Lucrative Rubber Stamp - I was once very impressed with ISO9000



I was once very impressed with ISO9000 Registration, however, after witenessing registration "given", by one of the largest Registrars in the WORLD, to an organization that falsifies records on an hourly basis my respect for the standard was reduced to ZERO. This is to silly...people actually worry about "passing"? I would think it would be harder to find a competent auditor than not. The auditor in question actually did not audit the largest function (over 60%) of this organization because, and I quote, "I will check it next time". A single auditor audited the organization of which I speak in 3.5 DAYS...the organization is HUGE (covers several square miles) and multifaceted. Is this unusuall? Appearantly not. This has to be the most lucrative joke since the Pet Rock. If I ever own a large company - I will refuse to obtain ISO registration - but I will gladly justify my position and provide any potential customer with the documented evidence of "this" incident.

Al Dyer

I have been in the same situation and agree that there is definite room for improvement. I have heard that the RAB is investigating "suspect" registrars and auditors and will be reducing the list of approved registrars. I bet if we ever talked I could name you the registrar you used!

Overall, I believe in the process but that past growth rate and registration time frames were problems waiting to happen.



Al Dyer
Mngt. Rep.
[email protected]


Fully vaccinated are you?
This is an old problem. Don't expect it to go away. There is always some 'noise' and problems. The RAB cannot do anything about it. They've been saying they're 'working on the problem' since 1996. The last thrust was to 'reduce the number of registrars'. Ummm, they're still bringing on new registrars every day. And what if they did reduce the number of registrars? That means more auditors per registrar and I believe you will still experience the problem.

Not to mention restraint of trade. There's already bias by the RAB not to mention the AIAG and ASQ(C). For example, the AIAG 'endorses' and publicises Plexus - Alex Chong's friend Dan Reid was instrumental there. The winners will be those with the most money - irrespective of their competence or the competence of their auditors.

Yes - it is about $. If you thought differently you haven't read many of my posts. 95% or more of the companies that register do so only because they have to for one reason or another - typically a customer requirement. And you will too, if it makes the difference between sales and no sales.

Welcome to the real world... When a major customer contacts you and tells you that you can't even quote again unless you're registered --- well, what do you think will happen?

On the other hand - if the auditor only spent 3.5 days and it was a registration audit -- well, there is a table they have to follow. It's based upon the number of employees, however, not the size of the plant. The table is in the pdf files directory - look for a file with Mandays in the title.

Laura M

Originally posted by Deck:
I was once very impressed with ISO9000 Registration, however, after witenessing registration "given", by one of the largest Registrars in the WORLD, to an organization that falsifies records on an hourly basis my respect for the standard was reduced to ZERO. This is to silly...people actually worry about "passing"?

The auditor may or may not find "falsified" records. I was management rep and heard of a similar incident. My integrity was then on the line. I wasn't about to blow my peers in to the auditor, but when he left, fireworks went off. I never had many "explosions" in my career, but I "lost it" with that one. If the management wants to do it right and for the benefit of the organization, then that stuff won't happen. Can you blame the auditor - maybe - I don't know. But if falsifying records is the norm, the organization is to blame not the auditor.

Roger Eastin

I agree with Laura. An auditor can't find things such as falsified records unless there is some discrepancy between records that can't be explained. The auditor can't possibly know all the detail of a company. It's like the Firestone plant in Illinois: just because it has a QS9000 banner out front doesn't mean that bad designs won't make it to the market. It boils down to integrity. If a company won't instill integrity into its organization as a value, then it has more serious problems than just a quality system. No auditor can audit integrity into a company, no matter how many corrective actions are generated. Integrity is a value that one has to make into a business practice.


I think that there two issues at work here.

First, I think that many experienced auditors (financial, quality, and otherwise) will tell us that an audit will most likely not catch outright fraud if the perpetrator knows the system well. That is one reason why bank employees are required to take a week off - so they won't be able to cover their tracks.

Second is the whole issue of registration and the idea that it means anything other than there is a documented system in place that is a close enough match (or it exceeds) the standard. In a perfect world, everyone would be going after, or at least following, something like the Baldridge criteria.

With all of its problems, I think we are better off with ISO 9000 than without it.


Fully vaccinated are you?
I somewhat misinterpreted what was being said above. I thought it was being said that the registrar's auditor was crooked, to put it bluntly. An additional comment to add to my rant:

Auditors are not there to find fraud. Auditors are there to verify compliance with spec (ISO, QS - whatever) and to verify employees are doing what they are supposed to be doing whether by following one or more document(s) or by training.

Laura, Roger and Craig are right on the mark. As always, Al's point is well taken as well.

Now -- for me it's On with the show! Went through a yearly ISO 'checkup' with a client today and it was very smooth and relatively pleasant :) (Gus Trygstad of Entela did the audit). My client is waiting until next year to go through the year 2000 version 'upgrade'.

Laura M

I would like to know from Deck what position he/she has in the company and how ISO has been conveyed to him/her by management.

[This message has been edited by Laura M (edited 30 January 2001).]


I would like to say the site owner…nice site.
After reading the responses, all of which I enjoyed reading – I feel compelled to make a few more statements. Most all standards are documents, and -needless to say - documents do not “comply” with themselves. I said I would refuse to “get registered” – not that I would not implement the standard. In my mind, the standard is nothing more than “good” quality assurance practices codified. Expected results of the application of most all standards is given by the minimum, not the maximum, result of that standard’s application. If one actually believes that it is a given company’s responsibility to properly implement the standard, not an auditor’s responsibility to properly audit that company – then it follows that we do not need regulatory entities such as the EPA, FDA, USDA, FCC, FAA, OSHA, or NRC. I did not include RAB in the above abbreviated list since it is painfully clear that they do not regulate, oversee, ensure, or even comply with anything.
I certainly do not expect an auditor to know everything about a given company…I absolutely expect an individual employed to audit anything to have the background necessary to properly audit what he/she is being paid to audit. To suggest, as registrars often do, that it is too difficult to find individuals with ‘x’, ‘y’, and ‘z’ backgrounds is really laughable. Unless the company in question works on a top secret project in the middle of area 51…this shortage of persons with appropriate backgrounds simply does not exist. However, what does it matter? RAB maintains that it will only investigate concerns raised by “the entity” that has been audited. So, how many concerns about illegitimate recommendations for registration do you think RAB has received? My guess…two.
My solution to this problem is that an ISO registration certificate clearly state:
This certifies that x company has implemented the ISO9001year to an unknown degree – ranging from not at all to fully.


My position was Technical Representative ( a management position). I resigned that position in protest of the illegal actities practiced by the company in question. As far as how ISO was conveyed to me by management goes, prior to that position I was a quality coordinator/Chem. Eng. (a management position) - and assisted three individual chemical production plants - and one mining facility successfully implement ISO9001/2.
Was it misconveyed to me?
Top Bottom