This piece is a new feature for CERM Risk Insights. It is a dialogue with authors who have significant insights on risk and quality management. The intent is to give these authors an opportunity to expand upon important risk and quality topics.
Our first author is Milt Dentch. He is the author of The Rise and Impending Demise of ISO 9001. This is the second part of the interview.
With China now having almost 300,000 ISO 9001 certified companies (about 1/3 of the worldwide total), do you have concerns on China’s certification bodies’ ability to maintain the integrity of such a large collection of certificates.
The apparent disproportionate number of ISO 9001 certified companies in China has raised concern among the ISO community that the Chinese certification process lacks integrity and a lot of ISO 9001 certificates are ‘fake’. In the Rise and Impending Demise of ISO 9001, I did not address the issue, as I did not have a creditable source—only anecdotal opinions. Since completing my book, I researched the subject further and discovered the research paper entitled: “Faking ISO 9001 in China: An exploratory study” by Iñaki Heras-Saizarbitoria and Olivier Boiral discusses the problem of fake accreditation in depth. Below is the abstract of the paper.
Over 1.5 million ISO 9001 certificates are in effect worldwide, 30 years after this quality management standard was launched. As the factory of the world, China is by far the leading country for ISO 9001, in terms of both absolute and relative numbers and growth. Nevertheless, practitioners have cast doubts on the reliability of adopting ISO third-party quality certification in this country. In-depth interviews with 40 senior quality managers, consultants, and auditors with broad field experience and other complementary methods paints a disturbing picture. The widespread prevalence of fake ISO 9001 certificates is indicated, together with an eroded credibility of the process of third-party certification. We discuss the profound implications of the study–—including whether the phenomenon is restricted to China. (1)
Credibility of the data source:
The 40 individuals interviewed by Heras and his team included a cross-section of ISO practitioners: Chinese Quality Manager of ISO 9001 certified firms; Chinese ISO 9001 consultant; Chinese ISO 9001 auditors; Employees of a Chinese certification body; Expatriate ISO 9001 consultants; Expatriate ISO 9001 auditors and international ISO 9001 consultants.
Classifying the Types of ‘Fake’ Certificates:
Type 1: Counterfeit ISO 9001. This is a counterfeit ISO certificate, also referred to as a photoshopped certificate and/or a pirate certification.
Type 2: Unaccredited ISO 9001. This type of certificate is issued by a nonaccredited certification body, also referred to as a certification mill.
Type 3: Paper-worked ISO 9001. This type of fake certification may appear to be legitimate as it is issued by an accredited certification body following the production of only basic paperwork, which may entail a general, copy-and-paste QMS.
Type 4: Implemented-but-not-in-use ISO 9001. This certification entails a more developed QMS prepared ad hoc by a consulting—and, in many cases, auditing—company, but not internalized at all. This type of certification requires the maintenance of a set of structured, fake documentation, such as fake records to be presented in the external audits of surveillance and recertification, which represent a “façade of paperwork” in the words of an expatriate quality manager working with Chinese companies.
Time to obtain a “Fake’ Certificate:
Type 1 and 2: Overnight- or a few days.
Type 3 and 4: Although some interviewees and other sources stated that a set of legally established certified bodies offered certification in 7 to 10 days, most put the timescale at about 3 months or less.
Mistrust of ISO 9001 certification and accreditation bodies:
The evidence points to a clear mistrust of ISO 9001 certification and accreditation bodies. Certification bodies can be divided into two classes. More than 90 certification bodies operate in China, many of them part of large multinational groups (e.g., LRQA China Shanghai or Beijing BSI), which, in the opinion of the interviewees, are first class and are more trusted: “If the [ISO 9001] certification is issued by one of the top bodies it gives me some faith.” Nevertheless, for many other international bodies, the relationship with the parent company is quite confusing. As it was underlined by an expatriated: “Here in China it is very difficult, if not impossible, due to generally muddied aspects of the business environment, to verify the supposed link of a certification body.” According to six respondents, it is important to note that there is no centralized database of certificates, nor a clear database of official certification bodies.
