ISO/IEC TS 17035:2024
(Main)Conformity assessment — Guidelines for validation and verification programmes
Conformity assessment — Guidelines for validation and verification programmes
This document provides guidance to validation/verification programme owners, validation/verification bodies and interested parties on the development, content and operation of validation/verification programmes. When implemented by validation/verification bodies, this document is intended to be used in conjunction with ISO/IEC 17029 and sector-specific applications of ISO/IEC 17029.
Évaluation de la conformité — Lignes directrices pour les programmes de validation et de vérification
Ugotavljanje skladnosti - Smernice za programe validacije in verifikacije
1.1 Ta dokument podaja smernice za lastnike programov validacije in verifikacije ter validacijske in verifikacijske organe v zvezi z razvojem, vsebino in delovanjem programov validacije in verifikacije.
1.2 Ta dokument se uporablja v povezavi s standardom ISO/IEC 17029 in sektorsko v skladu s standardom ISO/IEC 17029 ter v povezavi z drugimi programi za ugotavljanje skladnosti, na primer kot del dejavnosti vrednotenja v shemi za certificiranje izdelkov v skladu s standardom ISO/IEC 17065.
General Information
- Status
- Published
- Publication Date
- 02-Sep-2024
- Technical Committee
- ISO/CASCO - Committee on conformity assessment
- Drafting Committee
- ISO/CASCO - Committee on conformity assessment
- Current Stage
- 6060 - International Standard published
- Start Date
- 03-Sep-2024
- Due Date
- 25-Mar-2025
- Completion Date
- 03-Sep-2024
Buy Documents
ISO/IEC TS 17035:2024 - Conformity assessment — Guidelines for validation and verification programmes Released:9/3/2024
ISO/IEC TS 17035:2024 - Conformity assessment — Guidelines for validation and verification programmes
Overview
ISO/IEC TS 17035:2024 - Conformity assessment - Guidelines for validation and verification programmes (Technical Specification, first edition) provides practical guidance for developing, operating and recognising validation/verification programmes. Designed to be used alongside ISO/IEC 17029, this TS clarifies programme content, governance and processes for bodies that issue validation statements or verification statements and for programme owners, regulators and other interested parties.
Key topics
The document organises guidance around programme design and operation, including:
Programme content
- Scope of validation/verification: definition and boundaries of claims to be validated or verified.
- Competence and impartiality: expectations for validation/verification bodies and personnel.
- Operational steps: recommended steps for planning and executing validation and verification activities.
- Evidence gathering activities: how bodies should collect, assess and use objective evidence (historical data for verification; projected data for validation).
- Reporting: structure and purpose of validation/verification statements and reports.
Programme development
- Guidance for creating rules, procedures and management systems for sector-specific or cross-sector programmes.
Programme maintenance and recognition
- Requirements for ongoing review, improvement and the process to recognise programmes (including informative annexes on logos/marks and recognition criteria).
Definitions and terms
- Clear terminology for claims, validation, verification, programme owner, validation/verification body, and statements-aligned with ISO/IEC 17029 and ISO/IEC 17000.
Applications
ISO/IEC TS 17035:2024 is practical for:
- Validation/verification bodies establishing or improving programme-aligned services.
- Programme owners (government agencies, trade associations, industry groups) developing sector schemes or rules.
- Accreditors and regulators assessing the adequacy of programme design and operation.
- Organisations seeking assurance over claims (environmental data, projected outcomes, product/system assertions) who want clarity on how independent validation or verification should be structured.
Use cases include verifying historical emissions data, validating projected performance claims, or creating a recognised scheme for recurring conformity assessments.
Related standards
- ISO/IEC 17029 - Principles and requirements for validation/verification bodies (primary normative reference).
- ISO 14065 - Sector-specific application (environmental verification/validation).
- ISO/IEC 17000 - Conformity assessment vocabulary and general principles.
Keywords: ISO/IEC TS 17035:2024, validation/verification programmes, conformity assessment, validation statement, verification statement, ISO/IEC 17029, programme owner, evidence gathering, reporting, competence, impartiality.
Buy Documents
ISO/IEC TS 17035:2024 - Conformity assessment — Guidelines for validation and verification programmes Released:9/3/2024
ISO/IEC TS 17035:2024 - Conformity assessment — Guidelines for validation and verification programmes
Get Certified
Connect with accredited certification bodies for this standard
BSI Group
BSI (British Standards Institution) is the business standards company that helps organizations make excellence a habit.
Bureau Veritas
Bureau Veritas is a world leader in laboratory testing, inspection and certification services.
DNV
DNV is an independent assurance and risk management provider.
Sponsored listings
Frequently Asked Questions
ISO/IEC TS 17035:2024 is a technical specification published by the International Organization for Standardization (ISO). Its full title is "Conformity assessment — Guidelines for validation and verification programmes". This standard covers: This document provides guidance to validation/verification programme owners, validation/verification bodies and interested parties on the development, content and operation of validation/verification programmes. When implemented by validation/verification bodies, this document is intended to be used in conjunction with ISO/IEC 17029 and sector-specific applications of ISO/IEC 17029.
This document provides guidance to validation/verification programme owners, validation/verification bodies and interested parties on the development, content and operation of validation/verification programmes. When implemented by validation/verification bodies, this document is intended to be used in conjunction with ISO/IEC 17029 and sector-specific applications of ISO/IEC 17029.
ISO/IEC TS 17035:2024 is classified under the following ICS (International Classification for Standards) categories: 03.120.20 - Product and company certification. Conformity assessment. The ICS classification helps identify the subject area and facilitates finding related standards.
ISO/IEC TS 17035:2024 is available in PDF format for immediate download after purchase. The document can be added to your cart and obtained through the secure checkout process. Digital delivery ensures instant access to the complete standard document.
Standards Content (Sample)
SLOVENSKI STANDARD
01-november-2024
Ugotavljanje skladnosti - Smernice za programe validacije in verifikacije
Conformity assessment - Guidelines for validation and verification programmes
Évaluation de la conformité — Lignes directrices pour les programmes de validation et
de vérification
Ta slovenski standard je istoveten z: ISO/IEC TS 17035:2024
ICS:
03.120.20 Certificiranje proizvodov in Product and company
podjetij. Ugotavljanje certification. Conformity
skladnosti assessment
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
Technical
Specification
ISO/IEC TS 17035
First edition
Conformity assessment —
2024-09
Guidelines for validation and
verification programmes
Évaluation de la conformité — Lignes directrices pour les
programmes de validation et de vérification
Reference number
© ISO/IEC 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO/IEC 2024 – All rights reserved
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Validation/Verification programmes . 4
4.1 General .4
4.2 Programme content .5
4.2.1 Scope of validation/verification .5
4.2.2 Competence, impartiality and operation of validation/verification bodies .5
4.2.3 Steps for the validation/verification process .6
4.2.4 Evidence gathering activities .6
4.2.5 Reporting .7
4.3 Programme development . .7
4.4 Programme maintenance, review and improvement .8
5 Programme owner . 9
Annex A (informative) Clarification of logo/symbol/mark . 10
Annex B (informative) Recognition of validation/verification programmes .12
Annex C (informative) Questions to help recognize a validation/verification programme . 14
Bibliography . 17
© ISO/IEC 2024 – All rights reserved
iii
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,
governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/
IEC Directives, Part 2 (see www.iso.org/directives or www.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of any
claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC had not
received notice of (a) patent(s) which may be required to implement this document. However, implementers
are cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall not be held
responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso.org/iso/foreword.html.
In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by the ISO Committee on Conformity Assessment (CASCO).
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.
© ISO/IEC 2024 – All rights reserved
iv
Introduction
This document is aligned with ISO/IEC 17029 which provides principles and requirements for bodies
providing validation/verification services. ISO/IEC 17029 is a generic standard that can apply to validation/
verification bodies in any economic sector or industry. It is distinct from other standards for conformity
assessment bodies in that it requires the object of conformity to be a claim, and for this to be validated
and/or verified in accordance with a validation or verification programme. Validation/verification bodies
operating in accordance with ISO/IEC 17029 can provide services as first-, second- or third-party activities.
This document is also aligned with sector-specific applications of ISO/IEC 17029, such as ISO 14065 which
references the requirements of ISO/IEC 17029 and includes specific requirements related to bodies that
validate or verify environmental information.
