A certificate is stronger when its record can be checked.
Verity’s verification policy explains how certificate records are controlled, how status is shown, how certificate scope is presented, and how manual checks can be requested where a register search is not enough.
The purpose is simple: certificates should not be treated as unchecked images. A reliable verification process gives viewers a clearer way to confirm the certificate number, organisation, standard, scope, issue date, expiry date and current status recorded by Verity.
Four-layer verification
Record identity
Certificate number, organisation name and standard are checked against the Verity register record.
Scope visibility
The register shows the stated scope so the certificate can be understood in context.
Status control
Active, suspended, withdrawn, expired or replaced status can be shown clearly.
Manual confirmation
Where further certainty is needed, a manual verification request can be made.
Certificate number
Each record should be traceable to a unique certificate reference, reducing confusion between versions, similar names and historic documents.
What it covers
Scope matters because a certificate is only meaningful when the activity, service or management-system area is clearly described.
Current standing
The register should make it easy to see whether a certificate is active, expired, suspended, withdrawn or replaced.
Supporting trail
Where authorised, verification can be supported by audit summaries, evidence packs or certificate-control records.
Verification is a control, not a decoration.
A certificate has more value when it can be checked against a live or maintained record. The Verity register is designed to support that principle by making core certificate information available in a structured way.
Verification helps reduce the risk of outdated certificate copies, altered PDFs, incomplete certificate numbers, expired records, unclear scope and accidental misuse. It also helps the certificate holder present its certification more professionally because the record can be checked without relying on an email attachment alone.
- It confirms that a certificate number exists in the Verity register.
- It shows the organisation and standard recorded by Verity.
- It shows the scope and certificate dates.
- It shows the current certificate status.
- It creates a simple route for manual verification where needed.
What a register should make clear
A good verification register should answer the main questions quickly: does the certificate exist, who does it relate to, what standard is shown, what scope is covered, when was it issued, when does it expire and what is its current status?
That is the practical purpose of the Verity verification register. It gives certificate records a controlled point of reference.
Check a certificateRecommended certificate record fields
The register is designed around fields that are useful, understandable and relevant to certificate checking. Each field has a purpose.
| Register field | Why it matters | What to check |
|---|---|---|
| Certificate number | Provides a unique reference for the certificate record. | The number should match the certificate exactly, including prefixes and year references. |
| Organisation name | Shows the certificate holder recorded by Verity. | The name should reasonably match the organisation presenting the certificate. |
| Standard and edition | Shows which standard or review route the certificate relates to. | The standard should match the evidence being relied on. |
| Scope | Shows the activity, service, site or management-system area covered. | The scope should be relevant to the activity being discussed. |
| Issue date | Shows when the certificate record became valid. | The issue date should be consistent with the certificate copy. |
| Expiry date | Shows when the certificate is due to cease being current. | The certificate should still be within its validity period if presented as current. |
| Status | Shows whether the certificate is active, suspended, withdrawn, expired or replaced. | The status should be reviewed alongside the date and scope. |
| Replacement note | Helps identify where a newer certificate has replaced an earlier version. | A replaced record should not normally be treated as the current certificate. |
Certificate status should be precise, not vague.
A register becomes more useful when certificate status is controlled using clear categories. These categories help viewers understand whether the record is current or whether another condition applies.
Active
The certificate is current according to Verity records, within its validity period and not marked as suspended, withdrawn, expired or replaced.
Suspended
The certificate is temporarily not in good standing while a matter is reviewed, clarified, corrected or resolved.
Withdrawn
The certificate has been withdrawn and should not be presented as current under the Verity scheme.
Expired
The certificate has passed its expiry date. It may remain a historic record, but it is no longer current.
Replaced
A newer certificate record has replaced the older one because of renewal, amended scope, corrected details or updated dates.
Pending
A record may be awaiting final administrative confirmation, update or manual check before the public entry is complete.
Under review
A certificate record may be under internal review where scope, status, evidence or certificate use requires clarification.
Manual verification
Manual verification may be used where a register result is insufficient or additional record confirmation is requested.
How the register should behave
The verification process should be narrow enough to avoid false matches and clear enough to support confident checking. For that reason, certificate-number searching is preferred over general name searching.
Certificate numbers reduce ambiguity. They help distinguish between similar company names, trading names, replaced records, older certificates and amended scope versions.
Register behaviour principles
- Search should be based on the full certificate number.
- Partial matches should be avoided where they may cause confusion.
- Expired, suspended, withdrawn and replaced records should not be hidden by default.
- Register entries should show current status clearly.
- Scope should be shown in enough detail to avoid over-claiming.
- Manual verification should be available where the register alone is not enough.
- Administrative errors should be correctable through controlled review.
Verification follows the certificate lifecycle.
A certificate is not a static graphic. It has a lifecycle. The register should reflect that lifecycle as the certificate moves from issue to active use, review, renewal, expiry, suspension, withdrawal or replacement.
Certificate decision recorded
Once certification is issued, the certificate number, organisation, standard, scope, issue date, expiry date and initial status are recorded.