Recommendations for standardization and accreditation bodies and policy makers:
Professor Heras and his team provide some recommendations. Their recommendations are summarized:
“The need to establish effective measures is urgent. The ISO should lead efforts to eradicate fraud with the collaboration of other international institutions such as the International Accreditation Forum (IAF), the World Trade Organization (WTO), and UNIDO. The roles and the interests of ISO and IAF are obvious. The former aims to develop and foster market-relevant international standards that are used effectively by industries (ISO, 2015); the issue of fraudulent certificates erodes trust and impairs effectiveness. The latter aims to assure that accredited certificates may be relied upon by governments, companies, and consumers worldwide.” (2)
Worldwide Fake ISO 9001 Certificates:
Professor Heras’s research includes observations that China may not be the only country where fake ISO 9001 certificates are issued.
“Fake ISO 9001 certification scandals have also been seen in diverse countries such as Kenya (Ndonga, 2012), Kazakhstan (Moldashev, Khusainov, & Sprygin, 2014), the United Arab Emirates (Farooqui & Sengupta, 2017), and the U.S. (ISOQAR, 2016). One accreditation institution, the ANAB (the ANSI-ASQ National Accreditation Board), which is a signatory of the IAF MLA, provides evidence on a section of cases of fake certificates from China as well as Ecuador, Korea, Indonesia, Pakistan, the U.S., Spain, Italy, and Sweden.” (3)
How many of the worldwide 878,664 companies certified to ISO 9001 are invalid will be a question until the leadership of ISO address the issue of fake certificates.
Fake ISO 9001 Certificates in China and ISO Leadership:
The fact that the leadership of ISO leadership IAF had not responded to Professor Heras’s recommendations in almost two years is troubling, but not surprising. Unfortunately, as in the case of the ASQ Quality Press’s rejection of my book based on potential to threaten revenue sources related to sale of the ISO 9001 standard, the 295,000 certified Chinese companies represent a significant source of income to the ISO supply chain.
By not refuting the alleged corruption in the ISO 9001 certification process in China— or by not taking action to eliminate the source of Chinese fake certificates, ISO leadership is contributing to the demise of ISO 9001.
In your book you provide a series of recommendations for ISO 900:2015 improvement. You indicate these recommendations could stem the decline in certification. I am a little more pessimistic than you about the ability to stem the ISO 9001:2015 decline. Would you comment why your recommendations will work?
My early mentor in management always counseled me “Don’t bring me problems, bring me solutions!” I do believe, if Annex SL was not created, and ISO 9001:2008 was not replaced by the problematic ISO 9001:2015, the number of companies certified to ISO 9001 would not be in such a steep decline. After researching the high level of potentially bogus certificates approved in China, I now share your pessimism about the future of ISO 9001. I have little confidence that ISO leadership will respond aggressively to eliminate the fake Chinese certificates. TC 176 leadership, if they even read my book, past history indicates they will not be interested in my recommendations to improve ISO 9001.
I think that quality auditing has value in both improving a company’s performance and providing their customers with confidence in the products they deliver. As the number of ISO 9001 certifications continues to decline, many companies will still want their suppliers to maintain some form of verification—or certification of the supplier’s product or service quality system. Who, or what process will fill the void once ISO 9001 certification audits disappear? There are three options available for customers to monitor supplier quality other than ISO 9001 certification: (1) the customer audits the supplier, (2) the customer employs an organization to audit the supplier, (3) the supplier audits itself.
I suggest option 2, the supplier audits (often referred to as “supply chain audits”) can be an efficient and cost-effective replacement for ISO 9001. The supplier audits are a form of outsourcing audits to another organization, a quality auditing firm. In many cases, the supply chain audits are conducted at very small suppliers (less than ten employees) that don’t maintain ISO 9001 certification. I have participated in supply chain audits for a large medical products manufacturer in the Boston area. The audits were one-day audits utilizing the outsourced auditing firm’s checklist and report forms. The checklists were narrowly focused on the manufacturing and inspection processes employed at the supplier. The checklists did not contain the ISO 9001 quality management system requirements—what I refer to as “ISO boilerplate” for small companies (management reviews, internal audits, customer feedback, risk management).