To validate or verify a claim, validation/verification bodies must often review large amounts of data and
information, including aspects such as the suitability of the boundaries of the claim; the way data has been
defined, collected and recorded; how quantification and calculation methods that support the claim have
been undertaken; and provision of a professional judgement on matters that are material or significant to
the claim.
The issuance of a validation or verification statement will normally be a one-off attestation based on the
information available at that point in time. Validation/verification statements normally do not have a period
of validity associated with them. Each subsequent validation/verification is a new separate conformity
assessment and is not considered to be a surveillance activity that supports an original or previous
validation/verification statement.
The result of validation or verification activities will frequently be a validation or verification statement.
These statements normally provide an opinion from the validation or verification body on the plausibility
of a claim that is made about the future based on projected data (validation), or the truthfulness of the
claim based on historical data (verification). The results from a validation and verification programme can
sometimes be combined to support a claim (e.g. a mixed engagement or in the management of similar or
related programmes). Validation/verification bodies can also be asked to undertake a validation/verification
process and issue a report of their findings, but without any formal statement or opinion on the plausibility
or truthfulness of the claim being made.
NOTE This is often referred to undertaking validation or verification activities on the basis of Agreed Upon
Procedures (AUP).
Within ISO/IEC 17029, there is a requirement for validation/verification bodies to operate within the
context of at least one validation or verification programme. Within ISO/IEC 17029 requirements, there
are many references to validation/verification programmes, and it is expected that validation/verification
programmes give direction to the validation/verification body. The importance of appropriate validation/
verification programmes when undertaking validation/verification activities in accordance with
ISO/IEC 17029 is critical to the correct operation of this type of conformity assessment.
ISO/IEC 17029:2019, Annex A also provides a comprehensive informative list of elements to be considered in
the development and operation of validation/verification programmes. The content of ISO/IEC 17029:2019,
Annex A has been included and amplified in this document.
To assist in the development, operation and recognition of validation/verification programmes suitable for
use with ISO/IEC 17029, this document covers the following:
a) an overview of validation/verification programmes in the context of ISO/IEC 17029;
b) development of validation/verification programmes;
c) recognition of validation/verification programmes.
© ISO/IEC 2024 – All rights reserved
v
Technical Specification ISO/IEC TS 17035:2024(en)
Conformity assessment — Guidelines for validation and
verification programmes
1 Scope
This document provides guidance to validation/verification programme owners, validation/verification
bodies and interested parties on the development, content and operation of validation/verification
programmes.
When implemented by validation/verification bodies, this document is intended to be used in conjunction
with ISO/IEC 17029 and sector-specific applications of ISO/IEC 17029.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 17000, Conformity assessment — Vocabulary and general principles
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 17000 and the following apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
claim
information declared by the client
Note 1 to entry: The claim is the object of conformity assessment by validation (3.2)/verification (3.3).
Note 2 to entry: The claim can represent a situation at a point in time or could cover a period of time.
Note 3 to entry: The claim should be clearly identifiable and capable of consistent evaluation or measurement against
specified requirements by a validation body (3.4)/verification body (3.5).
Note 4 to entry: The claim can be provided in the form of a report, a statement, a declaration, a project plan, or
consolidated data.
[SOURCE: ISO/IEC 17029:2019, 3.1]
3.2
validation
confirmation of a claim (3.1), through the provision of objective evidence, that the requirements for a specific
intended future use or application have been fulfilled
Note 1 to entry: Objective evidence can come from real or simulated sources.
Note 2 to entry: Validation is considered to be a process to evaluate the reasonableness of the assumptions, limitations,
and methods that support a claim about the outcome of future activities.
© ISO/IEC 2024 – All rights reserved
Note 3 to entry: Validation is applied to claims regarding an intended future use based on projected information
(confirmation of plausibility).
Note 4 to entry: In this document, the expression “validation/verification” means either validation or verification (3.3),
or both.
[SOURCE: ISO/IEC 17029:2019, 3.2, modified – The original Note 4 to entry has been deleted and a new Note
4 to entry has been added.]
3.3
verification
confirmation of a claim (3.1), through the provision of objective evidence, that specified requirements have
been fulfilled
Note 1 to entry: Verification is considered to be a process for evaluating a claim based on historical data and
information to determine whether the claim is materially correct and conforms with specified requirements.
Note 2 to entry: Verification is applied to claims regarding events that have already occurred or results that have
already been obtained (confirmation of truthfulness).
Note 3 to entry: In this document, the expression “validation/verification” means either validation (3.2) or verification,
or both.
[SOURCE: ISO/IEC 17029:2019, 3.3, modified – The original Note 3 to entry has been deleted and a new Note
3 to entry has been added.]
3.4
validation body
body that performs validation (3.2)
Note 1 to entry: A validation body can be an organization, or part of an organization.
Note 2 to entry: In this document, the expression “validation/verification body” means either validation body or
verification body (3.5), or both.
[SOURCE: ISO/IEC 17029:2019, 3.4, modified – Note 2 to entry has been added.]
3.5
verification body
body that performs verification (3.3)
Note 1 to entry: A verification body can be an organization, or part of an organization.
Note 2 to entry: In this document, the expression “validation/verification body” means either validation body (3.4) or
verification body, or both.
[SOURCE: ISO/IEC 17029:2019, 3.5, modified – Note 2 to entry has been added.]
3.6
validation statement
declaration by the validation body (3.4) of the outcome of the validation (3.2) process
Note 1 to entry: Validation statements can be referred to using specific programme terminology, such as “decisions”,
“opinions” or “reports”.
Note 2 to entry: The validation statement reflects only the situation at the point in time it is issued.
Note 3 to entry: The validation statement can be confirming or not confirming the claim (3.1), with or without
comments, according to the programme requirements.
Note 4 to entry: In this document, the expression “validation/verification statement” means either validation
statement or verification statement (3.7), or both.
[SOURCE: ISO/IEC 17029:2019, 3.6, modified – Note 4 to entry has been added.]
© ISO/IEC 2024 – All rights reserved
3.7
verification statement
declaration by the verification body (3.5) of the outcome of the verification (3.3) process
Note 1 to entry: Verification statements can be referred to using specific programme terminology, such as “decisions”,
“opinions” or “reports”.
Note 2 to entry: The verification statement reflects only the situation at the point in time it is issued.
Note 3 to entry: The verification statement can be confirming or not confirming the claim (3.1), with or without
comments, according to the programme requirements.
Note 4 to entry: In this document, the expression “validation/verification statement” means either validation statement
(3.6) or verification statement, or both.
[SOURCE: ISO/IEC 17029:2019, 3.7, modified – Note 4 to entry has been added.]
3.8
validation programme
rules, procedures and management for carrying out validation (3.2) activities in a specific sector
Note 1 to entry: Validation programmes can be operated at international, regional, national, sub-national or sector-
specific level.
Note 2 to entry: A programme can also be called a “scheme”.
Note 3 to entry: A set of standards able to cover all the requirements of ISO/IEC 17029 can serve as a programme.
Note 4 to entry: In this document, the expression “validation/verification programme” means either validation
programme or verification programme (3.9), or both.
[SOURCE: ISO/IEC 17029:2019, 3.8, modified – Note 4 to entry has been added.]
3.9
verification programme
rules, procedures and management for carrying out verification (3.3) activities in a specific sector
Note 1 to entry: Verification programmes can be operated at international, regional, national, sub-national or sector-
specific level.
Note 2 to entry: A programme can also be called a “scheme”.
Note 3 to entry: A set of standards able to cover all the requirements of ISO/IEC 17029 can serve as a programme.
Note 4 to entry: In this document, the expression “validation/verification programme” means either validation
programme (3.8) or verification programme, or both.
[SOURCE: ISO/IEC 17029:2019, 3.9, modified – Note 4 to entry has been added.]
3.10
programme owner
person or organization responsible for developing and maintaining a specific validation programme (3.8) or
verification programme (3.9)
Note 1 to entry: The programme owner can be the validation body (3.4)/verification body (3.5) itself, a governmental
authority, a trade association, a group of validation bodies/verification bodies, an external programme owner or others.
[SOURCE: ISO/IEC 17029:2019, 3.10]
3.11
normative document
document that provides rules, guidelines or characteristics for activities or their results
Note 1 to entry: The term “normative document” is a generic term that covers such documents as standards, technical
specifications, codes of practice and regulations.
© ISO/IEC 2024 – All rights reserved
Note 2 to entry: A “document” is to be understood as any medium with information recorded on or in it.
