Certification of management systems

• Quality Management System Certification uni en ISO 9001
• Certification of Environmental Management System uni en ISO 14001
• Certification of Safety Management System uni ISO 45001
• Certification of Information Security Management System uni CEI ISO/IEC 27001
• Certification of Prevention of Corruption uni ISO 37001
• Anti-Corruption Management System Certification uni ISO 37001
• Certification of Road Traffic Safety uni ISO 39001: 2016
• Certification of Innovation Management System uni ISO 56002
• Certification of Social Accountability Management System SA8000
• Certification of Sustainability Management Systems. Sustainability Rating
• Certification of BIM Management System, in accordance with the UNI/PdR 74:2019 Reference Practice
• Certification of IT Services Management Systems UNI CEI ISO/IEC 20000-1
• Certification of Gender Equality Management System UNI/PdR 125
• Certification of Business Continuity Management Systems UNI EN ISO 22301 (Business Continuity Management)
• Certification of the Good Distribution Practice (GDP) Management Systems for the Distribution of Medicines.

Download General criteria for formulating the bid for management system certification
Download Operating instructions on criteria for transfer of certification
Download Request for proposal for management system certification

View our accreditations

Download Impartiality Policy

Download Quality and Gender Equality Policy

Download Regulations for the Certification of Management Systems - General Part

Download Regulations for use of the ACCREDIA Mark

Download Regulations for the use of certification marks

Today, the concept of Quality has evolved from a system stiffened by excessive formalism to a management for quality more focused on the effectiveness and efficiency of the processes of the business organization. An increasing number of companies have chosen System Certification according to ISO 9001, with the goal of ensuring compliance with contractual requirements by implementing management models to improve performance toward the market.

Quality management, in the national-European-international arena, is a way of working and strategically managing one's business that can increase the company's competitiveness and success.

TO WHOM IS IT REQUIRED?

ISO 9001 certification is used in both private and public sectors to increase confidence in the products and services provided by companies, among business partners in business-to-business relationships, in the selection of suppliers in supply-chains, and in the selection of participants in tenders.

The sectors involved are:

• IAF02: Mining of minerals (quarries, mines and oil fields)
• IAF15: Products from the processing of non-metallic materials (e.g., bitumen)
• IAF16: Lime, gypsum, concrete, cement and related products
• IAF17: Metals and their alloys, manufacture of metal products
• IAF18: Machinery and equipment
• IAF19: Electrical and optical equipment
• IAF24: Recycling
• IAF28: Construction companies, Installers of plants and services
• IAF29: Wholesale, retail trade; repair of motor vehicles, motorcycles, and personal and household goods
• IAF31: Transportation, logistics and communications
• IAF32: Financial intermediation, real estate activities, rentals
• IAF33: Information technology
• IAF34: Technical consulting firms, engineering
• IAF35: Professional business services
• IAF37: Education
• IAF39: Other social services
  

All this requires the enterprise to "dress" the quality management system on its business and production reality in order to:

• Optimize and rationalize the management of its products and services
• Effectively and efficiently control design (if performed) and production and/or construction activities
• Constantly monitor the adequacy of human and economic resources invested with respect to what is required by legislative requirements as well as contractual requirements

Certification of its quality management system, by a Third Party certification body (such as APAVE CERTIFICATION ITALY), is an element of prestige and growth for the company itself.

The Certification of an Occupational Health and Safety Management System (HSMS) offers several benefits of which the organization can be facilitated, for example:

• Continuous and effective verification of the adequacy of its structure's behaviors with respect to what is required by legislative requirements and the objectives defined by management
• Implementing accident prevention systems with a view to continuous improvement
• Adopting and implementing systems and measures capable of ensuring that all Organizations involved in the execution of commissioned works, guarantee compliance with the legal requirements for safety and health protection

Voluntary Certification of this System allows to highlight, both externally and internally, the Management's continuous commitment to accident prevention to those involved in the execution of the works.
The structure of a safety management system can be traced back to what has already been developed for other schemes (QMS and EMS), making it easier and ensuring greater optimization of human and economic resources in the development of an Integrated Management System that complies with all three reference schemes.

