What happens if we do not have Professional Indemnity Insurance?
If you don’t have Professional Indemnity Insurance, your application for membership of CERIS will automatically be unsuccessful.
PII is a pre-requisite for membership, both for your protection and for that of your clients.
What happens if our employees have not taken any of the courses?
This question is included to gather data on the industry, rather than a requirement. Your answers will not influence CERIS membership
What happens if we do not employ external vetting?
Your application for CERIS membership will not be affected if you do not employ external vetting, however, your internal vetting will then need to cover all criteria listed.
CERIS will be looking for a quality policy/manual if your business is not yet accredited to ISO 9001.
The below are the minimum requirements to be included in a quality manual;
Includes a commitment for continuous improvement of quality
Includes a commitment to quality within the business and its activities
Includes a commitment to comply with all applicable requirement (statutory, regulatory and contractual)
If we’re not accredited to ISO27001, what sort of detail will be accepted by CERIS?
CERIS will be looking for an information security management policy/system if your business is not yet accredited to ISO 27001.
A security management system would normally include statements on management responsibility for the ISMS including:
Management Responsibility
Management Commitment
Management Representative
Quality Policy and Objectives
Customer Focus and Customer Satisfaction
Corrective Actions
Preventative Actions