1. IATF 16949 GAP ANALYSIS TOOL GAP GAP /TS 16949 to
Rev-h
Automotive Standard: IATF new (with IS base) •
IATF 16949:2016 follows the high level structure of ISO 9001:2015 •
IATF 16949:2016 must be used in conjunction with ISO 9001:2015
 2 separate documents must be used to have all requirements
 IATF cannot be used as a stand-alone requirements document
Each section begins with reference back to the ISO-9001 Standard
IAFT 16949
5 Leadership
5.1 Leadership and commitment
5.1.1 General
See ISO 9001:2015 requirements
Know Them Both! •
282 shalls / 16 shoulds in IATF shalls = 415 shalls
(292 shalls / 16 shoulds in ISO/TS 16949)
21 Documented Processed in IAFT -&- 60 Documented Info / Rcds • •
IATF created a transition plan and communicated April 2016
(further revised in November 2016), deadline of Sept 2018

2. Input from key automotive stakeholders•
IATF launched a survey (via the National Associations) early June
2015 soliciting feedback from over 2,000 key stakeholders:
– OEMs
– Witness Auditors
– Suppliers (all Tiers)
– Subject Matter Experts
– Certification Bodies
– Oversight Offices •
Over 1,700 comments were received for consideration of updates
to ISO/TS •
Additionally, the IATF conducted a face:face review of the draft
IATF standard in Rome, Italy in April 2016 with CBs and
supplier representatives.

3. Value & Credibility • IATF OEMs look at the linkage
between ISO/TS Certification and Supplier/Client
quality performance
– Increased focus on operational performance and customer
feedback (customer scorecards/metrics)
– IATF contains many IATF OEM Customer Specific
Requirements (CSRs)
– OEMs are raising the bar regarding expectations for audits
to reflect systemic weaknesses that affect supplier/client
performance •
Goal = Prevent problems before they occur

4. Communication Process
The IATF felt it was important to keep everyone informed about project
updates, so they posted regular updates to the IATF Global Oversight
website:

5. on each slide for QMS-team GAP assessment
ISO-9001:2015 & IATF 16949:2016 GAP Analysis
INSTRUCTIONS: Review with Leadership Team for best results.
Each slide is used to identify gaps and where to revise your documented Quality System for new requirements.
Include document title, responsible process owner, target date to revise and review document(s), and implementation plans .
Also think error proofing to automate QMS functions (software) to reduce risk of human error in designing your Quality System .
EXAMPLE : Revise QA manual , section 1.0, Sam Hill QA , Jan 2017
Use GAP Action /note section on each requirement/slide
Exa: Revise Quality manual , procedure , process map, work instruction , form , FMEA / CP, software system error proofing. Include due date + process owner.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
on each slide
for QMS-team
GAP assessment
QMS

6. Mandatory Docs

7. Mandatory Docs

8. Mandatory Docs

9. Mandatory Docs
GAP Actions / Date / Resp. (id-Names of assessment for self-declared training record)
CEO VP. SALES , Supply chain MGR, MFG Mgr , HR mgr , ENG Mgr , QA Mgr +++
Add names / date of overview training

10. Changes to LEGEND of the
ISO-9 & IATF-16
ISO-9
- Base Standard ISO-9001:2015 requirements to be met
ISO-9001:2015 & IATF :2016 Elements
Scope
Normative References
Terms & Definitions
Context of The Organization
Leadership
Planning
Support
Operations
Performance Evaluation
Improvement

11. Changes to LEGEND of the
ISO-9 & IATF-16
ISO-9
- Base Standard ISO-9001:2015 requirements to be met
ISO-9001:2015 & IATF :2016 Elements
Scope
Normative References
Terms & Definitions
Context of The Organization
Leadership
Planning
Support
Operations
Performance Evaluation
Improvement

12. Changes Section 4.1 Understanding ISO-9 Fundamentals Training Approach
ISO 9001:2015 Structure Changes
Key Concept: Process Approach
Key Concept: Risk-Based Thinking
2015 Terminology
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
CEO VP. SALES , Supply chain MGR, MFG Mgr , HR mgr , ENG Mgr , QA Mgr +++
Add names / date of overview training

13. Changes Section 4.1 Understanding ISO-9 Fundamentals
2008 version
2015 version
Clause 1
Scope
Clause 2
Normative References
Clause 3
Terms and Definitions
Clause 4
Quality Management System
REQUIREMENTS
Context of the Organization
Clause 5
Management Responsibility
Leadership
Clause 6
Resource Management
Planning for the QMS
Clause 7
Product/Service Realization
Support
Clause 8
Measurement, Analysis & Imprvmt
Operation
Clause 9
Performance Evaluation
Clause 10
Improvement
Annex A
Clarification of New Structure, Terminology and Concepts
Annex B
Quality Management Principles
Annex C
ISO Portfolio of Quality Management Standards
Clauses 1, 2 & 3 remain the same.
2008 requirements were clauses 4 thru 8 vs requirements are clauses 4 thru 10.
Additional assistance is provided in Annexes A, B and C.

14. Changes Key Concept – Process Approach & Risk-Based Thinking
ISO-9
Changes
Key Concept – Process Approach & Risk-Based Thinking
These concepts are particularly important for:
Top management as they are required to demonstrate leadership and commitment by promoting the use of these concepts.
Employees tasked with the implementation and maintenance of the QMS.
Internal auditors are required to use a process approach when auditing.  
Requirements Specified Requirements Satisfied
(including resource ) (results of a process)
Inputs and intended outputs may be tangible (such as equipment, materials or components) or intangible (such as energy or information).
Outputs can also be unintended, such as waste or pollution.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
CEO VP. SALES , Supply chain MGR, MFG Mgr , HR mgr , ENG Mgr , QA Mgr +++
Add names / date of overview training
REVIEW ALL process MAPS RISK & METRICS Red Yellow Green