Note 3 to entry: The terms for different kinds of normative documents are defined considering the document and its
content as a single entity.
[SOURCE: ISO/IEC Guide 2:2004, 3.1]
4 Validation/Verification programmes
4.1 General
4.1.1 In accordance with ISO/IEC 17029, validation/verification are always undertaken within the context
of a validation/verification programme, in which case the operated validation/verification programme
cannot exclude any of the requirements specified by ISO/IEC 17029. This document can be used by
programmes that use another document for validation/verification bodies, in which case the programme
should not exclude or contradict the requirements in that document.
4.1.2 Programmes can be legal frameworks, a set of international, regional or national standards,
global initiatives and sector applications, as well as individual agreements with clients of the validation/
verification body.
4.1.3 Conformity assessment schemes in general comprise the full set of rules and procedures:
— describing the object of conformity assessment (claim),
— identifying the specified requirements applicable to the claim, and
— providing the methodology for performing conformity assessment (validation/verification).
NOTE The specified requirements to be identified apply to the object (i.e. relate to describing the claim). The
methodology relates to the way conformity assessment is performed (i.e. how, when, by whom), e.g. providing specific
methods and procedures for certain activities or rules for validation/verification bodies.
4.1.4 ISO/IEC 17029:2019, 3.11 defines the scope of validation/verification as the identification of the claim
as being the object of conformity assessment and the identification of the applicable specified requirements.
4.1.5 ISO/IEC 17029:2019, Clause 8 lists the following elements as content of programmes:
a) scope of validation/verification;
b) specific competence criteria for the validation/verification team and body;
c) process for validation/verification;
d) evidence gathering activities of validation/verification ;
e) reporting of validation/verification.
NOTE ISO/IEC 17029:2019, Annex A also provides additional elements.
4.1.6 The content of the programme (see 4.2) is specified by the programme owner (see 4.3).
4.1.7 Where validation/verification is performed as conformity assessment, i.e. including a decision on
whether or not to confirm the claim, the result or deliverable of the outcome of this process is a validation/
verification statement (see ISO/IEC 17029:2019, 9.7).
Where validation/verification is performed as an activity contributing to the selection, determination, and
review functions of the validation/verification process (see ISO/IEC 17029:2019, Annex B), other deliverables
than a validation/verification statement result from this activity.
© ISO/IEC 2024 – All rights reserved
In principle, a validation/verification programme can specify deliverables resulting from activities
contributing to each of the functions. For example,
— a “validation/verification plan” as a result of selection activities (see ISO/IEC 17029:2019, 9.2 and 9.4);
— an “evidence report” as a result of the selection and determination activities (see ISO/IEC 17029:2019,
9.2, 9.4 and 9.5);
— a “findings report” as a result of the review of the gathered evidence (see ISO/IEC 17029:2019, 9.6);
— a “report of actual findings”, i.e. the outcome of agreed upon procedures (AUP).
4.1.8 The deliverables associated with validation/verification programmes can be used as inputs to other
conformity assessment activities.
EXAMPLE A validation/verification statement can be used as an input into an evaluation activity of a product
certification body that fulfils ISO/IEC 17065.
Similarly, validation/verification programmes can specify that the results of other conformity assessment
activities (such as auditing, inspection, testing or certification) can be used as inputs into the validation/
verification process.
4.2 Programme content
4.2.1 Scope of validation/verification
4.2.1.1 The programme describes the claim to be the object of validation/verification, e.g. specifying
types of claims and boundaries.
4.2.1.2 The programme contains or references specified requirements to be fulfilled by the claim in order
to be confirmed.
4.2.1.3 The programme can allow for specific levels of assurance provided with the outcome of validation/
verification, e.g. reasonable, limited (see ISO/IEC 17029:2019, 9.2.2).
4.2.2 Competence, impartiality and operation of validation/verification bodies
4.2.2.1 The programme should describe means of monitoring to identify and to mitigate threats to
impartiality, e.g. consulting with the committee of the interested parties (see ISO/IEC 17029:2019, 5.3.3).
4.2.2.2 The programme can allow and set rules for providing both validation and verification to the same
client or in the context of the same project (see ISO/IEC 17029:2019, 5.3.8).
4.2.2.3 The programme can require or recommend specific arrangements to cover liability (see
ISO/IEC 17029:2019, 5.4).
4.2.2.4 The programme can specify requirements for resources, i.e. personnel, facilities, equipment,
systems and support services (see ISO/IEC 17029:2019, 7.1).
4.2.2.5 The programme can specify a period for personnel who have provided consultancy before
performing validation/verification activities (see ISO/IEC 17029:2019, 7.2.5).
4.2.2.6 The programme can require or recommend specific confidentiality requirements (see
ISO/IEC 17029:2019, 7.2.6).
© ISO/IEC 2024 – All rights reserved
4.2.2.7 The programme can specify the training requirements of personnel, including requirements for
their monitoring (see ISO/IEC 17029:2019, 7.3.2).
4.2.2.8 The programme can set rules for outsourcing, including prohibitions on outsourcing (see
ISO/IEC 17029:2019, 7.4).
4.2.2.9 The programme can specify requirements for persons carrying out the review, e.g. not being
involved in planning (see ISO/IEC 17029:2019, 9.6.2).
4.2.2.10 The programme can specify the requirements for persons making the decision on whether or not
to confirm the claim and issuing the validation/verification statement, e.g. not being involved in planning
(see ISO/IEC 17029:2019, 9.7.1.2).
4.2.3 Steps for the validation/verification process
4.2.3.1 The programme contains rules and procedures for carrying out validation/verification, e.g.
specific requirements for the pre-engagement (see 4.2.3.2), engagement (see 4.2.3.3), planning, execution
(see 4.2.4), review and decision (see 4.2.3.5 and 4.2.4.2).
4.2.3.2 Pre-engagement activities specified by the programme can include information to be submitted by
the client for pre-engagement review, time frames and any applicable fees (see ISO/IEC 17029:2019, 9.2).
4.2.3.3 Specification of the engagement agreement between the client and the validation/verification body
by the programme can include identification of the programme requirements to be covered by agreement
[see ISO/IEC 17029:2019, 9.3.1 and 9.3.3 bullet b)].
4.2.3.4 Planning and preparation activities specified by the programme can include specific terms, e.g.
evidence-gatheri
...
Technical
Specification
ISO/IEC TS 17035
First edition
Conformity assessment —
2024-09
Guidelines for validation and
verification programmes
Évaluation de la conformité — Lignes directrices pour les
programmes de validation et de vérification
Reference number
© ISO/IEC 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO/IEC 2024 – All rights reserved
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Validation/Verification programmes . 4
4.1 General .4
4.2 Programme content .5
4.2.1 Scope of validation/verification .5
4.2.2 Competence, impartiality and operation of validation/verification bodies .5
4.2.3 Steps for the validation/verification process .6
4.2.4 Evidence gathering activities .6
4.2.5 Reporting .7
4.3 Programme development . .7
4.4 Programme maintenance, review and improvement .8
5 Programme owner . 9
Annex A (informative) Clarification of logo/symbol/mark . 10
Annex B (informative) Recognition of validation/verification programmes .12
Annex C (informative) Questions to help recognize a validation/verification programme . 14
Bibliography . 17
© ISO/IEC 2024 – All rights reserved
iii
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,
governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/
IEC Directives, Part 2 (see www.iso.org/directives or www.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of any
claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC had not
received notice of (a) patent(s) which may be required to implement this document. However, implementers
are cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall not be held
responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso.org/iso/foreword.html.
In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by the ISO Committee on Conformity Assessment (CASCO).
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.
© ISO/IEC 2024 – All rights reserved
iv
Introduction
This document is aligned with ISO/IEC 17029 which provides principles and requirements for bodies
providing validation/verification services. ISO/IEC 17029 is a generic standard that can apply to validation/
verification bodies in any economic sector or industry. It is distinct from other standards for conformity
assessment bodies in that it requires the object of conformity to be a claim, and for this to be validated
and/or verified in accordance with a validation or verification programme. Validation/verification bodies
operating in accordance with ISO/IEC 17029 can provide services as first-, second- or third-party activities.
This document is also aligned with sector-specific applications of ISO/IEC 17029, such as ISO 14065 which
references the requirements of ISO/IEC 17029 and includes specific requirements related to bodies that
validate or verify environmental information.
