IATF 16949:2016 Transition Q & A from IAOB

Welding robots movement in a car factory

Cherie Reiche, program manager for International Automotive Oversight Bureau (IAOB) recently presented at Eagle Certification Group’s June Boot Camp to discuss progress of the IATF 16949 transition and the unique intent behind some of the new requirements.   While no FAQs or SIs have yet been published for IATF 16949:2016, Cherie shared some of the common questions that IAOB and IATF members have received for interpretation and clarification from Certification Body automotive auditors.

Must both ISO 9001:2015 and IATF 16949:2016 be used when conducting audits?
Answer:  Yes, as it states in the IATF 16949 Foreword – Automotive QMS Standard, IATF 16949 is not a stand-alone standard, it must be used in conjunction with ISO 9001:2015.

Will the IATF be granting waivers for those organizations who cannot meet the transition plan timing?
Answer:  No, there are no plans to approve/grant waivers.  If the organization does not complete their transition audit in a timely manner (including allowing time for Non Conformance management and CB certification decision), then the organization will lose their certification.  ISO/TS 16949 certificates are not valid past their expiry or September 14, 2018.

Is IATF 16949, Section 4.4.1.2 related to product safety during manufacturing or final customer product safety concerns?
Answer:  4.4.1.2 was created to address final customer safety concerns (braking systems, airbags, fuel systems, etc.).  If the product (or process) is a safety item on the final product, then the organization has to identify the statutory and regulatory product safety requirements that must be met, along with items a) through m) in 4.4.1.2.  This is one of IATF 16949’s required documented processes, so inputs/outputs, metrics, etc. are required.

Can an organization demonstrate competence only through degrees and certifications for their employees?
Answer:  No, there are multiple ways for an organization to identify training needs and achieving the necessary competence for their personnel.  It is up to the organization to define (and document) training needs, including awareness, and competency requirements for all personnel performing activities that impact conformity to product and process requirements.

What about competency for internal auditors and second party auditors?  Do they all have to take an IATF-sanctioned lead auditor training course?
Answer:  No.  Organizations are responsible for ensuring key personnel, including their auditors, are properly trained and competent.  The IATF supports the use of IATF-recognized training providers; however, the IATF does NOT mandate the use of a lead auditor training course for all auditors in the organization.  Organizations are still allowed to have key personnel trained and certified as lead auditors, and then use those key personnel to train-the-trainer to disseminate the information throughout the organization.

If an organization is not design responsible for the software used in their product, does 8.3.2.3 (embedded software) apply?
Answer:  Section 8.3.2.3 refers to internally developed embedded software, not “functional test” software to see if a widget works (or not) during production.  For those organizations that are design responsible for the software used in their product, they must use a software development assessment methodology to assess their own software development process.  Annex B contains suggested Software Process Assessments such as CMMI or SPICE.

What is the goal of 8.4.2.3?  Do all organizations supplying automotive product have to be IATF 16949 certified?
Answer:  The ultimate objective is to have IATF 16949 certification; however, the IATF recognizes that for various reasons, that is not feasible for all organizations.  At a minimum, the expectation is for organizations to be certified to ISO 9001:2015, unless otherwise authorized by the organization’s customers.  Items a) through e) are a cadence which is applicable to the entire automotive supply base.

How are 8.3.2.3 and 8.4.2.3.1 different?
Answer:  8.3.2.3 refers to the organization itself and their internally developed embedded software. 8.4.2.3.1 refers to the organization’s suppliers of automotive product related software.  The organization needs to ensure that their suppliers of automotive product related software implement and maintain a process for software quality assurance for their products.

SimpleQuE will be sharing more information from IAOB and other Eagle Boot Camp sessions in future posts and on social media.  Follow us on Facebook, LinkedIn and Twitter for the latest quality and certification news.