15. Changes Key Concept – Process Approach & Risk-Based Thinking
ISO-9
Changes
Key Concept – Process Approach & Risk-Based Thinking
This is a schematic
representation of
the elements of a
single process
Types of Processes:
Production/Service
stamping, welding,
assembly, design,
repair, etc.
Management - risk mgmt,
Mgmt Rvw, training, QMS-
planning/objectives, management reviews , audits and corrective actions
Support - purchasing, document control, calibration and maintenance
Customer - sales, customer communication, order processing, supplier mgmt
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
CEO VP. SALES , Supply chain MGR, MFG Mgr , HR mgr , ENG Mgr , QA Mgr +++
Add names / date of overview training

16. Changes Key Concept – Process Approach & Risk-Based Thinking
ISO-9
Changes
Key Concept – Process Approach & Risk-Based Thinking
Representation of the structure of ISO 9001:2015 standard in the PDCA cycle
(numbers in brackets refer to the clauses of the standard)

17. RISK Changes Key Concept – Process Approach & Risk-Based Thinking
ISO-9
Changes
Key Concept – Process Approach & Risk-Based Thinking
Representation of the structure of ISO 9001:2015 standard in the PDCA cycle
(numbers in brackets refer to the clauses of the standard)
2008 version: “prevention” as a separate component of a QMS.
Required that you react to prevent or reduce undesired effects.
2015 version: application of risk-based thinking throughout QMS.
Requires a proactive approach to prevent or reduce undesired
effects, as well as reacting if they occur.
Makes preventive action a part of planning, operation, analysis
and evaluation of the QMS.
Effect of uncertainty on an expected result
Effects can be positive or negative consequences
Risk is characterized by potential events and consequences
RISK

18. Changes Key Concept – Process Approach & Risk-Based Thinking
ISO-9
Changes
Key Concept – Process Approach & Risk-Based Thinking
Risk-based thinking is required in the following clauses
4 – Context Determine the contributers to risk
5 – Leadership Promote risk-based thinking & ensure clause 4 is followed
6 – Planning Identify risks and take appropriate action to address them
7 – Resources Determine and provide necessary resources
8 – Operation Implement and manage operations
9 – Performance Monitor/measure/analyze/evaluate effectivess of actions
taken to address risks
10 – Improvement Improve by responding to changes in risk
All Clauses Risk is implied whenever “suitable” or “appropriate” is
mentioned even though is it not plainly expressed.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
training

19. ISO-9
Changes
Terminology
shall indicates a requirement
should indicates a recommendation (does not appear in the 2015 version)
May indicates a permission (only used once in the 2015 version)
can indicates a possibility or a capability (mainly used in notes)
NOTE Provide guidance in understanding or clarifying the associated
requirement. (the yare NOT requirements)
Product &
Services
includes all output categories
(hardware, services, software and processed materials)
Train
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)

20. Changes Terminology 2008: Exclusions / 2015: Not used
ISO-9
Changes
Terminology
2008: Exclusions / 2015: Not used
Instead clause 4.3 defines conditions under which an organization can decide that a requirement cannot be applied to any of its QMS processes.
The org can only decide that a requirement is not applicable if the decision will not result in failure to achieve conformity of products / services & enhancement of customer satisfaction.
The impact of this change will be reviewed in detail when we discuss clause 4.3 in an upcoming training session.
2008: Documentation & Records / 2015: Documented Information
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)

21. Changes Section 4.1 Understanding The Organization & Its Context
ISO-9
Changes
Section 4.1 Understanding The Organization & Its Context
The organization shall
determine external & internal issues relevant to its purpose & its strategic direction that affect its ability to achieve the intended result(s) of its QMS.
shall monitor & review information about these external & internal issues.
Note 1: Issues can include positive/negative factors or conditions for consideration.
Note 2: Understanding external context considers issues arising legal, technological, competitive, market, cultural, social and economic environments, whether international, national, regional or local.
Note 3: Understanding the internal context considers values, culture, knowledge and performance of the organization.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write VP / QA / CEO NEW process maps Date XXX

22. ISO-9
Changes
Section 4.1 Understanding The Organization & Its Context - Associated Clauses:
When determining the scope, the organization shall consider the external
and internal issues referred to in 4.1
Top management shall ensure that the quality policy / quality objectives
are established for the QMS and compatible with the organization’s
strategic direction and its context.
5.2.1a Top management shall establish, review and maintain its quality policy
appropriate to the purpose and context of the organization.
When planning the QMS, the org shall consider issues referred to in 4.1
and determine risks and opportunities that need to be addressed.
The management review shall be planned and carried out taking into
consideration changes in external and internal issues relevant to its QMS
that includes its strategic direction.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Process map leadership / Risk VP date XXX

23. ISO-9
Changes
Section 4.2 Understanding Needs & Expectations of Interested Parties
Due to their effect (potential or real) on the organization’s ability to consistently provide products & services to customer, regulatory, statutory requirements, the organization shall determine:
interested parties that are relevant to the QMS
requirements of these parties
The organization shall monitor and review information about these interested parties and their relevant requirements.
ISO-9001:2015; Interested Party: person or group having an interest in the performance or success of an organization (3.3.1)
Example: Customers (3.3.5), owners, people in an organization, suppliers
(3.3.6), bankers, unions, partners or society.
Note: A group can comprise an org / part thereof, or more than one org.