To validate or verify a claim, validation/verification bodies must often review large amounts of data and
information, including aspects such as the suitability of the boundaries of the claim; the way data has been
defined, collected and recorded; how quantification and calculation methods that support the claim have
been undertaken; and provision of a professional judgement on matters that are material or significant to
the claim.
The issuance of a validation or verification statement will normally be a one-off attestation based on the
information available at that point in time. Validation/verification statements normally do not have a period
of validity associated with them. Each subsequent validation/verification is a new separate conformity
assessment and is not considered to be a surveillance activity that supports an original or previous
validation/verification statement.
The result of validation or verification activities will frequently be a validation or verification statement.
These statements normally provide an opinion from the validation or verification body on the plausibility
of a claim that is made about the future based on projected data (validation), or the truthfulness of the
claim based on historical data (verification). The results from a validation and verification programme can
sometimes be combined to support a claim (e.g. a mixed engagement or in the management of similar or
related programmes). Validation/verification bodies can also be asked to undertake a validation/verification
process and issue a report of their findings, but without any formal statement or opinion on the plausibility
or truthfulness of the claim being made.
NOTE This is often referred to undertaking validation or verification activities on the basis of Agreed Upon
Procedures (AUP).
Within ISO/IEC 17029, there is a requirement for validation/verification bodies to operate within the
context of at least one validation or verification programme. Within ISO/IEC 17029 requirements, there
are many references to validation/verification programmes, and it is expected that validation/verification
programmes give direction to the validation/verification body. The importance of appropriate validation/
verification programmes when undertaking validation/verification activities in accordance with
ISO/IEC 17029 is critical to the correct operation of this type of conformity assessment.
ISO/IEC 17029:2019, Annex A also provides a comprehensive informative list of elements to be considered in
the development and operation of validation/verification programmes. The content of ISO/IEC 17029:2019,
Annex A has been included and amplified in this document.
To assist in the development, operation and recognition of validation/verification programmes suitable for
use with ISO/IEC 17029, this document covers the following:
a) an overview of validation/verification programmes in the context of ISO/IEC 17029;
b) development of validation/verification programmes;
c) recognition of validation/verification programmes.
© ISO/IEC 2024 – All rights reserved
v
Technical Specification ISO/IEC TS 17035:2024(en)
Conformity assessment — Guidelines for validation and
verification programmes
1 Scope
This document provides guidance to validation/verification programme owners, validation/verification
bodies and interested parties on the development, content and operation of validation/verification
programmes.
When implemented by validation/verification bodies, this document is intended to be used in conjunction
with ISO/IEC 17029 and sector-specific applications of ISO/IEC 17029.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 17000, Conformity assessment — Vocabulary and general principles
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 17000 and the following apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
claim
information declared by the client
Note 1 to entry: The claim is the object of conformity assessment by validation (3.2)/verification (3.3).
Note 2 to entry: The claim can represent a situation at a point in time or could cover a period of time.
Note 3 to entry: The claim should be clearly identifiable and capable of consistent evaluation or measurement against
specified requirements by a validation body (3.4)/verification body (3.5).
Note 4 to entry: The claim can be provided in the form of a report, a statement, a declaration, a project plan, or
consolidated data.
[SOURCE: ISO/IEC 17029:2019, 3.1]
3.2
validation
confirmation of a claim (3.1), through the provision of objective evidence, that the requirements for a specific
intended future use or application have been fulfilled
Note 1 to entry: Objective evidence can come from real or simulated sources.
Note 2 to entry: Validation is considered to be a process to evaluate the reasonableness of the assumptions, limitations,
and methods that support a claim about the outcome of future activities.
© ISO/IEC 2024 – All rights reserved
Note 3 to entry: Validation is applied to claims regarding an intended future use based on projected information
(confirmation of plausibility).
Note 4 to entry: In this document, the expression “validation/verification” means either validation or verification (3.3),
or both.
[SOURCE: ISO/IEC 17029:2019, 3.2, modified – The original Note 4 to entry has been deleted and a new Note
4 to entry has been added.]
3.3
verification
confirmation of a claim (3.1), through the provision of objective evidence, that specified requirements have
been fulfilled
Note 1 to entry: Verification is considered to be a process for evaluating a claim based on historical data and
information to determine whether the claim is materially correct and conforms with specified requirements.
Note 2 to entry: Verification is applied to claims regarding events that have already occurred or results that have
already been obtained (confirmation of truthfulness).
Note 3 to entry: In this document, the expression “validation/verification” means either validation (3.2) or verification,
or both.
[SOURCE: ISO/IEC 17029:2019, 3.3, modified – The original Note 3 to entry has been deleted and a new Note
3 to entry has been added.]
3.4
validation body
body that performs validation (3.2)
Note 1 to entry: A validation body can be an organization, or part of an organization.
Note 2 to entry: In this document, the expression “validation/verification body” means either validation body or
verification body (3.5), or both.
[SOURCE: ISO/IEC 17029:2019, 3.4, modified – Note 2 to entry has been added.]
3.5
verification body
body that performs verification (3.3)
Note 1 to entry: A verification body can be an organization, or part of an organization.
Note 2 to entry: In this document, the expression “validation/verification body” means either validation body (3.4) or
verification body, or both.
[SOURCE: ISO/IEC 17029:2019, 3.5, modified – Note 2 to entry has been added.]
3.6
validation statement
declaration by the validation body (3.4) of the outcome of the validation (3.2) process
Note 1 to entry: Validation statements can be referred to using specific programme terminology, such as “decisions”,
“opinions” or “reports”.
Note 2 to entry: The validation statement reflects only the situation at the point in time it is issued.
Note 3 to entry: The validation statement can be confirming or not confirming the claim (3.1), with or without
comments, according to the programme requirements.
Note 4 to entry: In this document, the expression “validation/verification statement” means either validation
statement or verification statement (3.7), or both.
[SOURCE: ISO/IEC 17029:2019, 3.6, modified – Note 4 to entry has been added.]
© ISO/IEC 2024 – All rights reserved
3.7
verification statement
declaration by the verification body (3.5) of the outcome of the verification (3.3) process
Note 1 to entry: Verification statements can be referred to using specific programme terminology, such as “decisions”,
“opinions” or “reports”.
Note 2 to entry: The verification statement reflects only the situation at the point in time it is issued.
Note 3 to entry: The verification statement can be confirming or not confirming the claim (3.1), with or without
comments, according to the programme requirements.
Note 4 to entry: In this document, the expression “validation/verification statement” means either validation statement
(3.6) or verification statement, or both.
[SOURCE: ISO/IEC 17029:2019, 3.7, modified – Note 4 to entry has been added.]
3.8
validation programme
rules, procedures and management for carrying out validation (3.2) activities in a specific sector
Note 1 to entry: Validation programmes can be operated at international, regional, national, sub-national or sector-
specific level.
Note 2 to entry: A programme can also be called a “scheme”.
Note 3 to entry: A set of standards able to cover all the requirements of ISO/IEC 17029 can serve as a programme.
Note 4 to entry: In this document, the expression “validation/verification programme” means either validation
programme or verification programme (3.9), or both.
[SOURCE: ISO/IEC 17029:2019, 3.8, modified – Note 4 to entry has been added.]
3.9
verification programme
rules, procedures and management for carrying out verification (3.3) activities in a specific sector
Note 1 to entry: Verification programmes can be operated at international, regional, national, sub-national or sector-
specific level.
Note 2 to entry: A programme can also be called a “scheme”.
Note 3 to entry: A set of standards able to cover all the requirements of ISO/IEC 17029 can serve as a programme.
Note 4 to entry: In this document, the expression “validation/verification programme” means either validation
programme (3.8) or verification programme, or both.
[SOURCE: ISO/IEC 17029:2019, 3.9, modified – Note 4 to entry has been added.]
3.10
programme owner
person or organization responsible for developing and maintaining a specific validation programme (3.8) or
verification programme (3.9)
Note 1 to entry: The programme owner can be the validation body (3.4)/verification body (3.5) itself, a governmental
authority, a trade association, a group of validation bodies/verification bodies, an external programme owner or others.
[SOURCE: ISO/IEC 17029:2019, 3.10]
3.11
normative document
document that provides rules, guidelines or characteristics for activities or their results
Note 1 to entry: The term “normative document” is a generic term that covers such documents as standards, technical
specifications, codes of practice and regulations.
© ISO/IEC 2024 – All rights reserved
Note 2 to entry: A “document” is to be understood as any medium with information recorded on or in it.
