Skip to main content

User account menu
Main navigation
  • Topics
    • Customer Care
    • FDA Compliance
    • Healthcare
    • Innovation
    • Lean
    • Management
    • Metrology
    • Operations
    • Risk Management
    • Six Sigma
    • Standards
    • Statistics
    • Supply Chain
    • Sustainability
    • Training
  • Videos/Webinars
    • All videos
    • Product Demos
    • Webinars
  • Advertise
    • Advertise
    • Submit B2B Press Release
    • Write for us
  • Metrology Hub
  • Training
  • Subscribe
  • Log in
Mobile Menu
  • Home
  • Topics
    • 3D Metrology-CMSC
    • Customer Care
    • FDA Compliance
    • Healthcare
    • Innovation
    • Lean
    • Management
    • Metrology
    • Operations
    • Risk Management
    • Six Sigma
    • Standards
    • Statistics
    • Supply Chain
    • Sustainability
    • Training
  • Login / Subscribe
  • More...
    • All Features
    • All News
    • All Videos
    • Contact
    • Training

How to Find Out If an ISO 9001 Certificate Is Valid

This certificate smells fishy!

Miriam Boudreaux
Tue, 01/19/2010 - 11:01
  • Comment
  • RSS

Social Sharing block

  • Print
  • Add new comment
Body

The first thing you need to do when you are evaluating a potential supplier based on their ISO 9001 certificate is request that they provide you with a copy of the certificate itself. If the company is indeed certified, they shouldn't have a problem providing you with a copy of their certificate.  When you have it, then you can make the following checks:

ADVERTISEMENT

1. Only registrars are allowed to give ISO 9001 certificates. An organization cannot self-grant a certificate. So, look for the name of the registrar (e.g., DNV, BSI, ABS etc.).

2. Look for the name of the accreditation body (e.g., ANAB, UKAS, etc.). If you see a stamp from an accreditation body, you can find out if this accreditation body is a member of the International Accreditation Forum (IAF). If there is no stamp from an accreditation body on the certificate then you should be suspicious as to whether the registrar is competent to audit. A registrar may opt to not seek accreditation, but that may or may not be an indication of their ability and competency. Here is an excerpt from the ISO web site:

 …

Want to continue?
Log in or create a FREE account.
Enter your username or email address
Enter the password that accompanies your username.
By logging in you agree to receive communication from Quality Digest. Privacy Policy.
Create a FREE account
Forgot My Password

Comments

Submitted by drbillcorcoran on Tue, 01/19/2010 - 10:11

ISO 9001 Validity

Miriam,
Interesting article. Thanks.

Would you consider the ISO 9001 registration valid if the company personnel you actually talk to, including QA people, know little or nothing about the principles of ISO 9001 and have little or no interest in actully applying the principles?

How often is ISO 9001 registration just "quality theater?"

All the best,

Bill Corcoran
Mission: Saving lives, pain, assets, and careers through thoughtful inquiry.
Motto: If you want safety, peace, or justice, then work for competency, integrity, and transparency.

  • Reply

Submitted by Miriam Boudreaux on Wed, 01/20/2010 - 19:50

In reply to ISO 9001 Validity by drbillcorcoran

Valid certificate

Bill thanks for reading the article. I hear you and although you bring up good points, the article was focusing on the validity of the certificate. I would like to think that a company such as the one your presented, will sooner rather than later- be challenged during an audit for basically not complying with the intent of the standard and not effectively implementing the requirements.

  • Reply

Submitted by cjkcjk on Tue, 01/19/2010 - 12:10

First point in article is wrong

There is no regulation preventing an organization from self-certifying to ISO 9001 and issuing a document to that effect.

Of course, the self-issued certificate cannot misrepresent the conditions of certification, nor can it use the service marks of any certification body nor can it make inaccurate claims.

Considering the current sorry state of quality systems registrars, I would find out how an organization self-certifies before I would dismiss their claims of compliance with ISO 9001.

  • Reply

Submitted by Miriam Boudreaux on Wed, 01/20/2010 - 19:46

In reply to First point in article is wrong by cjkcjk

Self-certification

Thanks for reading the article. I would like to think that an organization can consider themselves as "conforming to the standard". As far as self-certifying? Not sure about that.

