Transferring Certification Between Certification Bodies
Transferring an existing certification from one certification body (CB) to another is a recognized practice within management system and product certification, governed by international accreditation standards and the procedural rules of receiving bodies. This page explains the definition, mechanics, common triggers, and decision criteria for certification transfers. Understanding the transfer process matters because an improperly executed transfer can create gaps in certification status that affect regulatory standing, customer contracts, or supply chain eligibility.
Definition and scope
A certification transfer — also called a CB transfer or certificate migration — occurs when a certified organization moves its existing, valid certificate (most commonly an ISO management system certificate) from the CB that issued it to a different CB, without restarting the full initial certification cycle. The scope of a transfer typically covers management system standards such as ISO 9001, ISO 14001, ISO 45001, and ISO/IEC 27001, though some product certification and personnel certification schemes also have transfer provisions.
The legal and procedural foundation for transfers is set primarily by ISO/IEC 17021-1:2015, the international standard specifying requirements for CBs conducting management system certification. Section 9 of ISO/IEC 17021-1 addresses audit planning and program management; receiving CBs interpret these requirements to determine whether a prior audit cycle can be partially credited. Accreditation bodies such as ANAB (ANSI National Accreditation Board) and A2LA (American Association for Laboratory Accreditation) impose additional transfer-eligibility conditions on the CBs they accredit, which is why the accreditation status of both the sending and receiving CB is the first factor any transfer evaluation must resolve.
How it works
A standard CB transfer follows a defined sequence of phases. The receiving CB drives the process; the certified organization facilitates document exchange.
- Eligibility screening — The receiving CB confirms that the certificate being transferred is currently valid, that the issuing (sending) CB holds recognized accreditation from an International Accreditation Forum (IAF) multilateral recognition arrangement (MLA) signatory, and that no suspension or withdrawal action is pending. A suspended certificate is not eligible for transfer under standard CB procedures.
- Documentation package request — The organization provides the receiving CB with the current certificate, the most recent Stage 2 (initial) audit report, all surveillance audit reports within the current three-year certification cycle, and a register of open or closed nonconformities. ISO/IEC 17021-1 requires CBs to maintain documented audit records, so this package should be obtainable from the sending CB upon the organization's written request.
- Gap analysis or transfer audit — The receiving CB reviews the documentation to identify whether any surveillance audit is overdue or whether nonconformity closure evidence is incomplete. If the cycle is current and records are clean, some CBs accept a desk review. If the last audit was conducted more than 12 months prior or if open major nonconformities exist, the receiving CB typically schedules an on-site transfer or surveillance audit before issuing a new certificate.
- Certificate issuance — The receiving CB issues a new certificate carrying the same scope statement and, typically, the same certification cycle expiry date as the original. Resetting the expiry date to a new three-year window is possible but requires the receiving CB's documented rationale under its certification program rules.
- Notification to sending CB — The organization formally withdraws from the sending CB, which then cancels the original certificate and updates its public registry. Maintaining two concurrent certificates for the same scope from two different CBs simultaneously violates the impartiality requirements outlined in ISO/IEC 17021-1 Section 5.
This process is also described in IAF Mandatory Document IAF MD 2, which sets binding rules for CBs accredited under the IAF MLA regarding the transfer of accredited certifications.
Common scenarios
Three operational situations account for the majority of transfer requests in the US market.
Cost or service dissatisfaction — An organization finds that audit fees, scheduling flexibility, or auditor competency at the current CB no longer meet its operational needs. This is the most common driver. Because the certification lifecycle is three years, organizations often evaluate CB relationships at surveillance milestones.
CB loses accreditation — If the sending CB's accreditation is suspended or withdrawn by ANAB, A2LA, or another IAF MLA signatory, the certificates it has issued lose their accredited status. Affected certificate holders must transfer to an accredited CB before their customers, regulators, or procurement bodies will accept the certificate as valid. The IAF MLA framework creates the recognition chain that underpins this requirement.
Mergers and acquisitions — When a CB is acquired by or merges into another CB, existing certificates are often administratively migrated under an approved transition plan. Organizations should confirm in writing that the receiving entity holds accreditation for the specific standard and sector scope being transferred, particularly for sector-specific schemes such as AS9100 (aerospace) or IATF 16949 (automotive), which carry scheme-owner oversight beyond ISO/IEC 17021-1.
Decision boundaries
Not every certificate is eligible for a direct transfer. The table below contrasts transfer-eligible versus ineligible conditions.
| Condition | Transfer-eligible | Not eligible for direct transfer |
|---|---|---|
| Certificate status | Valid, no suspension | Suspended or withdrawn |
| Sending CB accreditation | Active IAF MLA signatory | Lapsed, suspended, or non-IAF |
| Open nonconformities | Closed with evidence | Major nonconformity open |
| Audit records available | Complete package from sending CB | Records unavailable or incomplete |
| Scope consistency | Scope unchanged | Organization requests scope expansion simultaneously |
A scope expansion concurrent with a transfer requires the receiving CB to treat the new scope elements as an extension audit, not a transfer. These processes run in parallel but are formally distinct under ISO/IEC 17021-1 audit program planning requirements.
The third-party certification process at the receiving CB governs what happens if a transfer is declined: the organization restarts at Stage 1, and the prior certification history may inform audit day calculations but does not substitute for the full initial audit program. Decisions about transfer eligibility rest entirely with the receiving CB and are subject to its accreditation body's oversight — neither the organization nor the sending CB can compel a receiving CB to accept a transfer.
References
- ISO/IEC 17021-1:2015 — Conformity assessment: Requirements for bodies providing audit and certification of management systems
- IAF MD 2 — Transfer of Accredited Certification (International Accreditation Forum)
- IAF Multilateral Recognition Arrangement (MLA)
- ANAB — ANSI National Accreditation Board
- A2LA — American Association for Laboratory Accreditation
- ISO 9001:2015 — Quality management systems: Requirements
- ISO/IEC 27001:2022 — Information security management systems