This article is applicable to TAPA FSR, TSR, and PSR certifications
The first step to determine if your company is ready for TAPA certification is to conduct a local internal audit self-assessment using the TAPA self-assessment report.
The TAPA also requires that certified companies conduct annual internal self-assessments to monitor continued compliance to the requirements of TAPA.
TAPA has a requirement that all self-assessments, be they before or after certification, must be conducted by an Approved Auditor (AA) that has attended the online TAPA training course and passed the associated exam. The company’s approved auditor will need to attend the online training every time the standard changes.
The company’s authorized auditor should look at each of the requirements listed on the audit report and verify that all requirements have been fulfilled and document what was checked during the self-assessment to verify compliance. If a procedure, policy, letter of appointment, or form is necessary, that document and its location should be written in the comments section of the self-assessment report.
If there were changes to the TAPA security system, the self-assessment audit report should be updated. If problems or nonconformities are found, a SCAR / CAPA / nonconformity report should be documented and managed until the corrective action is completed.
Just remember, the TAPA certification scheme is a 100% mandatory scheme where all requirements must be fulfilled as part of the audit and certification process. In the event a company cannot meet the requirements of the standard, the company will need to apply for a waiver. The reason why a requirement cannot be achieved must be documented with mitigation and not simply a declaration that the requirement does not apply to the company for what ever reason.