[Federal Register Volume 74, Number 155 (Thursday, August 13, 2009)]
[Proposed Rules]
[Pages 40784-40794]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-19443]



[[Page 40784]]

=======================================================================
-----------------------------------------------------------------------

CONSUMER PRODUCT SAFETY COMMISSION

16 CFR Part 1112

[CPSC Docket No. CPSC-2009-0061]


Audit Requirements for Third Party Conformity Assessment Bodies

AGENCY: Consumer Product Safety Commission.

ACTION: Proposed rule.

-----------------------------------------------------------------------

SUMMARY: The Consumer Product Safety Commission (``CPSC'' or 
``Commission'') is proposing to issue regulations establishing 
requirements for the periodic audit of third party conformity 
assessment bodies as a condition for their continuing accreditation. 
The proposed rule would implement section 14(d) of the Consumer Product 
Safety Act (``CPSA''), as amended by section 102(b) of the Consumer 
Product Safety Improvement Act of 2008 (``CPSIA'').

DATES: Submit written or electronic comments on the proposed rule by 
October 13, 2009. Submit comments on information collection issues 
under the Paperwork Reduction Act of 1995 by September 14, 2009, (see 
the ``Paperwork Reduction Act'' section of this document).

ADDRESSES: You may submit comments, identified by Docket No. CPSC-2009-
0061, by any of the following methods:

Electronic Submissions

    Submit electronic comments in the following way:
    Federal eRulemaking Portal: http://www.regulations.gov. Follow the 
instructions for submitting comments. To ensure timely processing of 
comments, the Commission is no longer accepting comments submitted by 
electronic mail (e-mail) except through www.regulations.gov.

Written Submissions

    Submit written submissions in the following way:
    Mail/Hand delivery/Courier (for paper, disk, or CD-ROM 
submissions), preferably in five copies, to: Office of the Secretary, 
Consumer Product Safety Commission, Room 502, 4330 East West Highway, 
Bethesda, MD 20814; telephone (301) 504-7923.
    Instructions: All submissions received must include the agency name 
and docket number for this rulemaking. All comments received may be 
posted without change, including any personal identifiers, contact 
information, or other personal information provided, to http://www.regulations.gov. Do not submit confidential business information, 
trade secret information, or other sensitive or protected information 
electronically. Such information should be submitted in writing.
    Docket: For access to the docket to read background documents or 
comments received, go to http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Randy Butturini, U.S. Consumer Product 
Safety Commission, 4330 East West Highway, Bethesda, Maryland 20814; 
301-504-7562; e-mail: [email protected].

SUPPLEMENTARY INFORMATION:

I. Introduction

    Section 14(a)(1) of the CPSA (15 U.S.C. 2063(a)(1)), as amended by 
the CPSIA (Pub. L. 110-314, 122 Stat. 3016), requires that the 
manufacturer (including the importer) and the private labeler, if any, 
of a product that is subject to an applicable consumer product safety 
rule under the CPSA, or any similar rule, ban, standard, or regulation 
under any other Act enforced by the CPSC, issue a certificate which 
certifies ``based on a test of each product or upon a reasonable 
testing program, that such product complies with all rules, bans, 
standards, or regulations applicable to the product under this Act or 
any other Act enforced by the Commission'' and specifies each rule, 
ban, standard, or regulation applicable to the product. This 
requirement applies to any such product manufactured on or after 
November 12, 2008. Section 14(a)(4) of the CPSA gives the CPSC the 
authority to designate, by rule, one or more of these parties to issue 
the required certificate and to relieve the other parties enumerated in 
section 14 of the CPSA from the requirement to furnish certificates. 
The CPSC issued a final rule in the Federal Register on November 18, 
2008 (73 FR 68328) pertaining to such certificates of compliance.
    Section 14(a)(2) of the CPSA establishes a third party testing 
requirement for children's products that are subject to a children's 
product safety rule. In general, section 14(a)(2) of the CPSA states, 
in part, that every manufacturer or private labeler (if the children's 
product bears a private label) of such products shall submit sufficient 
samples of the product, or samples that are identical in all material 
respects to the product, to an accredited third party conformity 
assessment body to be tested for compliance with such children's 
product safety rule. Section 14(a)(3) of the CPSA establishes various 
time lines for accreditation and requires the Commission to publish 
notice of the requirements for accreditation of third party conformity 
assessment bodies to assess conformity with specific laws or 
regulations, and the Commission has published several notices of 
requirements in the Federal Register (see 73 FR 54564 (September 22, 
2008) (Notice of Requirements for Accreditation of Third Party 
Conformity Assessment Bodies to Assess Conformity with part 1301 of 
Title 16, Code of Federal Regulations)); 73 FR 62965 (October 22, 2008) 
(Notice of Requirements for Accreditation of Third Party Conformity 
Assessment Bodies to Assess Conformity With Part 1508, Part 1509, and/
or Part 1511 of Title 16, Code of Federal Regulations)); 73 FR 67838 
(November 17, 2008) (Notice of Requirements for Accreditation of Third 
Party Conformity Assessment Bodies to Assess Conformity With part 1501 
of Title 16, Code of Federal Regulations); and 73 FR 78331 (December 
22, 2008) (Notice of requirements for accreditation of third party 
conformity assessment bodies to assess conformity with the 600 parts 
per million (``ppm'') and 300 ppm lead content limits in metal and 
metal alloy parts of children's metal jewelry established by the 
Consumer Product Safety Improvement Act of 2008)).
    Section 14(d)(1) of the CPSA, as added by the CPSIA, requires the 
Commission to establish ``requirements for the periodic audit of third 
party conformity assessment bodies as a condition for the continuing 
accreditation of such conformity assessment bodies'' under section 
14(a)(3)(C) of the CPSA.
    This proposed rule, if finalized, would implement section 14(d)(1) 
of the CPSA.

II. Description of the Proposed Rule

    The proposal would create a new part 1112, titled ``Audit 
Requirements for Third Party Conformity Assessment Bodies,'' in Title 
16 of the Code of Federal Regulations.

A. Proposed Sec.  1112.1--Purpose

    Proposed Sec.  1112.1 would describe the purpose behind the new 
part 1112. In brief, proposed Sec.  1112.1 would state that part 1112 
``establishes the audit requirements for third party conformity 
assessment bodies pursuant to section 14(d)(1) of the Consumer Product 
Safety Act (CPSA) (15 U.S.C. 2063(d)(1)).'' Under section 14(d)(1) of 
the CPSA, compliance with the requirements in part 1112 would be a 
condition for the continuing accreditation of such third party 
conformity assessment bodies.
    Section 14(f)(2)(C) of the CPSA, ``Testing and Certification of Art 
Materials and Products,'' states that a certifying organization as 
defined in 16

[[Page 40785]]

CFR 1500.14(b)(8), Appendix A, ``(or any successor regulation or 
ruling) meets the requirements of [section 14(f)(2)(A) of the CPSA] 
with respect to the certification of art material and art products 
required under this section or by regulations prescribed under the 
Federal Hazardous Substances Act (15 U.S.C. 1261 et seq.).'' These 
certifying organizations certify that art materials conform to the 
requirements of ASTM D-4236 under the Labeling of Hazardous Art 
Materials Act (LHAMA), 15 U.S.C. 1277, which provided that the 
provisions of ASTM D-4236 shall be deemed a regulation issued by the 
Commission. Those requirements are codified at 16 CFR 1500.14(b)(8).
    LHAMA and the standard it mandated provide certain requirements for 
art materials. Under these requirements, the producer or repackager of 
an art material must submit the product's formulation or reformulation 
to a toxicologist who will review the formulation to determine if the 
art material has potential to produce chronic adverse health effects 
through customary or reasonably foreseeable use. If the toxicologist 
does determine that the art material has this potential, the 
toxicologist will recommend appropriate chronic hazard labeling, and 
the producer or repackager must use suitable precautionary labeling on 
the product. If the art material presents an acute hazard, the labeling 
also must contain an acute hazard warning.
    Under LHAMA, the producer or manufacturer of the art material must 
submit to the Commission a written description of the criteria the 
toxicologist uses to determine whether the producer/repackager's 
product has the potential to produce chronic adverse health effects and 
a list of art materials that require chronic hazard warning labels. A 
conformance statement indicating that the product has been reviewed in 
accordance with the standard as required must appear either on the 
product, at point of sale, or on an invoice. Furthermore, the 
``Guidelines for a Certifying Organization,'' which can be found as 
Appendix A to 16 CFR 1500.14(b)(8), state, in part, that an ``advisory 
board composed of not less than three or more than five toxicologists, 
at least one of whom is certified in toxicology by a nationally 
recognized certification board'' should conduct periodic reviews of a 
toxicologist's reviews and that, ``In cases where there is a 
disagreement by participating producers or participating users, with 
the determination of the toxicologist(s), there should be a method 
whereby the toxicologist's decision can be presented to the advisory 
board for arbitration.''
    Thus, because section 14(f)(2)(A) of the CPSA considers 
organizations that follow the guideline listed at Appendix A to 16 CFR 
1500.14(b)(8) to be third party conformity assessment bodies and 
because the ``Guidelines for a Certifying Organization'' establish a 
mechanism for reviewing the toxicologist's work (either periodically or 
in response to a disagreement), the proposed rule would not subject 
these certifying organizations to the audit requirements in part 1112.

