Another day in the “You Can’t Make This Shit Up Department.” In response to a formal complaint filed against the AS9100 certification body IAPMO SCB, which alleged the CB ignored a formal complaint while working in secret to delete evidence, ANAB has provided its official response… and hid its evidence.

You may recall as part of the ProShop ERP scandal, two IAPMO clients revealed — during a live webinar — multiple violations of ISO 17021 and AS9104, including admitting the auditor performed only one-half day of auditing while charging them for 2 full days. The clients also revealed that IAPMO performed AS9100 Stages 1 and 2 back to back, and then showed a video of the IAPMO auditor shooting a commercial for ProShop ERP instead of, you know, actually fucking auditing.

I filed a complaint with IAPMO, and rather than respond, the CB worked behind the scenes to have the webinar recording taken down from the internet, thus hiding the evidence. After that, they replied but then failed to provide a formal notification of closure. In short, IAPMO shut the complaint down without appearing to have done anything at all.

(As an aside, ProShop then asked me to mask the faces of people in a screenshot taken from their public video because I guess showing their faces in a commercial is fine, but now when the commercial becomes evidence in a scandal, Sigh.)

So the matter was escalated to Lori Gillespie, one of the forty-nine VPs over at ANAB, the body that allegedly oversees IAPMO for its ISO 17021-1 compliance. In just about three weeks, she responded with a short email closing the matter on ANAB’s side. The email gave no details at all and merely said, “we found at least one of the allegations had merit and we closed the complaint with action.” No details, no evidence, and no idea of what they actually did.

I checked OASIS, and the two companies involved are still fully AS9100 certified, so nothing happened with them. The auditor who shot the commercial is still fully credentialed, too. IAPMO is still fully accredited by ANAB, and hasn’t suffered even a temporary suspension. So, I am unsure what ANAB did to constitute “action.”

Now, get ready for the hilarious part. In her response, which contained no information at all, Gillespie claimed that “this email contains confidential information, any use, publication or redistribution of the email or its contents is prohibited.” So she doesn’t want me to publish the email that didn’t have any information in it to publish.

To recap: an ANAB-accredited CB violates ISO 17021-1, and then works to hide the evidence. Then, ANAB steps in and claims to have fixed the problem, but then hides the evidence that they fixed it. Got it?

Closed to Openness

Under ISO 17021-1, there are six “principles for inspiring confidence,” also called the six “accreditation principles.” One of those is “openness,” and the standard explains thusly (emphasis added):

A certification body needs to provide public access to, or disclosure of, appropriate and timely information about its audit process and certification process, and about the certification status (i.e. the granting, maintaining of certification, expanding or reducing the scope of certification, renewing, suspending or restoring, or withdrawing of certification) of any organization, in order to gain confidencein the integrity and credibility of certification. Openness is a principle of access to, or disclosure of, appropriate information.

Nobody in this mess is following that. There’s another principle about¬†“confidentiality,”¬†and ANAB routinely hides its backroom manipulations behind that one while ignoring the openness one. That’s not how “inspiring confidence” works, of course. You can’t cherry-pick which principle you are going to abide by to hide the fact that you’re violating the others.

Emails Are Not NDAs

As for Gillespie’s email claim? Not enforceable. I don’t have a nondisclosure agreement with ANAB, so just saying “confidential!” in an email doesn’t work. You can’t submit a one-sided email and pretend it’s a contract, enforceable under contract law, when the other person hasn’t agreed to it. By that posture, I can send an email to ANAB saying they owe me $1 bajillion “just ‘cuz,” and if they open the email, they are legally liable to pay it. Umm… no.

The ProShop ERP webinar was public. The statements made by IAPMO in the “commercial” were public. The statements made by the IAPMO clients were public. ANAB and IAPMO can’t now invoke confidentiality because all those public statements: (a) were stupid and (b) revealed IAPMO violated the shit out of the rules. This is like a flasher on the subway getting upset when somebody sees his junk.

What is public is how ANAB works against the principles of openness because if they did their job, they might lose money. And that’s all ANAB really cares about. If people die in airplanes made by companies that get AS9100 certification due to violations and corruption, well… whatever.

I guess ANAB VPs all travel by train.


ISO 45001 Implementation