How Clause 7 Turns Competence into a Measurable System
If there’s one part of ISO/IEC 17024 that defines your credibility, it’s Clause 7.
This is where your certification body shows how it measures competence — not just through policies, but through a structured, defendable certification scheme and a validated examination process.
In my experience helping certification bodies build or revise their schemes, this is where many underestimate the detail assessors expect. You can’t just “create a test” — you must prove that every question, every score, and every recertification rule is built on evidence of real job competence.
In this article, we’ll walk through each part of Clause 7 in plain language. You’ll learn how to:
Design a certification scheme that reflects real job performance.
Develop and validate fair, reliable exams.
Keep your question bank secure and current.
Maintain scheme relevance over time.
Understanding Clause 7: From Competence Definition to Certification Decision
Clause 7 is the engine of your certification process. It defines how competence is turned into measurable, auditable outcomes.
The standard expects you to:
Define competence requirements based on actual job or task analysis.
Design fair assessment methods.
Establish and maintain documented certification schemes.
Control the exam development, delivery, and review process.
It ties directly to Clause 6 (Resources) and Clause 8 (Information). You need competent people (Clause 6) and clear communication with candidates (Clause 8) for the scheme to work.
Here’s what I’ve noticed: Some certification bodies borrow exam formats from other organizations, thinking it will save time. It doesn’t. Assessors quickly ask, “How do you know this exam measures your scope of certification?”
Pro Tip: Treat Clause 7 like your certification blueprint. Every scheme, test, and passing rule must trace back to a defined competence requirement.
Common mistake: Reusing question sets or generic templates from other industries without validation. It looks efficient but fails accreditation.
Defining the Certification Scheme
A certification scheme is your official rulebook. It defines who you certify, what competence you assess, and how you measure it.
Under ISO/IEC 17024, your scheme must include:
Scope and target role (e.g., “Safety Officer” or “Data Protection Specialist”)
Assessment methods (written, oral, practical, or simulation)
Criteria for awarding, maintaining, and renewing certification
The foundation is a job or task analysis. That means identifying what competent performance looks like in real workplaces. Talk to employers, industry regulators, and practitioners — the standard expects stakeholder involvement.
One of my clients developed a “Renewable Energy Technician” certification. Instead of guessing, they consulted energy companies, safety authorities, and equipment manufacturers. Their scheme passed accreditation easily because it reflected real industry practice.
Pro Tip: Document your scheme committee meetings. They prove stakeholder input, which assessors always look for.
Pitfall: Designing a scheme in isolation or based only on internal opinions — it often leads to competence gaps.
Developing Fair and Valid Assessments
Once competence is defined, the next step is exam development. This is where you prove your assessment is valid (measures the right things), reliable (gives consistent results), and fair (treats all candidates equally).
Clause 7 requires a structured process for exam creation:
Define learning objectives based on competence areas.
Develop test items that align with those objectives.
Review and pilot-test items to ensure clarity and difficulty consistency.
Set pass/fail criteria using objective, documented methods.
Exams can be written, oral, practical, or performance-based — as long as they are fair and defensible.
Pro Tip: Use psychometric analysis or item statistics to validate questions. Even basic difficulty ratings can prove fairness.
Example: One certification body ran pilot tests and found that several questions were too easy — everyone got them right. They adjusted the weightings before official rollout, which impressed assessors during accreditation.
Common mistake: Writing questions without mapping them back to competence criteria. That breaks the chain of evidence and can trigger a major nonconformity.
Managing Question Banks & Exam Security
Clause 7 also requires you to control exam materials — from creation to storage to disposal. This is about protecting integrity and fairness.
You need to ensure:
Restricted access to exam materials.
Secure storage (physical or digital).
Periodic review and update of questions.
Controlled disposal of outdated items.
If you use digital platforms, assessors will check how you control access, passwords, encryption, and backups.
Example: A certification body I worked with encrypted its question bank and rotated questions every six months. They also logged who accessed the exam files — a simple but effective control.
Pro Tip: Review and refresh at least 20–30% of your question bank annually to maintain exam reliability.
Pitfall: Reusing the same exam version repeatedly. Once candidates start sharing answers, your scheme’s credibility erodes.
Setting and Reviewing Certification Requirements
Beyond exams, Clause 7 requires that your certification body define and maintain clear rules for certification.
That includes:
Prerequisites (education, work experience, or prior qualifications)
Criteria for passing or failing
Retake and appeal procedures
Suspension, withdrawal, or recertification requirements
All these rules must be documented in your certification scheme and communicated to candidates (linked with Clause 8).
Pro Tip: Record every decision about exam scoring, pass marks, or appeals in your “Scheme Committee Minutes.” Assessors love traceable evidence.
Pitfall: Inconsistent scoring or unclear retake rules — these are among the top findings in 17024 audits.
Maintaining and Updating Certification Schemes
A good certification scheme evolves with the industry. Clause 7 expects you to regularly review your scheme’s continued relevance and validity.
That means:
Reviewing competence criteria periodically.
Updating exams when regulations or technology change.
Adjusting passing criteria or evaluation methods when performance data suggests imbalance.
One client updated their “Cybersecurity Professional” certification after a new national framework was released. Because they had a defined review cycle, assessors praised them for proactive control.
Pro Tip: Conduct a full scheme review every 3–5 years — or sooner if standards or laws change. Document your findings and actions.
Common mistake: Letting a scheme run unchanged for years. Assessors will ask, “How do you know your certification is still valid for today’s job market?”
FAQs
Q1: Do we need a formal job analysis for every certification scheme? Yes. It’s required to show that competence requirements are based on actual job functions, not assumptions.
Q2: How often should we update exam content? At least annually, or whenever new standards, regulations, or technologies emerge.
Q3: Can we use online exams? Yes, but you must control exam access, verify candidate identity, and ensure the same fairness and security as in-person exams.
Turning Competence into Confidence
Clause 7 is where your certification body proves its credibility. When your scheme and exams are based on real job competence, validated for fairness, and controlled for security, your certification carries real weight.
Over the years, I’ve seen one consistent truth: well-designed schemes build trust faster than any marketing campaign ever could.
Next step: Review your certification scheme documentation. Check that every exam item, passing rule, and competence element can be traced back to job analysis and validated evidence. If not, that’s your improvement opportunity.
Melissa Lavaro is a seasoned ISO consultant and an enthusiastic advocate for quality management standards. With a rich experience in conducting audits and providing consultancy services, Melissa specializes in helping organizations implement and adapt to ISO standards. Her passion for quality management is evident in her hands-on approach and deep understanding of the regulatory frameworks. Melissa’s expertise and energetic commitment make her a sought-after consultant, dedicated to elevating organizational compliance and performance through practical, insightful guidance.
