- Quality Management System
- ISMS
- Business Continuity Management System
- Corporate Quality Objectives and ISO Certificate.
The Authority strives to maintain customer satisfaction by implementing effective systems and focus on customer feedback. Therefore, adoption of a quality management system is a strategic decision taken by the Authority to help improve its overall performance and provide a sound basis for sustainable development initiatives. It assists us to:-
- Demonstrate our ability to consistently provide services that meet customer and applicable statutory and regulatory requirements.
- Facilitate opportunities to enhance customer satisfaction.
- Address risks and opportunities associated with the Authority’s context and objectives.
- Show the Authority’s ability to demonstrate conformity to specified quality management system requirements.
The Authority also employs the process approach, which incorporates the Plan-Do-Check-Act (PDCA) cycle and risk-based thinking in its management systems. Process approach enables us to plan our processes and their interactions. The PDCA cycle ensures that the Authority’s processes are adequately resourced and managed, and opportunities for improvement are determined and acted on.
The process approach involves the systematic definition and management of processes and their interactions so as to achieve the intended results in accordance with the quality policy and strategic direction of the Authority.
The application of the process approach in a quality management system enables:
- Understanding and consistency in meeting requirements.
- The consideration of processes in terms of value addition.
- The achievement of effective process performance.
- Improvement of processes based on evaluation of data and information.
Risk-based thinking enables us to determine the factors that could cause the Authority’s processes and quality management system to deviate from the planned results, to put in place preventive controls in order to minimize negative effects and to make maximum use of opportunities as they arise
Consistently meeting requirements and addressing future needs and expectations poses a challenge to many organizations, including the Authority, in an increasingly dynamic and complex environment. To achieve this objective, the Authority may where applicable find it necessary to adopt various forms of improvement in addition to correction and continual improvement, such as breakthrough change, innovation and re-organization.
The Authority’s quality manual is also based on the quality management principles listed below;
- Customer Focus.
- Leadership.
- Engagement of People.
- Process Approach.
- Improvement.
- Evidence-based Decision Making.
- Relationship management.
The Competition Authority of Kenya (“the Authority”) has established an Information Security Policy which supports its strategic objectives. The Authority is committed to maintaining and improving information security within the organization while minimizing its exposure to all risks. The policy outlines our commitment to information security through:
- Protection of the Confidentiality of Information - Safeguard employee, corporate and client information from unauthorized access, ensuring that all sensitive data remains confidential as required by law;
- Maintenance of Information Integrity and Availability - Ensure that all information is accurate and reliable, and that it is accessible as required by law;
- Promotion of Information Security Awareness - provide information security training and awareness for all employees;
- Provision of Relevant Information - Ensure that all necessary information is supplied to relevant functional processes and employees for approved purposes only, in alignment with organizational needs;
- Compliance with Legal and Regulatory Requirements - Meet all applicable regulatory and legislative obligations related to information security to protect the organization’s interests and reputation;
- Disaster Recovery and Business Continuity - Develop, maintain, and regularly test disaster recovery and business continuity plans to ensure the resilience of our business operations in the face of potential disruptions;
- Response to Information Security Breaches - Ensure that any actual or suspected breaches of information security are promptly reported and thoroughly investigated by the designated team, with immediate implementation of identified improvements;
- Adherence to ISO 27001 Standard - Comply with the requirements of ISO/IEC 27001:2022 to establish, implement, maintain, and continually improve our Information Security Management System (ISMS);
- Communication of the Information Security Policy - Clearly communicate the Information Security Policy both internally and externally, ensuring that it is accessible and understood by all relevant stakeholders upon request.
Documents
TYPE | DOWNLOAD |
ISMS Policy | Download |
Documents
TYPE | DOWNLOAD |
CAK Corporate Quality Objectives | CAK Corporate Quality Objectives - Revised July 2021 |
ISO-9001-2015 January 22 2024 - March 1 2025 | ISO 9001 2015 Certificate January 22 2024 - March 1 2025 |
ISO 9001 2015 Certificate | ISO 9001 2015 Certificate 10 Mar 2022 to 1 Mar 2025 |
Quality Policy | Quality Policy - November 2022 |
Business Continuity Policy Statement and Objectives | Business Continuity Policy Statement and Objectives |