24. Changes Section 4.2 Interested Parties - Associated Clauses:
ISO-9
Changes
Section 4.2 Interested Parties - Associated Clauses:
When determining the scope, the org shall consider requirements of
relevant interested parties referred to in 4.2
5.2.2 Quality policy is available to relevant interested parties, as appropriate.
6.1.1 When planning QMS, the organization shall consider the requirements
referred to in 4.2 & determine risks / opportunities need to be addressed
8.3.2 In determining the stages and controls for design and development, the
organization shall consider the level of control expected for the design and
development process by customers and other relevant interested parties.
9.3.2 Management review is planned / carried out considering information on
QMS performance and effectiveness, including trends in customer
satisfaction and feedback from relevant interested parties.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Revised Mgt review form Risk / Opp VP Date XXX

25. Changes Section 4.3 Determining The Scope of The QMS
ISO-9
Changes
Section 4.3 Determining The Scope of The QMS
The org determines boundaries & applicability of its QMS to establish its scope.
When determining this scope, the organization shall consider:
the external and internal issues referred to in 4.1;
the requirements of relevant interested parties referred to in 4.2;
the products and services of the organization.
The organization shall apply all the requirements of this International Standard if they are applicable within the determined scope of its QMS.
ISO-9 does not require the org to maintain a Quality Manual – but IATF-16 does

26. Changes 4th to 5th Ed Rules
IATF requirements for TS Scope Statements:
TS scope statements must be formulated as follows and only include products and services supplied to the automotive industry and thus built into the vehicle: Design & Manufacturing of XXX or Production of XXX
When identifying functions performed by remote sites, only terms used are:
Aftersales Human resources Policy making Sequencing
Calibration Information technologies Process design Servicing
Continuous improvement Internal audit management Product design Strategic planning
Contract review Laboratory Production equipment development Supplier mgmt
Customer service Logistics Purchasing Testing
Distribution Maintenance Quality system management Training
Engineering Management review Research & Development Warehousing
Facilities management Marketing Repair Warranty mgmt
Finance Packaging Sales
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
CEO VP. QA Mgr +++
Check current certificate & process maps to match reality
Note these are IATF termimnology iology not ours ,

27. Changes 4th to 5th Ed Rules
IATF requirements for TS Scope Statements:
Mfg-Site vs RSL (Remote Support Location) QMS Structure Matrix
know your Mfg-Sites & all RSL-RSL interactions

28. Changes
Section 4.3.1: Determining the scope of the quality mgmt system – supplemental
These requirements were originally included in ISO/TS 16949:2009; Sections 1.1 and They have been moved to Section 4 within IATF
The requirement relating to supporting functions was revised to ensure that supporting functions not only address the need to include support functions* in the audit, but also to ensure that they are included in the scope of the QMS. ( Sales/Design / Warehouses …. Other support locations/ functions *)
In addition, any exclusion sought for design and development activities, now in Section 8.3, has to be preserved as documented information.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

29. Changes Section 4.3.2: Customer-specific requirements
Although the need to fulfill and satisfy customer-specific requirements was already mentioned throughout the whole ISO/TS document, in IATF this requirement specifically addresses the need to evaluate the customer specific requirements and include them where applicable in the organization's quality management system.
This means that the supplier would need some sort of process to evaluate each of their customer’s customer-specific requirements (CSR) and determine exactly how (and where) it applies to their organization's QMS, as applicable.
3.1 Terms and Definitions: CSR – interpretation of or supplemental requirements linked to a specific clause(s) of this Automotive QMS Standard. Exa: is your customers Supplier QA manual , and /or see IATF.org for OEM CSR’s
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
CSR process / processs MAP QA / VP date xxx

30. Changes Section 4.4.1.1: Conformance of products and processes
This requirement was adopted based on IATF survey feedback that was received
It ensures two things:
that the supplier (organization) is responsible for the conformity of outsourced processes, and
that all products and processes meet all applicable requirements and expectations of all interested parties
To ensure conformance of all products and processes, the organization would need to take a proactive approach to assess and address risks, and not rely only on inspection.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Check SC’s regulations / risks / error proofing / CpK - ENG / MFG

31. Changes Section 4.4.1.2: Product safety (Documented Process)
New section with enhanced requirements that address current and emerging issues the automotive industry is facing related to product and process safety.
Organizations (suppliers) are required to have documented processes to manage product-safety related products and processes.
Examples: Safety items may include FMVSS/ ECE regulations such as brakes, lighting, steering, seating, airbags. Process safety may include stampings that could produce sharp edges / burs and machine guarding for safety.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Process MAP for Product safety / Regulations / SCs Eng Mgr Date XXX
LINK to APQP . SHOP Floor awareness safety related product – print / FMEA / CP / WI / Label

32. Changes Section 4.4.1.2: Product safety
This section includes identification of statutory requirements; identifying and controlling product-safety-related characteristics both during design and at point of manufacture; defining responsibilities, escalation processes, reaction plans, and the necessary flow of information including top management and customers; receiving special approvals for FMEAs and Control Plans; product traceability measures; and cascading of requirements throughout the supply chain.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

33. QMS-Team GAP Participant Names
Section 4; Context of The Org
Changes to
ISO-9 / IATF-16 GAP Summary
ISO-9 & IATF-16
QMS-Team GAP Participant Names
Title
QMS Rep Confirmation – Na:
Da:
Additional Notes:
Check manual re write

34. Changes to LEGEND of the
ISO-9 & IATF-16
ISO-9
- Base Standard ISO-9001:2015 requirements to be met
ISO-9001:2015 & IATF :2016 Elements
Scope
Normative References
Terms & Definitions
Context of The Organization
Leadership
Planning
Support
Operations
Performance Evaluation
Improvement

35. Changes Section 5.1.1: Leadership & Commitment
ISO-9
Changes
Section 5.1.1: Leadership & Commitment
Top mgmt shall demonstrate leadership and commitment with respect to the QMS by
Taking accountability for the effectiveness of the QMS.
Ensuring quality policy and quality objectives are established for the QMS and are compatible with context and strategic direction of the organization.
Ensuring integration of QMS rqmts into organization’s business processes.
Promoting the use of the process approach and risk-based thinking.
Ensuring that the resources needed for the QMS are available.
Communicating the importance of effective quality mgmt & of conforming to the QMS requirements.
Ensuring that the QMS achieves its intended results.
Engaging, directing & supporting persons to contribute to the effectiveness of QMS.
Promoting improvement.
Supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Verify metrics are in line with customer requirements & strategy VP Date XXX

