Ever come across an ISO 9001 certificate with more than 3 years validity period?

[Paul Simpson]

If Marc did a Pareto chart of the trouble makers, I wonder who would be the frequent offenders....

I prefer to think of the offenders as "challengers of the status quo" rather than trouble makers - then I suppose it depends what side of the fence you are on ....

The reason why some Certification Bodies became more creative and started skipping expiration dates in their certificates and offering "continuous surveillance schemes" where no re-certification audits were necessary, is simply because, if the certificates never expire, the certified organization will not shop around for another CB, in preparation for another certification cycle. It was pure and simple a "commercially driven strategy". CB's attempting to keep their certified clients.

Now there are a couple of things to remember here:

• Certification existed before accreditation, so at BSi we were offering continuing assessment long before the "requirements" of accreditation standards were invoked by the accreditation bodies.
  
  In fact the original UK accreditation body, NACCB, grew out of BSi before it became independent. To try to keep the "cowboys" out.
  
• Now here is where a bit more guesswork comes into it (as I do not know exactly how the classification societies work). Ship classification societies were used to periodic reassessment whereas those organizations used to offering product certification were used to an initial assessment followed by periodic product testing and "surveillance" audits.
  
  All of the original management systems certification bodies (operating schemes to certify to BS 5750) grew from a few sources - product certification bodies, classification societies, standards organizations and inspection bodies. The assessment programme used depended on your origins.
  
  It is only recently that CBs have started up who have no background in one of those areas and are normally based on a core of people who used to work for one of the "big boys" in a previous life.
  
• Accreditation standards were developed by the industry (ABs, CBs).
  
  As I have intimated on more than one occasion they are badly written because they try to standardize processes rather than outcomes. Now if you are a CB with a certification programme based on triennial reassessment then that is what you try to have written into the standards (vested interest / commercial advantage). That IMHO is why the "strong recommendation" for three yearly reassessment has now been standardized.

Back in the mid to late 90's, especially in the US, we used to have public, online databases, where one could go to and identify when certificates were going to expire. Many CB's started telemarketing campaigns towards these organizations, attempting to poach them from their current certifiers. So, a continual surveillance scheme, where certificates never expired was just a defense mechanism against this. Later, the Accreditation Bodies caught on and started cracking down on the practice.

Again this is fairly recent. In the good / bad old days (please select your preference) registered organizations stuck with their original CB and never looked to move.

As regards poaching of clients this can happen any time in the assessment cycle. For example we know when some CBs send out their annual licence fee letters and that drives when we market our services - "No annual management fee!" being featured heavily in the marketing text. Similarly if anyone approaches us to take on a current registration we quickly find out where they are in the assessment cycle and provide a quotation based on that.

With CBs that offer continuing assessment we use a very similar system based on where the client is in the continuing assessment cycle.

Darn it. I want the inside scoop.

Still working on it Sidney, you'll hear it here first!

 

[Sidney Vianna]

so at BSi we were offering continuing assessment long before the "requirements" of accreditation standards were invoked by the accreditation bodies.

I did not realize that. Since I have been involved with management system certification, starting back in the late 80's, I thought that the prevalent early practice was to issue certificates with a well defined expiration date, which, in most cases, was 3 years after the original certification date. I was unaware of the continuous-surveillance-no-expiration practice being so old. Thanks for the information.

 

[Paul Simpson]

I told you I was old!

When I started out doing 3rd party BS 5750 audits in 1989, mainly in support of product approval, we didn't have to record details of the audit trail or objective evidence seen, we left the client with "discrepancies" to fix (and they never argued) and (on one rare occasion) I did 3 surveillance visits in a day. :mg: Although, to be fair some customers were on 6 visits a year and we "policed" them.

There was no BS 7512 / EN45012 to describe what we had to do and I don't remember NACCB (the forerunner of UKAS) having anything to do with us.

Customers formed an orderly queue to apply for assessment and put up with everything the "inspector" would throw at them.

Aah! The good old days - now we have to be nice to our customers and they decide who they choose as their certification body partner.

 

[Sidney Vianna]

Re: I told you I was old!

Customers formed an orderly queue to apply for assessment and put up with everything the "inspector" would throw at them.
Aah! The good old days - now we have to be nice to our customers and they decide who they choose as their certification body partner.

Amen to that, brother. [start tongue-in-cheek]The market laws of supply and demand were much better when the demand for audits surpassed ten fold the availability of auditors. I will never forget the first time I heard a consultant spilling the beans in front of an electrified crowd about the fact that the registrars are a supplier of services, and the customers have options. The World was never the same, after that day.... Now we have to perform audits that add value, compete on price, be concerned with customer satisfaction, etc...[end tongue-in-cheek] By the way, can you disclose if your current CB will take the "modified" ISO 9001 option when complying with ISO 17021? Or are you taking the other route?

 

[Paul Simpson]

Concerning UKAS website being kept up to date, their performance is not "world-class", by any means.

My UKAS contact has thanked me for pointing out the discrepancy on their site (which I pass on to Sidney!). There is an out of date reference to the old issue (although the publication is also correctly referenced on their site - here).

 

[Martijn]

I did not realize that. Since I have been involved with management system certification, starting back in the late 80's, I thought that the prevalent early practice was to issue certificates with a well defined expiration date, which, in most cases, was 3 years after the original certification date. I was unaware of the continuous-surveillance-no-expiration practice being so old. Thanks for the information.

Not only is it old apparently, it seems to be history as well. This came in my mailbox this week:

....

Your certificate has now an expiry date due to new accreditation requirements of ISO/IEC 17021:2006.

....

Yours Sincerely,

Operations Support
Management Systems (CEMEA)