Option 3, the “self-audit” can be used by companies, large and small. Based on my experiences conducting 3rd party audits, internal audits, and supplier audits of companies with a wide range of manufacturing activities, I created a set of quality system requirements. My quality system requirements focus on the order fulfillment processes. Many clauses in my system are similar to the original twenty elements of ISO 9001:1987. The requirements and self-audit checklists can be used by organizations to provide a self- audit of the organization’s processes utilized to fulfil customer purchase orders. I did not include the product design process, as the majority of the organizations that may wish to use the self-audit manufacture products based on their customers’ designs. The quality system requirements are focused on organizations in the manufacturing sectors. With some adjustments, an organization providing “services” (distributers, engineering firms, etc.) can adjust the checklists to align with the processes central to servicing. “The Quality System Requirements—2020” file and checklists can be accessed on the link: http://mpd-qe-consulting.com/quality-management-system.html.
Unfortunately Jim, if ISO leadership does not address the issue of fake ISO 9001 certificates in China, and the technical committee (TC176) responsible for the preparation of ISO 9001 continues to promote a flawed quality management system standard, ISO 9001 certifications will continue on the path to irrelevance. In a few years, I believe the “supply chain” or self-audits will eliminate the need for third party certification to ISO 9001.
Thank you for your time.
Bio
Milt Dentch has over 50 years’ manufacturing experience in a wide variety of industries, including pulp and paper, chemical, plastic and rubber processing, battery manufacturing, converting, electronics assembly, and machine building. He was an Exemplar Global (RABQSA) qualified lead auditor for eighteen years, approved to conduct quality, environmental and OH&S management system audits. Milt has conducted over 500 audits in companies as diverse as a floating oil rig in the Gulf of Mexico and an electronics manufacturer in Ukraine with 4,000 employees.
Milt received a BS in mechanical engineering from Worcester Polytechnic Institute and an MS in quality management systems from the National Graduate School of Quality Management (NGS). Milt was employed by the Polaroid Corporation in Waltham, Massachusetts for 27 years, starting as a plant engineer and retiring as the Director of Worldwide Materials in 1996. After Polaroid, he was plant manager for the Custom Coating and Laminating plant in Worcester for the Furon Corporation for several years. Milt currently provides consulting, training, and auditing related to the International Organization for Standardization (ISO) requirements for quality, environmental and Occupational Health and Safety (OH&S) management Systems.
In 2012, Milt wrote Fall of an Icon—Polaroid after Edwin H. Land (RiverHaven Books), an insider’s history of the Polaroid Corporation. His books The ISO 14001:2015 Implementation Handbook, The ISO 9001:2015 Implementation Handbook and The ISO 45001:2018 Implementation Handbook were published by Quality Press of ASQ in 2016 and 2018. His current book: The Rise and Impending Demise of ISO 9001 was published by Myles-James Books in August 2020.
Bio:
James J. Kline is a Senior Member of ASQ, a Six Sigma Green Belt, a Manager of Quality/Organizational Excellence and a Certified Enterprise Risk Manager. He has over thirty years of experience working in all level of government. He has over ten year’s supervisory. He has consulted on economic, quality and workforce development issues for the private sector and local governments. He has authored numerous articles on quality in government and risk analysis. His book Enterprise Risk Management in Government: Implementing ISO 31000:2018 is available on Amazon. He can be reached at jeffreyk12011@live.com
Endnote
- Iñaki Heras-Saizarbitoria and Olivier Boiral, 2018, “Faking ISO 9001 in China: An exploratory study”, Business Horizons, October, pages 55-64. file:///C:/Users/User/Documents/China%20Certs%208.20/1-s2.0-S0007681318301435-main%20full.pdf.
- Ibid, page 11.
- Ibid, page 5