B. Proposed Sec.  1112.3--Definitions

    Proposed Sec.  1112.3 would define various terms used in part 1112.
    Proposed Sec.  1112.3(a) would define ``accreditation'' as: A 
procedure by which an authoritative body gives formal recognition that 
a third party conformity assessment body is competent to perform 
specific tasks. Accreditation recognizes a third party conformity 
assessment body's technical competence and is usually specific for 
tests of the systems, products, components, or materials for which the 
third party conformity assessment body claims proficiency.
    The proposed definition is based on a description used by the 
International Organization for Standardization (ISO) in relation to ISO 
Standard ISO/IEC 17025:2005, ``General Requirements for the Competence 
of Testing and Calibration Laboratories'' (see International 
Organization for Standardization, ``Accreditation,'' accessed on the 
Internet at http://www.isoiec17025.com/wst_page4.html), except that it 
uses the term ``third party conformity assessment body'' instead of 
``lab'' and refers to ``technical competence'' instead of ``technical 
capability.'' The term ``third party conformity assessment body'' is 
used in section 14(a)(3)(C) of the CPSA. The Commission is aware that 
ISO/IEC 17025, by reference, incorporates the definitions set forth in 
ISO/IEC 17000:2004, ``Conformity Assessment--Vocabulary and General 
Principles,'' but ISO/IEC 17000's definition of ``accreditation'' 
incorporates several other definitions by implied reference. Therefore, 
the proposed rule would adopt a more explanatory definition rather than 
adopt a definition from ISO/IEC 17000 whose terms necessitate 
additional definition themselves.
    Proposed Sec.  1112.3(b) would define ``accreditation body'' as 
``an entity that accredits or has accredited a third party conformity 
assessment body as meeting, at a minimum, the International 
Organization for Standardization (ISO) Standard ISO/IEC 17025:2005, 
`General Requirements for the Competence of Testing and Calibration 
Laboratories' '' and any test methods or consumer product safety 
requirements specified in the relevant notice of requirements issued by 
the Commission and is a signatory to the International Laboratory 
Accreditation Cooperation--Mutual Recognition Arrangement. The proposed 
definition of ``accreditation body'' reflects the basic elements the 
Commission has specified in its notices of requirements for the 
accreditation of third party conformity assessment bodies. 
Additionally, the phrase ``at a minimum'' recognizes that some 
accreditation bodies may, as part of the accreditation process, demand 
that a third party conformity assessment body demonstrate its 
conformance with specific methods or programs in addition to 
demonstrating conformance with ISO/IEC 17025 and with any test methods 
identified in the relevant notices of requirements issued by the 
Commission.
    ISO/IEC 17025 incorporates by reference the definitions in ISO/IEC 
17000, and ISO/IEC 17000 defines ``accreditation body'' as an 
``authoritative body that performs accreditation.'' However, for 
purposes of the proposed rule, the Commission believes that the 
proposed definition is more explanatory and, in this instance, more 
consistent with the notices of requirements for the accreditation of 
third party conformity assessment bodies.
    Proposed Sec.  1112.3(c) would define ``audit'' as ``a systematic, 
independent, documented process for obtaining records, statements of 
fact, or other relevant information, and assessing them objectively to 
determine the extent to which specified requirements are fulfilled.'' 
The proposed definition is almost identical to the definition of 
``audit'' in ISO/IEC 17000. Proposed Sec.  1112.3(c) also would explain 
that, for purposes of part 1112, an audit is composed of two parts: (1) 
An examination by an accreditation body to determine whether the third 
party conformity assessment body meets or continues to meet the 
conditions for accreditation (a process known more commonly as a 
``reassessment'' and which the remainder of this preamble will refer to 
as a ``reassessment''); and (2) the resubmission of the ``Consumer 
Product Conformity Assessment Body Acceptance Registration Form'' (CPSC 
Form 223) by the third party conformity assessment body and the CPSC's 
examination of the resubmitted CPSC Form 223 (which the remainder of 
this preamble will refer to as an

[[Page 40786]]

``examination'' by the CPSC). For example, assume that a third party 
conformity assessment body is accredited as conforming to ISO/IEC 17025 
and to the testing pertaining to 16 CFR part 1501 (which pertains to 
``Method for Identifying Toys and Other Articles Intended for Use by 
Children Under 3 Years of Age Which Present Choking, Aspiration, or 
Ingestion Hazards Because of Small Parts''). The ``reassessment'' 
portion of the audit, in this example, would consist of the assessment 
or reassessment of the third party conformity assessment body by the 
accreditation body relative to ISO/IEC 17025 and the testing pertaining 
to 16 CFR part 1501. The ``examination'' portion of the audit would 
consist of the third party conformity assessment body re-registering at 
the CPSC through the completion of a new CPSC Form 223 and the CPSC's 
review of the information in the resubmitted form. If the third party 
conformity assessment body is a ``firewalled'' conformity assessment 
body or a government-owned or government-controlled conformity 
assessment body, the CPSC's examination may include verification to 
ensure that the entity continues to meet the appropriate statutory 
criteria pertaining to such conformity assessment bodies. (A 
``firewalled'' conformity assessment body is a conformity assessment 
body that is ``owned, managed, or controlled by a manufacturer or 
private labeler,'' and such conformity assessment bodies are subject to 
certain statutory requirements and are accredited by the Commission by 
order (see section 14(f)(2)(D) of the CPSA). Section 14(f)(2)(B) of the 
CPSA also allows a third party conformity assessment body to be ``owned 
or controlled in whole or in part by a government'' under certain 
statutory conditions or requirements. The statutory requirements for 
``firewalled'' and government-owned or government-controlled conformity 
assessment bodies are in addition to those pertaining to third party 
conformity assessment bodies generally.)
    Proposed Sec.  1112.3(d) would define ``Commission'' as meaning the 
Consumer Product Safety Commission.
    Proposed Sec.  1112.3(e) would define ``quality manager'' as an 
individual ``(however named) who, irrespective of other duties and 
responsibilities, has defined responsibility and authority for ensuring 
that the management system related to quality is implemented and 
followed at all times and has direct access to the highest level of 
management at which decisions are made on the conformity assessment 
body's policy or resources.'' This definition is patterned after the 
explanation of the quality manager's role in ISO/IEC 17025, section 
4.1.5.
    Proposed Sec.  1112.3(f) would explain that, unless otherwise 
stated, the definitions of section 3 of the CPSA and additional 
definitions in the CPSIA apply for purposes of part 1112 of this title. 
Thus, for example, the CPSIA's definition of ``third party conformity 
assessment body,'' which includes independent conformity assessment 
bodies, government-owned or government-controlled conformity assessment 
bodies (subject to certain requirements in section 14(f)(2)(B) of the 
CPSA), and ``firewalled'' conformity assessment bodies (subject to 
certain requirements in section 14(f)(2)(D) of the CPSA), would apply 
to part 1112, and the term ``third party conformity assessment body'' 
in part 1112 would be understood as including all three types of 
conformity assessment bodies.

