Become a Registered Supplier
Becoming a Registered Supplier is a stepping stone to becoming a Certified Supplier. It is a sign of intent from a supplier and allows suppliers the opportunity to declare their GDPR readiness and credentials whilst proceeding to full certification. Customers will also be able to identify Registered Suppliers as potential purchasing route. Registered Suppliers are required to answer a series of questions and make a declaration of their capabilities, whilst not completing the full certification. There is no charge to become a Registered Supplier, but the use of the CIF Certified logo is prohibited until achieving full self-certification which must be completed within 12 months.
Registered suppliers will need to declare the following information (unaudited) on their path the certification:
- Does your organisation's website clearly show its corporate name?
- Does your organisation's website clearly show its date of formation?
- Does your organisation's website clearly show its location?
- Is information regarding the board of directors (or equivalent body) available to view publicly?
- Does your organisation's website outline its executive management? (CEO and CFO or equivalents)
- Do you provide a corporate fixed address publicly? (not a post office PO box)
- Do you provide information on your scope of service via your organisation's website?
- Do you provide information on your third party coverage via your organisation's website?
- Can your organisation provide a comprehensive list of countries where personal data may be processed in any way ('personal data location')? - This includes where data may be transmitted, stored, mirrored, backed-up, recovered, and provided with support.
- Do you have a document which defines your organisational structure by band, and the employee vetting procedures?
- Does your organisation have documentation defining who is responsible for any software/IP licensing, and any costs involved which are not covered within the cost of the services being provided?
- Does your company have written policies and/or certifications around information security?
- Does your company have written policies and/or certification around supplier management?
- Does your company have written policies and/or certifications around complaint handling?
- Does your company have written policies and/or certifications around environmental impact management?
- Does your company have a written policy on data protection?
- Does your organisation adhere to a complaints procedure?
- Does your organisation understand its legal obligations against the new General Data Protection Regulation (GDPR) laws due to be enforced in 2018?
To become a Registered Supplier please follow this link.