36. Changes Section 5.1.1.1: Corporate Responsibility
The organization is to define and implement corporate responsibility policies… at a minimum an anti-bribery policy, an employee code of conduct, and an ethics escalation policy (“whistle-blowing policy”).
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Develop training for all on ethics policy , conduct , anti bribe , and whistle blowers
Delivery of training & records / add to training matrix HR date XXX
Audit new employees & those absent for this

37. Changes Section 5.1.1.2: Process effectiveness and efficiency
The requirement for an organization to review their processes to ensure effectiveness and efficiency was covered in ISO/TS 16949, Section
Based on survey feedback, the IATF strengthened the requirement to ensure that the results of process review activities will now be included in management review.
Process review activities need to include evaluation methods and, as a result, implement improvements.
The results of these steps would be an input to the management review process. Top management is thus performing a review of the process-specific reviews performed by the process owners.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
VP to review all metrics to assure E/E are intact & if not establish new ,metrics Date XXX

38. Changes Section 5.1.1.3: Process Owners
ISO/TS 16949:2009 addresses management responsibility and authority, but it does not explicitly mention that management ensure process owners understand their role and are competent.
The IATF adopted this new requirement to ensure that management understands this expectation, by specifically identifying these process owners and ensuring they can perform their assigned roles.
This requirement recognizes that process owners have the authority and responsibility for activities and results for the processes they manage.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Each process owner to update their process maps Date xxx

39. Changes Section 5.2.1: Quality Policy - Establish
ISO-9
Changes
Section 5.2.1: Quality Policy - Establish
Top mgmt shall establish, implement and maintain a quality policy that:
is appropriate to the purpose & context of the org & supports its strategic direction
provides the framework for setting its quality objectives;
includes commitment to satisfy applicable requirements;
includes commitment to continual improvement of the QMS.
Section 5.2.2: Quality Policy - Communication
The Quality Policy
available as documented information
communicated, understood and applied within the organization
available to relevant interested parties, as appropriate.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

40. Changes Section 5.3: Org Roles, Responsibility & Authority
ISO-9
Changes
Section 5.3: Org Roles, Responsibility & Authority
Top mgmt shall ensure responsibilities & authorities for relevant roles are assigned, communicated & understood within the organization.
Top management shall assign the responsibility and authority for:
ensuring QMS conforms to requirements of this International Standard
ensuring that the processes are delivering their intended outputs
reporting on the performance of the QMS & opportunities for imprvmt (10.1), for top mgmt
ensuring the promotion of customer focus throughout the organization (VOC)
ensuring the integrity of QMS is maintained when changes to QMS are planned / implemented
Refer to ISO-9001:2015; Section 9.3 – Mgmt Review for additional Mgmt Roles/Resp
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

41. Changes
Section 5.3.1: Organ’tnl roles, responsibilities, and authorities – supplemental
This requirement was already part of ISO/TS 16949:2009.
However, based on IATF survey feedback, the IATF adopted some modifications to the requirement to address the need to document assigned personnel responsibilities and authorities.
Additionally, this clause now clarifies that the goal is not just to address customer requirements but also to meet customer requirements fully.
Personnel involved in capacity analysis, logistics information, customer scorecards, and customer portals now also need to be assigned and documented, per the requirements in this section.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XX
Assign process owner customer portal / scorecard / cap/ logistsics Sales Date XXX

42. Changes
Section 5.3.2: Responsibility & authority for product rqmts & corrective Actions
Differs from ISO/TS16949:2009; Section (Modification)
Note: Due to the process design in some industries, it might not always be possible to stop production immediately. In this case, the affected back must be contained and shipment to the customer prevented.
Production operations across all operational shifts staffed with personnel in charge of / or delegated responsibility to ensure conformity to product requirements
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
STOP call wait signs order & post Date XXX Mfg VP

43. QMS-Team GAP Participant Names
Section 5; Leadership
Changes to
ISO-9 / IATF-16 GAP Summary
ISO-9 & IATF-16
QMS-Team GAP Participant Names
Title
QMS Rep Confirmation – Na:
Da:
Additional Notes:

44. Changes to LEGEND of the
ISO-9 & IATF-16
ISO-9
- Base Standard ISO-9001:2015 requirements to be met
ISO-9001:2015 & IATF :2016 Elements
Scope
Normative References
Terms & Definitions
Context of The Organization
Leadership
Planning
Support
Operations
Performance Evaluation
Improvement

45. ISO-9
Changes
Section 6 – Planning; 6.1: Actions to Address Risk & Opportunities
When planning QMS, the org shall consider issues referred to in 4.1 & the requirements referred to in 4.2 & determine the risks & opportunities that need to be addressed to:
give assurance that the QMS can achieve its intended results;
enhance desirable effects;
prevent, or reduce, undesired effects;
achieve improvement.
Section 6 – Planning; 6.2: The org shall plan:
Actions to address the risk & opportunities
How to: 1) integrate and implement the actions into its QMS processes (see 4.4)
2) evaluate the effectiveness of these actions.
Refer to ISO “Notes” for more detail
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

46. Changes Section 6.1.2.1: Risk analysis
The need to identify, analyze, and consider actual and potential risks was covered in various areas of ISO/TS
The IATF adopted additional requirements for risk analysis recognizing the continual need to analyze and respond to risk and to have suppliers/organizations consider specific risks associated with the automotive industry.
Organizations would need to periodically review lessons learned from product recalls, product audits, field returns and repairs, complaints, scrap, and rework, and implement action plans in light of these lessons.
The effectiveness of these actions should be evaluated, and actions integrated in to the organization's QMS.
Objective Evidence – Retained documented information as results of risk analysis
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Quick response board in MFG / OPL / Q alerts Mfg VP Date XXX