The purpose of certification of an EMS is to ascertain, through an initial audit and subsequent maintenance audits, that the organizations applying for certification, operate in accordance with the UNI ISO 45001:2018 standard
The audits carried out by APAVE CERTIFICATION ITALIA are neither a substitute for nor connected with those carried out by the competent public authorities.
The Certification Process, adopted by APAVE CERTIFICATION ITALIA, provides for the conduct of audits over a three-year period and which allows the issuance, downstream of an initial certification audit, of a document of compliance, the validity of which is subject to the performance of successful maintenance audits.
There are several features that harmonize ISO 45001 with other management system standards, such as ISO 9001 and ISO 14001. In fact, the ISO 45001 standard adopts the same structure and incorporates its main innovations, such as the risk-based approach, analysis of the context in which the organization operates, active participation of senior management, and worker consultation and participation.

An Information Security Management System (ISMS) compliant with the ISO/IEC 27001:2013 standard is the internationally recognized tool through which an organization can demonstrate that it is able to protect its own information assets (or those of third parties entrusted to it).
But what is to be understood by "information"? It is an asset of the organization that, like other important business assets or resources, is essential to the organization's business and consequently must be properly "protected."

The information to be protected is independent of its format, because ISO/IEC 27001:2013 is not a standard exclusive to the world of IT or information technology in general, because it governs paper documents, verbal communications, conversations in public places, letters and emails exchanged with customers and suppliers, patents, trade secrets that if they were to come into the public domain or available to competitors would create major damage to the company, economic or image.
The standard enables the identification and constant updating of processes regarding the control of physical, logical and organizational security; the analysis of risks to identify suitable security measures; the management of appropriate procedures and frequently updated operating instructions; and the monitoring of business processes.
ISO/IEC 27001 is the only auditable and certifiable international standard that defines the requirements for an ISMS and is designed to ensure the selection of appropriate and proportionate security controls. This helps protect information from internal and external risks, give confidence to stakeholders.

ISO/IEC ISO 27001 aims to ensure the maintenance of confidentiality, integrity and availability of information, in addition to other characteristics that may be considered such as authenticity, non-repudiation and reliability:

• Confidentiality is the property whereby information is not made available or disclosed to unauthorized individuals, entities or processes
• Integrity: is the property related to safeguarding the accuracy and completeness of information and related assets
• Availability is the property of being accessible and usable at the request of an authorized entity

Choose Apave Certification Italia to certify your Management System for the prevention of corruption under the UNI ISO 37001 standard.

The standard, an operational tool that does not replace, but rather adds to, the measures already provided for at the national legislative level, helps to establish the ways in which companies can declare themselves "compliant" with respect to the prevention of corruption, i.e., they can adopt prevention measures that are reasonable and proportionate to the risk of corruption.
The standard is set according to the high-level structure, so it can be perfectly integrated with ISO 9001, 14001 and 45001, and is aimed at companies of any size or nature, both public and private.

Anticorruption Management System Certifications Update - ISO 37001

Theupdate of ISO 37001 was published on February 3, 2025. This update cancels and replaces the first edition (ISO 37001:2016), which was technically revised, also incorporating the ISO 37001:2016/Amd 1:2024 amendment.

As of March 1, 2026, organizations already licensed to be certified as compliant with ISO 37001:2016 will have to adapt their management system and undergo a third-party audit by February 28, 2027 to update their certificate.

Organizations seeking initial certification against ISO 37001:2025 as of March 1, 2027 will have to adopt the 2025 version.

As of March 1, 2027 , certifications against the ISO 37001:2016 Standard will be revoked.