Note 3 to entry: The terms for different kinds of normative documents are defined considering the document and its
content as a single entity.
[SOURCE: ISO/IEC Guide 2:2004, 3.1]
4 Validation/Verification programmes
4.1 General
4.1.1 In accordance with ISO/IEC 17029, validation/verification are always undertaken within the context
of a validation/verification programme, in which case the operated validation/verification programme
cannot exclude any of the requirements specified by ISO/IEC 17029. This document can be used by
programmes that use another document for validation/verification bodies, in which case the programme
should not exclude or contradict the requirements in that document.
4.1.2 Programmes can be legal frameworks, a set of international, regional or national standards,
global initiatives and sector applications, as well as individual agreements with clients of the validation/
verification body.
4.1.3 Conformity assessment schemes in general comprise the full set of rules and procedures:
— describing the object of conformity assessment (claim),
— identifying the specified requirements applicable to the claim, and
— providing the methodology for performing conformity assessment (validation/verification).
NOTE The specified requirements to be identified apply to the object (i.e. relate to describing the claim). The
methodology relates to the way conformity assessment is performed (i.e. how, when, by whom), e.g. providing specific
methods and procedures for certain activities or rules for validation/verification bodies.
4.1.4 ISO/IEC 17029:2019, 3.11 defines the scope of validation/verification as the identification of the claim
as being the object of conformity assessment and the identification of the applicable specified requirements.
4.1.5 ISO/IEC 17029:2019, Clause 8 lists the following elements as content of programmes:
a) scope of validation/verification;
b) specific competence criteria for the validation/verification team and body;
c) process for validation/verification;
d) evidence gathering activities of validation/verification ;
e) reporting of validation/verification.
NOTE ISO/IEC 17029:2019, Annex A also provides additional elements.
4.1.6 The content of the programme (see 4.2) is specified by the programme owner (see 4.3).
4.1.7 Where validation/verification is performed as conformity assessment, i.e. including a decision on
whether or not to confirm the claim, the result or deliverable of the outcome of this process is a validation/
verification statement (see ISO/IEC 17029:2019, 9.7).
Where validation/verification is performed as an activity contributing to the selection, determination, and
review functions of the validation/verification process (see ISO/IEC 17029:2019, Annex B), other deliverables
than a validation/verification statement result from this activity.
© ISO/IEC 2024 – All rights reserved
In principle, a validation/verification programme can specify deliverables resulting from activities
contributing to each of the functions. For example,
— a “validation/verification plan” as a result of selection activities (see ISO/IEC 17029:2019, 9.2 and 9.4);
— an “evidence report” as a result of the selection and determination activities (see ISO/IEC 17029:2019,
9.2, 9.4 and 9.5);
— a “findings report” as a result of the review of the gathered evidence (see ISO/IEC 17029:2019, 9.6);
— a “report of actual findings”, i.e. the outcome of agreed upon procedures (AUP).
4.1.8 The deliverables associated with validation/verification programmes can be used as inputs to other
conformity assessment activities.
EXAMPLE A validation/verification statement can be used as an input into an evaluation activity of a product
certification body that fulfils ISO/IEC 17065.
Similarly, validation/verification programmes can specify that the results of other conformity assessment
activities (such as auditing, inspection, testing or certification) can be used as inputs into the validation/
verification process.
4.2 Programme content
4.2.1 Scope of validation/verification
4.2.1.1 The programme describes the claim to be the object of validation/verification, e.g. specifying
types of claims and boundaries.
4.2.1.2 The programme contains or references specified requirements to be fulfilled by the claim in order
to be confirmed.
4.2.1.3 The programme can allow for specific levels of assurance provided with the outcome of validation/
verification, e.g. reasonable, limited (see ISO/IEC 17029:2019, 9.2.2).
4.2.2 Competence, impartiality and operation of validation/verification bodies
4.2.2.1 The programme should describe means of monitoring to identify and to mitigate threats to
impartiality, e.g. consulting with the committee of the interested parties (see ISO/IEC 17029:2019, 5.3.3).
4.2.2.2 The programme can allow and set rules for providing both validation and verification to the same
client or in the context of the same project (see ISO/IEC 17029:2019, 5.3.8).
4.2.2.3 The programme can require or recommend specific arrangements to cover liability (see
ISO/IEC 17029:2019, 5.4).
4.2.2.4 The programme can specify requirements for resources, i.e. personnel, facilities, equipment,
systems and support services (see ISO/IEC 17029:2019, 7.1).
4.2.2.5 The programme can specify a period for personnel who have provided consultancy before
performing validation/verification activities (see ISO/IEC 17029:2019, 7.2.5).
4.2.2.6 The programme can require or recommend specific confidentiality requirements (see
ISO/IEC 17029:2019, 7.2.6).
© ISO/IEC 2024 – All rights reserved
4.2.2.7 The programme can specify the training requirements of personnel, including requirements for
their monitoring (see ISO/IEC 17029:2019, 7.3.2).
4.2.2.8 The programme can set rules for outsourcing, including prohibitions on outsourcing (see
ISO/IEC 17029:2019, 7.4).
4.2.2.9 The programme can specify requirements for persons carrying out the review, e.g. not being
involved in planning (see ISO/IEC 17029:2019, 9.6.2).
4.2.2.10 The programme can specify the requirements for persons making the decision on whether or not
to confirm the claim and issuing the validation/verification statement, e.g. not being involved in planning
(see ISO/IEC 17029:2019, 9.7.1.2).
4.2.3 Steps for the validation/verification process
4.2.3.1 The programme contains rules and procedures for carrying out validation/verification, e.g.
specific requirements for the pre-engagement (see 4.2.3.2), engagement (see 4.2.3.3), planning, execution
(see 4.2.4), review and decision (see 4.2.3.5 and 4.2.4.2).
4.2.3.2 Pre-engagement activities specified by the programme can include information to be submitted by
the client for pre-engagement review, time frames and any applicable fees (see ISO/IEC 17029:2019, 9.2).
4.2.3.3 Specification of the engagement agreement between the client and the validation/verification body
by the programme can include identification of the programme requirements to be covered by agreement
[see ISO/IEC 17029:2019, 9.3.1 and 9.3.3 bullet b)].
4.2.3.4 Planning and preparation activities specified by the programme can include specific terms, e.g.
evidence-gathering plan, sampling plan, validation/verification plan, and criteria, e.g. for materiality,
assurance levels (see ISO/IEC 17029:2019, 9.4.1).
4.2.3.5 The programme can specify the applicable materiality and criteria for significance of evidence (see
ISO/IEC 17029:2019, 3.1.6 and 9.2.2).
4.2.3.6 The programme should provide objectives for a risk-based approach to validation/verification
activities including, among others, threats to impartiality (see ISO/IEC 17029:2019, 4.3.7).
4.2.3.7 The programme should set rule
...
Especificación
Técnica
ISO/IEC TS 17035
Primera edición
Evaluación de la conformidad —
2024-09
Directrices para los programas de
validación y verificación
Conformity assessment — Guidelines for validation and
verification programmes
Publicado por la Secretaría Central de ISO en Ginebra, Suiza,
como traducción oficial en español avalada por el Translation
Management Group, que ha certificado la conformidad en
relación con las versiones inglesa y francesa.
Número de referencia
DOCUMENTO PROTEGIDO POR COPYRIGHT
© ISO 2024
Todos los derechos reservados. Salvo que se especifique de otra manera o se requiera en el contexto de su implementación, no
puede reproducirse ni utilizarse ninguna parte de esta publicación bajo ninguna forma y por ningún medio, electrónico o mecánico,
incluidos el fotocopiado, o la publicación en Internet o una Intranet, sin la autorización previa por escrito. La autorización puede
solicitarse a ISO en la siguiente dirección o al organismo miembro de ISO en el país del solicitante.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Publicado en Suiza
Versión en español publicada en 2026
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
ii
Índice Página
Prólogo .iv
Prólogo de la versión en español.v
Introducción .vi
1 Objeto y campo de aplicación . 1
2 Referencias normativas . 1
3 Términos y definiciones . 1
4 Programas de validación/verificación . 4
4.1 Generalidades .4
4.2 Contenido del programa.5
4.2.1 Alcance de la validación/verificación .5
4.2.2 Competencia, imparcialidad y operación de los organismos de validación/
verificación .6
4.2.3 Pasos para el proceso de validación/verificación .6
4.2.4 Actividades de recopilación de evidencias .7
4.2.5 Presentación de informes .7
4.3 Desarrollo del programa .8
4.4 Mantenimiento, revisión y mejora del programa .9
5 Dueño del programa . 9
Anexo A (informativo) Clarificación del logo/símbolo/marca .11
Anexo B (informativo) Reconocimiento de los programas de validación/verificación .13
Anexo C (informativo) Preguntas para ayudar a reconocer un programa de validación/
verificación .16
Bibliografía.20
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
iii
Prólogo
ISO (Organización Internacional de Normalización) e IEC (Comisión Electrotécnica Internacional) forman el
sistema especializado para la normalización mundial. Los organismos nacionales que son miembros de ISO
o IEC participan en el desarrollo de Normas Internacionales a través de comités técnicos establecidos por la
organización respectiva para tratar materias específicas de la actividad técnica. Los comités técnicos de ISO
e IEC colaboran en materias de interés mutuo. Otras organizaciones internacionales, gubernamentales y no
gubernamentales, vinculadas con ISO e IEC, también participan en el trabajo.