C. Proposed Sec.  1112.5--Who Is Subject to These Audit Requirements?

    Proposed Sec.  1112.5 would explain that the requirements in part 
1112 apply to third party conformity assessment bodies operating 
pursuant to section 14(a)(2) of the CPSA and would reiterate that third 
party conformity assessment bodies must comply with the audit 
requirements as a continuing condition of the Commission's acceptance 
of their accreditation. However, as explained earlier in part II.A of 
this preamble, certifying organizations described in Appendix A to 16 
CFR 1500.14(b)(8) (pertaining to LHAMA and the certification of art 
material and art products) are not subject to the audit requirements.

D. Proposed Sec.  1112.7--What Must an Audit Address or Cover? Who 
Conducts the Audit?

    As described earlier in part II.B of this document, proposed Sec.  
1112.3(c) would explain that, for purposes of part 1112, an audit is 
composed of two parts: (1) An examination by an accreditation body to 
determine whether the third party conformity assessment body meets or 
continues to meet the conditions for accreditation (the 
``reassessment'' portion of the audit); and (2) the resubmission of the 
``Consumer Product Conformity Assessment Body Acceptance Registration 
Form'' (CPSC Form 223) by the third party conformity assessment body 
and the CPSC's examination of the resubmitted CPSC Form 223. If the 
third party conformity assessment body is a ``firewalled'' conformity 
assessment body or a government-owned or government-controlled 
conformity assessment body, the CPSC's examination may include 
verification to ensure that the entity continues to meet the 
appropriate statutory criteria pertaining to such conformity assessment 
bodies.
    Under proposed Sec.  1112.7(a), the reassessment portion of the 
audit may cover the management systems, specific tests, types of tests, 
calibrations, or types of calibrations that are the subject of the 
third party conformity assessment body's accreditation. For example, if 
an accreditation body accredited a third party conformity assessment 
body on the latter's conformity with ISO/IEC 17025 and additional 
method(s) or programs from the accreditation body or tests identified 
in the relevant notice of requirements issued by the Commission, the 
reassessment portion of the audit could have the accreditation body 
assess the third party conformity assessment body's conformity with 
ISO/IEC 17025 and assess whether the third party conformity assessment 
body is qualified to use the specific method(s) or programs from the 
accreditation body or the tests identified in the relevant notice of 
requirements. The examination portion of the audit conducted by the 
CPSC would consist of the third party conformity assessment body's 
resubmission of a CPSC Form 223, the CPSC's examination of the 
resubmitted form, and a check by the CPSC to see whether the third 
party conformity assessment body continues to meet the statutory 
requirements applicable to it.
    It is important to note that, with one exception, the proposed rule 
would not specify the precise scope of a reassessment by an 
accreditation body. The Commission recognizes that accrediting bodies 
often have the flexibility to determine whether a third party 
conformity assessment body continues to conform with its accreditation 
requirements and to decide what systems or test methods to examine as 
part of the reassessment process. Thus, the proposed rule would state 
that the reassessment portion of the audit ``may'' (rather than 
``must'') cover the management systems, specific tests, types of tests, 
calibrations, or types of calibrations that are the subject of the 
third party conformity assessment body's accreditation. Proposed Sec.  
1112.7(a) would, however, expressly require each reassessment to 
examine the third party conformity assessment body's management systems 
to ensure that the third party conformity assessment body is free from 
any undue influence regarding its technical judgment. Such an 
examination would be consistent with ISO/IEC 17025, section 4.1, 
``Organization,'' and note 2 to section 4.1.4 states that:


[[Page 40787]]


    If the laboratory wishes to be recognized as a third-party 
laboratory, it should be able to demonstrate that it is impartial 
and that its personnel are free from any undue commercial, financial 
and other pressures which might influence their technical judgment. 
The third-party testing or calibration laboratory should not engage 
in any activities that may endanger trust in its independence of 
judgment and integrity in relation to its testing or calibration 
activities.

(See International Organization for Standardization, ISO/IEC 17025: 
2005(E), ``General Requirements for the Competence of Testing and 
Calibration Laboratories,'' at page 2.) Such an examination also would 
be consistent with section 14(f)(2)(D)(ii) of the CPSA, which requires 
``firewalled'' conformity assessment bodies to have established 
procedures to ensure that:

    (I) Its test results are protected from undue influence by the 
manufacturer, private labeler or other interested party;
    (II) The Commission is notified immediately of any attempt by 
the manufacturer, private labeler or other interested party to hide 
or exert undue influence over test results; and
    (III) Allegations of undue influence may be reported 
confidentially to the Commission.

    Proposed Sec.  1112.7(b) would require the third party conformity 
assessment body to have the accreditation body that accredited the 
third party conformity assessment body perform the reassessment portion 
of the audit. For example, if a third party conformity assessment body 
was accredited by an accreditation body named AB-1, then AB-1 would 
conduct the reassessment. If, however, the same third party conformity 
assessment body changes its accreditation, so that it becomes 
accredited by a different accreditation body named AB-2, then AB-2 
would conduct the reassessment.
    The proposed rule contemplates that accrediting bodies performing a 
reassessment will conform to ISO/IEC 17011, ``Conformity Assessment--
General Requirements for Accreditation Bodies Accrediting Conformity 
Assessment Bodies.'' Certain provisions in ISO/IEC 17011, notably 
sections 7.11, ``Reassessment and Surveillance,'' 7.12, ``Extending 
Accreditation,'' and 7.13, ``Suspending, Withdrawing, or Reducing 
Accreditation,'' may be particularly relevant when conducting a 
reassessment.
    As for the examination portion of the audit, proposed Sec.  
1112.7(c) would explain that the third party conformity assessment body 
must have the examination portion of the audit conducted by the 
Commission. The examination portion of the audit would consist of 
resubmission of CPSC Form 223 by the third party conformity assessment 
body to the CPSC and the CPSC's examination of the resubmitted form. As 
explained later in part II.E of this document, resubmission of the CPSC 
Form 223 would occur in two ways: (1) There would be a continuing 
obligation to ensure that the information submitted on CPSC Form 223 is 
current, such that a third party conformity assessment body would 
submit a new CPSC Form 223 whenever the information changes; and (2) in 
the absence of any changes that would necessitate the submission of a 
new CPSC Form 223, the third party conformity assessment body would re-
register at the CPSC every two years using CPSC Form 223.
    Additionally, proposed Sec.  1112.7(c) would contain specific 
requirements for the CPSC's examination of ``firewalled'' and 
government-owned or government-controlled conformity assessment bodies. 
For ``firewalled'' conformity assessment bodies, proposed Sec.  
1112.7(c)(1) would state that the examination portion of the audit 
conducted by the CPSC may include verification to ensure that the 
``firewalled'' conformity assessment body continues to meet the 
criteria set forth in section 14(f)(2)(D) of the CPSA. Section 
14(f)(2)(D) of the CPSA states that:

    Upon request, the Commission may accredit a conformity 
assessment body that is owned, managed, or controlled by a 
manufacturer or private labeler as a third party conformity 
assessment body if the Commission by order finds that--
    (i) Accreditation of the conformity assessment body would 
provide equal or greater consumer safety protection than the 
manufacturer's or private labeler's use of an independent third 
party conformity assessment body; and
    (ii) The conformity assessment body has established procedures 
to ensure that--
    (I) Its test results are protected from undue influence by the 
manufacturer, private labeler or other interested party;
    (II) The Commission is notified immediately of any attempt by 
the manufacturer, private labeler or other interested party to hide 
or exert undue influence over test results; and
    (III) Allegations of undue influence may be reported 
confidentially to the Commission.

