A while back you may remember I reported on TAG 176 member Scott Dawson’s consulting company Core Business Solutions, whose website was insisting the company could get clients ISO 9001 certified “in four months for less than $5000.” I laid out the argument that this is simply mathematically impossible, and requested Dawson to update his marketing. Dawson just ignored me, as do most of the TAG 176’ers, so no surprises there.
After Dawson went dark, I decided to up the ante a bit. You see, Core is ISO 9001 certified itself, a sticky arrangement that always beckons conflicts of interest between the consultant and registrar. In Dawson’s case, he’s certified by ABS-QE, out of Houston. So I filed a complaint against Core with ABS-QE, alleging a violation of a new requirement in ISO 9001:2015:
I’ve uncovered potentially false marketing statements by Core Solutions, an ABS-QE client, which is an ISO 9001 consulting firm. Core claims they can get their customers “certified” to ISO 9001 in under $5,000. It’s likely they are only referring to their consulting portion, but despite repeated alerts, they have refused to clarify their marketing. Instead, the marketing clearly states that this includes certification, which would be provided by a CB. Obviously, it would be impossible for nearly any company to spend less than $5,000 on both consulting and certification. There is a scenario where this is possible, but it requires Core to provide their services for free, and only for companies with less than 6 employees. Since Core cannot know how large any given company is, and since certification is based on employee count, this is problematic.
The new ISO 9001:2015 now makes a requirement that “the organization can meet the claims for the products and services it offers.” So at the very least, this may be an ISO 9001 nonconformity. Worse, since ABS-QE is the registrar for this company, it raises a question as to whether it goes beyond false advertising, and becomes an arrangement that Core has with you to offer their clients a cheaper, faster certification through ABS-QE. That’s a violation of ISO 17021-1, as you know.
Unsurprisingly, ABS-QE defended their client, and did what any registrar would do in such a case: they restated the complaint in their own terms, twisting it out of context, in order to craft the answer they wanted. ABS-QS Vice President Dominic Townsend wrote me back:
We are in receipt of your note below, and based on our review of Core Solutions Programs offered; they have established a program that is designed to meet the 4 month timeframe that is claimed. In addition, we do not get involved in the commercial terms of Core Solutions and its customers as this is outside of our scope of work.
Notice how Townsend answered. He doesn’t mention the critical part of my complaint — the dollars that Core is charging — but re-frames the complaint around the time element instead. So I wrote back, requesting further action:
I made no mention of a 4-month time frame. I specifically am talking about the claim that Core can deliver “ISO 9001 certification” for “less than $5000.” That’s dollars, not months. It is mathematically impossible. And thus 8.2.2 applies. And you audit Core against 8.2.2. It’s in your scope.
At which point, Townsend pulled the next-best CB trick, and blew off the complaint entirely. As I said, the complaint was filed in December of 2016 — a year ago — and I never heard back at all. Not from Dawson, not from Townsend. Nada.
To his credit (or, more likely, mine) Dawson has since dropped the “$5000” claim entirely. The updated website still makes the 4-month claim — fair enough, but it’s still twice as long as Oxebridge — but there are no dollar signs to be seen in his latest marketing.
Conflicted Interests Are Interesting Conflicts
Now, let’s unpack this; and this exercise shows just why ISO 9001 consultants really shouldn’t be ISO certified themselves, and why Oxebridge (thankfully) has avoided this.
A member of the official organization that writes ISO 9001 (US TAG 176) helps make the new standard confusing, then profits by selling consulting services to decipher the thing. Then, the same consultant partners with a registrar to get ISO 9001 certified themselves. When a stakeholder finds a potential violation of ISO 9001 — and remember, this is a violation executed by one of ISO 9001’s authors — he reports it to the registrar. The registrar then violates ISO 17021 by dismissing the complaint without due process or proper analysis, and then ignores further requests. The consultant and registrar move on as if nothing happened.
So in this scenario, the winners are obvious. Dawson gets to smugly claim ISO 9001 certification for his company, even with a formal complaint floating around out there, and boast about his role in writing ISO 9001:2015 itself. ABS-QE gets to keep cashing Dawson’s check in exchange for the piece of paper they sent him, while benefitting from the marketing Dawson gives them by having their logo slathered all over his consulting website. ANAB ignores the whole thing, since they are getting a piece of the money Dawson sends ABS-QE.
The loser here? Anyone believing that a certificate of ISO 9001 still means anything other than acting as a receipt that you paid an auditor at some point. That’s all it is: a paid invoice.
It also disproves the notions that official complaints to ISO registrars ever work, that ISO registrars obey the accreditation rules, and that accreditation bodies tasked with overseeing the scheme actually give a damn. It also means that the authors of ISO 9001 can’t follow the standard’s requirements themselves, but it doesn’t matter, because RISK-BASED THINKING!
As I always say, get certification if you have to satisfy a customer or market yourself ahead of the competition. But don’t expect anything else from the experience, and always rely on your internal QMS activities to drive any improvement. If you listen to ISO 9001 authors or registrars, you’re dooming your company.