En la Parte 1 de las Directivas ISO/IEC se describen los procedimientos utilizados para desarrollar este
documento y aquellos previstos para su mantenimiento posterior. En particular debería tomarse nota de los
diferentes criterios de aprobación necesarios para los distintos tipos de documentos ISO. Este documento
ha sido redactado de acuerdo con las reglas editoriales de la Parte 2 de las Directivas ISO/IEC (véase
www.iso.org/directives o www.iec.ch/members_experts/refdocs).
ISO e IEC llaman la atención sobre la posibilidad de que la implementación de este documento pueda conllevar
el uso de una o varias patentes. ISO e IEC no se posicionan respecto a la evidencia, validez o aplicabilidad de
los derechos de patente reivindicados. A la fecha de publicación de este documento, ISO e IEC no habían
recibido notificación de que una o varias patentes pudieran ser necesarias para su implementación.
No obstante, se advierte a los usuarios que esta puede no ser la información más reciente, la cual puede
obtenerse de la base de datos de patentes disponible en www.iso.org/patents y https://patents.iec.ch. ISO e
IEC no serán responsables de la identificación de parte o la totalidad de dichos derechos de patente.
Cualquier nombre comercial utilizado en este documento es información que se proporciona para comodidad
del usuario y no constituye una recomendación.
Para una explicación de la naturaleza voluntaria de las normas, el significado de los términos específicos
de ISO y las expresiones relacionadas con la evaluación de la conformidad, así como la información
acerca de la adhesión de ISO a los principios de la Organización Mundial del Comercio (OMC) respecto
a los Obstáculos Técnicos al Comercio (OTC), véase www.iso.org/iso/foreword.html. En IEC, véase
www.iec.ch/understanding-standards.
Este documento ha sido elaborado por el Comité Técnico ISO/CASCO, Comité para la evaluación de la
conformidad.
Cualquier comentario o pregunta sobre este documento deberían dirigirse al organismo nacional de
normalización del usuario. En www.iso.org/members.html y www.iec.ch/national-committees se puede
encontrar un listado completo de estos organismos.
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
iv
Prólogo de la versión en español
Este documento ha sido traducido por el Grupo de Trabajo Spanish Translation Task Force (STTF) del Comité
Técnico ISO/CASCO, Comité para la evaluación de la conformidad, en el que participan representantes de
los organismos nacionales de normalización y otras partes interesadas, para lograr la unificación de la
terminología en lengua española en el ámbito de la evaluación de la conformidad.
Este documento ha sido validado por el ISO/TMBG/Spanish Translation Management Group (STMG)
conformado por los siguientes países: Argentina, Bolivia, Chile, Colombia, Costa Rica, Cuba, Ecuador, El
Salvador, España, Guatemala, Honduras, República Dominicana, México, Panamá, Paraguay, Perú y Uruguay.
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
v
Introducción
Este documento se alinea con la Norma ISO/IEC 17029 que proporciona principios y requisitos para
organismos que proporcionen servicios de validación/verificación. La Norma ISO/IEC 17029 es una norma
genérica que puede aplicar a organismos de validación/verificación en cualquier sector económico o
industria. Se distingue de otras normas para organismos de evaluación de la conformidad en que requiere
que el objeto de la conformidad sea una declaración, y que ésta sea validada y/o verificada de acuerdo con
un programa de validación o verificación. Los organismos de validación/verificación que operan de acuerdo
con la Norma ISO/IEC 17029 pueden proporcionar servicios como actividades de primera, segunda o tercera
parte.
Este documento también se alinea con aplicaciones específicas sectoriales de la Norma ISO/IEC 17029,
tal como la Norma ISO 14065, que hace referencia a los requisitos de la Norma ISO/IEC 17029 e incluye
requisitos específicos relacionados con organismos que validan o verifican información ambiental.
Para validar o verificar, los organismos de validación/verificación a menudo tienen que revisar grandes
cantidades de datos e información, incluyendo aspectos tales como la idoneidad de los límites de la
declaración; el modo en que los datos se han definido, recopilado y registrado; cómo se han llevado a cabo los
métodos de cuantificación y cálculo que dan soporte a la declaración; y la provisión de un juicio profesional
en asuntos que son materiales o significativos para la declaración.
La emisión de una declaración de validación o verificación normalmente será una atestación única basada
en la información disponible en ese momento. Las declaraciones de validación/verificación normalmente no
tienen un periodo de validez asociado a ellas. Cada validación/verificación posterior es una evaluación de la
conformidad aparte y no se considera que sea una actividad de vigilancia que dé soporte a una declaración
de validación/verificación original o previa.
El resultado de las actividades de validación o verificación frecuentemente será una declaración de validación
o verificación. Estas declaraciones normalmente proporcionan una opinión del organismo de validación o
verificación sobre la plausibilidad de una declaración que se hace sobre el futuro basado en datos proyectados
(validación), o sobre la veracidad de la declaración basada en datos históricos (verificación). Los resultados
de un programa de validación y de verificación a veces pueden combinarse para apoyar una declaración
(por ejemplo, un acuerdo mixto o en la gestión de programas similares o relacionados). También se puede
pedir a los organismos de validación/verificación que lleven a cabo un proceso de validación/verificación y
emitan un informe de sus hallazgos, pero sin ninguna declaración u opinión formal sobre la plausibilidad o la
veracidad de la declaración que se está haciendo.
NOTA Esto, a menudo, se denomina llevar a cabo actividades de validación o verificación basándose en
procedimientos de común acuerdo (PCA).
Dentro de la Norma ISO/IEC 17029, hay un requisito para que los organismos de validación/verificación
operen dentro del contexto de al menos un programa de validación o verificación. Dentro de los requisitos
de la Norma ISO/IEC 17029, hay muchas referencias a programas de validación/verificación, y se espera que
esos programas de validación/verificación orienten al organismo de validación/ verificación. La importancia
de los programas de validación/verificación adecuados cuando se llevan a cabo actividades de validación/
verificación de acuerdo con la Norma ISO/IEC 17029 es crítica para el funcionamiento correcto de este tipo
de evaluación de la conformidad.
El Anexo A de la Norma ISO/IEC 17029:2019 también proporciona una amplia lista informativa de elementos
a considerar en el desarrollo y el funcionamiento de los programas de validación/verificación. El contenido
del Anexo A de la Norma ISO/IEC 17029:2019 se ha incluido y ampliado en este documento.
Para ayudar en el desarrollo, el funcionamiento y el reconocimiento de programas de validación/ verificación
idóneos para su uso con la Norma ISO/IEC 17029, este documento cubre lo siguiente:
a) un resumen de los programas de validación/verificación en el contexto de la Norma ISO/IEC 17029;
b) desarrollo de programas de validación/verificación;
c) reconocimiento de programas de validación/verificación.
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
vi
Especificación Técnica ISO/IEC TS 17035:2024(es)
Evaluación de la conformidad — Directrices para los
programas de validación y verificación
1 Objeto y campo de aplicación
Este documento proporciona orientación a los dueños de programas de validación/verificación, a los
organismos de validación/verificación y a las partes interesadas sobre el desarrollo, el contenido y el
funcionamiento de los programas de validación/verificación.
Cuando los organismos de validación/verificación lo implementen, este documento está previsto para
utilizarse junto con la Norma ISO/IEC 17029 y sus aplicaciones específicas sectoriales.