Thus, for example, under proposed Sec.  1112.7(c)(1), the CPSC could 
examine whether a ``firewalled'' conformity assessment body's 
established procedures continue to exist and examine its mechanisms for 
confidential reporting of allegations of undue influence. For 
government-owned or government-controlled conformity assessment bodies, 
proposed Sec.  1112.7(c)(2) would state that the examination portion of 
the audit conducted by the CPSC may include verification that the 
government-owned or government-controlled conformity assessment body 
continues to meet the five criteria set forth in section 14(f)(2)(B) of 
the CPSA. In brief, section 14(f)(2)(B) of the CPSA states that the 
term ``third party conformity assessment body'' may include a 
government-owned or government-controlled entity if:

    (i) Private labelers located in any nation are permitted to 
choose conformity assessment bodies that are not owned or controlled 
by the government of that nation;
    (ii) The entity's testing results are not subject to undue 
influence by any other person, including another governmental 
entity;
    (iii) The entity is not accorded more favorable treatment than 
other third party conformity assessment bodies in the same nation 
who have been accredited under [section 14 of the CPSA];
    (iv) The entity's testing results are accorded no greater weight 
by other governmental authorities than those of other third party 
conformity assessment bodies accredited under [section 14 of the 
CPSA]; and
    (v) The entity does not exercise undue influence over other 
governmental authorities on matters affecting its operations or on 
decisions by other governmental authorities controlling distribution 
of products based on outcomes of the entity's conformity 
assessments.

Thus, for example, under proposed Sec.  1112.7(c)(2), the CPSC could 
examine whether a government-owned conformity assessment body has 
procedures in place to ensure that its testing results are not subject 
to undue influence by any other person. CPSC staff is considering 
whether to specify the types of documents government-owned or 
government-controlled conformity assessment bodies should have to 
demonstrate compliance with section 14(f)(2)(B) of the CPSA; however, 
because such details may be more appropriately considered to be part of 
the accreditation or acceptance of accreditation processes rather than 
part of an ``audit,'' the Commission may amend the previously-published 
notices of requirements and/or include such information in any future 
notices of requirements.

E. Proposed Sec.  1112.9--When Must an Audit Be Conducted?

    Proposed Sec.  1112.9(a) would state that, at a minimum, each third 
party conformity assessment body must be reassessed at the frequency 
established by its accreditation body for reassessments of the 
accreditation. For example, if the accreditation body would conduct a 
reassessment to reexamine a third party conformity

[[Page 40788]]

assessment body's accreditation after two years, the minimum 
reassessment frequency for that third party conformity assessment body, 
under proposed Sec.  1112.9(a), would be two years.
    Third party conformity assessment bodies are free to have 
themselves reassessed more frequently (such as annually or on any other 
predetermined schedule) and may wish to consider having reassessments 
conducted if a change has occurred that may affect their capabilities. 
For example, if a third party conformity assessment body desires to 
perform an additional method, it may wish to consider being reassessed 
at an earlier date so that the reassessment examines the third party 
conformity assessment body's conformance with ISO/IEC 17025 and all 
methods covered by the accreditation(s). As another example, 
accreditation bodies themselves may have shorter intervals between 
initial accreditation and a reassessment or allow for another type of 
action called ``surveillance.'' Section 7.11.3 of ISO/IEC 17011 
discusses various dates for reassessment and/or surveillance of a third 
party conformity assessment body's accreditation. ISO/IEC 17011 defines 
``surveillance'' as a ``set of activities, except reassessment, to 
monitor the continued fulfillment by accredited [conformity assessment 
bodies] of requirements for accreditation.'' ``Surveillance,'' 
therefore, is distinct from ``reassessment.'' Section 7.11.3 of ISO/IEC 
17011 directs accreditation bodies to design a plan for reassessment 
and surveillance and recommends that the first on-site surveillance be 
conducted ``no later than 12 months from the date of initial 
accreditation.''
    As for the examination portion of the audit conducted by the CPSC, 
proposed Sec.  1112.9(b)(1) would require each third party conformity 
assessment body to ensure that the information it submitted on CPSC 
Form 223 is current and to submit a new CPSC Form 223 whenever the 
information, such as the third party conformity assessment body's 
address, telephone number, or ownership, changes. This will ensure that 
the information available to CPSC reflects the most current information 
for a particular third party conformity assessment body. In the absence 
of any changes that would necessitate the submission of a new CPSC Form 
223, proposed Sec.  1112.9(b)(2) would require the third party 
conformity assessment body to re-register at the CPSC every two years 
using CPSC Form 223. This re-registration requirement may help CPSC 
identify third party conformity assessment bodies that have gone out of 
business or discontinued testing of products subject to the CPSC's 
jurisdiction and remove such third party conformity assessment bodies 
from its list of accredited third party conformity assessment bodies.
    If a third party conformity assessment body has registered more 
than once with the CPSC, has registered at different times, and has no 
changes in information that would warrant the submission of a new CPSC 
Form 223, the first examination portion of the audit, under proposed 
Sec.  1112.9(b)(3), would be performed two years after the last 
registration date, and then every two years thereafter. For example, 
assume that a third party conformity assessment body registers in 2009 
to test for lead paint and later registers in 2010 to test for small 
parts. The examination portion of the audit would occur in 2012, and 
subsequent examination portions of the audit would be at 2014, 2016, 
etc. If the third party conformity assessment body has made changes 
that warranted the submission of a new CPSC Form 223, then, under 
proposed Sec.  1112.9(b)(4), the first examination portion of the audit 
would be performed two years after the submission of the new CPSC Form 
223.

F. Proposed Sec.  1112.11--What Must a Third Party Conformity 
Assessment Body Do After an Audit?

    In general, once the accreditation body has conducted its 
reassessment of a third party conformity assessment body, the 
accreditation body will present its initial findings along with any 
supporting evidence to the quality manager for the third party 
conformity assessment body. The accreditation body may give the third 
party conformity assessment body's personnel the opportunity to present 
any objections they have to the initial findings. The accreditation 
body may then adjust its findings in response to any valid objections.
    When the accreditation body presents its findings to the third 
party conformity assessment body, proposed Sec.  1112.11(a) would 
require the third party conformity assessment body's quality manager to 
receive the findings and, if necessary, to initiate corrective action 
in response to the findings. Proposed Sec.  1112.11(b) would require 
the quality manager to prepare a resolution report; the resolution 
report would identify the corrective actions taken and any follow-up 
activities. If immediate corrective action is necessary (as may be the 
case if the findings identify problems associated with incorrect 
procedures, invalid actions, or the creation or use of invalid data), 
proposed Sec.  1112.11(b) would require the quality manager to document 
that he/she notified the relevant parties within the third party 
conformity assessment body to take immediate corrective action and also 
document the action(s) taken.
    Proposed Sec.  1112.11(c) would require the quality manager to 
notify the CPSC if the accreditation body decides to reduce, suspend, 
or withdraw the third party conformity assessment body's accreditation, 
and the reduction, suspension, or withdrawal of accreditation is 
relevant to the third party conformity assessment body's activities 
pertaining to a CPSC regulation or test method. For example, assume 
that a third party conformity assessment body is accredited by its 
accreditation body to perform lead paint testing and to perform tests 
to detect the presence of a specific substance (which this example will 
refer to as Test 2), where the latter test is not done to determine 
whether children's products conform to an applicable children's product 
safety rule and also is not within the scope of the CPSC's acceptance 
of the accreditation for the third party conformity assessment body. 
Assume further that the accreditation body finds the third party 
conformity assessment body to remain competent to conduct the lead 
tests, but withdraws accreditation with respect to Test 2. Under this 
example, the quality manager would not have to notify the CPSC that the 
accreditation body has withdrawn accreditation for Test 2 because Test 
2 was not relevant to the third party conformity assessment body's 
testing of children's products.
    In circumstances when a notification is required, the notification 
would be sent to the Assistant Executive Director, Office of Hazard 
Identification and Reduction, within five business days of the 
accreditation body's notification to the third party conformity 
assessment body. This provision will help ensure that the CPSC is 
notified about third party conformity assessment bodies that have their 
accreditation suspended or withdrawn or have the scope of their 
accreditation reduced after a reassessment. If a third party conformity 
assessment body does not notify the CPSC as proposed Sec.  1112.11(c) 
would require, such non-compliance may be grounds for withdrawal of 
acceptance of the accreditation by the Commission itself under section 
14(e)(1)(B) of the CPSA for failure to ``comply with an applicable * * 
* requirement established by the Commission'' under the audit 
regulations.
    Proposed Sec.  1112.11(d) would explain that the CPSC will notify 
the third party

[[Page 40789]]

conformity assessment body if the CPSC finds that the third party 
conformity assessment body no longer meets the conditions contained in 
CPSC Form 223 or in the relevant statutory provisions applying to that 
third party conformity assessment body. The CPSC also will identify the 
condition or statutory provision that is no longer met and specify a 
time by which the third party conformity assessment body must notify 
the CPSC of the steps that it intends to take to correct the deficiency 
and when it will complete such steps. Proposed Sec.  1112.11(d) also 
would require the quality manager to document that he/she notified the 
relevant parties within the third party conformity assessment body to 
take corrective action and also document the action(s) taken.
    Proposed Sec.  1112.11(e) would describe the possible consequences 
if a third party conformity assessment body fails to remedy the 
deficiency in a timely fashion. In brief, proposed Sec.  1112.11(e) 
would state that the CPSC ``shall take whatever action it deems 
appropriate under the circumstances, up to and including withdrawing 
the CPSC's accreditation of the third party conformity assessment body 
or the CPSC's acceptance of the third party conformity assessment 
body's accreditation.''