47. Changes Section 6.1.2.2: Preventive action
The IATF enhanced the requirement found in ISO/TS by integrating what is considered to be a best practice in the automotive industry.
Organizations would need to implement a process to lessen the impact of negative effects of risk, appropriate to the severity of the potential issues
Such a process would include: identifying the risk of nonconformity recurrence, documenting lessons learned, identifying and reviewing similar processes where the nonconformity could occur, and applying lessons learned to prevent such potential occurrence.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

48. Changes Section 6.1.2.3: Contingency plans
The expanded requirement ensures the organization defines and prepares contingency plans along with a notification process.
Organizations first take a systematic approach to identifying and evaluating risk for all manufacturing processes, giving particular attention to external risk.
Contingency plans( CP) would be developed for any of the outlined disruption conditions -- interruption of externally provided products, processes, and services, recurring natural disasters, fire, or infrastructure-related disruptions. Shall periodically test CP.
Customer notification is a mandatory step in any contingency plan, unless there is no risk to deliver nonconforming product or affect on-time delivery
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Update Contingency plan see bold above Date XXX VP
Reminder for annual table top test / perform table top review Date VP

49. Changes 6.2: Quality Objectives & Planning;
ISO-9
Changes
6.2: Quality Objectives & Planning;
The organization shall establish quality objectives at relevant functions,
levels and processes needed for the QMS. The quality objectives shall:
be consistent with the quality policy
be measurable
take into account applicable requirements
be relevant to conformity of products & services & enhance cust-satisfaction
be monitored
be communicated
be updated as appropriate.
  The organization shall maintain documented information on the quality objectives.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

50. Changes POLICY 6.2: Quality Objectives & Planning;
ISO-9
Changes
6.2: Quality Objectives & Planning;
6.2.2 When planning how to achieve its quality objectives, the org shall determine:
what will be done
what resources will be required
who will be responsible
when it will be completed
how the results will be evaluated.
  The organization shall maintain documented information on the quality objectives.
Strategic Q-Plan
StrategicAction1
POLICY
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

51. Changes
Section : Quality objectives & planning to achieve them – supplemental
ISO/TS included the importance of addressing customer expectations in the NOTE to Section The IATF enhanced the requirement by requiring that it be done at all levels throughout the organization.
In ensuring quality objectives meet customer requirements, these objectives need to consider customer targets.
Personnel should be aware of, and committed to, achieving results that meet customer requirements.
Quality objectives and related performance targets should be periodically reviewed for adequacy (at least annually).
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Mgt review process review perf targets Date XXX VP

52. Changes 6.3: Planning of Changes
ISO-9
Changes
6.3: Planning of Changes
When the organization determines the need for changes to the QMS, the changes shall be carried out in a planned manner (see 4.4). The org shall consider:
the purpose of the changes and their potential consequences
the integrity of the QMS
the availability of resources
the allocation or reallocation of responsibilities and authorities.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

53. QMS-Team GAP Participant Names
Section 6; Planning
Changes to
ISO-9 / IATF-16 GAP Summary
ISO-9 & IATF-16
QMS-Team GAP Participant Names
Title
QMS Rep Confirmation – Na:
Da:
Additional Notes:

54. Changes to LEGEND of the
ISO-9 & IATF-16
ISO-9
- Base Standard ISO-9001:2015 requirements to be met
ISO-9001:2015 & IATF :2016 Elements
Scope
Normative References
Terms & Definitions
Context of The Organization
Leadership
Planning
Support
Operations
Performance Evaluation
Improvement

55. ISO-9
Changes
7.1: Resources
The organization shall determine and provide the resources needed
for the establishment, implementation, maintenance and continual
improvement of the QMS. The org shall consider:
the capabilities of, and constraints on, existing internal resources
what needs to be obtained from external providers.
People - The organization shall determine and provide the persons
necessary for the effective implementation of its QMS and
for the operation and control of its processes.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

56. ISO-9
Changes
7.1: Resources
Infrastructure – The organization shall determine, provide and
maintain the infrastructure necessary for the operation of its
processes and to achieve conformity of products and services.
Note: Infrastructure can include:
the capabilities of, and constraints on, existing internal resources
what needs to be obtained from external providers.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

57. Changes Section 7.1.3.1: Plant, facility, and equipment planning
This updated section includes an increased focus on risk identification and risk mitigation, evaluating manufacturing feasibility, re-evaluation of changes in processes, and inclusion of on-site supplier activities.
Many operational risks can be avoided by applying risk-based thinking during planning activities, which also extends to optimization of material flow and use of floor space to control non-conforming product.
Capacity planning evaluation during manufacturing feasibility assessments must consider customer-contracted production rates and volumes, not only current order levels.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

58. Changes 7.1: Resources 7.1.4 Environment for the Operation of Process
ISO-9
Changes
7.1: Resources
Environment for the Operation of Process
The organization shall determine, provide and maintain the environment necessary for the operation of its processes and to achieve conformity of products and services.
Note: A suitable environment can be a combination of human
and physical factors, such as:
social (e.g. non-discriminatory, calm, non-confrontational
psychological stress-reducing, burnout prev’tn, emotionally protective
physical (e.g. temperature, heat, humidity, light, airflow, hygiene, noise)
Factors can differ depending on the products & services provided.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

59. Changes
Section : Environment for the operation of processes – supplemental
This requirement for an organization to "maintain its premises in a state of order, cleanliness, and repair" was preserved from ISO/TS and transferred to IATF
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

60. Changes 7.1.5: Monitoring & Measuring Resources
ISO-9
Changes
7.1.5: Monitoring & Measuring Resources
Monitoring & Measuring Resources
The org shall determine and provide the resources needed to ensure valid and reliable results when monitoring or measuring is used to verify the conformity of products and services to requirements.
The organization shall ensure that the resources provided are:
suitable for specific type of monitoring & measurement undertaken
maintained to ensure their continuing fitness for their purpose.
The organization shall retain appropriate documented information as evidence of fitness for purpose of the monitoring and measurement resources.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