2 Referencias normativas
Los siguientes documentos se referencian en el texto de tal forma que parte o la totalidad de su contenido
constituyen requisitos de este documento. Para las referencias con fecha, solo aplica la edición citada. Para
las referencias sin fecha se aplica la última edición del documento de referencia (incluyendo cualquier
modificación).
ISO/IEC 17000, Evaluación de la conformidad — Vocabulario y principios generales
3 Términos y definiciones
Para los fines de este documento, se aplican los términos y definiciones incluidos en la Norma ISO/IEC 17000
además de los siguientes:
ISO e IEC mantienen bases de datos terminológicas para su utilización en normalización en las siguientes
direcciones:
— Plataforma de búsqueda en línea de ISO: disponible en https:// www .iso .org/ obp
— Electropedia de IEC: disponible en https:// www .electropedia .org/
3.1
declaración
información declarada por el cliente
Nota 1 a la entrada: La declaración es el objeto de evaluación de la conformidad por la validación (3.2)/verificación
(3.3).
Nota 2 a la entrada: La declaración puede representar una situación en un punto en el tiempo o podría cubrir un
periodo de tiempo.
Nota 3 a la entrada: La declaración debería ser claramente identificable y capaz de ser evaluada o medida coherentemente
por un organismo de validación (3.4)/organismo de verificación (3.5) frente a los requisitos especificados.
Nota 4 a la entrada: La declaración puede proporcionarse en forma de informe, de afirmación, de anuncio, de plan de
proyecto, o de datos consolidados.
[FUENTE: ISO/IEC 17029:2019, 3.1]
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
3.2
validación
confirmación de una declaración (3.1), mediante la aportación de evidencia objetiva de que se han cumplido
los requisitos para una utilización o aplicación específica prevista futura
Nota 1 a la entrada: La evidencia objetiva puede provenir de fuentes reales o simuladas.
Nota 2 a la entrada: La validación se considera un proceso para evaluar lo razonables que son los supuestos,
limitaciones y métodos que respaldan una declaración de los resultados de las actividades futuras.
Nota 3 a la entrada: La validación se aplica a las declaraciones con respecto a un uso futuro previsto basado en
información proyectada (confirmación de plausibilidad).
Nota 4 a la entrada: En este documento, la expresión “validación/verificación” significa validación o verificación (3.3),
o ambas.
Nota 5 a la entrada: [FUENTE: ISO/IEC 17029:2019, 3.2, modificado — Se ha eliminado la Nota 4 a la entrada original y
se ha añadido una nueva Nota 4 a la entrada.]
3.3
verificación
confirmación de una declaración (3.1), mediante la aportación de evidencia objetiva de que se han cumplido
los requisitos especificados
Nota 1 a la entrada: La verificación se considera un proceso para evaluar una declaración basándose en datos históricos
e información para determinar si la declaración es correcta respecto a la materialidad y es conforme con los requisitos
especificados.
Nota 2 a la entrada: La verificación se aplica a las declaraciones con respecto a eventos que ya han ocurrido o a los
resultados que ya se han obtenido (confirmación de la veracidad).
Nota 3 a la entrada: En este documento, la expresión “validación/verificación” significa validación (3.2) o verificación,
o ambas.
[FUENTE: ISO/IEC 17029:2019, 3.3, modificado — Se ha eliminado la Nota 3 a la entrada original y se ha
añadido una nueva Nota 3 a la entrada.]
3.4
organismo de validación
organismo que lleva a cabo la validación (3.2)
Nota 1 a la entrada: Un organismo de validación puede ser una organización, o parte de una organización.
Nota 2 a la entrada: En este documento, la expresión “organismo de validación/verificación” significa organismo de
validación u organismo de verificación (3.5), o ambos.
[FUENTE: ISO/IEC 17029:2019, 3.4, modificado — Se ha añadido la Nota 2 a la entrada.]
3.5
organismo de verificación
organismo que lleva a cabo la verificación (3.3)
Nota 1 a la entrada: Un organismo de verificación puede ser una organización, o parte de una organización.
Nota 2 a la entrada: En este documento, la expresión “organismo de validación/verificación” significa organismo de
validación (3.4) u organismo de verificación, o ambos.
[FUENTE: ISO/IEC 17029:2019, 3.5, modificado — Se ha añadido la Nota 2 a la entrada.]
3.6
declaración de validación
comunicado del organismo devalidación (3.4) sobre el resultado del proceso de validación (3.2)
Nota 1 a la entrada: Puede hacerse referencia a las declaraciones de validación usando terminología específica de un
programa, como “decisiones”, “opiniones” o “informes”.
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
Nota 2 a la entrada: La declaración de validación refleja sólo la situación en el momento en que se emite.
Nota 3 a la entrada: La declaración de validación puede confirmar o no confirmar la declaración (3.1), con o sin
comentarios, de acuerdo con los requisitos del programa.
Nota 4 a la entrada: En este documento, la expresión “declaración de validación/verificación” significa declaración de
validación o declaración de verificación (3.7), o ambas.
[FUENTE: ISO/IEC 17029:2019, 3.6, modificado — Se ha añadido la Nota 4 a la entrada.]
3.7
declaración de verificación
comunicado del organismo de verificación (3.5) sobre el resultado del proceso de verificación (3.3)
Nota 1 a la entrada: Puede hacerse referencia a las declaraciones de verificación usando terminología específica de un
programa, como “decisiones”, “opiniones” o “informes”.
Nota 2 a la entrada: La declaración de verificación refleja sólo la situación en el momento en que se emite.
Nota 3 a la entrada: La declaración de verificación puede confirmar o no confirmar la declaración (3.1), con o sin
comentarios, de acuerdo con los requisitos del programa.
Nota 4 a la entrada: En este documento, la expresión “declaración de validación/verificación” significa declaración de
validación (3.6) o declaración de verificación, o ambas.
[FUENTE: ISO/IEC 17029:2019, 3.7, modificado — Se ha añadido la Nota 4 a la entrada.]
3.8
programa de validación
reglas, procedimientos y gestión para llevar a cabo las actividades de validación (3.2) en un sector específico
Nota 1 a la entrada: Los programas de validación pueden operarse a nivel internacional, regional, local o específico del
sector.
Nota 2 a la entrada: Un programa también puede denominarse “esquema”.
Nota 3 a la entrada: Un conjunto de normas capaz de cubrir todos los requisitos de este documento puede servir como
un programa.
Nota 4 a la entrada: En este documento, la expresión “programa de validación/verificación” significa programa de
validación o programa de verificación (3.9), o ambas.
[FUENTE: ISO/IEC 17029:2019, 3.8, modificado — Se ha añadido la Nota 4 a la entrada.]
3.9
programa de verificación
reglas, procedimientos y gestión para llevar a cabo las actividades de verificación (3.3) en un sector específico
Nota 1 a la entrada: Los programas de verificación pueden operarse a nivel internacional, regional, nacional, local o
específico del sector.
Nota 2 a la entrada: Un programa también puede denominarse “esquema”.
Nota 3 a la entrada: Un conjunto de normas capaz de cubrir todos los requisitos de la Norma ISO/IEC 17029 puede
servir como un programa.
Nota 4 a la entrada: En este documento, la expresión “programa de validación/verificación” significa programa de
validación (3.8) o programa de verificación, o ambas.
[FUENTE: ISO/IEC 17029:2019, 3.9, modificado — Se ha añadido la Nota 4 a la entrada.]
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
3.10
dueño del programa
persona u organización responsable del desarrollo y el mantenimiento de un programa de validación (3.8) o
un programa de verificación (3.9) específicos
Nota 1 a la entrada: El dueño del programa puede ser el propio organismo de validación (3.4)/organismo de verificación
(3.5), una autoridad gubernamental, una asociación de comercio, un grupo de organismos de validación/organismos
de verificación, un dueño de programa externo, u otros.
[FUENTE: ISO/IEC 17029:2019, 3.10]
3.11
documento normativo
documento que proporciona reglas, directrices o características para actividades o sus resultados
Nota 1 a la entrada: El término “documento normativo” es un término genérico que cubre documentos tales como
normas, especificaciones técnicas, códigos de prácticas y reglamentos.
Nota 2 a la entrada: Se considera como “documento” cualquier soporte de información, junto con la información en él
contenida.
Nota 3 a la entrada: Los términos relativos a los diferentes tipos de documentos normativos se definen considerando el
documento y su contenido como un todo.