Sign Up For Our Newsletter

SimpleQuE shares an important AS9100:2016 transition timeline reminder from IAQG

SQ_Infographic_AS9100Timeline Revised for Sept release

“The IAQG Other Party Management Team (OPMT) would like to remind all certificated organizations that there are two key target dates within the “International Aerospace Quality Group (IAQG) Other Party Management Team (OPMT) Supplemental Rule 003 – Rules for 9100/9110/9120:2016 and 9101:2016 Transition” document that were established in order to ensure that a certified organization transition occurs prior to the 15 September 2018 end date.

The first key target has now passed. In accordance with SR003; “10.a By March 1, 2017 AQMS certified organizations shall communicate with their CB to establish an intended date for 9100/9110/9120:2016 AQMS standard transition readiness.”  We greatly appreciate the efforts that certificated organizations have taken to meet this requirement and would like to remind those that have not yet made transition plans; there is an elevated risk of not meeting the 2018 end date if you have not established and communicated the aforementioned date to your CB.

The second key target date in SR003 is 15 June 2017. In accordance with SR003; 9.g No initial, surveillance or recertification audits shall be started to the previous versions of the AQMS standards after June 15, 2017.” We must ensure that transition has a start date or Certification Bodies may face auditor resource issues in 2018 as the transition end date approaches.”

SimpleQuE is an ISO 9001:2015 certified company that provides ISO, AS and IATF consulting services from quality experts to assist organizations in successfully meeting transition targets. Contact us for more information.  IAQG also provides AS9100 D transition support materials.

Look Fors – Part 2: Leadership

Stock quotes price charts and a magnifying glass with stock price in detail.

Would you like to know what 3rd party auditors are looking for when auditing how your company complies with quality system standards like ISO 9001:2015? 

What are 3rd party auditors looking for?  This is the second of a three part series by Jim Lee, President of simpleQuE

Clause 5 of ISO 9001:2015 – Leadership

Leadership is the focus of this clause, which means top management now has greater accountability, responsibility and involvement in the organization’s management system. The standard wants to see that leadership demonstrates leadership and support for the quality management system (QMS). They need to integrate the QMS into the organization’s business strategic direction, to ensure the management system achieves its intended outcomes and allocate the necessary resources. Top management is also responsible for communicating the importance of the QMS and enhancing employee awareness and involvement.

With this clause there is a requirement that top management will be present and leading the implementation and monitoring of the QMS.  Processes within the QMS must have process owners. In addition, leadership shall demonstrate leadership and commitment with respect to customer focus and the continual improvement aspect of the business.  3rd party auditors will be scheduling time with the management and leadership team asking questions and looking for the items below as objective evidence.

  • Established and communicated quality policy, objectives, strategic direction, and performance
  • Organizational chart, job descriptions and other evidence that responsibilities and authorities are defined and communicated
  • Metrics evaluated in the Management Review and the overall effectiveness of the key business processes
  • Actions being taken when goals are not met, and when trends for performance are going the wrong way. They want to see management is looking at the data and taking actions when necessary.
  • Promotion of risk based thinking and evidence of risk management processes with action items when risks are too high. This might include contingency plans, safety stocks, inventory levels, supplier selection and qualification process, etc. as a very few of the many possible ways to demonstrate this.
  • Involvement in audit activity and reviewing the outcomes and assessing the risks and actions that might be necessary for the QMS
  • Customer satisfaction and perception
  • Identification of contract terms and conditions and customer requirements, including any laws that must be met. How are these evaluated, understood, communicated and implemented in the departments that need to know and comply?
  • Evidence of continued improvement , which denotes that performance is monitored and tracked with trends
  • The company’s context changes over time, and the needs of stakeholders too. Management needs to be aware of the changing context and issues affecting the business to adjust the strategic direction.

