The certificate shall have the following information, and this information shall be publicly available:

• Unique identification no of certificate
• Name of the organisation to be certified
• Address of the organisation to be certified
• Geographical locations of sites (in case of multiple sites)
• Ref to quality management system
• The scope of certification with respect to the type of activities, products and services as applicable at each site without being misleading or ambiguous (in case of 27001, the statement of applicability version number is also provided).
• The name, address and certification mark of MQAS; other marks (e.g. accreditation symbol, client’s logo) may be used provided they are not misleading or ambiguous.
• Any other information required by the standard and/or other normative document used for certification.

In case of ISO 27001:2013/ 27001:2022, if there is any change in statement of applicability that requires change in the coverage of the controls then a process for issue of new certificate needs to be initiated.

In the event of issuing any revised certification documents, a means to distinguish the revised documents from any prior obsolete documents.

MQAS shall provide certification documents by any means it chooses. It may be in form of post or courier or by hand.