[FUENTE: ISO/IEC Guide 2:2004, 3.1]
4 Programas de validación/verificación
4.1 Generalidades
4.1.1 De acuerdo con la Norma ISO/IEC 17029, la validación/la verificación siempre se lleva a cabo dentro
del contexto de un programa de validación/verificación, en cuyo caso el programa de validación/verificación
operado no puede excluir ninguno de los requisitos especificados por la Norma ISO/IEC 17029. Este
documento puede ser utilizado por programas que usen otro documento para organismos de validación/
verificación, en cuyo caso el programa no debería excluir o contradecir los requisitos de ese documento.
4.1.2 Los programas pueden ser marcos de referencia legales, un conjunto de normas internacionales,
regionales o nacionales, iniciativas globales y aplicaciones sectoriales, así como acuerdos individuales con
los clientes del organismo de validación/verificación.
4.1.3 En general, los esquemas de evaluación de la conformidad comprenden el conjunto completo de
reglas y procedimientos que:
— describen el objeto de la evaluación de la conformidad (declaración),
— identifican los requisitos especificados aplicables a la declaración, y
— proporcionan la metodología para llevar a cabo la evaluación de la conformidad (validación/ verificación).
NOTA Los requisitos especificados que se han de identificar se aplican al objeto (es decir, se relacionan con la
descripción de la declaración). La metodología está relacionada con la manera en que se lleva a cabo la evaluación de la
conformidad (es decir, cómo, cuándo y por quién), por ejemplo, proporcionando métodos y procedimientos específicos
para ciertas actividades o reglas para los organismos de validación/verificación.
4.1.4 El apartado 3.11 de la Norma ISO/IEC 17029:2019 define el alcance de la validación/verificación como
la identificación de la declaración que va a ser el objeto de la evaluación de la conformidad y la identificación
de los requisitos especificados aplicables.
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
4.1.5 El Capítulo 8 de la Norma ISO/IEC 17029:2019 enumera los siguientes elementos como contenido de
los programas:
a) el alcance de la validación/verificación;
b) los criterios de competencia específica para el organismo y el equipo de validación/verificación;
c) un proceso de validación/verificación;
d) las actividades de recopilación de evidencias de validación/verificación;
e) la presentación de informes de validación/verificación.
NOTA El Anexo A de la Norma ISO/IEC 17029:2019 también proporciona elementos adicionales.
4.1.6 El dueño del programa (véase 4.3) especifica el contenido del programa (véase 4.2).
4.1.7 Cuando una validación/verificación se lleva a cabo como una evaluación de la conformidad, es decir,
incluyendo una decisión sobre si confirmar o no la declaración, el resultado o el entregable del resultado de
este proceso es una declaración de validación/verificación (véase ISO/IEC 17029:2019, 9.7).
Cuando una validación/verificación se lleva a cabo como una actividad que contribuye a la selección, la
determinación y la revisión de funciones del proceso de validación/verificación (véase el Anexo B de la
Norma ISO/IEC 17029:2019), de esta actividad resultan otros entregables distintos de una declaración de
validación/verificación.
En principio, un programa de validación/verificación puede especificar los entregables que resultan de las
actividades que contribuyen a cada una de las funciones. Por ejemplo,
— un “plan de validación/verificación” como resultado de las actividades de selección (véanse
ISO/IEC 17029:2019, 9.2 y 9.4);
— un “informe de evidencias” como resultado de las actividades de selección y determinación (véanse
ISO/IEC 17029:2019, 9.2, 9.4 y 9.5);
— un “informe de hallazgos” como resultado de la revisión de la evidencia recopilada (véase
ISO/IEC 17029:2019, 9.6);
— un “informe de los hallazgos reales”, es decir, el resultado de los procedimientos de común acuerdo (PCA).
4.1.8 Los entregables asociados a los programas de validación/verificación pueden utilizarse como
entradas para otras actividades de evaluación de la conformidad.
EJEMPLO Una declaración de validación/verificación puede utilizarse como una entrada para una actividad de
evaluación de un organismo de certificación de productos que cumpla la Norma ISO/IEC 17065.
De forma similar, los programas de validación/verificación pueden especificar que los resultados de
otras actividades de evaluación de la conformidad (tales como la auditoría, la inspección, los ensayos o la
certificación) pueden utilizarse como entradas para el proceso de validación/verificación.
4.2 Contenido del programa
4.2.1 Alcance de la validación/verificación
4.2.1.1 El programa describe la declaración que va a ser el objeto de la validación/verificación, por ejemplo,
especificando los tipos de declaraciones y sus límites.
4.2.1.2 El programa contiene requisitos especificados que la declaración tiene que cumplir para ser
confirmada, o hace referencia a ellos.
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
4.2.1.3 El programa puede contemplar niveles de aseguramiento específicos proporcionados con el
resultado de la validación/verificación, por ejemplo, razonable, limitado (véase ISO/IEC 17029:2019, 9.2.2).
4.2.2 Competencia, imparcialidad y operación de los organismos de validación/verificación
4.2.2.1 El programa debería describir los medios para realizar el seguimiento para identificar y mitigar
las amenazas a la imparcialidad, por ejemplo, consultar con el comité de las partes interesadas (véase
ISO/IEC 17029:2019, 5.3.3).
4.2.2.2 El programa puede contemplar y establecer reglas para proporcionar tanto validación como
verificación al mismo cliente o en el contexto del mismo proyecto (véase ISO/IEC 17029:2019, 5.3.8).
4.2.2.3 El programa puede requerir o recomendar disposiciones específicas para cubrir la responsabilidad
legal (véase ISO/IEC 17029:2019, 5.4).
4.2.2.4 El programa puede especificar requisitos para los recursos, es decir, el personal, las instalaciones,
el equipamiento, los sistemas y los servicios de soporte (véase ISO/IEC 17029:2019, 7.1).
4.2.2.5 El programa puede especificar un periodo para el personal que ha proporcionado consultoría
antes de llevar a cabo actividades de validación/verificación (véase ISO/IEC 17029:2019, 7.2.5).
4.2.2.6 El programa puede requerir o recomendar requisitos de confidencialidad específicos (véase
ISO/IEC 17029:2019, 7.2.6).
4.2.2.7 El programa puede especificar los requisitos de formación del personal, incluyendo requisitos para
su seguimiento (véase ISO/IEC 17029:2019, 7.3.2).
4.2.2.8 El programa puede establecer reglas para la contratación externa, incluyendo prohibiciones
aplicables a la contratación externa (véase ISO/IEC 17029:2019, 7.4).
4.2.2.9 El programa puede especificar requisitos para las personas que llevan a cabo la revisión, por
ejemplo, que no estén involucradas en la planificación (véase ISO/IEC 17029:2019, 9.6.2).
4.2.2.10 El programa puede especificar los requisitos para las personas que toman la decisión de si
confirmar o no la declaración y emitir la declaración de la validación/verificación, por ejemplo, que no estén
involucradas en la planificación (véase ISO/IEC 17029:2019, 9.7.1.2).
4.2.3 Pasos para el proceso de validación/verificación
4.2.3.1 El programa contiene reglas y procedimientos para llevar a cabo la validación/verificación, por
ejemplo, requisitos específicos para el preacuerdo (véase 4.2.3.2), el acuerdo (véase 4.2.3.3), la planificación,
la ejecución (véase 4.2.4), la revisión y la decisión (véanse 4.2.3.5 y 4.2.4.2).
4.2.3.2 Las actividades de preacuerdo especificadas por el programa pueden incluir información a
presentar por el cliente para la revisión del preacuerdo, marcos temporales y cualquier tarifa aplicable
(véase ISO/IEC 17029:2019, 9.2).
4.2.3.3 La especificación del acuerdo de compromiso entre el cliente y el organismo de validación/
verificación en el programa puede incluir la identificación de los requisitos del programa que tiene que
cubrir el acuerdo [véase ISO/IEC 17029:2019, 9.3.1 y 9.3.3 punto b)].
4.2.3.4 Las actividades de planificación y preparación especificadas en el programa pueden incluir
términos específicos, por ejemplo, plan de recopilación de evidencias, plan de muestreo, plan de
Traducción oficial
© ISO/IEC 2024 – Todos los derechos reservados
validación/verificación, y criterios, por ejemplo, para la materialidad o los niveles de aseguramiento (véase
ISO/IEC 17029:2019, 9.4.1).
4.2.3.5 El programa puede especificar la materialidad apli
...