61. Changes Section >>> 7.1.5.1.1: Measurement system analysis
Records are now required for customer acceptance of alternative methods. The previous requirement to analyze variation in measurement results is now extended specifically to inspection equipment.
IATF also clarifies that records of customer acceptance need to be retained along with results from alternative measurement system analysis.
Note: Prioritization of MSA studies to focus on critical or special product or process characteristics.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
QA to check MSA records for alt methods get customer agreement DATE xxx

62. Changes 7.1.5.2: Measurement Traceability
ISO-9
Changes
: Measurement Traceability
When measurement traceability is a requirement, or is considered by the organization to be an essential part of providing confidence in the validity of measurement results, measuring equipment shall be:
calibrated or verified, or both, at specified intervals, or prior to use, against measurement stds traceable to international or national measurement stds when no such std exist, the basis used for calibration or verification shall be retained as documented information
identified in order to determine their status
safeguarded from adjustments, damage or deterioration that would invalidate the calibration status and subsequent measurement results.
The organization shall determine if the validity of previous measurement results has been adversely affected when measuring equipment is found to be unfit for its intended purpose, and shall take appropriate action as necessary.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

63. Changes
Section : Calibration/verification records (Documented Process)
This updated section helps ensure that customer requirements are met through enhanced calibration/verification record retention requirements, including software installed on employee-owned or customer-owned equipment.
IATF clarifies that a documented process is required to manage calibration/verification records in order to provide evidence of conformity, and this includes any on-site supplier-owned equipment.
Inspection, measurement, and test equipment calibration/verification activities need to consider applicable internal, customer, legislative, and regulatory requirements in order to establish approval criteria.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
QA to create cal procedure / process including software test Date xxx

64. Changes Section 7.1.5.3.2: External laboratory
This updated section allows the organization to conduct second-party assessments of laboratory facilities, but requires customer-approval of the assessment method.
The clause also clarifies that internal laboratory requirements apply even when calibration is performed by the equipment manufacturer, and that use of calibration services may be subject to government regulatory confirmation.
Example: scales – USA / State weights & measures
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

65. Changes 7.1.6: Organizational Knowledge
ISO-9
Changes
7.1.6: Organizational Knowledge
The organization shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services.
This knowledge shall be maintained and made available to the extent necessary.
When addressing changing needs and trends, the organization shall consider its current knowledge and determine how to acquire or access any necessary additional knowledge and required updates.
See ISO-9001:2015 for [2] Notes
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

66. Changes 7.2: Competence – the org shall:
ISO-9
Changes
7.2: Competence – the org shall:
determine the necessary competence of person(s) doing work under its control that affects the performance and effectiveness of the QMS
ensure that these persons are competent on the basis of appropriate education, training, or experience
where applicable, take actions to acquire the necessary competence, and evaluate the effectiveness of the actions taken;
retain appropriate documented information as evidence of competence
NOTE: Applicable actions can include, for example, the provision of training to, the mentoring of, or the reassignment of currently employed persons; or the hiring or contracting of competent persons.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

67. Changes Section 7.2.1: Competence – supplemental (Documented Process)
This section adds a requirement of “awareness,” which includes knowledge of an organization’s (supplier’s) quality policy, quality objectives, personnel contribution to the QMS, benefits of improved performance, and implications of not conforming with QMS requirements.
It also further emphasizes the customer requirements for OJT (on-the-job training), not just quality requirements.
Note that the use of the term "process" rather than "procedure“ implies that these activities need to be managed (via the plan-do-check-act cycle), and not merely performed.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
HR procedure competence / training matrix update Date XXX

68. Changes Section 7.2.2: Competence – on-the-job training
IATF enhances the emphasis of on-the-job training and its importance in meeting customer requirements, including other interested parties.
The process would consider any relevant interested party requirements as an input in determining the need for on-the-job training, and then consider the level of education and complexity of the tasks in determining the method used.
This training must also include contract or agency personnel, and convey the consequences of nonconformity to customer requirements to all persons whose work affects quality.
Examples of competence: conformity to quality requirements, internal requirements, regulatory or legislative requirements
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

69. Changes
Section 7.2.3: Internal auditor competency (Documented Process)
This section features greatly-enhanced requirements to the organization's internal auditor competency to ensure a more robust internal audit process.
Organizations need to establish a documented process that considers the competencies required by this clause, take actions to address any deficiencies, assess the effectiveness of action taken, and record a list of the approved auditors.
The clause differentiates between quality management system auditors, manufacturing process auditors, and product auditors, and clarifies the competence requirements for each type of audit.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
HR competence procedure / trainimg matrix update Date XXX
List of system , product , mfg process auditors Date XXX

70. Changes Section 7.2.4: Second-party auditor competency
This new section outlines requirements for second-party auditors ensuring they are properly qualified to conduct those types of audits, with customer specific requirements being a main focus.
The same core competencies that apply to internal auditors should, at a minimum, also apply to second-party auditors.
Understanding of: Automotive Risk-base thinking, Customer/Org specific requirements, ISO-9001 & IATF16949 requirements as related to audit scope, manufacturing process(es) / P-FMEA and Control Plans, applicable AIAG Core Tools & Audit Guidelines in accordance with ISO
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Training matrix HR date XXX

71. ISO-9
Changes
7.3: Awareness
The org shall ensure that persons doing work under the org’s control are aware of:
the quality policy
relevant quality objectives
their contribution to the effectiveness of the QMS, including the benefits of improved performance
the implications of not conforming with the QMS requirements
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

72. Changes Changes Section 7.3.1: Awareness – supplemental
Includes additional requirements to ensure all employees are aware of their impact on the organization’s (supplier’s) product quality output, customer specific rqmts, and risks involved for the customer with non-conforming product.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
(Documented Process)
Changes
Section 7.3.2: Employee motivation & empowerment
This section did not substantially change, but now requires "maintain[ing] a documented process(es)" for employee motivation and empowerment, instead of simply "having a process."
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
HR procedure for Motiv/ empower Date XXX

