1. Hello and Welcome to The Quality Forum Online...Continuing in the spirit of People Helping People !
    Dismiss Notice
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

8.4.2.3 Supplier quality management system developement

Discussion in 'IATF 16949:2016 - Automotive Quality Systems' started by judegu, Aug 29, 2018.

  1. judegu

    judegu Active Member

    Joined:
    Jul 11, 2018
    Messages:
    88
    Likes Received:
    10
    Trophy Points:
    7
    Location:
    China
    As far as I know, nowadays ISO 9001 certification has become a must instead of a plus during the supplier selection process. However for the IATF 16949 certified small-scale company, in order to bring down the cost, it may choose some suppliers without ISO 9001 certification. (I think it is possible.)
    As an IATF 16949 certified company, no matter how small its size is, if its supplier is not certified to ISO 9001, according to the subclause 8.4.2.3, it should be "authorized by the customer (e.g., item a) below)”, and item a)"is compliance to ISO 9001 through second-party audits;”

    My question is the second-party is referred to as the customer or the company? If it is indeed refered to as the customer, is it possible the customer will do this second-party audit for the company in the real life? Or this small-scale company`s only choice is to find a ISO 9001 certified alternative?
     
  2. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    470
    Likes Received:
    150
    Trophy Points:
    42
    Basically what that is saying is that you, the middle man, needs to audit the supplier for ISO compliance and get your customer to approve that supplier. Going to be a real headache for some of us who use mom & pop suppliers for 20+ years without incident.
     
  3. judegu

    judegu Active Member

    Joined:
    Jul 11, 2018
    Messages:
    88
    Likes Received:
    10
    Trophy Points:
    7
    Location:
    China
    20+ year-old suppliers! That is impressive!
     
  4. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    670
    Likes Received:
    429
    Trophy Points:
    62
    Location:
    Laguna Philippines
    In ISO 19011:2011 (Guidelines for auditing management systems), there's a table that clearly defines "second party audit". See the Table below:
    upload_2018-9-13_13-44-55.png
     
  5. judegu

    judegu Active Member

    Joined:
    Jul 11, 2018
    Messages:
    88
    Likes Received:
    10
    Trophy Points:
    7
    Location:
    China
    @tony s
    According to the content from ISO 19011:2011, as you mentioned above,
    the customer is the company`s second party, and the company is the supplier`s second party. Right?
    What`s more, if I am correct, the supplier is the customer`s tier-two supplier (subcontractor).
    So the Second-Party here is refered to as the customer or the company?
    My first idea is that if the subject is the company, the second-party is the customer;
    if the subject is the supplier, then the second-party is the company.
     
  6. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    670
    Likes Received:
    429
    Trophy Points:
    62
    Location:
    Laguna Philippines
    I believe you're over thinking. Clause 8.4.2.3, which is titled "Supplier quality management system development", intends to make the organization's external provider of auto products/services to be compliant to ISO 9001 and, eventually, certified to IATF 16949. For 8.4.2.3a, second party audit here means that an organization must perform audit of their external provider's system against the requirements of ISO 9001:2015.

    The term "organization" refers to the entity to which IATF 16949, even ISO 9001, applies. This was already established since the 2000 version of ISO 9001. The supply chain is described as: SUPPLIER -----> ORGANIZATION -----> CUSTOMER. The 2015 version of 9001 equates "supplier" to "external provider".
     
    judegu likes this.
  7. Serious Man

    Serious Man Active Member

    Joined:
    Oct 24, 2017
    Messages:
    69
    Likes Received:
    21
    Trophy Points:
    7
    Small comment - organization shall audit own external providers or there is option to outsource auditing process to other site of same corporation or certification body who can perform third party audit on behalf of organization. Latest option was already "proposed" from a long time in case of "receiving inspection" - see now 8.6.4 c)

    Additionally, one anecdote I've heard from my colleague.
    One IATF 16949 certified organization purchased 3d measuring machine from its manufacturer.
    Then they were looking for calibration service supplier for this equipment.
    They've selected 3d measuring machine manufacturer.
    Manufacturer was not 17025 accredited so organization told him: "Ask us for approving you as calibration service provider for this equipment".
    Manufacturer submitted to organization official letter and was approved.
    Organization's rationale - purchaser of 3d measuring machine from its manufacturer is naturally customer.
    This is how "customer" in 7.1.5.3.2 can be misunderstood.
     
  8. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    2,095
    Likes Received:
    1,081
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Are you saying this is a requirement of IATF 16949? I don't see those words in my copy. Can you point out where they are?
     
  9. judegu

    judegu Active Member

    Joined:
    Jul 11, 2018
    Messages:
    88
    Likes Received:
    10
    Trophy Points:
    7
    Location:
    China
    @Serious Man

    Hi, Sir. the sub cl. 8.6.4 said that "The organization shall have a process to ensure the quality of externally provided processes, products, and services utilizing one or more of the following methods;". So auditing own external providers or outsourcing it may be one of the option of controlling the suppilers, right?

    And regarding the anecdote you mentioned, the way the organization thinking of the term of "customer" seems to be wrong. So what is the proper way to do the calibration it if it is hard to find a 17025 certified organization to do that? I think the machine manufacturer is the natual candidate without further approval, am I right?
     
  10. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    670
    Likes Received:
    429
    Trophy Points:
    62
    Location:
    Laguna Philippines
    The "purchaser" here, in the context of the standard, is the "organization" and not the "customer".
     

Share This Page