Rules for certification of management systems for the prevention of corruption

The implementation of an innovation management system, according to ISO 56002:2019 guidelines, and third-party certification with the APAVE IMS 56002 logo, guaranteeing its effectiveness, represent an important competitive advantage for the Enterprise.
Business innovation is a process to be built day by day, measurable, cross-cutting across areas, to be managed with specific skills and a broad vision that enable the most suitable production and organizational choices to trigger innovation itself.
The ISO 56002 innovation management system makes it possible to:

• Give visibility and credibility to activities characterized by Process, Product and/or Organizational Innovation
• Create trust with customers, suppliers, investors and the community
• Measure the ability to innovate over time, creating lasting value

The greatest effort lies in questioning internal processes and designing new ways of doing business. Managing innovation requires systematicity and a leader to guide the management system; it is not a random phenomenon.
The success of an innovative enterprise will thus be able to be measured by the new business opportunities created, despite market variability and the continuous evolution of enabling technologies.

To confirm this, the International Organization for Standardization (ISO) has published the ISO 56000 series of standards and, especially, ISO 56002:2019 as a guide for all organizations that want to adopt a structured approach to innovation management.
Any organization regardless of type, size, products provided and services delivered can certify.
ISO 56002 outlines the principles that, when adopted in their entirety, enable Organizations to put policy, objectives, leadership, resources, infrastructure, capital, equipment, documentation, knowledge and skills in the right order and make the innovation management system effective.

Regulations for the Certification of Innovation Management Systems

SA 8000 (Social Accountability 8000) constitutes the first standard at the international level by which it is ensured that an organization is socially responsible, i.e., is committed to compliance with the rules of work ethics and openly rejects all working conditions characterized by inhumanity, exploitation, unequal pay and unhealthiness of the workplace.

In fact, this standard is based on principles dictated by international references on human and workers' rights and in particular refers to the concepts of the Universal Declaration of Human Rights, the ILO (International Labor Organization) Conventions, the United Nations Conventions on the Rights of the Child and to eliminate all forms of Discrimination against Women.

Apave Certification Italia S.r.l. has been accredited by the Social Accountability Accreditation Services (SAAS), the only global accreditation body whose mission is to support the implementation of social and labor standards-this is accomplished through supervision and assessment services designed to evaluate the competence of Audit Systems and individual Auditors, effective April 1, 2021 available on the SAAS website at the following links:

• SA8000 Accredited Certification Bodies
• Apave Certification Italia S.r.l. on SAAS

Any company belonging to any business sector can certify itself in accordance with the SA8000 standard. Any organization interested in ensuring socially acceptable work activities and promoting constant improvement, both in the management of so-called "business risks" and in relations with stakeholders inside and outside the organization, can take advantage of this management tool.

WHAT BENEFITS DOES CERTIFICATION OF THE SA8000 SOCIAL RESPONSIBILITY MANAGEMENT SYSTEM BRING?

• An increase in credibility, transparency and corporate image in the target market, a reputational benefit
• Increased consumer trust, improved relationship with institutions and social organizations
• A control of ethicality and social fairness in the supply chain
• An improvement in the corporate climate: workers feel protected by the company in which they work and more involved in the achievement of objectives
• An improvement in internal and external communication, through publicly available reports

>> Access the complaint form

Certifying your Gender Equality Management System according to the UNI/PdR 125 reference practice contributes to the success of your organization by ensuring the actions necessary to safeguard gender equality.

The purpose of the gender equality certification system according to the UNI/PdR 125 reference practice is to encourage the adoption of policies for gender equality and women's empowerment at the company level and thus to improve women's ability to access the labor market, leadership and harmonization of life times.

Gender equality certification is provided for in NRP Mission 5 and the Equal Opportunity Code.

WHAT BENEFITS DOES GENDER EQUALITY MANAGEMENT SYSTEM CERTIFICATION BRING ?