G. Proposed Sec.  1112.13--What Records Should a Third Party Conformity 
Assessment Body Retain Regarding an Audit?

    Proposed Sec.  1112.13 would require a third party conformity 
assessment body to retain all records relating to an audit and all 
records pertaining to the third party conformity assessment body's 
resolution of or plans for resolving nonconformities identified by the 
audit. Such nonconformities could be identified through a reassessment 
by an accreditation body or through an examination by the CPSC. The 
proposal also would require third party conformity assessment bodies to 
retain records relating to the last three reassessments (or however 
many reassessments have been conducted if the third party conformity 
assessment body has been reassessed less than three times) and to make 
such records available to the CPSC upon request.
    The Commission also proposes to require third party conformity 
assessment bodies to retain records relating to the last three 
reassessments because such records may reveal whether a pattern of 
problems with accreditation exists and how quickly such problems are 
addressed and resolved.

III. Paperwork Reduction Act

    This proposed rule contains information collection requirements 
that are subject to public comment and review by the Office of 
Management and Budget (OMB) under the Paperwork Reduction Act of 1995 
(44 U.S.C. 3501-3520). This part of the preamble to the proposed rule 
describes the provisions in this section of the document with an 
estimate of the annual reporting burden. Our estimate includes the time 
for reviewing instructions, searching existing data sources, gathering 
and maintaining the data needed, and completing and reviewing each 
collection of information.
    The Commission invites comments on: (1) Whether the collection of 
information is necessary for the proper performance of the CPSC's 
functions, including whether the information will have practical 
utility; (2) the accuracy of the CPSC's estimate of the burden of the 
proposed collection of information, including the validity of the 
methodology and assumptions used; (3) ways to enhance the quality, 
utility, and clarity of the information to be collected; and (4) ways 
to minimize the burden of the collection of information on respondents, 
including through the use of automated collection techniques, when 
appropriate, and other forms of information technology.
    Title: Audit Requirements for Third Party Conformity Assessment 
Bodies.
    Description: The proposed rule would require third party conformity 
assessment bodies to comply with the audit requirements. As part of 
these requirements, the proposed rule would, if finalized, require the 
third party conformity assessment bodies to complete an on-line form to 
begin the examination portion of the audit process. This form asks for 
certain identifying information pertaining to the third party 
conformity assessment body, information concerning whether the third 
party conformity assessment body is owned, managed, or controlled by 
manufacturers or private labelers of children's products, whether the 
third party conformity assessment body is owned or controlled by a 
government entity, the laboratory accreditation certificate for the 
third party conformity assessment body, and, for ``firewalled'' 
conformity assessment bodies, training materials. Additionally, the 
proposed rule would require third party conformity assessment bodies to 
retain records relating to a reassessment and all records pertaining to 
the third party conformity assessment body's resolution or plans for 
resolving nonconformities identified by the reassessment. The proposal 
also would require third party conformity assessment bodies to retain 
such records relating to the last three reassessments (or however many 
reassessments have been conducted if the third party conformity 
assessment body has been reassessed less than three times). Proposed 
Sec.  1112.13 would require the third party conformity assessment body 
to make such records available to the CPSC upon request.
    Description of Respondents: Persons who are third party conformity 
assessment bodies pursuant to section 14(a) of the Consumer Product 
Safety Act (CPSA) (15 U.S.C. 2063(a)).
    The CPSC estimates the burden of this collection of information as 
follows:

                                   Table 1--Estimated Annual Reporting Burden
----------------------------------------------------------------------------------------------------------------
                                     Number of     Frequency  of   Total  annual     Hours per
         16 CFR Section             respondents      responses       responses       response       Total hours
----------------------------------------------------------------------------------------------------------------
1112.9(b)(1)....................             150               1             150            1             150
1112.9(b)(2)....................               3               1               3            0.25            0.75
1112.13.........................             150               1             150            4             600
                                 -------------------------------------------------------------------------------
    Total.......................  ..............  ..............  ..............  ..............          750.75
----------------------------------------------------------------------------------------------------------------
There are no capital costs or operating and maintenance costs associated with this collection of information.

    Our estimates are based on the following information:
     As of June 5, 2009, 153 third party conformity assessment 
bodies had registered with the CPSC. However, because the CPSC expects 
to receive additional registrations and because section 14(a)(3)(B)(vi) 
of the CPSA

[[Page 40790]]

requires the Commission to issue a notice of requirement for ``all 
other children's product safety rules,'' it is anticipated that many 
more third party conformity assessment bodies will register. Therefore, 
the Commission tentatively estimates the number of third party 
conformity assessment bodies to be 300.
     Under proposed Sec.  1112.9(b)(1), third party conformity 
assessment bodies would be required to resubmit CPSC Form 223. At a 
minimum, assuming there are no changes to the information that a third 
party conformity assessment body has submitted previously in its CPSC 
Form 223, the resubmission would occur every two years from the date of 
the previous submission. As all third party conformity assessment 
bodies have not submitted their first CPSC Form 223s at the same time, 
only some would be expected to resubmit a CPSC Form 223 in any one 
year. The percentage of third party conformity assessment bodies that 
will resubmit a CPSC Form 223 in a given year cannot be determined at 
this time, so, for purposes of this analysis, the CPSC will assume that 
half of the third party conformity assessment bodies will resubmit a 
CPSC Form 223 in any given year. Thus, the estimated number of 
respondents for proposed Sec.  1112.9(b)(1) is 150 (300 total third 
party conformity assessment bodies x 0.5 resubmissions annually per 
third party conformity assessment bodies = 150 resubmissions annually). 
Furthermore, the CPSC estimates the burden hour for each resubmission 
to be one hour, so the total burden associated with proposed Sec.  
1112.9(b)(1) would be 150 hours (150 resubmissions x 1 hour per 
resubmission = 150 hours).
     Under proposed Sec.  1112.9(b)(2), third party conformity 
assessment bodies would be required to ensure that the information 
submitted on CPSC Form 223 is current and to submit a new CPSC Form 223 
whenever the information changes. Based on current experience with 
third party conformity assessment bodies, the CPSC estimates that only 
one percent of third party conformity assessment bodies will revise or 
update their information, so the estimated number of respondents is 3 
(300 third party conformity assessment bodies x 0.01 revisions per 
conformity assessment body = 3 revisions per year).
     Under proposed Sec.  1112.13, third party conformity 
assessment bodies will have to retain records pertaining to an audit 
and their resolution of or plans for resolving nonconformities 
identified through a reassessment by an accrediting body or through an 
examination by the CPSC. The proposal also would require third party 
conformity assessment bodies to retain records relating to the last 
three reassessments (or however many reassessments have been conducted 
if the number of reassessments is less than three). The number of third 
party conformity assessment bodies to be reassessed in a given year 
cannot be determined at this time, but, for purposes of this analysis, 
the CPSC will assume that half will be reassessed in any given year. 
Thus, the estimated number of respondents is 150 (300 third party 
conformity assessment bodies x 0.5 reassessments annually per third 
party conformity assessment bodies = 150 reassessments annually). As 
for the time required to retain such records, it is difficult to 
estimate such time with precision because the amount of time is likely 
to vary among the third party conformity assessment bodies. Third party 
conformity assessment bodies that are accredited in more than one field 
or that have scopes that include a large number of tests are likely to 
require more time to manage the records generated during an audit than 
those who are accredited in only one field or whose scopes are limited 
to only a few tests. It is also likely that third party conformity 
assessment bodies at which a large number of nonconformities are 
discovered during a reassessment audit will require more time to 
maintain the records since more records are likely to be generated in 
correcting the nonconformities. Nevertheless, the CPSC tentatively 
estimates that it will take 4 hours per third party conformity 
assessment body, so the overall recordkeeping burden will be 600 hours 
(150 reassessments per year x 4 hours per record per reassessment = 600 
hours). Most respondents probably will need less time to maintain 
records, but some can be expected to require more time due to factors 
such as the number of nonconformities found that might require the 
preparation of additional documents.
    The total burden, therefore, is 750.75 hours, which the CPSC will 
round up to 751 hours.
    In compliance with the Paperwork Reduction Act of 1995 (44 U.S.C. 
3507(d)), the CPSC has submitted the information collection 
requirements of this rule to OMB for review. Interested persons are 
requested to fax comments regarding information collection by September 
14, 2009, to the Office of Information and Regulatory Affairs, OMB (see 
ADDRESSES).