73. Changes 7.4: Communication
ISO-9
Changes
7.4: Communication
The organization shall determine the internal and external communications relevant to the QMS, including:
on what it will communicate
when to communicate
with whom to communicate
how to communicate
who communicates
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

74. Changes 7.5: Documented Information Terminology
ISO-9
Changes
7.5: Documented Information
Terminology
2008: Document, documented procedure, quality manual, quality plan, etc.
2015: Maintain documented information
2008: Records
2015: Retain documented information.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

75. Changes 7.5: Documented Information
ISO-9
Changes
7.5: Documented Information
7.5.1 The organization’s QMS shall include documented information:
required by this International Standard
determined by the org necessary for the effectiveness of the QMS.
NOTE: The extent of documented information for a QMS can differ from one organization to another due to the:
- size of org & its type of activities, processes, products, and services
- complexity of processes and their interactions
- competence of persons
When creating & updating documented information, the org ensure appropriate:
identification and description (e.g. a title, date, author, or reference no)
format (language, software version, graphics) & media (paper, electronic)
review and approval for suitability and adequacy
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

76. Changes
Section : Quality mgmt system documentation (Documented Process)
The IATF retained the quality manual requirement that was removed in ISO 9001:2015; however, the quality manual can be one main document or a series of multiple documents (hard copy or electronic).
This section also requires that the organization’s processes and interactions are documented as part of their QMS.
The quality manual needs to document where in the organization's QMS customer-specific requirements are addressed.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
QA procedure / process maps / CSR requirement need be identified Date XXX

77. Changes 7.5.3: Control of Documented Information
ISO-9
Changes
7.5.3: Control of Documented Information
Documented information required by the QMS and by this International Standard
shall be controlled to ensure it is:
available and suitable for use, where and when it is needed;
adequately protected (e.g. from loss of confidentiality, improper use, or loss of integrity).
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

78. Changes 7.5.3: Control of Documented Information
ISO-9
Changes
7.5.3: Control of Documented Information
For the control of documented information, the organization shall address the
following activities, as applicable:
distribution, access, retrieval and use
storage and preservation, including preservation of legibility
control of changes (e.g. version control)
retention and disposition.
Documented information of external origin determined by the organization to be necessary for the planning and operation of the QMS shall be identified as appropriate, and be controlled.
Documented information retained as evidence of conformity shall be protected from unintended alterations.
NOTE: Access can imply a decision regarding the permission to view the documented information only, or permission & authority to view & change the documented information.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

79. Changes Section 7.5.3.2.1: Record retention
This section now requires a record retention process that is defined and documented, and that includes the organization’s record retention requirements.
Specifically calls out production part approvals, tooling records, product and process design records, purchase orders, and contracts/amendments.
If there is no customer or regulatory agency retention period requirements for these types of records, "the length of time that the product is active for production and service requirements, plus one calendar year" applies.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
VP / QA revise record retention list Date XXX

80. Changes
Section : Engineering specifications (Documented Process)
Added an engineering specifications requirement that the process is documented and agreed with the customer.
This section also clarifies product design changes and product realization process changes, and the alignment to related sections.
If there are no other overriding customer agreements, reviews of engineering standards/specifications changes should be completed within 10 working days of receipt of notification.
Engineering standards/changes resulting in produce change must refer back to ISO-9001, Section 8.3.6
Key: keep in mind the interaction of ISO-9001 & IATF-16949
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
ENG procdure for change control including Eng specs / 10 days Date XXX

81. QMS-Team GAP Participant Names
Section 7; Support
Changes to
ISO-9 / IATF-16 GAP Summary
ISO-9 & IATF-16
QMS-Team GAP Participant Names
Title
QMS Rep Confirmation – Na:
Da:
Additional Notes:

82. Changes to LEGEND of the
ISO-9 & IATF-16
ISO-9
- Base Standard ISO-9001:2015 requirements to be met
ISO-9001:2015 & IATF :2016 Elements
Scope
Normative References
Terms & Definitions
Context of The Organization
Leadership
Planning
Support
Operations
Performance Evaluation
Improvement

83. Changes 8.1: Operational Planning & Control
ISO-9
Changes
8.1: Operational Planning & Control
The org shall plan, implement &control the processes (see 4.4) needed to meet rqmts for provision/products & services, & to implement actions determined in Clause 6, by:
determining the requirements for the products and services
establishing criteria for the:
processes & acceptance of product and services
determining resources to achieve conformity to product & service rqmts
implement control of the processes in accordance with the criteria;
determining, maintaining &retaining documented information necessary to:
have confidence that the processes have been carried out as planned
demonstrate products & services conformity to their requirements.
The output of this planning shall be suitable for the organization’s operations.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

84. Changes 8.1: Operational Planning & Control
ISO-9
Changes
8.1: Operational Planning & Control
The organization shall control planned changes and review the consequences of unintended changes; taking action to mitigate any adverse effects, as necessary.
The organization shall ensure that outsourced processes are controlled (see 8.4).
Outsourced: an arrangement made where an external organization performs part of an organization’s function or process.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

85. Changes Section 8.1.1: Operational planning and control — supplemental
This section features enhanced detail to ensure key processes are included and considered when planning for product realization.
The required topics include customer product requirements and technical specifications, logistics requirements, manufacturing feasibility, project planning, and acceptance criteria.
The section also clarifies the "resources needed to achieve conformity" encompasses all aspects of the development process, not just the manufacturing process requirements.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

86. Changes 8.2.1: Customer Communications
ISO-9
Changes
8.2.1: Customer Communications
Communication with customers shall include:
providing information relating to products and services;
handling enquiries, contracts or orders, including changes;
obtaining cust feedback relating to products and services, incldg cust complaints;
handling or controlling customer property;
establishing specific requirements for contingency actions, when relevant.
8.2.2: Determining Product & Services Requirements
When determining the requirements for the products and services to be offered to customers, the organization shall ensure that:
the requirements for the products and services are defined, including:
- any applicable statutory and regulatory requirements;
- those considered necessary by the organization;
the organization can meet the claims for the products and services it offers.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

