Even by IAF standards, their new claims are beyond the pale. Now the International Accreditation Forum is claiming its much-maligned “CertSearch” central registry of ISO certifications is fully populated, and that all the problems have been addressed. Not one of those things is true.

In a recent Quality Digest article, IAF representative Grant Ramaley wrote a generic piece praising CertSearch and claiming it is an authentic source by which to verify ISO 9001, ISO 14001, ISO 13485 and other certificates.

Apparently untethered by things like truth or morality, however, Ramaley went a bit overboard in his claims about CertSearch  (emphasis added by me):

The database also holds all information on the properly accredited certification bodies, and the IAF member accreditation bodies that accredited them. In fact, this part of the database is nearly 100-percent reliable and has been put to use by medical device regulatory authorities vetting suspicious certification bodies.

When challenged in the comments section by renowned ISO 9001 author Milt Dentch, Ramaley went even further into what can only be described as… well, lies (emphasis from the original):

The IAF Database Management Committee has been working to address the reasons CABs have for not uploading their certificates.  The biggest hurdles have been overcome, such as protecting against poaching clients, security, EU GDPR compliance, all have been resolved.

It is important that all efforts be exhausted to accommodate our stakeholders’ concerns.  Even so, the IAF is committed to a full database.   We have learned much since its launch in late 2019.

Although you have raised the issue of fake certificates in China, the larger countries also have more ‘credible’ certs than smaller countries. I’m sure its frustrating to be a CEO paying to play by the rules, only to be tainted by so many companies playing outside the rules, as if this were some ‘game’ where cheating didn’t matter.

This Pandemic has proven the importance of IAF CertSearch.  It has already detected over 160 fake certificates, and that number has grown since I was last told.

However, because the database is nearly 100% full of the CABs, as the IAF members uploaded all the CABs they have accredited under the IAF MLA; so that part of the database is being used now to determine if the CAB is there.   Two regulators have used it for screening their ISO 13485 medical device QMS certs.

Ramaley is just outright lying that the argument of CertSearch being used by CBs to poach clients from one another has “been resolved.” There is nothing remotely true about this claim, and it’s the reason why so many CBs refuse to participate in CertSearch.

Grant Ramaley photo

Grant Ramaley

What’s worse, however, is his claim that “the database is nearly 100% full of the CABs, as the IAF members uploaded all the CABs they have accredited under the IAF MLA.” I want to again point out that the emphasis in the original quote above came from Ramaley, not me, so he’s dead serious about this.

Is it a lie? Let’s check.

Using the CertSearch website, I searched for all CBs accredited by ANAB to issue ISO 9001 certificates. The website reported 6. As in six. As in one less than seven.

Meanwhile over at the ANAB official website, however, they report they have accredited 81 CBs for issuance of ISO 9001 certificates. That means the CertSearch database only contains 7% of the possible ANAB accredited ISO 9001 certificates.

I’ll do the math for Ramaley, since he’s struggling. 7% is a lot less than 100%.

I then did a similar search for bodies accredited by CNAS, the Chinese accreditation body run by the IAF’s own President, Xiao Jianhua. The CertSearch reported only two (2) CBs accredited by CNAS for ISO 9001. In reality, CNAS has accredited an estimated 100+ in China alone. Chinese records are not always reliable, but it’s clear that China has more than just two registrars working in a country of nearly 1.4 billion people.

Major CBs are entirely absent from CertSearch, regardless of whether their AB is participating or not. Ramaley goes on to lie further, however, and claim that “If the certification body is not listed there, the certificate is not one counted as valid.” In reality, if the CB isn’t listed, it probably means they are not participating.

Who’s missing? Well, even as Ramaley quotes BSI in his article, BSI doesn’t actually participate in CertSearch! Only one French office is listed, but none of the major branches (like US or UK) are included. Also missing are NSF, ABS-QE, LRQA, SAI Global (except for one Italian branch), SGS and more. In many cases, only obscure locations like Chile, Vietnam or UAE are included, while a CB’s main branches refuse to participate.

Participation in CertSearch remains entirely voluntary, which has been the problem all along. The IAF could make participation a mandatory part of accreditation, and solve this overnight, but it continues to pander to corrupt CBs and allow them to do whatever they want. So CBs are not obligated to allow their data to be uploaded even if ANAB or CNAS or UKAS wants to participate.

Furthermore, the CBs have to manage the data — not the ABs — leaving a garbled mess. Just look at this selection menu when trying to filter for “ISO 9001.”

This only results when you allow users to enter data without checking it against an approved list of entries.

Now notice that CertSearch still allows you to search for certificates issued against ISO 9001:2008, remembering that all such certificates were canceled years ago. But Ramaley claims “the database is nearly 100% reliable” and cannot contain bad certificates. A search for ISO 9001:2008 certs came up empty, at least, but this problem was reported literally a year ago, and the IAF never took action to clean it up. (It’s also not clear why the database offers to search for “ISO 9001:2018” which doesn’t even exist.)

By all evidence, the IAF has done nothing to fix problems with its database nor take the one-step action it needs to in order to ensure full participation. (Again, that’s to make it mandatory.) Instead, it has trotted out a rotating band of grinning, willful toadies like Sheronda Jeffries and Grant Ramaley to make fact-free, falsehood-laden videos and articles claiming magical powers that CertSearch most definitely does not have.

Under China’s management, the IAF has turned into a thuggish, corrupt, and unreliable seller of lies. Nothing about the IAF can be trusted, and it should be investigated for fraud. Fortunately, it’s located (currently) in the US, and this type of fraud — deceptive advertising and deceit — largely goes unpunished. The US Federal Trade Commission would be responsible for investigating the IAF, but the FTC is woefully understaffed and underfunded, and can barely do the few things it’s tasked with already. Filing complaints with the FTC is just a slower way of deleting something.

So for now, Xiao Jianhua’s personal “mafiosita” scam continues, with people like Ramaley complicit in spreading lies on an international scale.


About Christopher Paris

Christopher Paris is the founder and VP Operations of Oxebridge. He has over 30 years' experience implementing ISO 9001 and AS9100 systems, and is a vocal advocate for the development and use of standards from the point of view of actual users. He is the author of Surviving ISO 9001 and Surviving AS9100. He reviews wines for the irreverent wine blog, Winepisser.


ISO 14001 Implementation