URS Invents Justification for Issuing Competing CB an ISO 9001 Certificate
URS claims it is allowed to certify another CB provided the “scope” does not conflict with its own, but ISO 17021 provides no such allowance.
ISO Certification Bodies Caught Using Template Kit Sold by Accreditation Body Board Member
CBs across the globe have been found to use a template kit published by a company run by an IAS Board Member.
DOD’s Arrington Threatened to “Marginalize” CMMC-AB, Intends to Strip Accreditation Authority
Oxebridge has obtained an email in which Arrington threatens to strip the CMMC-AB of its powers if it does not sign a new agreement in 24 hours.
Security Firms Tied to Victoria’s Second COVID-19 Wave Hold ISO Safety Certifications
Unified Security, MSS Security and Wilson Security all held ISO certifications issued by JAS-ANZ accredited registrars.
Complaint: Registrar URS Issued ISO 9001 Certificate to Russian Counterpart
URS issued an ISO 9001 certificate to Russian Register, another ISO 9001 certification body, despite ISO 17021 rules specifically prohibiting the practice.
Oxebridge to Permit Q001 “Bridge Audits” During Traditional ISO 9001, AS9100 Certification Audits
Companies undergoing traditional ISO 9001 or AS9100 audits may now request their CB perform a few additional tasks to achieve Q001 Level 1 certification simultaneously.
ASQ Members Petition Board to Amend Bylaws for Third Time
The Board readies to ignore a third petition by members to limit their power and establish fiscal responsibility.
DOD’s Arrington Threatens to Disband CMMC-AB, Hand Accreditation Authority to Body Subject to “Peer Audits” by China
DoD’s consideration of granting accreditation authority to ANAB would potentially expose the nation’s cybersecurity weaknesses to China and other foreign powers.
UAF Shuts Down TNV Investigation Prematurely, But Clears Oxebridge of False Accusation of “Extortion”
UAF cleared TNV while ignoring pages of evidence showing the registrar did not follow rules on responsiveness to complaints.
CMMC Accreditation Board Heads Ejected After “Diamond” Member Fiasco
Ty Schieber and Mark Berman faced a vote of no confidence for their roles in releasing a fundraising program that many called “pay to play.”
Quality Digest Corrects Claims Made by IAF About CertSearch
QD’s editors stepped in with additional reporting to refute some false claims made by an IAF rep.
Why CMMC’s “Reciprocity” With ISO 27001 Is A Bad Idea
“Reciprocity” with ISO 27001 essentially signals the surrender of CMMC, and invites corruption and Chinese interference.
IAF Resorts to Outright Lies to Promote CertSearch Website
A Quality Digest article falsely claims the CertSearch database is “nearly 100% reliable” and contains information from all ISO certification bodies.
How to Turn CMMC From Vaporware to a Functioning Scheme by Q4 2021
Four steps that can be done now to roll out a fully-functioning CMMC certification scheme.
Greek CB Tried To Cover Up Usage of Accreditation Template Kit
Cosmocert altered documents and later falsely claimed they did not use pre-written policies.
A Few More Wrinkles Emerge Re: CMMC C3PAOs and ISO 17020 Accreditation
The scheme still hasn’t addressed who will accredit C3PAOs, nor what the scope of that accreditation will be.
Book Review: “Deciding” – Don’t Call It Risk Management
Review of “Deciding: A Guide to Even Better Decision Making” by Grant Purdy and Roger Estall.
Apparently, I’m On the SAE Advisory Board Now
Oxebridge founder Christopher Paris is now on the SAE Advisory Board… really.
CMMC News Roundup, December 2020
A collection of recent news and oversight activities related to the Cybersecurity Maturity Model Certification scheme.
Merry Christmas from Oxebridge!
Here's wishing everyone a Merry Christmas and Happy Holiday Season, no matter where you live and what you do around this time of year, from all of us at Oxebridge! We certainly hope that 2021 proves better than this year was, and that your friends and family stay...