87. Changes Section 8.1.2: Confidentiality
Only a minor edit to clarify confidentiality "includes" related product information, instead of using the word "and." There is no change in intent.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Section : Customer communication — supplemental
Added a requirement that the communication language (written or verbal) must be agreed with the customer.
This should be considered when determining the necessary competence for roles that require customer communication
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

88. Changes
Section : Determining requirements for products & services – supplemental
The IATF strengthened the standard by elevating Notes 2 and 3 of the former clause into requirements.
This suggests current organizational knowledge regarding recycling, environmental impact, and product and manufacturing process characteristics should be standardized.
This knowledge would be systematically reviewed and used when determining the requirements for the products and services to be offered to customers.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

89. Changes 8.2.3: Review of Product & Services Requirements
ISO-9
Changes
8.2.3: Review of Product & Services Requirements
The org shall ensure the ability to meet the requirements for products and
services to be offered to customers & shall conduct a review before committing
to supply products and services to customer, to include:
requirements specified by the customer, including the requirements for delivery and post-delivery activities
requirements not stated by the customer, but necessary for the specified or intended use, when known
requirements specified by the organization
statutory and regulatory requirements applicable to the products and services
contract or order requirements differing from those previously expressed.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

90. Changes 8.2.3: Review of Product & Services Requirements
ISO-9
Changes
8.2.3: Review of Product & Services Requirements
(continued)
The organization shall ensure that contract or order requirements differing from those previously defined are resolved.
The customer’s requirements shall be confirmed by the organization before acceptance, when the customer does not provide a documented statement of their requirements.
NOTE: In some instances, such as internet sales, a formal review is impractical for
each order. Instead, the review can cover relevant product information, such
as catalogues.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

91. Changes
Section : Review requirements for products & services — supplemental
IATF strengthens this requirement by requiring the organization to retain a documented customer authorization for waivers of formal reviews for products and services.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Section : Customer-designated special characteristics
This section changes the action from "demonstrate conformity“ to "conform," and clarifies that it refers to "approval documentation," rather than just "documentation.“
There is no change in intent.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)

92. Changes Section 8.2.3 (continued)
ISO-9
Changes
Section (continued)
The organization shall retain documented information, as applicable:
on the results of the review;
on any new requirements for the products and services.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

93. Changes Section 8.2.3.1.3: Organization manufacturing feasibility
Enhanced requirements for manufacturing feasibility analysis through the following changes:
Requiring a multidisciplinary approach to analyze feasibility, considering all engineering and capacity requirements
Requiring this analysis for any new manufacturing or product technology, and for any changed manufacturing process or product design.
The organization should validate their ability to make product specifications at the required rate. These should consider customer-specific requirements.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

94. Changes 8.2.4 Changes to Requirements for Products & Services
ISO-9
Changes
8.2.4 Changes to Requirements for Products & Services
The organization shall ensure that relevant documented information is amended, and that relevant persons are made aware of the changed requirements, when the requirements for products and services are changed.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

95. Changes
Section : Design & development of products and services – supplemental
Strengthened the standard by elevating the NOTE in the former section to a requirement, and added a requirement for documentation of the design and development process.
As the concept of the design and development process in the automotive industry includes manufacturing design and development, the requirements from other parts in Section 8 should be considered complimentary in the context of manufacturing and product design and development.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

96. Changes
Section : Design and development planning – supplemental
Clarifies when the multidisciplinary approach is to be used and who should be involved. Specifically, it must include all affected stakeholders within the organization and, as appropriate, its supply chain.
Additional examples are provided of areas where such an approach may be used during design and development planning (including project management), and the note further clarifies that purchasing, supplier, and maintenance functions might be included as stakeholders.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Changes
Section : Product design skills
This section adds a NOTE as an example of a product design skillset. There is no change in intent.

97. Changes
Section : Development of products with embedded software
This new clause adds requirements for organization-responsible embedded software development and software development capability self-assessments.
Organizations must use a process for quality assurance of products with internally developed embedded software, and have an appropriate assessment methodology to assess their software development process.
The software development process must also be included within the scope of the internal audit program; the internal auditor should be able to understand and assess the effectiveness of the software development assessment methodology chosen by the organization
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
If future products have embedded software we will carry out reqts at that time

98. Changes Section 8.3.3.1: Product design input
This section expanded the minimum set of product design input requirements, emphasizing regulatory and software requirements.
New and broadened requirements include: product specifications; boundary and interface requirements; consideration of design alternatives; assessment of risks and the organization's ability to mitigate/manage those risks; conformity targets for preservation, serviceability, health, safety, environmental, and development timing; statutory and regulatory requirements for the country of destination; and embedded software requirements.
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

99. Changes Section 8.3.3.2: Manufacturing process design input
Expanded the list of manufacturing process design inputs including: product design output data including special characteristics, targets for timing; manufacturing technology alternatives; new materials; product handling and ergonomic requirements, and; design for manufacturing and design for assembly.
This could include consideration of alternatives from innovation and benchmarking results, and new materials in the supply chain that could be used to improve the manufacturing process capacity.
This section also further strengthened the requirements by transforming the former NOTE regarding error-proofing methods into a requirement
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX

100. Changes Section 8.3.3.3: Special characteristics (Documented Process)
Identify the source of special characteristics and including risk analysis to be performed by the customer or the organization.
Expands the list of sources used to identify special characteristics, along with the requirements related to those special characteristics.
Special characteristics need to be marked in all applicable cascaded quality planning documents; monitoring strategies should focus on reducing variation, which is typically done using statistical techniques.
The organization must also consider customer-specific requirements for approvals and use of certain definitions and symbols, including submission of the symbol conversion table, if applicable and required
GAP Actions / Date / Resp (id-Names of assessment for self-declared training record)
QA manual re-write QA Mgr/ VP Date XXX
Procedure for SC’s eng date XXX