Okta Breach Occurred While Company Held ISO 27001 Certification from Schellman
Language on Schellman’s website and the certificates suggest the hacks should not be possible.
With Soriano Indictment, DoJ Appears to be Closing on Cask Executives
James Soriano was previously accused of accepting bribes from CMMC assessment body Cask Government Services.
ISO HQ Orders Immediate “Amendment” to ISO 9001 to Add Climate Change
A host of other standards, many wholly unrelated to environmental matters, will be affected.
Oxebridge Files Request with US Treasury to Clarify ANSI Position on Russian Sanctions
ANSI misquoted a decade-old OFAC ruling to justify allowing Russians on ISO committees, and ISO republished it.
IAF Finally Ejects Russia… For Not Paying Dues
IAF Chair Emanuele Riva’s accreditation body, Accredia, remains one of the few ABs operating in Russia, raising questions of corruption.
Honoring Sanctions, Finland Strips Properties from Russian Ex-President of ISO
Former ISO President Boris Aleshin faces sanctions against himself personally and his state-run Russian military corporations.
The Purge: ISO Ejects Russian Critic of its Support of Russia, Not Actual Russia
ISO and Standards Australia have ejected long-time standards expert Alex Ezrakhovich for his social media posts against Russia.
ISO 27001 Certified Company Found Leaking Children’s Data, Takes No Action
Airtable was found to be leaking PII for minors as young as 10, despite holding ISO 27001 certification and claiming SOC2 compliance.
UKAS Violates UK Sanctions Against Russia, Continues to Accredit in Russia
The UKAS mark appears on two certificates issued in March 2023 to SB-Group in Moscow.
PJLA Pulls Video of “Consultant Referral Program” After Raising Questions
Perry Johnson Laboratory Accreditation’s head admitted the program gave an “incentive” to participating consultants.
Scammer Issued Certificates Under Two Separate CBs at the Same Time
Sumit Kale issued duplicate ISO certs to Gauri Shankar Himalayan Construction from AQSR and BQSR all at once, because more fraud is better.
Understanding ISO 42001 and the EU AI Act
ISO 42001 might help a little, but won’t get you fully compliant with the AI Act, despite what consultants and CBs are saying.
URS Debacle Shows the IAF Hasn’t Done Its Job … Ever?
URS admitted it does not have legal expertise or control over its Russia office, thus proving ISO 17021-1 accreditation is a con
Oxebridge Celebrates 25th Anniversary!
Oxebridge launched in January of 2000, and certification body scammers all got a sudden headache.
The Co-Opted Chinese Word That Broke Risk Management
The slightly racisty misinterpretation of “wēijī” now impacts on international law, as well as every profession and industry.
ISO: Risk Management Can Now Be Infallible
ISO 27001 and ISO 42001 both require you “ensure” your risk assessment methods can produce 100% repeatable results, which is — you know — batshit crazy.
Research Paper & PhD Dissertation on “Positive Risk” Included Misleading Citations
A 2017 paper included improper citations to defend “positive risk,” which were then copied into a 2020 PhD dissertation.
French QSE Expert: ISO 9001 Revision the “Result of Amateurism”
Jean-Marie Reilhac of QleanRSE Consulting examines some of the worse problems with ISO 9001’s recent updates.
ISO 9001:2026 Committee Draft 2 (CD2): In-Depth Look
Latest draft makes ISO 9001 less intelligible, but it would be easy to upgrade a QMS since it doesn’t really add many new requirements.
VIDEO: In-Depth Look at Committee Draft 2 (CD2) of ISO 9001:2026
A review of the leaked CD2 draft of the next ISO 9001 revision.
Ask the So-Called “Expert” Your Deepest ISO Questions
Oxebridge is pleased to announce its new web feature, Ask the So-Called Expert, where you can ask your ISO 9001, AS9100 and other related questions directly to our famous VP Operations, Christopher Paris. Go easy, he’s no Einstein.
(UPDATED) G31000 Spams the Guy They Are Suing, and the US Commerce Dept. Condones Certificate Mills
G31000 spams the guy they are suing, and the United States’ senior adviser on risk didn’t assess the risk of buying an unaccredited risk management credential from a French guy on the internet.
