[Home] [Databases] [WorldLII] [Search] [Feedback] Malaysia Legislation

(1) The qualified auditor shall give the licensed certification authority at least seven days written notice before the qualified auditor carries out the annual compliance audit.

(2) The licensed certification authority shall make available any information, document or personnel as may be required by the qualified auditor.

(3) Based on the information gathered in the audit, the qualified auditor shall categorise the licensed certification authority's compliance as one of the following:

(a) full compliance, if the licensed certification authority appears to comply with all the requirements of the Act and these Regulations;

(b) substantial compliance, if the licensed certification authority appears generally to comply with the requirements of the Act and these Regulations but one or more instances of non-compliance or of inability to demonstrate compliance were found in the audited sample, that were likely to be inconsequential;

(c) partial compliance, if the licensed certification authority appears to comply with some of the requirements of the Act and these Regulations but was found not to have complied with or not to be able to demonstrate compliance with one or more important safeguards; or

(d) non-compliance, if the licensed certification authority

(i) complies with few or none of the requirements of the Act or these Regulations;

(ii) fails to keep adequate records to demonstrate compliance with more than a few requirements; or

(iii) refused to submit to an audit.