A Standard That Was Overdue for an Update
ISO/IEC 17024 governs the accreditation and operation of certification of persons bodies. If your organisation certifies individuals rather than products or management systems, this is the standard you operate under. The 2012 edition has been in force for fourteen years, and a great deal has changed in how competence is assessed, verified, and maintained over that period. The 2026 revision addresses that gap directly.
On this page
Published in March 2026, ISO/IEC 17024:2026 is the most significant revision the standard has seen since it replaced the original 1999 edition. It is not a light refresh. The structure has been updated, new requirements have been added for technologies that did not exist in any meaningful form in 2012, and the vocabulary has been cleaned up to align with the broader ISO/IEC 17000 series. If you operate a certification of persons body, or if you are considering building one, this revision requires careful attention.
This article walks through what has changed, what has been removed, and what certification bodies need to do before the transition deadline.
Who ISO/IEC 17024 Applies To
It helps to be clear on scope before going into the changes. ISO/IEC 17024 applies to bodies that certify the competence of individuals. That is a different category from bodies that certify management systems or products. To understand the difference between a certification body and an accreditation body, the short version is that a certification body issues certificates to clients, while an accreditation body assesses whether the certification body is competent to do that work.
Examples of organisations operating under ISO/IEC 17024 include bodies that certify forklift operators, licensed electricians, registered nurses, project management professionals, financial planners, and security personnel. These are not niche applications. Millions of individual certifications globally are issued under schemes that are accredited against this standard. Changes to the standard flow through to every one of those schemes.
Get 3 ISO Quotes. 24 Hours Response
Tell us what you need and compare vetted ISO consultants or certification bodies within 24 hours. Free, no obligation.
Trusted by 400+ businesses like yours
Structural Changes: Alignment With ISO/IEC 17000
The 2026 edition has been restructured to align with the format and terminology of the ISO/IEC 17000 series. This is part of a broader effort across the conformity assessment standards family to make documents consistent with each other, reduce duplication, and allow users of multiple standards to navigate them without constantly re-learning terminology.
In practical terms, this means clause numbering and section headings will feel familiar to anyone who has worked with ISO/IEC 17011, ISO/IEC 17021 or ISO/IEC 17065. It also means some requirements that were implicit or scattered across the 2012 edition are now stated more explicitly and placed in locations that mirror the structure of related standards.
Importantly, ISO/IEC TS 17027, which was the companion technical specification containing vocabulary specific to certification of persons, is being withdrawn. Its content has been merged into the main standard. This simplifies the document set and removes the awkward situation where users had to read two documents together to get a complete picture of defined terms.
The revised terms and definitions section has been cross-checked against ISO/IEC 17000 to remove inconsistencies. Where definitions in TS 17027 conflicted with or duplicated those in the parent vocabulary standard, the 2026 edition resolves those conflicts and adopts a single consistent definition. For certification bodies that have built their internal documentation around TS 17027 definitions, a review of internal procedures against the new definitions is necessary.
What Has Been Removed From the 2012 Edition
The 2012 edition contained requirements and guidance that have become either redundant, absorbed into other standards, or inappropriate given how the field has evolved. The 2026 revision removes or streamlines several of these areas.
Some of the detailed prescriptive requirements around examination administration that were specific to paper-based and supervised in-person formats have been replaced with more principles-based requirements. This is partly to accommodate remote and AI-proctored examination, which the standard now addresses explicitly, and partly to give certification bodies more flexibility in how they meet the intent of the requirements rather than the letter of outdated procedures.
Certain redundant cross-references to withdrawn guidance documents have been removed. Requirements that duplicated general impartiality and confidentiality obligations found in ISO/IEC 17011 have been trimmed to avoid repetition without removing the substance. The overall effect is a tighter document that covers more ground with fewer words.
AI Governance: The Biggest New Addition
The most substantive new content in ISO/IEC 17024:2026 relates to artificial intelligence. This was not in the 2012 edition at all, for obvious reasons. The 2026 edition adds explicit requirements for certification bodies that use AI in any part of their certification process.
The requirements are principles-based rather than prescriptive, which is consistent with how ISO handles emerging technology. But they are real requirements, not aspirational guidance. Certification bodies using AI must be able to demonstrate the following.
First, AI tools used in certification activities must be trustworthy, transparent, and subject to human oversight. The standard does not define trustworthy in technical terms, but the expectation is that certification bodies can explain what the tool does, why it produces the outputs it produces, and who in the organisation is accountable for those outputs. A black-box AI system with no audit trail and no human review would not meet this requirement.
Second, AI outcomes must be validated by subject matter experts. If an AI system is used to mark examinations, generate assessment items, evaluate portfolios, or make decisions about certification eligibility, the certification body must show that qualified humans have reviewed and validated that the system performs those functions reliably. This is not a one-time exercise at setup. Ongoing validation is expected.
Third, certification bodies must demonstrate that their AI tools meet standards of validity, reliability, and fairness. Validity means the tool actually measures what it is supposed to measure. Reliability means it produces consistent results across different candidates in comparable circumstances. Fairness means it does not systematically disadvantage candidates based on characteristics unrelated to competence, such as language background, disability status, or geography.
Fourth, candidates must be informed when AI is used in their assessment. Disclosure is now a requirement, not a courtesy. The standard does not prescribe exactly how or when disclosure must occur, but it must happen before the assessment takes place so candidates can raise concerns or seek accommodation if needed.
