NEEDS & EXPECTATIONS: INTERESTED PARTIES TO ISO & AS9100 TRANSITION SUCCESS
Topics Overall Patterns of NCs from the Certified Bodies’ (CB) Perspective Feedback from Auditors Audience Questions & Consultants’ Answers
WHAT CBs ARE SEEING MOST PREVALENT TYPES OF NONCONFORMANCES
ISO 9001: 2015 NCR Pareto (ISO 9001Lessons Learned) Presented at ASQLA – APRIL 2017
ISO 9001: 2015 NCR Pareto (to midyear 2017)
ISO 9001:2015 Nonconformance Totals 4 5 6 7 8 9 10 CONTEXT OF THE ORGANIZATION LEADERSHIP PLANNING SUPPORT OPERATIONS PERFORMANCE EVALUATION IMPROVEMENT TOTAL MINORS – 673 MAJORS – 35 68 17 57 205 175 139 47 708
MOST PREVALENT NCs THIS YEAR
…So What’s the Issue with Section 7 ? (Resources) The new requirements in this section are #NCS “organizational knowledge” 4 communication of responsibilities for 7 product quality, product safety, & ethical behavior
…So What’s the Issue with Section 7 ? (Resources) CB’s Most Common Findings # NC 7.5 Control of Documented Information 50 7.1.5 M&M Equipment 47 7.2 Competence 35 This Photo by Unknown Author is licensed under CC BY-SA
Unauthorized Changes to Documents Out of Calibration Tools Wrong Revision of Forms in Use No Evidence of Competence Evaluation Unauthorized Changes to Documents Out of Calibration Tools Measuring Tool Not Recorded on Inspection Report No Training Records When new procedure is released New Equipment introduced Uncontrolled Document in Use
DO YOU KNOW WHAT TO DO ABOUT THESE PROBLEMS? Q&A
Section 8 - Operations 8.1 Operational Planning & Control This is serious Determining requirements Establishing criteria for 1. processes 2. acceptance of products/services Determining resources Establishing control Determining, maintaining, & retaining documented information Determining processes & controls needed to manage critical items Engaging representatives for ..planning & control Determining processes/resources to support use & maintenance Determining products & services to be obtained from external sources Establishing controls ..to prevent delivery of nonconforming products 8.1.1 Operational Risk Management 8.1.2 Configuration Management 8.1.3 Product Safety 8.1.4 Prevention of Counterfeit Parts
No process: Who, What, When, How Process not implemented 8.1.1 Operational Risk Management 8.1.2 Configuration Management 8.1.3 Product Safety 8.1.4 Prevention of Counterfeit Parts No process: Who, What, When, How Process not implemented No evidence of follow-through
RELATIONSHIP BETWEEN SPECIAL REQUIREMENTS & RISK MANAGEMENT
Section 9 – Performance Evaluation CB’s Most Common Findings # NC Internal Audits 73 Mgt Review Inputs 30 Mgt Review 19
Internal Audits Not performed to 2015 or Rev. D requirements Management Review 2015 or Rev. D “Inputs” not reviewed Mgt. Review Not performed Effectiveness of actions to address risk & opportunities not discussed
DO YOU KNOW WHAT TO DO ABOUT THESE PROBLEMS? Q&A
Feedback from the Auditors This Photo by Unknown Author is licensed under CC BY-NC-ND
Most Prevalent Findings Objective Evidence for risk identification, assignment, management (6.1 & 8.1.1) Ethics training (7.3) Flow down to suppliers (8.4.3 m): ensuring that persons are aware of Process to evaluate data in (material) test reports to confirm that product meets requirements (8.4.3) Out-of-calibration personal equipment, unidentified equipment
REMARKS FROM AUDITORS 1 Make sure that they have completed their internal audit based on the ISO9001: 2015 Requirements and the audit records indicate that the new requirements are clearly identified. Risks, organizational knowledge, the additional requirements for analysis and evaluation
REMARKS FROM AUDITORS 2 The management review needs to also be completed and the records need to indicate that all the additional inputs and outputs are documented, particularly the action to mitigate risks.