  • Reply

Submitted by Ian Hendra on Tue, 01/19/2010 - 12:29

Have you missed the point?

Thanks Miriam, good article; describes what should be rather than what is though. I feel.
ISO 9001 is a litany of requirements to be used in a procurement process; the onus for compliance is on the supplier not the certifier (or registrar as they're known Stateside).
Since certifiers pay very little for auditors, whether they be contractors or staff, and they allow ridiculously short amounts of time for their audits, the chances that a certifier’s view of the integrity of your supplier’s quality system is of value as a qualification criterion is limited at best.
On the other hand, certification does tell you that the supplier feels that something is needed but the extent to which they are committed to ISO 9001's awesome message is simply not demonstrated by the certificate. And since that accreditation systems the world over have let this situation develop over the last 25 years is to their eternal shame, their imprimatur is worthless. In reality you are left with testing the supplier yourself.

So what's the alternative?

I recommend the following as tests to see if an ISO 9001 certification is valid. More to the point though, we're more interested in checking that the supplier can demonstrate effective implementation of a QMS that meets ISO 9001 than we are that the supplier pays a certifier.

!. Ask for a copy or sight of the quality manual that addresses ISO 9001/4.2.2. In particular make sure that 4.2.2 c) is well covered and makes sense. My guess is that the whole notion of this requirement as it addresses ISO 9001/4.1 a), b) and c) will have been missed.
2. Ask who is the management rep as per 5.5.2. If that person is not the business owner or Chief Executive, assume there is little commitment to ISO 9001. The focus here is the word "ensuring" in 5.5.2 a).
3. Ask for the last internal audit report. If it shows only conformity checking with procedures, take it that there is no effective internal auditing at all. Systems effectiveness is what you’re looking for.
4. Ask the supplier for a copy of their last two certification audit reports. If the reports make any sense to you, there's a glimmer, if they are trivial ....etc, etc. And check out the time spent on the audit. If you think you could check out the supplier in that length of time, there’s another glimmer, if not…etc, etc..
5. If you can be bothered contacting the certifier, ask for a copy of the auditor's CV. If you would employ this person to do your vendor assessment then there's a glimmer, if not....etc etc

Hope this helps……one last thought, get your suppliers to run the evaluation against ISO 9004:2009 and let you have a copy. If they’re OK to let you see it, they are probably OK to deal with!
All the best.

  • Reply

Submitted by Miriam Boudreaux on Wed, 01/20/2010 - 19:43

In reply to Have you missed the point? by Ian Hendra

Good points

Thank you for reading the article and thank you for your good points. A lot can be written about a robust QMS. Here thought I wanted to focus on the validity of the certificate itself.

  • Reply

Submitted by umberto mario tunesi on Fri, 01/03/2014 - 19:53

There's a further point

That is, a Registrar's accreditation can be suspended for one or more industry sectors, even when the Registrar is big: it happened in the past in critical industry sectors like food making, construction; it can happen again and the certificate user will certainly not be allowed to these information. Testing the validity of ISO 9001 - or 14001, to speak of the most common - certificates is a very tricky business because both the seller, the registrar and the accreditation body are interested parties, and none of them will give out any information that can damage them. Though costly it might be, the only effective way to test the soundness of a supplier's management system is to directly audit it or to have it audited by a reliable local third party. We must not forget that certificates are paper sheets and that they mean themselves. 

  • Reply

Submitted by Miriam Boudreaux on Sun, 01/19/2014 - 21:25

In reply to There's a further point by umberto mario tunesi

Everybody is an interested party

Hi Umberto, I have been saying the same thing for a long time. The process of being objective when you want to please both the client and your bosses is a very fine line. We all are in to make money, but in the end, it comes to commitment, ethics and integrity. The article wants to showcase unaccredited registrars from accredited ones, because that's where the majority of the gap is, though as everyone has well said, there is enough statistical variation within registrars themselves, to render some certificates out of control :)!
  • Reply

Submitted by umberto mario tunesi on Fri, 01/03/2014 - 20:09

Hey !!!

