The UKAS accredited certification body Guardian Independent Certification conducted at least two integrated ISO management systems in violation of IAF mandatory audit duration rules, Oxebridge has learned.
Oxebridge was submitted a copy of a formal complaint filed by a third party against GIC, which included copies of official audit schedules showing insufficient days were utilized for two clients in Bahrain. Both clients were being certified to three simultaneous standards: ISO 9001, ISO 14001 and ISO 45001.
The first company, Saleh Abdulla Kameshki & Sons B.S.C, was quoted a 1-day audit, but the complaint alleged that only a half-day was actually performed. The company was undergoing a surveillance audit for all three standards, meaning even at a full day, the audit did not comply with mandatory IAF audit duration rules. Kameshki is a civil construction firm, putting it under the “high risk” category per IAF Mandatory Document 5 (MD5), and thus requiring it to undergo a full day audit just for the ISO 14001 portion. The IAF MD5 would then require that GIC have added at least a half-day for the ISO 9001 portion, and another full day for the ISO 45001 portion, for a minimum total of 2.5 days. Those numbers assume the company only has 5 employees or less, which itself is unlikely; additional audit days would have been required if the company has more than that number.
The official audit schedule for the second company, Omega Paints and Chemicals, only showed less than a full day scheduled for a combined IMS audit for all three standards. In this case, the was a full “Stage 2” audit for initial triple certification, meaning the required audit days would have been many more days than those performed by GIC. More shockingly, however, the audit schedule only allowed one hour to audit over 40 major areas of the three standards.
The entire audit for Omega lasted only 5 1/2 hours.
All three audits were scheduled and conducted by GIC Lead Auditor Dileesh B. Pillai. In the case of Omega Paints, a second auditor — Sheikh Mashkoor Alam — also performed the audit. Pilliai is also listed as the contact for Atlas Inspection and Certification Services, a second company that uses the GIC email address for communications. It’s not clear what the relationship between Atlas and GIC is. No other information on the auditor Pillai could be found on social media.
The complaint alleges that GIC funnels consulting services through Chrysalis Consultants, a company allegedly owned by the daughter of GIC’s founder. Oxebridge was unable to independently verify this, however.
GIS is a UK-based certification body that operates primarily in third-world countries throughout the Middle East and Asia. GIC is accredited by UKAS. Oxebridge has confirmed the ISO certificates issued to Kameshki and Omega were accredited.
The complaint was forwarded to the IAF and UKAS. IAF merely requested sending the complaint to UKAS; UKAS responded with a form letter indicating it would investigate, but without providing details. GIC’s Certification Manager, Sim Bee Tan of Singapore, responded by saying it would begin an internal investigation.
The evidence reveals ongoing problems in the accredited certification market, with specific concerns over how audits in the Middle East and Asia are being conducted while maintaining accreditation.
The IAF and its regional body APAC have consistently refused to take action against CBs in the region who were reported as conducting low-cost “drive-by audits” in violation of the IAF audit day requirements. At the same time, UKAS has a history of allowing its accredited CBs to violate the IAF and ISO accreditation rules at will, and then siding with them when complaints are filed.
Oxebridge has received previous whistleblower reports about GIC, but none which included sufficient evidence to pursue a formal investigation. One allegation involved improper use of accreditation logos by their Cambodian office. Another complaint alleged the Cambodia office was also providing drive-by audits that failed to comply with IAF MD5.