Hey, Certificate Mills! ISO Just Took Away Another Excuse For You Not Getting Accredited
For a mere 340 Swiss francs — which is equivalent to 100 gold knuts or something — you can buy a subscription to all the ISO conformity assessment standards in one big bundle. No more excuses, certificate mill operators!
The (Scandal-Free) Revised Oxebridge Quality Promise
With all the scandals and misbehavior plaguing our profession. I think it’s time for Oxebridge to show the world how it’s done and update our Quality Promise for a new generation of ISO users and professionals.
Want to See Oxebridge’s Comments on the DIS of ISO 9001:2015?
Now you can save yourself an entire week of typing comments on ISO DIS 9001:2015, and just submit Oxebridge’s comments to TC 176 as your own. Yes, that’s as insane as it sounds. But easy!
Dr. Who Game Perfectly Sums Up Risk Management Consultants’ Entire Business Model
This promo graphic for the new BBC board game RISK: THE DALEK INVASION OF EARTH accidentally captured the entire spin-doctor tactics of risk managers currently infecting the contemporary dialog on business management.
The Croft Alliance Opens Three New Offices, Still Can’t Afford Spam Filter
ISO TC 176 SC2 Chair Nigel Croft's consulting firm, The Croft Alliance Global (TCA Global) has opened up three new offices, in Mexico, Brazil and India. As I've noted before, Dr. Croft's firm is made up nearly entirely of TC 176 members he poached recruited during the...
ISO Grants Rare Award to Oxebridge VP Chris Paris [HUMOR]
Not content with merely being voted the World's Most Awesome ISO 9001 Consultant in the World, I can now add "ISO Award Winning ISO 9001 Consultant" to my growing list of credentials. And this time I didn't even have to invent the award myself! Over at the...
Practical Implementation of “Risk Based Thinking” – Part 2
Part 2: Defining Risk and Opportunity (For Part 1, click here.) From the information you have derived from the COTO exercise, you now have a better understanding of the company, it's stakeholders, internal and external issues of concern, and other factors which will...
Practical Implementation of “Risk Based Thinking” – Part 1
Chris Paris presents a practical way to implement the otherwise vague language of ISO 9001:2015’s “risk based thinking.” In Part 1 he discusses the need to address “context of the organization” (COTO) first.
Oxebridge Launches FREE Template Kit for ISO 9001:2015 Documentation
Oxebridge Quality Resources has released a full set of ISO 9001:2015 template documents, including the well-received Oxebridge CAR System for corrective action management, at no cost.
How to Audit “Risk-Based Thinking”
The future of how certification bodies (CBs) will audit the new ISO 9001:2015 "risk based thinking" language is already setting, like a wet clay in the oven. In short, they are going to default to traditional risk management techniques and impose FMEA on their...
Exploding the Myths of ISO 9001:2015
The FDIS of ISO 9001:2015 is fast upon us, but already some myths and memes are forming, much to the frustration of anyone who’s actually read the thing. So let’s fire up the debunkerizer, and see if we can cut through this mess.
New Resource for CBs or ABs on Processing Oxebridge Complaints
To help those Certification Bodies or Accreditation Bodies who have received an Oxebridge complaint, we’ve published a handy guide on how to properly respond in accordance with the accreditation rules, as well as a list of things not to do.
Ensure A Fair Registration Audit With These Contractual Obligations For Your ISO 9001 Registrar
This comprehensive document provides you a full array of contractual riders you should flow down to your ISO 9001 registrar, to ensure they remain in compliance with the accreditation rules of ISO 17021. These contractual clauses will protect your organization from numerous rogue CB practices, such as the spreading of your confidential intellectual property, improper filing of audit reports, and poor reporting of nonconformities.
ISO 9001:2015 Won’t Require a Quality Manual — Here’s What to Replace it With
The upcoming ISO 9001:2015 standard will do away with the requirement for a Quality Manual. Here we argue that replacing it with an Interpretations Manual will simultaneously keep your customers happy, while improving the QMS for employees and other stakeholders.
Top Ten Dumb Things ISO Consultants Say
ISO consultants love to parrot each other. One dummy will say something that sounds reasonably smart, and get picked up by everyone else until it becomes an assumed truth. This is how the meme "say what you do, and do what you say" got started. They tend to cause a...
Oxebridge Adds New Guide to Selecting a Registrar
Adding to its growing library of free guidance documents, Oxebridge has published a guide on registrar selection.