ALIGNMENT AND CONFORMITY
How To Spot Fraud in your Certification
Amelia Fisher, Audit Manager
It can be very easy to fall victim to fraudulent certification, especially if you don’t know how to spot the difference between accredited and unaccredited certification bodies. But before we go any further, let’s explore the difference between accreditation and certification.
The terms accreditation and certification are often accidentally used interchangeably. However, the difference is quite easy to explain. Certification is the written assurance by a third party (a certification body) of the conformity of a product, process or service to specified requirements such as the ISO 9001:2015 standard. Accreditation, on the other hand, is the formal recognition by an authoritative body (an accreditation body) of the certification body’s competence to work to specified standards. The accreditation standards, which accredited certification bodies must follow, include the principles of quality management systems, such as those found in the well-recognized ISO 9001 QMS standard. It is the accountability to demonstrate technical competence that puts accredited certification bodies on a level above non-accredited certification bodies.
The first place to start determining if the certification body you are working with is accredited would be to check their website. Usually, an accredited certification body will reference their accreditation body on their website, sometimes in the form of the accreditation body’s logo.
The next step would be to research the accreditation body. When looking for information to determine the legitimacy of the accreditation body, you’ll want to find that they are a member of the International Accreditation Forum (IAF). The IAF is a global network of accreditation bodies and other organizations involved in conformity assessment activities that have agreed to work together on a worldwide basis to achieve common trade facilitation objectives. Membership is not mandatory, but when an accreditation body becomes a member they are embracing principles of legal and ethical business conduct, sometimes above and beyond the requirements of the law, and receiving the ‘stamp of approval’ to demonstrate compliance against agreed standards and requirements. Basically, they are being held accountable for upholding a certain level of quality and conformance that trickles down through to the certification bodies they accredit.
Doing research on your certification body is a good way to find out if you are getting the full benefit of accredited certification.
A good certification body will be more than happy to educate you on their processes so you can understand the value of your certification.
Having verified that the certification body you are working with is accredited by an accreditation body, and is a member of the IAF, the next thing you’ll want to validate is the certificate issued by your certification body.
ISO/IEC 17021-1:2015, the standard containing requirements for bodies providing audit and certification of management systems, spells out the requirements for certification documents. These documents are things such as your certificate of conformance to a standard such as ISO 9001:2015. The standard does not specify that all requirements must be listed on your physical certificate, or that a certificate needs to be provided at all, but it does state that the certification body must provide the following information to you, by any means they choose:
- The name and geographical location of your organization (or the geographical location of the headquarters and any sites within the scope of a multi-site certification).
- The effective date of granting, expanding or reducing the scope of certification, or renewing certification.
- The expiration date or recertification due date consistent with the recertification cycle.
- A unique identification code or certificate number.
- The management system standard and/or other normative documents, including an indication of issue status (e.g. revision date or number) used for an audit of the certified client.
- The scope of certification with respect to the type of activities, products, and services as applicable at each site without being misleading or ambiguous.
- The name, address and certification mark of the certification body; other marks (e.g. accreditation symbol, client’s logo) may be used provided they are not misleading or ambiguous
- Helpful Note: if the accreditation body which accredited your certification body is a member of the IAF, your certification body has the ability to use the IAF MLA mark on your certification documents. From a client’s perspective, if you do not see this mark on your certification documents, you may want to ask your certification body why they have decided not to use the mark within their certification documents.
- Any other information required by the standard and/or other normative document used for certification.
- In the event of issuing any revised certification documents, a means to distinguish the revised documents from any prior obsolete documents.
Doing research on your certification body is a good way to find out if you are getting the full benefit of accredited certification. A good certification body will be more than happy to educate you on their processes so you can understand the value of your certification. Feel free to reach out to me any time if you have questions about auditing, certification, or accreditation.