IV. Regulatory Flexibility Act

    The CPSC has examined the impacts of the proposed rule under the 
Regulatory Flexibility Act (5 U.S.C. 601-612). The Regulatory 
Flexibility Act requires agencies to analyze regulatory options that 
would minimize any significant impact of a rule on small entities. 
Because the required information is minimal and the costs associated 
with the audits are low, the Commission certifies that the proposed 
rule would not have a significant economic impact on a substantial 
number of small entities.

A. Objectives and Legal Basis for the Draft Proposed Rule

    Section 102(b) of the CPSIA requires the Commission to establish 
requirements for the periodic audit of the third party conformity 
assessment bodies in order for them to maintain their accreditation. 
The draft proposed rule would implement the CPSIA's audit requirement. 
The purpose of a periodic audit is to ensure that an accredited third 
party conformity assessment body is still competent to perform the 
testing services for which it has been accredited. In the case of 
accredited third party conformity assessment bodies that are owned, 
managed, or controlled by a manufacturer (or ``firewalled'' conformity 
assessment bodies) or that are owned or controlled in whole or in part 
by a government entity, the audit requirements provide the Commission 
with an opportunity to ensure that the third party conformity 
assessment body continues to comply with the CPSIA's requirements for 
``firewalled'' and government-owned or government-controlled conformity 
assessment bodies.

B. Firms Subject to the Requirement for Periodic Audits

    The requirement for periodic audits will only affect those third 
party conformity assessment bodies that seek to be able to provide the 
CPSIA-required third-party conformity assessment services for 
manufacturers or private labelers of children's products. Third party 
conformity assessment bodies that do not intend to offer third party 
conformance testing for children's products are not affected by the 
requirements for accreditation or periodic audits.
    As of June 5, 2009, the CPSC had accepted the accreditations of 153 
third party conformity assessment bodies. Of these, 40 are located 
within the United States. Of the third party conformity assessment 
bodies located in the United

[[Page 40791]]

States, six of the locations are owned by very large, foreign-based 
companies; nine are affiliated with large, United States-based 
companies; and the balance or 25 (about 63 percent) are affiliated with 
companies that could be small businesses according to the criteria 
established by the Small Business Administration (SBA), which for a 
testing laboratory (NAICS code 541380) is a company with less than 
$12.5 million in annual revenue.
    It is likely that the number of third party conformity assessment 
bodies with CPSC-accepted accreditations will increase over the next 
several months or years as the CPSIA's third party testing requirements 
are implemented or become effective. (The Commission, in a notice 
published in the Federal Register on February 9, 2009 (74 FR 6396), 
announced a stay of enforcement pertaining to certain provisions of 
section 14(a) of the CPSA; those provisions, in general, required 
testing and issuance of certificates of compliance by manufacturers, 
and the stay is to remain in effect until February 10, 2010. 
Additionally, section 14(a)(3)(B) of the CPSA establishes a timeline 
for accreditation and directs the CPSC to publish ``notices of 
requirements'' for accreditation of third party conformity assessment 
bodies; as more notices of requirements issue, it is reasonable to 
expect that the number of third party conformity assessment bodies 
seeking accreditation will increase.) Therefore, it is not possible to 
state with certainty how many third party conformity assessment bodies 
will ultimately be accredited. CPSC staff believes that the number of 
third party conformity assessment bodies in the United States that are 
ultimately accredited for testing children's products may reach 120. If 
63 percent of these meet the SBA criteria for a small business, then 
about 76 small U.S. businesses would be affected by this proposed rule.

C. Requirements of the Draft Proposed Rule and Possible Impacts on 
Small Businesses

    The notices of requirements issued by the CPSC for the 
accreditation of third party conformity assessment bodies state that, 
as a baseline requirement, third party conformity assessment bodies 
must be accredited by an accreditation body that is a signatory to the 
International Laboratory Accreditation Cooperation--Mutual Recognition 
Arrangement (ILAC-MRA). ILAC is an international cooperation of 
laboratory accreditation bodies that seeks to harmonize laboratory 
accreditation procedures so as to facilitate the acceptance of the 
testing results of accredited laboratories both within and across 
national boundaries. The ILAC-MRA includes requirements for the initial 
assessment of laboratories and periodic reassessments. Laboratories 
that do not submit to the periodic reassessments lose their accredited 
status.
    Under the proposed rule, the periodic audit of a third party 
conformity assessment body would consist of two parts. The first part 
would be a reassessment by the accrediting body to determine whether it 
continues to meet the conditions for accreditation. The second part of 
the audit would be the resubmission to the CPSC of CPSC Form 223 and 
its review by the CPSC.
    All signatories to the ILAC-MRA have requirements for the periodic 
reassessment of accredited laboratories. The ILAC-MRA harmonized 
procedures for surveillance and reassessment of accredited laboratories 
(available on the Internet at http://www.ilac.org/documents/ILAC_G10_1996_harm_proced_for_surve_and_reass_of_accrd_labs.pdf) 
recommend that the time between reassessments be no more than 60 months 
provided that the accrediting body undertakes somewhat less 
comprehensive surveillance visits at least every 18 months. However, 
many accrediting bodies opt to undertake more frequent full 
reassessments rather than conduct surveillance visits. According to 
ISO/IEC 17011, if an accreditation body does not conduct surveillance 
visits, full reassessments of accredited laboratories must take place 
at least once every two years.
    The resubmission of CPSC Form 223 is intended to give the CPSC an 
opportunity to ensure that the third party conformity assessment body 
is still accredited by an ILAC-MRA signatory and still complies with 
the requirements of section 102 of the CPSIA with respect to 
``firewalled'' and government-owned or government-controlled conformity 
assessment bodies. The CPSC is proposing that CPSC Form 223 be kept 
current or that, in the absence of any changes to the information that 
a third party conformity assessment body has previously submitted, be 
resubmitted every two years.
    The cost of the periodic audit includes the cost of the time of the 
accrediting body's assessor to conduct the assessment, the cost of the 
assessor's travel to the site, and the cost of lodging and meals while 
the assessor is conducting the reassessment. According to a 
representative of an accrediting body, a reassessment will typically 
take two to three days, and the cost charged to the third party 
conformity assessment body usually will be $3,000 to $4,000 per field 
(e.g., chemical, electrical, or mechanical testing) in which the third 
party conformity assessment body is accredited. Therefore, a third 
party conformity assessment body that is accredited for testing 
conformance to both chemical and mechanical standards could expect an 
assessment or reassessment to cost $6,000 to $8,000.
    Another cost of a reassessment by an accrediting body is the cost 
of the time that third party conformity assessment body personnel spend 
cooperating with the assessors. This includes the time required to 
prepare or assemble documents needed by the auditors and to explain or 
demonstrate the procedures used at the third party conformity 
assessment body. No empirical estimates of this cost were found, but 
one might expect that the amount of time spent by third party 
conformity assessment body personnel during a reassessment would be 
close to the amount of time spent by the assessor. If the average 
reassessment takes 2.5 days (or 20 hours) and the wage of the employees 
involved is about $44 an hour, then the cost of the time of the third 
party conformity assessment body's personnel spent cooperating with the 
reassessment would be about $880. (The median hourly wage of 
architecture and engineering occupations in testing laboratories (NAICS 
code 541380) is $31.65 (U.S. Department of Labor, Bureau of Labor 
Statistics, National Occupational Employment and Wage Estimates, May 
2008 (data extracted on June 17, 2009 from http://www.bls.gov/data/). 
In 2008, wages and salaries represented about 71.9 percent of total 
compensation for professional and related occupations in private 
industry (U.S. Department of Labor, Bureau of Labor Statistics, 
Employer cost for Employee Compensation (data extracted on June 17, 
2009)).) The cost could be higher if a reassessment took longer than 
2.5 days or higher paid employees were involved in the reassessment.
    Another requirement would be the resubmission of CPSC Form 223, 
which must be done every two years. The cost to resubmit this form is 
probably low for most third party conformity assessment bodies, unless 
there have been significant changes in the third party conformity 
assessment body's ownership or internal practices since the last time 
it submitted the form. On average, the CPSC estimates that it will take 
one hour to complete this form and submit it electronically. If the 
form is completed by a manager, the cost would average $68, assuming 
the median

