SERMI Sign-Off - What it Means for Independent Garages
The IGA announced on Tuesday 26th April that the body for European Accreditation (EA) had officially ‘signed-off’ SERMI.
SERMI, which stands for SEcurity related Repair & Maintenance, forms part of ISO-18541 and is the process by which garages who can meet the strict requirements of the scheme will be accredited to access all areas of manufacturer technical information, including data related to the security of the vehicle.
RMI Standards & Certification (RMISC), a subsidiary of the RMI, was set up in order to accredit garages against this standard and will aim to be the first accreditation body for the standard in Europe. RMISC are aiming to start auditing the first garages that meet the criteria by the end of this year.
The SERMI scheme will now go forward into European Type Approval, which will fully approve the scheme once complete. This will create a level playing field for independent garages and allow everyone who is accredited to access all security information from all vehicle manufacturers. We will keep you updated on SERMI’s progress.
As defined in the Euro 5/6 Emissions Regulations, vehicle manufacturers must provide unrestricted and standardised access to Repair and Maintenance Information (RMI) to independent operators.
For access to the vehicle security features, the legislation requires that access to security-related RMI shall be made available to independent operators, but under the protection of security standards and security certificates, and on the condition that independent operators are approved and authorised for this purpose.
This is why the ‘EU Forum on Access to Vehicle Information’ was established. Its aim is to create a pan-European harmonised accreditation scheme and process architecture to help independent operators to service and repair vehicles in a secure manner, including the security features of the vehicle (e.g. software updates).
Independent operator employees will need a hardware key and pin protected electronic certificate and an authorisation when accessing a VM’s website. An employee will only be authorised for security-related RMI access if their employer company has also been approved.
1. The Independent Operator who wishes to conduct security related work will approach a Conformity Assessment Body, such as RMISC.
2. RMISC will then carry out the necessary approval (for the commercial enterprise/company) and authorisations (for the individual employees).
3. After notification, the Trust Centre will issue hardware and certificates to be distributed by RMISC to the Independent Operator as appropriate.
4. RMISC will be accredited and assessed by the National Accreditation Body. In the UK, this is the United Kingdom Accreditation Service (UKAS).
Once complete, the individual employee will be able to access the information from each manufacturer with this single certificate and authorisation (i.e. avoidance of multiple certificates and authorisation procedures with each individual VM). The company approval and employee authorisation are valid for a period of 36 months, unless revoked due to misuse.
For more information please call the member helpline on 0845 305 4230.