October Is Cyber Security Awareness Month - Click Here To View Our Resource Hub

amtivo logo seasalt

Certification Regulations

British Assessment Bureau Limited (“BAB”) is a certification body accredited by the United Kingdom Accreditation Service (“UKAS”) to provide the audit and certification of Client’s management systems to relevant standards. These Certification Regulations set out the respective obligations of BAB and the Client to each other in relation to all activities that form part of the certification process (“Certification Activities”) carried out by, or on behalf of, BAB.

  1. BAB shall perform the Certification Activities using reasonable care and skill. Where BAB has subcontracted aspects of the Certification Activities to a third party, BAB shall remain legally responsible for the Certification Activities.
  2. The Client shall fully co-operate in relation to arranging any audits required by the Certification Activities, including making provision for examining documentation and providing access to all processes and areas, records and personnel.
  3. The Client shall agree to the presence of a UKAS and/or BAB observer should UKAS and/or BAB wish to assess the provision of the Certification Activities.
  4. Confirmation that the Client meets the relevant standard (“Certification”) shall only be issued once BAB determines, at its sole discretion, that the requirements of Certification have been met. BAB shall be solely responsible for granting, refusing, maintaining of certification, expanding or reducing the scope of certification, renewing, suspending or restoring, or withdrawing of certification.
  5. Following Certification, the Client shall use and display certification badges and/or make reference to their certification status subject to the restrictions set out by BAB in its guidelines, a copy of which is available at here.
  6. In order to maintain Certification for the remainder of the certification cycle, the Client acknowledges that further annual audits will need to be undertaken by an accredited certification body. More information on the Certification cycle can be found at here.
  7. The Client shall notify BAB, without delay, of matters which may affect the capability of the Client’s management system to continue to fulfil the requirements of Certification. These matters include but are not limited to:-
    1. the legal, commercial, or organisational status, or ownership of the organisation;
    2. additional sites or offices;
    3. additional staffing levels;
    4. change of certificate scope;
    5. any other changes to the management system and processes;
    6. occurrence of a serious incident or breach of regulation necessitating the involvement of the competent regulatory authority (in the event of a serious incident and the involvement of the competent authority, a special audit may be necessary, and the outcome of the investigation recorded)
  8. Where there is evidence that the Client’s management system no longer meets the c requirements of Certification, this shall provide grounds for BAB to decide on action to be taken – up to and including suspension or withdrawal of certification.
  9. BAB and UKAS shall have the right to display the Client’s certification and current audit status in the public domain for inspection.
  10. The Client shall in connection with its activities and the operation of its business comply with fair and equitable business practice, namely all relevant laws, regulations, and codes in relation to:
    1. anti-bribery and anti-corruption including, but not limited to, the Bribery Act 2010 where applicable;
    2. anti-slavery and human trafficking including, but not limited to, the Modern Slavery Act 2015 where applicable;
    3. equality, diversity, human rights and good relations including, but not limited to, the Equality Act 2010 where applicable;
    4. international sanctions issued by the United Kingdom or the United Nations including, but not limited to, Sanctions and Anti-Money Laundering Act 2018 where applicable; and
    5. any other laws, regulations and codes referred to in UKAS’ Standard Terms of Business.
  1. As used in these Regulations, “Confidential Information” shall mean any oral or written proprietary information that BAB may acquire from the Client pursuant to these Regulations or information as to the Client’s business provided, however, that Confidential Information shall not include any information which:
    1. is or hereafter becomes generally known to the public but not as a result of unpermitted disclosure;
    2. was available to BAB on a non-confidential basis prior to the time of its disclosure by the disclosing party;
    3. is disclosed to BAB by an independent third party with a right to make such disclosure; or
    4. is developed by or for the receiving Party independently of the information disclosed by the disclosing Party
  2. Unless required by law or by a judicial, governmental, or other regulatory or accreditation body, BAB shall take all reasonable steps to ensure that its personnel, agents and sub-contractors do not use Confidential Information other than for the purpose of providing Certification Activities nor disclose the Client’s Confidential Information to any person or entity without the prior written approval of the Client except as expressly provided for in these Regulations.
  3. In the event that that there is a conflict between the terms of these Certification Regulations and the terms of an agreement into which they are incorporated, the terms of these Certification Regulations shall prevail.

Revision date: 7 October 2025

Get Started on Your Certification Journey Now

Your certification costs will depend on the size of your business, location, and the sector you’re in.

Get started on your certification journey