REMARKS FROM AUDITORS 3. Lack of evidenced for the new requirements in the internal audit and management review. Lack of KPI for key processes, sales, engineering, purchasing processes.
REMARKS FROM AUDITORS 4. Make sure contracts are reviewed thoroughly and & there is evidence that customer requirements are flowed or implemented. (Example: requirements for annual audit to the customer’s ASQR or notification of changes to the status of the QMS within an established timeframe)
5. Continuing lapses in control of M&M equipment – should be so easy to control; same thing with documentation 6. Some positive aspects – Customer communications (Good Evidence) We like reviewing the evidence electronically People seem to know more about how the whole organization operates REMARKS FROM AUDITORS
Auditors are Requested to Verify in Transition Audits AS9100 Rev. D Product Safety Management Counterfeit/suspected unapproved parts prevention Installation of approved parts Continuing airworthiness management Evaluation of new capability Risk management Awareness (quality, product safety, ethical behavior) Post delivery support AS9120 Rev. B Product safety Counterfeit parts prevention Risk management Human factors Configuration management Post delivery support
How to Implement New Requirements
4.1 Context of the Organization THE REQUIREMENT-…determine external & internal issues to its purpose and strategic direction…that affect it’s ability to achieve the intended results GUIDANCE Talk with the top manager at your location ASK: WHAT DOES THIS MEAN TO YOU? LISTEN! THINK! – What does this mean to the quality program? DISCUSS: HOW CAN THE QUALITY PROGRAM SUPPORT THE ORGANIZATION’S GOALS DEVELOP : ACTION ITEMS 4.1 Context of the Organization
4.2 Needs & Expectations of Interested Parties THE REQUIREMENT-…determine the interested parties…the requirements of the interested parties GUIDANCE ASK – Who are the “interested parties”…aka stakeholders? What would you like to happen for these “interested parties”? Who should address this? How will we know if we are successful? How can the Quality Department support this effort?
7.1.6 Organizational Knowledge THE REQUIREMENT - …determine the knowledge necessary for the operation …& achieve conformity of products & services GUIDANCE ASK: What are you most concerned about the knowledge and information we need to work together effectively? Where do you see the biggest deficits? How….WHO… WHAT CAN WE DO?
7.5 Documented Information What documented information is REQUIRED? What are effective formats for documented information? What are effective methods for controlling documented information? What protection processes are required for electronic information? 7.5 Documented Information
8.1.3 Product Safety What does this mean in the context of your business? Assessment of hazards & management of …risks Management of safety critical items Analysis & reporting of occurred events affecting safety Communication of these events & training of persons
8.5.1 g Implementation of Actions to Prevent Human Error Who has examples of error proofing?
8.4.3 Control of External Processes AS9100 Rev. D (New Requirements) Must flow down 8.4.3 d External provider’s interactions with organization Must flow down 8.4.3 e Control & monitoring of external providers’ performance Must flow down 8.4.3 k Prevent use of counterfeit parts Must flow down 8.4.3 m Ensure persons are aware of Contributions to product/service conformity Contribution to product safety Importance of ethical behavior SUGGESTION #1: Add to purchase orders: Processes for counterfeit prevention, product safety, product quality, and ethical behavior are required of all YOUR COMPANY’S NAME HERE suppliers. All applicable quality clauses on this order must be flowed to external sources used in this order. Please note that on time delivery and quality performance is monitored.
RESPONDING TO NCs Audit reports are provided through OASIS PEARS NCRs https://www.sae.org/iaqg/organization/requirements.htm
24 Organization to enter the associated cause code from the IAQG listing as shown in Form 4 Annex A. NOTE: Cause codes are used for IAQG data collection purposes only.
Use when uploading Root Cause to OASIS
Summary & Take-Aways
Summary & Take-Aways
Thank You! To go from opinion to perception, from imagination to fact, from illusion to reality, from something that is not there to something that is, that is the way forward. Svami Prajnanpad