Dear Ladies and Gentlemen,

We herewith inform you about updates and clarifications in the ISCC System. Please share this information with all relevant members of staff.

1. Adaptions of Chapter 12.2 of the ISCC PLUS System Document for the Group Certification Approach for Final Product Refinement (FPR) Activities
2. ISCC EU: Update of the Gap Audit Procedure 

1. Adaptions of Chapter 12.2 of the ISCC PLUS System Document for the Group Certification Approach for Final Product Refinement (FPR) Activities 

ISCC has revised the requirements for the group certification approach for FPR activities under ISCC PLUS (chapter 12.2, ISCC PLUS System Document). 

Revised requirements:

• Added requirement: The group members shall be audited on a sample basis. The sample size should be calculated according to the same requirements as in the ISCC EU 203 System Document v4.0. The risk level should be increased if external companies are part of the group or if the outsourced activities are complex and may result in higher losses. A regular risk level shall only be applied if all group members are part of the corporate structure of the group head.
• Adjustment: A sample audit procedure for FPR group members shall be used for sample audits at the site of the group members.
• Adjustment: A specific outsourcing agreement between the group head and the group member is no longer required. Instead, all relevant contracts between the group head and the group member shall be verified.
• Adjustment: Only external group members shall provide ‘self-declaration’ to the FPR group head. 

The above changes are effective immediately and will be incorporated into the next update of the ISCC PLUS System Document. The APS system will be updated accordingly.

2. ISCC EU: Update of the Gap Audit Procedure

With the ISCC System Update from 4 January 2024, we announced the publication of the revised ISCC EU System Documents and that all ISCC EU audits will have to be conducted in accordance with the updated requirements from the European Commission. The new requirements will be incorporated into APS. We expect to provide the updated APS at the end of February. For audits that are taking place until the new APS is in place, ISCC prepared “gap” audit procedures that address the requirements of the Implementing Regulation. The gap audit procedures must be used for ISCC EU audits since the beginning of 2024, and they must be used in addition to the currently applicable audit procedures/APS version.

We have now updated the ISCC EU gap audit procedures to better reflect the applicable level of assurance (limited or reasonable assurance) that has to be documented for ISCC EU audits. Please see the updated (v4.1) ISCC EU Documents 103 “Requirements for Certification Bodies and Auditors”, 201 “System Basics” and 204 “Risk Management” for further information.

The updated gap audit procedures also better reflect that it is still possible to apply a maximum mass balance period of 12 months for producers, first gathering points or central offices of agricultural or forest biomass) and three months for all other scopes (i.e. shorter mass balance periods are possible). 

The updated gap audit procedures (v1.2) can be found here on the ISCC website. They have to be applied for ISCC EU audits with immediate effect.

For certification bodies and auditors word versions of the gap audit procedures are available in the CB section of the ISCC website (login required).

Note for Certification Bodies/ISCC HUB: The gap audit procedures have to be submitted as part of the certificate submission or submission of certificate modification in the ISCC HUB. They have to be uploaded in the section “Sample Audit Reports – Additional Files” for the main audit and each sample/additional audit where required. For surveillance audits the gap audit procedures have to be provided via email to certificate@iscc-system.org until the updated APS is available.

Note for ISCC PLUS: For the time being and until further notice for audits under ISCC PLUS the approach as included in the previous version of the ISCC System Documents (v4.0) is applicable, i.e. that the Certification Body must establish at least a “limited assurance level” when conducting audits.