I didn't read the other readers' comment before writing mine. If I were at ISO I wouldn't sleep well tonight: it's not a question of "losing faith" but it's certainly a fact that raises doubts on the reliability of auditors, registrars and accreditation bodies. That there are no two registrars alike is quite disgraceful, especially when both are controlled by the same accreditation body: that's all but objectivity and equality. Despite all the standards put on registrars by the various acrreditation organizations, it seems that registrars are allowed to freely operate in a certification jungle. Of course, names can't be made, but I myself know of quite a number of cases of registrars' misdemeanours, and I don't only mean validity of certificates. If we dig deep enough, we'll open a pandora's vase.

  • Reply

Submitted by dvanputten on Tue, 01/07/2014 - 11:58

Self Certify, Anyone can provide a certificate

This article is misleading and should be corrected before re-circulated by Quality Digest. 

1. A company can self certify.

2. And anyone can provide an ISO 9001 certificate. However, not anyone can provide an accredited ISO 9001 certification. The number one thing to look for is an accreditation mark from the registrar / auditing organization. If you pay me $20, I would be happy to provide your organization with an ISO 9001 certificate. MS Word's Word Art has some terrrifc fonts and graphics. 

  • Reply

Submitted by Miriam Boudreaux on Sun, 01/19/2014 - 21:32

In reply to Self Certify, Anyone can provide a certificate by dvanputten

Self certification

I'm not familiar with self certification. I presume you could create your own certificate, but unless you are a recognized entity, not sure who would put any trust in it. I guess I don't know enough about self certification to talk about it, never heard about it and no company that I know has done that. We recommend our clients to look for accredited registrars that provide accredited certificates because an accredited registrar means they are regulated and audited and than in itself is a bit reassuring. I believe accreditation bodies have woken up and have been more stringent with the registrars, which is a good thing for everybody, since audit days, audit practices and audit reports can be improved with consistency. Thanks for reading the article!
  • Reply

Submitted by Vieux. (not verified) on Mon, 09/17/2018 - 08:46

In reply to Self Certify, Anyone can provide a certificate by dvanputten

I need an ISO accredited

Hi, I'm very interested in having an accredited ISO. Please let me know if you can help. 

Thank you.

  • Reply

Submitted by lockstockrye (not verified) on Fri, 05/14/2021 - 13:11

In reply to Self Certify, Anyone can provide a certificate by dvanputten

There is no "self certify"!

A company can self declare that they are compliant or conforming to the ISO standard.  But they cannot "certify".

And no, not anyone can provide an "ISO certificate" - the use of the logo for ISO is only allowed through an accredited registrar after an actual certification.

So you're the one misleading!  

  • Reply

Submitted by bsmith1311 on Mon, 12/22/2014 - 15:17

Comment

Miriam, I enjoyed your article.  I did expect though that you might provide at least some generic examples of invalid ISO 9001 certificates.  As a Certification Body contract auditor, I have added some audits indirectly as a result of customers who questioned the validity of ISO certificates of potential suppliers.  In several cases, an entire industry association was issuing ISO 9001 certificates to its members.  In another case, a consultant prepared a manual and procedures, did training and internal audits and issued an ISO 9001 certification with the mark of a certification body that they created, "validated" by another organization that they created. 

  • Reply

Submitted by Firoz Khan (not verified) on Wed, 02/07/2018 - 08:28

good Article

I really want to thank you for posting this article after reading of comments would like to say that a purchaser or any client does not have enough time to inspect a body or maybe he is not able to do so he will like to by a BRAND name in any sector. so third party accreditation is valuable for all types of business.

  • Reply

Submitted by Quality Digest on Thu, 08/08/2019 - 09:17

Database for certified companies

how can i find and see or get a copy of an iso certificate on certified companies? is there a site for downloading?

[posted by Quality Digest on behalf of Elizack]

  • Reply

Add new comment

1 + 4 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.
Please login to comment.
      

© 2024 Quality Digest. Copyright on content held by Quality Digest or by individual authors. Contact Quality Digest for reprint information.
“Quality Digest" is a trademark owned by Quality Circle Institute Inc.

footer
  • Home
  • Print QD: 1995-2008
  • Print QD: 2008-2009
  • Videos
  • Privacy Policy
  • Write for us
footer second menu
  • Subscribe to Quality Digest
  • About Us
  • Contact Us