The achievement by an organization of certification in compliance with UNI/PdR 125, issued by APAVE CERTIFICATION ITALIA, brings several benefits, such as:

• Contribution exemption, through reduction of social security contributions for all the months of validity of the certification, parameterized on a monthly basis equal to 1% (on the total number of staff hired) of the total contribution due from the employer, within the maximum limit of 50,000 euros per year per company
• Rewards in participation in public tenders and calls for tenders
• Reduction in the amount of the provisional guarantee required for participation in public tenders
• Rewards in accessing European/international/national funding
• Reputational benefits of the brand
• Increased talent attractiveness and retention capacity. The issue of well-being, work life balance is a crucial aspect in choosing a new candidate (employer branding).

WHO IT IS REQUIRED OF:

UNI/PdR 125 certification is used in both the private and public sectors to increase stakeholder confidence in the organization's commitment to combating gender inequality.

Download Special Rules for the Certification of Management Systems for Gender Equality.

BIM Management System certification certifies that the organization (engineering firm, architectural firm, construction company or contracting station) has implemented standardized processes for digital information management throughout the entire life cycle of a work.
UNI/PdR 74 is a certification in its own right, although having an ISO 9001 management system related to BIM processes can facilitate the implementation of the Management System.

Why certify the BIM management systema today?

In 2026, mandatory BIM has reached its full maturity. To participate in public procurement above the community threshold, it is no longer enough to have "BIM software," but it is necessary to demonstrate a "certified" working method. The certification issued by APAVE CERTIFICATION ITALY is proof of your organization's digital maturity.

What benefits does BIM management system certification bring?

Implementing and certifying a BIM system brings tangible benefits beyond just regulatory compliance:

• Rewarding Scores in Procurement: The new Procurement Code enhances the value of companies with certified management systems by offering decisive technical scores in tenders under the Economically Most Advantageous Offer criterion.
• Prevent errors in the design and execution phase: Digital management allows the identification of interferences during the project phase, avoiding variations during construction that burden company margins.
• Better Data Management: Ensures that data ownership and flow are protected, tracked and compliant with privacy and cybersecurity regulations.
• Sustainability and ESG: BIM is the primary tool for calculating the environmental impact of the work (Life Cycle Assessment), improving the company's ESG rating.

To whom it is requested

The system certification is aimed at all entities in the construction supply chain:

1. Contracting Stations: To properly manage information specifications.
2. Design Companies: To ensure the quality of delivered models.
3. Construction Firms: To optimize the construction phase and the "As-Built".
4. Property Managers (Facility Management): For data-driven predictive maintenance.

Download Special rules for BIM management system certification.

IT Services and their management, also referred to as "IT Service Management," are increasingly strategic for businesses that rely on qualified vendors to avoid dealing with "ongoing management" activities for which it is not structured or for which it does not intend to bear the start-up and maintenance costs.

An IT Service can be defined as a set of functions provided through IT systems in supporting one or more business areas (departments, agencies, agencies, departments, etc.). It may consist of software, hardware and media, but the customer/customer and user/user perceive it as a single entity.

As the market, consumer or enterprise, continues to demand services in Information Technology, there is an increasing need to organize these services according to a certain, established and universally recognized reference.

ISO/IEC 20000 is the reference standard that the International for Standardization Organization (ISO) has published for any organization that intends to offer IT services to internal or external customers.

Adherence to the principles of ISO/IEC 20000 allows organizations to be able to benchmark their capability in delivering IT services, measuring service levels and evaluating service performance.

ISO/IEC 20000-1:2018 contains a list of requirements that an organization decides to be inspired by and adhere to in order to deliver services in IT at a quality acceptable to itself and its customers.

Apave Certification Italia is accredited by ACCREDIA for the ITX scheme (acronym by which the certification activity is identified according to ISO/IEC 20000-1 in the current version 2018); the accreditation ensures the competence, independence and impartiality of our body by the sole Italian Accreditation Body.

