Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

8.4.2.3 Supplier quality management system developement

Discussion in 'IATF 16949:2016 - Automotive Quality Systems' started by judegu, Aug 29, 2018.

  1. judegu

    judegu Well-Known Member

    Joined:
    Jul 11, 2018
    Messages:
    110
    Likes Received:
    17
    Trophy Points:
    17
    Location:
    China
    As far as I know, nowadays ISO 9001 certification has become a must instead of a plus during the supplier selection process. However for the IATF 16949 certified small-scale company, in order to bring down the cost, it may choose some suppliers without ISO 9001 certification. (I think it is possible.)
    As an IATF 16949 certified company, no matter how small its size is, if its supplier is not certified to ISO 9001, according to the subclause 8.4.2.3, it should be "authorized by the customer (e.g., item a) below)”, and item a)"is compliance to ISO 9001 through second-party audits;”

    My question is the second-party is referred to as the customer or the company? If it is indeed refered to as the customer, is it possible the customer will do this second-party audit for the company in the real life? Or this small-scale company`s only choice is to find a ISO 9001 certified alternative?
     
  2. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    715
    Likes Received:
    352
    Trophy Points:
    62
    Basically what that is saying is that you, the middle man, needs to audit the supplier for ISO compliance and get your customer to approve that supplier. Going to be a real headache for some of us who use mom & pop suppliers for 20+ years without incident.
     
  3. judegu

    judegu Well-Known Member

    Joined:
    Jul 11, 2018
    Messages:
    110
    Likes Received:
    17
    Trophy Points:
    17
    Location:
    China
    20+ year-old suppliers! That is impressive!
     
  4. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,171
    Likes Received:
    867
    Trophy Points:
    112
    Location:
    Laguna Philippines
    In ISO 19011:2011 (Guidelines for auditing management systems), there's a table that clearly defines "second party audit". See the Table below:
    upload_2018-9-13_13-44-55.png
     
  5. judegu

    judegu Well-Known Member

    Joined:
    Jul 11, 2018
    Messages:
    110
    Likes Received:
    17
    Trophy Points:
    17
    Location:
    China
    @tony s
    According to the content from ISO 19011:2011, as you mentioned above,
    the customer is the company`s second party, and the company is the supplier`s second party. Right?
    What`s more, if I am correct, the supplier is the customer`s tier-two supplier (subcontractor).
    So the Second-Party here is refered to as the customer or the company?
    My first idea is that if the subject is the company, the second-party is the customer;
    if the subject is the supplier, then the second-party is the company.
     
  6. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,171
    Likes Received:
    867
    Trophy Points:
    112
    Location:
    Laguna Philippines
    I believe you're over thinking. Clause 8.4.2.3, which is titled "Supplier quality management system development", intends to make the organization's external provider of auto products/services to be compliant to ISO 9001 and, eventually, certified to IATF 16949. For 8.4.2.3a, second party audit here means that an organization must perform audit of their external provider's system against the requirements of ISO 9001:2015.

    The term "organization" refers to the entity to which IATF 16949, even ISO 9001, applies. This was already established since the 2000 version of ISO 9001. The supply chain is described as: SUPPLIER -----> ORGANIZATION -----> CUSTOMER. The 2015 version of 9001 equates "supplier" to "external provider".
     
    judegu likes this.
  7. Serious Man

    Serious Man Active Member

    Joined:
    Oct 24, 2017
    Messages:
    79
    Likes Received:
    27
    Trophy Points:
    17
    Small comment - organization shall audit own external providers or there is option to outsource auditing process to other site of same corporation or certification body who can perform third party audit on behalf of organization. Latest option was already "proposed" from a long time in case of "receiving inspection" - see now 8.6.4 c)

    Additionally, one anecdote I've heard from my colleague.
    One IATF 16949 certified organization purchased 3d measuring machine from its manufacturer.
    Then they were looking for calibration service supplier for this equipment.
    They've selected 3d measuring machine manufacturer.
    Manufacturer was not 17025 accredited so organization told him: "Ask us for approving you as calibration service provider for this equipment".
    Manufacturer submitted to organization official letter and was approved.
    Organization's rationale - purchaser of 3d measuring machine from its manufacturer is naturally customer.
    This is how "customer" in 7.1.5.3.2 can be misunderstood.
     
  8. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,677
    Likes Received:
    1,860
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Are you saying this is a requirement of IATF 16949? I don't see those words in my copy. Can you point out where they are?
     
  9. judegu

    judegu Well-Known Member

    Joined:
    Jul 11, 2018
    Messages:
    110
    Likes Received:
    17
    Trophy Points:
    17
    Location:
    China
    @Serious Man

    Hi, Sir. the sub cl. 8.6.4 said that "The organization shall have a process to ensure the quality of externally provided processes, products, and services utilizing one or more of the following methods;". So auditing own external providers or outsourcing it may be one of the option of controlling the suppilers, right?

