-1:2017 Information technology — Governance of data, helping   organizations to establish data governance system and framework, guide organizations to conduct data governance and protection, and enhance the confidence of organizational data governance.