WHAT BENEFITS DOES CERTIFICATION OF MANAGEMENT SYSTEMS FOR IT SERVICES BRING?

Certification is a guarantee for the organization and its target market in terms of its ability to deliver its services in the IT field.

It enables the company to support service lifecycle management, including planning, design, transition, delivery and improvement of services that meet agreed requirements and provide value for customers, users and the organization providing the services.

In fact, adopting a management system for IT services enables the organization to ensure its ability to manage the following processes:

• Service portfolio
• Service Plan
• Configuration Management
• Business Relationship Management
• Service Level Management
• Supplier and Demand Management
• Budgeting and Accounting
• Capacity Management
• Change Management
• Release and Deployment Management
• Incident Management
• Problem Management
• Service Continuity and Availability Management
• Information Security Policy and Controls
• Financial Management for IT Services
• Service Reporting

Do you want to protect against incidents that put your business at risk, reduce the likelihood of their occurrence, respond to them, and get back up and running as quickly as possible?

That is the purpose of ISO 22301 certification, which enables companies to plan, implement and enforce a business continuity management system. The standard is suitable for all organizations, regardless of their size and the nature of their activities, taking into account their environment and the complexity of their operations.

ISO 22301 certification allows you to anticipate the risks to your organization, ensure the continuity of your operations as well as the return to normalcy following a disaster (cyber attack, fire, telephone network disruption, etc.).

WHAT BENEFITS DOES BUSINESS CONTINUITY MANAGEMENT SYSTEM CERTIFICATION BRING?

• Improve your resilience and responsiveness to safeguard your interests and those of key stakeholders;
  
  
• Ensure the continuous uptime of your operations; and
  
  
• Manage risks and change in your environment/context
  
  
• Anticipate crises
  
  
• Reduce the size and scope of an incident
  
  
• Strengthen the trust of your customers
  
  
• Demonstrate your compliance
  
  

Special rules for certification of management systems for business continuity

Certifying your Management System for Proper Medication Distribution Practices for End Consumers ensures that product quality and integrity are maintained throughout the supply chain.

This code of standards aims to ensure that products are distributed to retailers and others without any alteration of their properties. The distributor should also implement a traceability system to enable detection of defective products and effective recall. In addition, GDPs apply to the procurement, storage, and transportation of active pharmaceutical ingredients and other ingredients used in the manufacture of medicines.

The requirements for good distribution practice are based on the European Commission Guidelines on Good Distribution Practice of Medicinal Products for Human Use (Directive 2013/C 343/01).
Good distribution practice certification is recommended for all companies operating in the pharmaceutical industry supply chain.

The achievement by an organization of the certification, issued by APAVE CERTIFICATION ITALY, brings several benefits, such as:

• Regulatory compliance
  • Demonstrates compliance with European and national regulations for drug distribution.
  • Reduces the risk of sanctions, blocking or withdrawal of licenses by health authorities (e.g., AIFA, EMA).
• Increases trust and credibility
  • Strengthens the company's reputation with customers, partners, and authorities.
  • Facilitates access to regulated markets where GDP is a mandatory or strongly recommended requirement.
• Better control of the supply chain
  • Ensures traceability of products throughout the supply chain.
  • Reduces the risks of counterfeiting, contamination or degradation of products.
• Optimization of logistics processes.
  • Improves management of warehouse, transportation and controlled temperatures.
  • Reduces waste and operational inefficiencies.
• Continuous improvement and service quality.
  • Introduces standardized procedures for quality control.
  • Promotes a systemic approach to process improvement and risk management.
• Access to international partnerships.
  • GDP-certified companies are often preferred in global distribution networks.
  • Fosters cooperation with multinationals and companies that demand high quality standards.
• Staff training and empowerment
  • Implies ongoing training programs on quality, hygiene, safety and traceability.
  • Increases staff awareness of the importance of their role in the supply chain.