These AI governance requirements will affect certification bodies that use automated marking systems, AI-generated question banks, algorithmic scoring of practical assessments, or any form of machine learning in their certification workflows. Bodies that have adopted these tools quickly without building governance frameworks around them will need to do that work before their next accreditation assessment.
Remote Invigilation and AI-Proctored Examinations
The 2026 edition formally addresses remote examination, including AI-proctored and remotely invigilated assessment formats. This reflects reality. Online proctoring has been widely adopted since 2020 and certification bodies have been operating remote examination programmes without specific guidance in the standard. The 2026 revision provides that guidance.
The standard now sets out conditions that apply when examinations are conducted remotely. Certification bodies must establish controls that provide equivalent confidence in the integrity of the examination compared to supervised in-person assessment. That phrase, equivalent confidence, is the key test. You do not have to replicate every feature of an in-person exam, but you do have to demonstrate that candidates cannot gain an unfair advantage, that identity verification is robust, and that the assessment conditions are sufficiently controlled.
Specific provisions address identity verification protocols, environmental controls such as what candidates can have visible in their examination space, data security requirements for the technology used, and how incidents such as technical failures or suspected misconduct are handled. Certification bodies using third-party remote proctoring platforms remain responsible for ensuring those platforms meet the standard requirements. Outsourcing the function does not transfer the obligation.
For AI-proctored examinations specifically, the AI governance requirements discussed above apply in full. An AI system that monitors candidates for suspicious behaviour must be validated, must be subject to human oversight, and must not introduce systematic bias. A candidate flagged by an AI proctoring system as suspicious must have access to a human review process before any adverse decision is made against them.
Impact on Real-World Certification Schemes
The changes in ISO/IEC 17024:2026 are not just relevant to large professional bodies. They touch certification schemes across industries where individual competence has direct safety or quality implications.
For bodies certifying forklift operators and other plant operators, the remote examination provisions may open up new assessment pathways, but the practical skills assessment requirements remain and must be managed carefully. For electrical licensing bodies, the AI governance requirements will be relevant if they use automated assessment tools in their written examinations. For nursing and allied health certification schemes, the fairness and non-discrimination requirements for AI tools will attract scrutiny given the diversity of the candidate population.
Understanding how ISO defines and requires competence is foundational here. The 2026 revision does not change the underlying philosophy that certification must reliably demonstrate competence against a defined standard. What it does is update the rules for how that demonstration can be conducted and what safeguards must be in place when technology mediates the assessment.
Transition Period and IAF Expectations
ISO/IEC 17024:2026 was published in March 2026. The International Accreditation Forum typically establishes a mandatory transition period for affected accreditation bodies and their clients following the publication of a revised standard. The transition period allows accreditation bodies to update their assessment processes, certification bodies to revise their schemes and procedures, and the market to absorb the changes in an orderly way.
Based on IAF practice for previous revisions in the 17000 series, a transition period of two to three years from the date of publication is the norm for a revision of this scope. Certification bodies should expect their accreditation body to communicate a specific transition deadline and to require evidence of conformance with the 2026 edition at or before that deadline.
During the transition period, accreditation bodies will typically assess against the 2012 edition unless a certification body has already transitioned. They will flag areas where the certification body’s current operations would not meet the 2026 requirements, giving organisations time to address gaps before the deadline. For more context on how this process works, the article on how ISO standards are updated and what happens to your certificate is worth reading, though that article addresses product and management system certification rather than persons certification specifically.
Certification bodies should not wait for their accreditation body to raise the issues. Conducting an internal gap analysis against the 2026 edition now, while the transition period is early, gives maximum time to address anything significant. The AI governance and remote invigilation requirements in particular may require policy development, contract renegotiation with technology vendors, or changes to candidate-facing processes that take time to implement properly.
For guidance on accreditation body expectations during transitions, the International Accreditation Forum publishes transition guidance documents that are worth monitoring as they are released for the 2026 edition.
What Certification Bodies Should Do Now
The practical steps are straightforward even if the work involved is not trivial.
Obtain a copy of ISO/IEC 17024:2026 from ISO or your national standards body and conduct a structured clause-by-clause comparison against your current scheme documentation and procedures. Pay particular attention to the AI governance clauses, the remote examination provisions, and the revised definitions. Flag anything your current procedures do not address.
Review your technology stack. If you use any AI-assisted tools in examination development, delivery, marking, or candidate management, identify them and assess them against the trustworthiness, transparency, human oversight, and fairness requirements. Where you use third-party platforms, review contracts to confirm your obligations and the vendor’s obligations.
Update candidate-facing documentation. The disclosure requirement for AI use is straightforward to meet if you have clear documentation. If AI is used anywhere in your assessment process, candidates need to know about it before they sit their assessment.
Engage with your accreditation body early. Ask them when they expect to publish transition guidance and what their assessment approach will be during the transition period. Some accreditation bodies will be further ahead on this than others.
A Note on CertBetter
CertBetter helps businesses find the right ISO certification body for their needs. If you are a certification of persons body looking to be listed on our platform, or a business trying to understand which certification scheme applies to your industry or workforce requirements, you can submit a request through our Finder tool and we will match you with the right provider. The landscape around ISO certifications changes regularly, and having the right certification body in your corner before a standard revision lands is worth the effort.