[[Page 40792]]

hourly compensation for a general or operations manager in a testing 
laboratory. (The median hourly wage of a general or operations managers 
in testing laboratories (NAICS code 541380) is $48.73 (U.S. Department 
of Labor, Bureau of Labor Statistics, National Occupational Employment 
and Wage Estimates, May 2008 (data extracted on June 17, 2009 from 
http://www.bls.gov/data/)). In 2008, wages and salaries represented 
about 71.9 percent of total compensation for professional and related 
occupations in private industry (U.S. Department of Labor, Bureau of 
Labor Statistics, Employer cost for Employee Compensation (data 
extracted on June 17, 2009)).) The cost could be somewhat higher than 
average for ``firewalled'' and government-owned or government-
controlled conformity assessment bodies. ``Firewalled'' conformity 
assessment bodies will need to provide the CPSC staff with the updated 
information and documents that describe the training that the 
``firewalled'' conformity assessment body employees receive for 
reporting to the CPSC any allegation of an attempt by a manufacturer, 
private labeler, or other interested party to hide or exert undue 
influence over test results. Government-owned or government-controlled 
conformity assessment bodies might need to provide updated information 
to demonstrate that the government entity does not exert undue 
influence on the operation of the third party conformity assessment 
body or the testing results and that the third party conformity 
assessment body is not treated more favorably than other accredited 
third party conformity assessment bodies in the same nation.
    The draft proposed rule also would require that third party 
conformity assessment bodies keep the information on CPSC Form 223 
current. Based on the experience to date, the CPSC staff expects that 
about one percent of the third party conformity assessment bodies will 
need to provide updates to the form during the year. These updates 
should take about 15 minutes to complete online.
    The periodic audits that would be required would cost third party 
conformity assessment bodies about $4,000 to $5,000 (rounded to the 
nearest thousand) per field in which the third party conformity 
assessment body is accredited. This cost includes the cost of the 
accrediting body's assessors as well as the time of the third party 
conformity assessment body personnel that is spent on the audit, and 
other costs, such as the cost of providing the materials required of 
``firewalled'' conformity assessment bodies. The time periods between 
audits will vary to some degree between accrediting bodies, but a 
typical period is about every two years. Therefore, the annual average 
cost of the periodic audits would be approximately $2,000 to $2,500 per 
field in which the third party conformity assessment body is 
accredited. Therefore, the annual cost to a third party conformity 
assessment body accredited in three fields (e.g., chemical, mechanical, 
and electrical) would be approximately $6,000 to $7,500.
    As noted earlier, the SBA considers a testing laboratory to be a 
small business if its annual revenue is less than $12.5 million. 
According to the 2002 Economic Census, a very high percentage of 
testing laboratories would be considered to be small businesses. In 
2002, almost 97 percent of all testing laboratories had revenue of less 
than $10 million, and almost 50 percent had revenue of less than 
$500,000 (see U.S. Department of Commerce, Bureau of the Census, 2002 
Economic Census (release date November 15, 2005); accessed at http://factfinder.census.gov/servlet/IBQTable?_bm=y&-ds_name=EC0254SSSZ4&-NAICS2002=541380 (June 4, 2008)). Also, about 63 percent of the third 
party conformity assessment bodies that have been accredited so far for 
testing children's products appear to be small businesses. Therefore, 
it is likely that the proposed rule will impact a substantial number of 
small businesses. However, it is unlikely that the rule will have 
significant adverse impact on many third party conformity assessment 
bodies. The only third party conformity assessment bodies that will 
seek accreditation for testing children's products are those that 
expect to receive substantial revenue from the testing required by the 
CPSIA. Those third party conformity assessment bodies that do not 
expect substantial revenue from the testing required by the CPSIA will 
not seek to be accredited for the testing or they will not renew their 
accreditation if they had initially sought accreditation, but the 
expected revenue did not materialize.

D. Alternatives Considered to the Draft Proposed Rule

    Given that the CPSC is relying upon accrediting bodies that are 
signatories to the ILAC-MRA to accredit and reassess the third party 
conformity assessment bodies, there are no realistic alternatives to 
the draft proposed rule that would substantially lower the cost of the 
periodic audits. The frequency of the reassessments of the third party 
conformity assessment bodies is determined by the accrediting bodies, 
not the CPSC. The CPSC could reduce the frequency that CPSC Form 223 
must be resubmitted. However, it probably takes a third party 
conformity assessment body an average of 1 hour to review and resubmit 
CPSC Form 223 and any supplemental materials. Therefore, reducing the 
frequency that this form has to be resubmitted would not significantly 
lower the cost of the periodic audits.

V. Environmental Considerations

    This proposed rule falls within the scope of the Commission's 
environmental review regulations at 16 CFR 1021.5(c)(2) which provide a 
categorical exclusion from any requirement for the agency to prepare an 
environmental assessment or environmental impact statement for product 
certification rules.

VI. Effective Date

    The Commission is proposing that any final rule based on this 
proposal become effective 60 days after its date of publication in the 
Federal Register.

List of Subjects in 16 CFR Part 1112

    Consumer protection, Third party conformity assessment body, Audit.

    For the reasons stated above, the Commission proposes to amend 
Title 16 of the Code of Federal Regulations by adding a new part 1112 
to read as follows:

PART 1112--AUDIT REQUIREMENTS FOR THIRD PARTY CONFORMITY ASSESSMENT 
BODIES

Sec.
1112.1 Purpose.
1112.3 Definitions.
1112.5 Who Is Subject to These Audit Requirements?
1112.7 What Must an Audit Address or Cover? Who Conducts the Audit?
1112.9 When Must an Audit be Conducted?
1112.11 What Must a Third Party Conformity Assessment Body Do After 
an Audit?
1112.13 What Records Should a Third Party Conformity Assessment Body 
Retain Regarding an Audit?

    Authority: Public Law 110-314, Sec. 3, 122 Stat. 3016, 3017 
(2008); 15 U.S.C. 2063.


Sec.  1112.1  Purpose.

    This part establishes the audit requirements for third party 
conformity assessment bodies pursuant to section 14(d)(1) of the 
Consumer Product Safety Act (CPSA) (15 U.S.C. 2063(d)(1)). Compliance 
with these requirements is a condition for the continuing accreditation 
of such third party conformity assessment bodies pursuant

[[Page 40793]]

to section 14(a)(3)(C) of the CPSA. However, this part does not apply 
to certifying organizations under the Labeling of Hazardous Art 
Materials Act even if such organizations are third party conformity 
assessment bodies.


Sec.  1112.3  Definitions.

