A seemingly minor and administrative interpretation of a decades-old regulation is now opening up every ISO “deliverable” for usage as a third party certification standard, a move which could mean millions — if not billions — of dollars in additional revenue for Certification and Accreditation Bodies. Per this new interpretation, any standard or guidance document which includes scope-restricting language will have it excised upon that document’s next revision, specifically statements indicating “this international standard is not intended for certification purposes.”
World Trade Organization (WTO) regulations, under which ISO is subject, demand that any ISO deliverable not be worded in a way that creates a barrier to free trade. ISO has adhered to these requirements since it began issuing management system standards, with WTO minutes showing ISO’s intent to conform to WTO regulations going back to the early 1990’s, if not decades earlier. In 2001, ISO again reinforced the adherence to these rules with its ISO Council Resolution 9/2001.
Since its formation in the 1940s, ISO has published thousands of standards and guidance documents not intended for third party certification. In fact, only a tiny minority — perhaps less than 1% — have ever been intended or used for third party certification. For the thirteen years since the ISO Resolution 9/2001 was released, the limitation on usage of standards for certification has not been questioned, either by ISO or the WTO.
Now, however, ISO has re-interpreted the WTO guidelines in a manner that gives unprecedented favor to certification bodies, including BSI, which holds the ISO Secretariat, and which holds Chairmanship or Secretariat positions in many major ISO Technical Committees. Organizations such as BSI would now be able to offer certification to any standard within the 20,000-strong ISO catalog.
The tweak came to light when it was discovered that Mick Maghar of BSI issued an interpretation of an ISO Technical Management Board (TMB) Resolution 8/2012, which reaffirmed the decades-old WTO rules by reminding TC chairs that “statements intended to limit the purpose or use of deliverables in relation to barriers or obstacles to trade are not permitted.”
Mr. Maghar, acting as Secretary of ISO/TC 262 — the body responsible for authoring the ISO 31000 standard on risk management — wrote his interpretation of this requirement shortly thereafter:
I have been led to believe that this means that statements such as ” This International Standard is not intended for the purpose of certification.” are no longer allowed in the scope.
As a result, ISO 31000 is now being considered for use as a certification standard for a risk management system. The current version indicates it is “not intended” to be used as such, but does not prohibit that use outright.
When asked for clarification, and why this ruling only came about now with regard to ISO 31000, and never mentioned previously despite the WTO rules being inplace for decades, ISO Secretary Charles Corrie, also of BSI wrote:
ISO/TMB adopted resolutions during 2012 requiring the removal of “statements of limitation” from ISO standards. The advice from TC 262 is consistent with this requirement. I have no knowledge of the history behind this issue, or why action was not taken on it before 2012. Please refer to ISO C/S for this information. All ISO standards that include such statements will be required to have them removed during their next revision. Certification is a contractual matter between two parties, who may choose to base their contract on any document. ISO has no involvement in such contracts.
The issue may come back to haunt both ISO and BSI, since a growing argument is being crafted that third party certifications themselves are a “barrier to free trade” and that the defense that such certifications are “voluntary” are unsubstantiated when such certifications are made part of government contracts.
If allowed to pass, BSI would then be able to not only issue ISO 9001 certificates, but also ISO 9004, a standard on quality improvement that was previously never used for certification. In fact, this opens the entire ISO 10000 constellation to certification, including 10002 (complaints handling), 10006 (project management) and 10007 (configuration management). Even the auditing standard ISO 19011 could be used in some form of certification, possibly for internal audit programs or individual auditors. Technical standards such as ISO 4623 (paints and varnishes) would also have to be updated to allow their use in either product or system certification.
Legally, the argument for making the change appears weak. A statement that a standard “is not intended” for a given use does not prohibit that use, making the exercise moot, unless the true intent is to force TCs to re-write their standards as requirements documents, for which BSI and others can then provide certification services.