    And regarding the anecdote you mentioned, the way the organization thinking of the term of "customer" seems to be wrong. So what is the proper way to do the calibration it if it is hard to find a 17025 certified organization to do that? I think the machine manufacturer is the natual candidate without further approval, am I right?
     
  10. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,171
    Likes Received:
    867
    Trophy Points:
    112
    Location:
    Laguna Philippines
    The "purchaser" here, in the context of the standard, is the "organization" and not the "customer".
     
  11. Randy Rainer

    Randy Rainer New Member

    Joined:
    Oct 2, 2019
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    What about suppliers that produce a product that does not go into the part only assist in making the part
     
  12. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,677
    Likes Received:
    1,860
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Welcome, Randy. Are you thinking of tooling or similar?
     
  13. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,171
    Likes Received:
    867
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Let's subject your product to the following questions?
    1. Is your product intended for incorporation to your customer's product? (8.4.1a)
    2. Does your product/service being provided directly to your customer's customer on your customer's behalf? (8.4.1b)
    3. Is your product/service a "process" or part of a "process" your customer opted to outsource from your organization? (8.4.1c)
    4. Does your product/service affect your customer's customer requirements such as subassembly, sorting, calibration? (8.4.1.1)
    Any YES answer to the above questions will compel your customer to apply 8.4.2.3 to your organization.
     
  14. SusanIATF

    SusanIATF New Member

    Joined:
    Nov 19, 2019
    Messages:
    4
    Likes Received:
    2
    Trophy Points:
    2
    Hi Tony, I need to consult about IATF 8.4.2.3 Supplier QMS Development.

    We are tier 2 supplier for automotive OEM. We use chemical materials (raw materials) to make interlayer film product. We sell the film product to the tier 1 suppliers and they use our film product to make laminated safety glasses (the windshield) and sell it to car manufacturers. We have a situation that we purchase a couple of raw chemical materials through a distributor (or we can called it supplier) but this distributor is not registered to ISO 9001 as they are not the manufacturer of the chemical material. The real manufacturer of the raw chemical materials has the ISO 9001 certificate. This distributor does not repack the material, but they are still responsible for the material quality as we purchase it from them. In this kind of situation, can we still use that distributor (no ISO 9001 certification)? You information is deeply appreciated.
     
  15. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,677
    Likes Received:
    1,860
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Are they the ONLY distributor? If you have an option to use another and those folks ARE certified, that might be an option. You should certainly provide a directive to the current supplier but, at the end of the day - and evaluating the risks (as low, since they don't make the product) - they may refuse and you can still use them!
     
    SusanIATF likes this.
  16. SusanIATF

    SusanIATF New Member

    Joined:
    Nov 19, 2019
    Messages:
    4
    Likes Received:
    2
    Trophy Points:
    2
    Hi Andy, thank you for your information. Of course, we can ask our distributor to see if they plan to register for ISO 9001. We plan to do IATF certification audit next year, and not sure if auditor will be ok with 1 distributor is not registered to ISO 9001. I heard one company has a similar situation like us and they got a minor NC because 1 distributor (or call supplier) which they purchase several raw materials from does not has ISO 9001 certification.
     
  17. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,677
    Likes Received:
    1,860
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    This auditor has no sense. If you request, in a formal, documented manner, that this distributor should be ISO 9001 certified as a condition of your on-going business to them, that should be satisfactory. If they don't want to go that route, depending on the "spend" and alternative sources, you might simply be stuck with them. An audit nc doesn't help to fix anything (the auditor clearly has no business sense). As part of your strategy, you could audit the distributor (if they are geographically close. You could contractually require a control plan etc. It depends on the risk to you. If they have been a well-performing supplier - delivery and product quality there's no need to make life difficult for them.

    You could reach out to your CB for a ruling on this one before they send the auditor, to head off a potential problem.
     
  18. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    715
    Likes Received:
    352
    Trophy Points:
    62
    While he may have no business sense, he is being directed by the IATF standard. IATF requires all suppliers to be ISO 9001 certified unless approved by the customer. https://www.iatfglobaloversight.org/wp/wp-content/uploads/2019/10/IATF-16949-SIs_Oct2019-1.pdf
    So if Susan wants to "pass" her IATF audit she needs to get customer approval for the distributor as a supplier.
     
  19. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,677
    Likes Received:
    1,860
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    So, by sending out a formal request, as suggested, they aren't doing this? "The organization shall require their suppliers of automotive products and services to develop, implement, and improve a quality management system (QMS) with the ultimate objective of eligible organizations becoming certified to this Automotive QMS Standard." Since no timeline is established for the actual certification of said suppliers why can't they simply require it? I'm sticking with that before approaching a customer...
     
  20. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    715
    Likes Received:
    352
    Trophy Points:
    62
    That's fine and you'll be hit with a non-conformance and doing a corrective action. My advice is to just get customer approval.
     
    SusanIATF and G650ER like this.

Share This Page