Register entry created
The register entry is created so the certificate can be checked against Verity’s certificate-control records.
Active status maintained
During the validity period, the certificate may remain active while the organisation remains within the scheme rules and status-control requirements.
Change events monitored
Scope changes, organisation-name changes, major concerns, expiry, renewal or certificate-use issues may trigger a record update.
Status updated where required
The certificate may be marked as active, expired, suspended, withdrawn, replaced or under review depending on the record position.
Manual verification available
Where a viewer needs further assurance, Verity can carry out a manual record check and confirm the position from the certificate file.
Verification confirms the record. Evidence explains the substance.
The register confirms the current certificate record. It is not designed to publish confidential audit files or client records. Where the certificate holder authorises wider disclosure, a supporting evidence pack or audit summary may help explain what was reviewed and how the certificate relates to the organisation’s management system.
This distinction is important. Verification helps confirm identity, scope and status. Evidence packs help explain the management-system substance behind the certificate.
- The register confirms the certificate record.
- The scope explains the activity covered.
- The status explains the current standing.
- The evidence pack explains the review basis.
- Manual verification can connect the record to the certificate file.
Certificate plus evidence is stronger than certificate alone
A register check is often enough for basic certificate confirmation. For tenders, supplier approval, customer assurance or higher scrutiny, the evidence pack can provide more context.
The strongest presentation is often: certificate, register entry, scope statement, audit summary and evidence pack.
View evidence packWhat the verification policy is designed to reduce
Verification is useful because certificate records can be misunderstood, reused incorrectly or presented without enough context. The policy is designed to reduce common weaknesses in certificate use.
Outdated copies
A certificate PDF may remain in circulation after the certificate expires or is replaced. The register provides a current reference point.
Scope overreach
A certificate can be misread as covering more than it actually covers. Showing the scope helps reduce that risk.
Version confusion
Renewed, amended or corrected certificates can create multiple versions. Register status helps identify the current record.
Unclear status
A certificate may be expired, suspended, withdrawn or replaced. Status labels help make that position visible.
Name confusion
Similar organisation names, trading names and group companies can create uncertainty. Certificate-number searching reduces ambiguity.
Evidence gaps
A register entry confirms the record, while an evidence pack can help explain the basis of review where more detail is useful.
Manual verification process
Manual verification may be requested where a certificate record cannot be found, the certificate number appears incomplete, the status needs clarification, the certificate was recently replaced, or additional record confirmation is useful.
Manual verification may confirm the certificate number, organisation, standard, scope, issue date, expiry date and current status shown in Verity records. Where authorised by the certificate holder, Verity may also confirm whether a supporting evidence pack or audit summary exists.
Request manual verificationWhat to send
- The full certificate number.
- The organisation name shown on the certificate.
- The standard or review route shown.
- The issue date and expiry date if visible.
- The reason the certificate is being checked.
- Any specific question about status, scope or record accuracy.
- Any authorisation from the certificate holder for evidence confirmation.
The register shows useful information without exposing confidential audit files.
The register is designed to provide enough information for certificate checking while avoiding unnecessary publication of confidential evidence, internal audit notes or commercially sensitive client records.
Public by design
Certificate number, organisation, standard, scope, dates and status are suitable for public verification because they are part of the certificate record.
Controlled by permission
Evidence packs, audit summaries and supporting records may be shared only where appropriate permission, confidentiality and data controls allow it.
Proportionate disclosure
The policy aims to provide enough confidence for checking without turning the public register into an uncontrolled disclosure area.
How the policy works in real situations
Certificate number found
The register returns an active certificate record with matching organisation, standard, scope and validity dates. The certificate can be checked against that record.
Certificate expired
The certificate number exists, but the status shows expired. The record may remain useful historically, but it should not be treated as current.
Certificate replaced
The older certificate number exists but has been replaced. The current record should be checked before relying on the older certificate version.
Scope too narrow
The certificate is active, but the scope covers only part of the organisation’s activities. The scope should be read carefully before drawing conclusions.
No record found
The number may be typed incorrectly, incomplete, newly issued or not a Verity certificate. Manual verification can be requested.
Evidence requested
The certificate record is confirmed, and the certificate holder may choose to provide an evidence pack or audit summary for additional context.
How Verity manages the verification register
Verity aims to keep certificate verification clear, proportionate and controlled. The register should help certificate holders use their certification responsibly and help viewers check certificate records with confidence.
- Maintain certificate records with identifiable certificate numbers.
- Show certificate scope, dates and status clearly.
- Update records where certificates are renewed, replaced, withdrawn, suspended or expired.
- Provide manual verification where the register result needs clarification.
- Correct administrative errors where they are identified.
- Avoid publishing unnecessary confidential audit information on the public register.
- Support responsible certificate use through verification and certificate-use rules.
Related controls
The verification policy sits alongside the wider Verity governance framework. Certificate checking is only one part of responsible certification control.
Use the register first, then request manual confirmation if needed.
Enter the full certificate number in the verification register. If the result is unclear, recently updated, scope-sensitive or connected to a high-value review, manual verification can provide additional record confirmation.