SCS 9001 Registration Overview
SCS 9001 is documented in the SCS 9001 Management System Handbook. The Getting Started section is intended to provide comprehensive information, guidelines and resources for a new, ongoing or mature SCS 9001 implementation.
SCS 9001 registration process is straightforward with well-defined stages and tasks. The full implementation process can take 6 - 18 months, depending on the size of the organization, geographic dispersion of its operations, and available resources.
Certification Process
The SCS 9001 certification process mirrors ISO-style management system certification such as ISO 9001 and ISO 27001. With an emphasis on security of critical infrastructure, TIA has taken a position to disallow entities identified by the U.S. Federal Government as being untrustworthy from being certified to the SCS 9001 standard. The policy is described at: TIA Policy on Government Restrictions.
An initial step in readying for a certification is to create a record in the TIA QuEST Forum Registration Management System (RMS). This step should take no more than 15 minutes. The RMS is a database used to manage certifications. Upon creation, this record is private and visible only to TIA, the certifying organization, it’s selected CB, and the AB that accredited the CB. The record becomes publicly viewable upon successful completion of the subsequent audit and award of the SCS 9001 certificate.
The creation of a registration record triggers a review process within TIA. The certifying organization is assessed against the then current version of the U.S. Government entity lists identified within the TIA Policy on Government Restrictions. If the certifying organization is determined to be on one of the lists, then a notification letter from TIA is generated stating that fact and that the organization is not permitted to proceed. Otherwise, a notification correspondence is generated by TIA that the registration is acknowledged and that the organization is allowed to proceed to start the certification process. These notifications are intended to be provided within 48 business hours of the creation of the registration record.
Pre-Registration Preparation
Learn About SCS 9001 – The requirements of SCS 9001 are documented in the SCS 9001 Handbook. TIA QuEST Forum offers training classes on SCS 9001. Some organizations hire consultants to help them better understand the requirements of SCS 9001.
Check Eligibility: The U.S. Department of Commerce's Bureau of Industry and Security (BIS) administers U.S. laws, regulations and policies governing the export and reexport of commodities, software, and technology falling under the jurisdiction of the Export Administration Regulations (EAR). Read TIA’s policy on Government Restrictions.
Select a Certification Body – TIA QuEST Forum requires organizations seeking SCS 9001 certification to work with a certification body to define the parameters of their certification early in the process. All the accredited certification bodies are listed on this website.
Perform a Gap Analysis – The organization undertakes gap analysis and assessment of its organization, operations and processes against the SCS 9001 standard. Deficient areas are identified, an action plan is created to close the gaps, plans and processes are put into place, and resources are allocated to align the organization with SCS 9001 requirements. The gap analysis can be conducted by internal or external consultants.
Schedule a SCS 9001 Assessment Audit – The action plan will define the amount of time needed to fully conform to SCS 9001 requirements. The organization, jointly with the certification body, schedules the initial assessment audit.
Registration Management System (RMS)
Once an organization has developed an action plan to conform to SCS 9001, an account profile can be created using the following registration link: Registration Management System (RMS).
The account profile is populated with information on the user, company, personnel, and registration. Registration Creation Tutorial
Overview of Certification Process
All non-TIA QuEST Forum participants are required to pay an Administration Fee to cover the costs of managing the registration and measurement systems.
Please note: each organization will be charged a Certification Fee. This fee is due upon initial certification and re-certification.
Account Management
RMS provides a simple, user-friendly tool for SCS 9001 registered companies to access, update, change, and manage information on registration, users, and registration status. Non-TIA QuEST Forum participants can also view usage invoices and make payments online with credit cards.
SCS 9001 ADMINISTRATIVE FEES
TIA QuEST Forum charges an annual fee for creating and managing the registration record on the Registration Management System (RMS) for all non-TIA QuEST Forum participants. This annual fee covers the use of this system and includes all data submissions and re-submissions.
SCS 9001 registrants are invoiced 60 days in advance of their registration renewal month and the fee can be paid by credit card, check, or wire transfer. Accounts more than 30 days in arrears are inactivated and the SCS 9001 registration is no longer available except to make the payment.
TIA QuEST Forum participants receive discount pricing. Not sure if your company is a TIA QuEST Forum participant and/ or interested in joining TIA QuEST Forum? Contact Us
Audit Process
Close Gaps – Progress is evaluated through internal audits and management reviews. All gaps must be resolved and completely closed before the organization is deemed fully conforming with SCS 9001.
Certificate of SCS 9001 – A certification body must verify that all effective processes are in place and clear all non-conformance. Then, the certification body can approve the application online and mark the registration records as certified and make available for public view. The organization is formally recognized as a certified SCS 9001 registered organization and receives a Certificate of SCS 9001 conformance.
Continuing Audits and Maintenance Activities - Regularly scheduled continuing audits of SCS 9001 registrations are required for surveillance and three-year re-assessments as per standard ISO/IAF guidelines.
Certified Audits - Certification body auditors have permission-based access to their SCS 9001 registered client accounts. They can check, validate, update the client information, and approve and update registration records.
Get involved with SCS 9001
Interested in joining our Supply Chain Security Working Group? Join leaders from global network providers, equipment suppliers, cloud solutions providers, software developers, connected device manufacturers and consultants to evolve SCS 9001 to meet the ever changing cybersecurity and supply chain risk management (SCRM) landscape.