Conformance management

Effective support for organizations achieving conformance, consultants, auditors and certification bodies


  • piramida_szablon

  • For all involved parties NOR-STA is a common tool to share information about standard’s goals and requirements, the way a particular organization fulfils them and the assessment results.

    NOR-STA enables clear representation of the convincing argument supported by evidence and the argument how the organization conforms to the standard’s requirements.


  • Better understanding of the standard

    NOR-STA conformance templates clearly present the standard objectives and requirements usually together with guidelines and descriptions what is the required evidence.

  • Better preparation for assessment

    NOR-STA supports planning and supervision of the evidence preparation process.

  • Evidence documentation tidiness

    NOR-STA enables efficient management of a large collection of evidence. It is easy to find a given document and trace relations to standard requirements and objectives.

  • Easier inter-organizational cooperation

    NOR-STA is a tool to share information for all involved parties: organizations achieving compliance, consultants, auditors and certification bodies.

  • Effective audits

    Audit sessions are more productive due to a better preparation of the auditor, including online review of the referenced evidence.

  • Multi-standard compliance in one place

    NOR-STA allows to manage multiple compliance projects and evidence repositories in one place.

NOR-STA provides support for the full conformance management process

  • Conformance Management Process

  • 1.

    Preparation of the conformance template

    A standard template describes standard objectives and related requirements, guidelines and assessment rules.

  • 2.

    Conformance planning

    Identification of actions and required evidence specific for the organization characteristics and needs.

  • 3.


    The main phase of the process when the conformance evidence is produced and collected in NOR-STA.

  • 4.

    Conformance assessment

    Analysis of the compliance evidence completeness, assessment of conformance to the standard requirements and confirmation of compliance.

  • 5.

    Conformance maintenance

    Ongoing change management, evidence updates, internal and external re-assessments.


General customizable reports in a spreadsheet format,
enabling creation of dedicated charts and reports.


Assessment methods

In your projects in NOR-STA, you can use any of eight available argument assessment methods. You can add comments to each assessment of an element in NOR-STA. You can generate Excel, XML and HTML reports which include your assessments and comments. NOR-STA users often use the following assessment methods:

  • method 1 Dempster-Shafer

  • Dempster-Shafer

    • Assessments based on Dempster-Shafer theory of evidence
    • Explicit representation of uncertainty
    • Automatic aggregation of local assessments
  • method 1 Dempster-Shafer

  • Rating (scoring) scale

    • Assessments selected from numeric intervals
    • Different numeric intervals assigned to different nodes
    • Automatic aggregation of local assessments
  • method 1 Dempster-Shafer

  • Three-level scale

    • An auditor can give assessment: compliant, partially compliant or not compliant
    • Scale follows the ‘traffic lights’ color information pattern.
    • Automatic aggregation of local assessments not supported
  • method 1 Dempster-Shafer

  • ISO/IEC 33000 (SPICE, ISO/IEC 15504)

    • Numeric scale from 0 to 100
    • Assessment result mapped to four levels of compliance (N-P-L-F)
    • Automatic aggregation of local assessments

Supported standards

NOR-STA approach is general and enables application for any standard.
Argevide’s customers use NOR-STA for standards in various domains:

  • akredytacja

    Hospital Accreditation Standards
    (NCQA, Poland)

  • iSO

    ISO 27001 Information Security Management

  • iSO

    ISO 9001 Quality management systems

  • iec-62443

    IEC 62443 Security for industrial automation and control systems

  • iSO

    PN-N 18001 / OHSAS 18001 / ISO 18001 Occupational Health and Safety Management

  • iSO

    ISO 26262 Road vehicles – Functional safety

  • iSO

    ISO 14001 Environmental Management Systems

  • iSO

    EN/IEC 61511: Functional safety – Safety instrumented systems for the process industry sector

  • iSO

    ISO/IEC 15408 Common Criteria for Information Security Evaluation

  • iSO

    ISO/IEC 17065 Conformity assessment — Requirements for bodies certifying products, processes and services

  • haccp_bez_tla

    HACCP Hazard Analysis and Critical Control Points

  • logo_caf_beztla

    Common Assessment Framework CAF 2006 and CAF 2013

    • Try Free Trial
      for 30 days

    • NOR-STA online

    • Learn more