The ISO Committee on Conformity Assessment (CASCO) is wiping out a decades-old requirement that demands certification bodies (CBs) of ISO 9001 and other management system certifications maintain publicly-available registries of their certified clients. Upon publication of the new ISO 17021-1 standard, the term “ISO 9001 registered” will effectively be moot, since there will no longer be any registries of certified clients.

Led by ANSI’s Lane Hallenbeck, ANAB’s Randy Dougherty and Sean MacCurtain of the South African National Accreditation Service (SANAS), CASCO is stripping out the requirement in ISO 17021, reportedly under pressure by accredited CBs who have complained about the costs of maintaining such directories. Internally, Oxebridge has learned, the CBs were primarily concerned with the data being used to expose the division of market share among themselves, and need to “keep confidential” the certification holder of a company that may be in the public spotlight during a product recall or other disaster. CBs have routinely denied responsibility when their clients fail to produce a quality product or service.

The “registry rule” was ignored by some CBs anyway, and was not enforced by the ABs. Some CBs claimed they met the requirement merely by providing an email address that members of the public could use to send a request for verification of a given certificate; others provided nothing at all.

The ISO CASCO committee contains no representatives of standards users or end user organizations in its ranks, and is entirely populated by former or current representatives of CBs or their Accreditation Bodies, with registrar BSI having the greatest presence. The committee has been criticized for writing its own rules, and consistently relaxing those rules to suit its members, over the best interests of standards end users and the public.

Recently, the CBs — led by one of the TUV companies, assumed to be TUV-SUD — scuttled a plan by ISO to create the “ISO CERTO” international one-stop database of certifications. ISO involved no end users in that decision, either, and crumpled under pressure from the CBs after only a few months of discussion.

Once the rule is in place, CBs are expected to delete any public-facing search features, effectively making it impossible to verify certificates without contacting their home office. This is likely to embolden the unaccredited certificate mills, and dramatically increase forgeries and counterfeiting, since there will be reasonable way for the public to verify the validity of ISO 9001 certificates.

The corruption of CB data on total certifications issued is a growing problem. The last ISO Survey data shows a “spike” of 8,692 new ISO 9001 certificates in the US, suddenly reversing a massive decline that started in 2007. The numbers are suspected to be the result of phony data provided by some US-based CBs in order to prop up confidence in the standard, and to reverse declining sales of certification services. The ISO Survey data is compiled by AC Nielsen, but is not audited for accuracy, and relies solely on the data voluntarily submitted by the CBs. Without public-facing registries, it will be impossible to verify the totals of any nation, thereby making the ISO Survey data utterly unreliable.

The new ISO 17021-1 document is currently in its final stages, and there is no chance the move will be reversed. Along with the removal of the requirement for CBs to maintain registries, CASCO has elected to remove the requirement that CBs maintain an objective, independent “Impartiality Committee” to ensure CBs do not violate rules governing conflicts of interest and threats to impartiality. Again under pressure from the CBs, without consideration of end users, the new CASCO rule allows the “top management” to manage such activities, and does not require this to be done by independent personnel.

Another change dilutes the definition of “impartiality” so that end users will have to prove the absence of objectivity, not just perceive it, as was allowed under previous versions.

Oxebridge is reviewing the draft standard for other changes and will report on it shortly.



ISO 17000 Series Consulting