    The following definitions apply for purposes of this part:
    (a) ``Accreditation'' means a procedure by which an authoritative 
body gives formal recognition that a third party conformity assessment 
body is competent to perform specific tasks. Accreditation recognizes a 
third party conformity assessment body's technical capability and is 
usually specific for tests of the systems, products, components, or 
materials for which the third party conformity assessment body claims 
proficiency.
    (b) ``Accreditation body'' means an entity that:
    (1) Accredits or has accredited a third party conformity assessment 
body as meeting, at a minimum, the International Organization for 
Standardization (ISO) Standard ISO/IEC 17025:2005, ``General 
Requirements for the Competence of Testing and Calibration 
Laboratories'' and any test methods or consumer product safety 
requirements specified in the relevant notice of requirements issued by 
the Commission; and
    (2) Is a signatory to the International Laboratory Accreditation 
Cooperation--Mutual Recognition Arrangement.
    (c) ``Audit'' means a systematic, independent, documented process 
for obtaining records, statements of fact, or other relevant 
information, and assessing them objectively to determine the extent to 
which specified requirements are fulfilled. An audit, for purposes of 
this part, is composed of two parts:
    (1) An examination by an accreditation body to determine whether 
the third party conformity assessment body meets or continues to meet 
the conditions for accreditation (a process known more commonly as a 
``reassessment''); and
    (2) The resubmission of the ``Consumer Product Conformity 
Assessment Body Acceptance Registration Form'' (CPSC Form 223) by the 
third party conformity assessment body and the Consumer Product Safety 
Commission's (``CPSC's'') examination of the resubmitted CPSC Form 223. 
If the third party conformity assessment body is owned, managed, or 
controlled by a manufacturer or private labeler (also known as a 
``firewalled'' conformity assessment body) or is a government-owned or 
government-controlled conformity assessment body, the CPSC's 
examination may include verification to ensure that the entity 
continues to meet the appropriate statutory criteria pertaining to such 
conformity assessment bodies.
    (d) ``CPSC'' means the Consumer Product Safety Commission.
    (e) ``Quality manager'' means an individual (however named) who, 
irrespective of other duties and responsibilities, has defined 
responsibility and authority for ensuring that the management system 
related to quality is implemented and followed at all times and has 
direct access to the highest level of management at which decisions are 
made on the conformity assessment body's policy or resources.
    (f) Unless otherwise stated, the definitions of section 3 of the 
CPSA and additional definitions in the Consumer Product Safety 
Improvement Act of 2008, Pub. L. 110-314, apply for purposes of part 
1112 of this title.


Sec.  1112.5  Who Is Subject to These Audit Requirements?

    Except for certifying organizations described in 16 CFR 
1500.14(b)(8), these audit requirements apply to third party conformity 
assessment bodies operating pursuant to section 14(a)(2) of the CPSA. 
Third party conformity assessment bodies must comply with the audit 
requirements as a continuing condition of the CPSC's acceptance of 
their accreditation.


Sec.  1112.7  What Must an Audit Address or Cover? Who Conducts the 
Audit?

    (a) The reassessment portion of an audit may cover the management 
systems, specific tests, types of tests, calibrations, or types of 
calibrations that are the subject of the third party conformity 
assessment body's accreditation. Each reassessment portion of an audit 
also must examine the third party conformity assessment body's 
management systems to ensure that the third party conformity assessment 
body is free from any undue influence regarding its technical judgment.
    (b) The third party conformity assessment body must have the 
reassessment portion of the audit conducted by the same accreditation 
body that accredited the third party conformity assessment body. For 
example, if a third party conformity assessment body was accredited by 
an accreditation body named AB-1, then AB-1 would conduct the 
reassessment. If, however, the same third party conformity assessment 
body changes its accreditation, so that it becomes accredited by a 
different accreditation body named AB-2, then AB-2 would conduct the 
reassessment.
    (c) The third party conformity assessment body must have the 
examination portion of the audit conducted by the CPSC. The examination 
portion of the audit will consist of resubmission of the ``Consumer 
Product Conformity Assessment Body Acceptance Registration Form'' (CPSC 
Form 223) by the third party conformity assessment body and the CPSC's 
examination of the resubmitted CPSC Form 223.
    (1) For ``firewalled'' conformity assessment bodies, the CPSC's 
examination may include verification to ensure that the ``firewalled'' 
conformity assessment body continues to meet the criteria set forth in 
section 14(f)(2)(D) of the CPSA.
    (2) For government-owned or government-controlled conformity 
assessment bodies, the CPSC's examination may include verification to 
ensure that the government-owned or government-controlled conformity 
assessment body continues to meet the criteria set forth in section 
14(f)(2)(B) of the CPSA.


Sec.  1112.9  When Must an Audit be Conducted?

    (a) At a minimum, each third party conformity assessment body must 
be reassessed at the frequency established by its accreditation body.
    (b) For the examination portion of the audit, which is conducted by 
the CPSC:
    (1) Each third party conformity assessment body must ensure that 
the information it submitted on CPSC Form 223 is current and submit a 
new CPSC Form 223 whenever the information changes.
    (2) In the absence of any changes that would necessitate the 
submission of a new CPSC Form 223, the third party conformity 
assessment body must re-register at the CPSC every two years using CPSC 
Form 223.
    (3) If the third party conformity assessment body has registered 
more than once with the CPSC, has registered at different times, and 
has no changes in information that would warrant the submission of a 
new CPSC Form 223, the first examination portion of the audit should be 
performed two years after the last registration date, and then every 
two years thereafter.
    (4) If the third party conformity assessment body has made changes 
that warranted the submission of a new CPSC Form 223, then the first 
examination portion of the audit would be performed two years after the 
submission of the new CPSC Form 223.

[[Page 40794]]

Sec.  1112.11  What Must a Third Party Conformity Assessment Body Do 
After an Audit?

    (a) When the accreditation body presents its findings to the third 
party conformity assessment body, the third party conformity assessment 
body's quality manager must receive the findings and, if necessary, 
initiate corrective action in response to the findings.
    (b) The quality manager must prepare a resolution report 
identifying the corrective actions taken and any follow-up activities. 
If findings indicate that immediate corrective action is necessary, the 
quality manager must document that he/she notified the relevant parties 
within the third party conformity assessment body to take immediate 
corrective action and also document the action(s) taken.
    (c) If the accreditation body decides to reduce, suspend, or 
withdraw the third party conformity assessment body's accreditation, 
and the reduction, suspension, or withdrawal of accreditation is 
relevant to the third party conformity assessment body's activities 
pertaining to a CPSC regulation or test method, the quality manager 
must notify the CPSC. Such notification must be sent to the Assistant 
Executive Director, Office of Hazard Identification and Reduction, 
Consumer Product Safety Commission, 4330 East West Highway, Bethesda, 
Maryland 20814, within five business days of the accreditation body's 
notification to the third party conformity assessment body.
    (d) If the CPSC finds that the third party conformity assessment 
body no longer meets the conditions specified in CPSC Form 223 or in 
the relevant statutory provisions applicable to that third party 
conformity assessment body, the CPSC will notify the third party 
conformity assessment body, identify the condition or statutory 
provision that is no longer met, and specify a time by which the third 
party conformity assessment body shall notify the CPSC of the steps it 
intends to take to correct the deficiency and when it will complete 
such steps. The quality manager must document that he/she notified the 
relevant parties within the third party conformity assessment body to 
take corrective action and also document the action(s) taken.
    (e) If the third party conformity assessment body fails to remedy 
the deficiency in a timely fashion, the CPSC shall take whatever action 
it deems appropriate under the circumstances, up to and including 
withdrawing the CPSC's accreditation of the third party conformity 
assessment body or the CPSC's acceptance of the third party conformity 
assessment body's accreditation.


Sec.  1112.13  What Records Should a Third Party Conformity Assessment 
Body Retain Regarding an Audit?

    A third party conformity assessment body must retain all records 
relating to an audit and all records pertaining to the third party 
conformity assessment body's resolution of or plans for resolving 
nonconformities identified through a reassessment by an accreditation 
body or through an examination by the CPSC. A third party conformity 
assessment body also must retain such records relating to the last 
three reassessments (or however many reassessments have been conducted 
if the third party conformity assessment body has been reassessed less 
than three times) and make such records available to the CPSC upon 
request.

    Dated: August 7, 2009.
Todd A. Stevenson,
Secretary.
[FR Doc. E9-19443 Filed 8-12-09; 8:45 am]
BILLING CODE 6355-01-P