Not that all of the elements listed above will be needed, but organizations may risk failure if they do not:

  • Identify process owners
  • Use metrics to monitor performance of the QMS
  • Include performance metrics in the Management Review
  • Develop action plans when performance goals are not met
  • Develop customer communication processes
  • Respond to customer complaints
  • Consider results of customer feedback/surveys and take appropriate actions
  • Identify internal customer requirements
  • Make improvement part of the quality policy
  • Align roles and responsibilities with processes
  • Contingency and emergency roles and responsibilities not defined
  • Have appropriate training and awareness of the ISO 9001:2015 requirements

Coming soon – Part 3 and what auditors are looking for in regard to Risk.  Also, read more about Context of the Organization in Part 1.

Source:  NQA’s Teaming Conference – August 2017

SimpleQuE’s IATF 16949 Gap Audit Checklist is Now Available!

Innovation concept. Businessman throw a paper plane symbolizing acceleration and innovation.

The automotive quality standard has come a long way since its first inception in 1994.  With the new standard and more than 200 changes, simpleQuE recognized the need for an IATF Gap Audit Checklist to assist companies with the transition. The checklist includes the new automotive requirements (IATF 16949:2016 and ISO 9001:2015) and is intended to be used as a tool to identify both compliance with the new requirements and the differences between ISO/TS 16949:2009 and the new requirements.

The utilization of this checklist, when populated with objective evidence of compliance and non-compliance, will satisfactorily demonstrate you have audited the differences between ISO/TS 16949 standard and the new requirements.  It should be used with your certification body as evidence of internal audits to the new IATF 16949 and ISO 9001:2015 requirements.  It’s one of the methods simpleQuE auditors and consultants use with our own clients.

A free half hour of phone or email consulting with a simpleQuE expert is included with the checklist for the purchase price of $300.

The simpleQuE team wishes you a smooth and simple transition!

Look Fors – Part 1: Context of the Organization

Research

What are 3rd party auditors looking for?  This is the first of a three part series by Jim Lee, President of simpleQuE

Clause 4 of Annex SL – Context of the Organization

This is the cornerstone of a management system and the business’ strategic direction.  An organization needs to identify internal and external issues that can impact its intended outcomes, as well as all interested parties and their requirements.  It needs to document its scope and set the boundaries of the management system to line up with business objectives.

The context doesn’t have to be documented, so 3rd party auditors (as well as internal auditors) will be asking questions of various management members, and looking for these as objective evidence that an organization understands its context and considers all the factors and stakeholders affecting the business.  The items listed below don’t have to exist, but if they do, you want to take credit for them in understanding the context.  Some items may not by themselves demonstrate an understanding of the context, but combined with multiple examples, can provide the evidence an auditor is looking for.

  • Business plan
  • Strategic plan
  • SWOT analysis (Strengths Weaknesses Opportunities Threats)
  • Vision and mission statement
  • Process mapping
  • External parties identified
  • Lesson learned
  • Surveys
  • Internal meeting minutes to determine company goal setting
  • Metrics to measure effectiveness of QMS
  • Process turtle diagrams
  • Process flow plans
  • Quality manual

Not that all of the elements listed above will be needed, but organizations may risk failure if they do not:

  • Identify or understand their primary competitors
  • Mention civic responsibility
  • Consider future business trends
  • Identify all customer requirements
  • Identify local/state/national requirements
  • Identify required outputs needed for internal customers
  • Identify uncertainties like negative risks or positive opportunities
  • Determine the processes used to flow the business from quote to delivery
  • Identify outsources processes
  • Establish process goals

 

Coming in future articles – what auditors are looking for in regard to Leadership and Risk.

 

SimpleQuE Spotlight: Barb Dodson

SQ-spotlight

 

Executive Vice President and Chief Operations Officer Deanne Sparr welcomed Barb with these words, “We’re thrilled to have Barb as part of the simpleQuE team! Her attention to detail and knowledge of certification requirements is exactly the support we are excited to add to our staff and to provide to our clients.”

 

What is your name?  Barbara Dodson.

What is your position and what do you do for simpleQuE?  Operations Manager – I’m responsible for client relations and oversight of the performance of audit activities. I am also a lead auditor for ISO 9001.

How long have you worked for simpleQuE? I joined simpleQuE on Oct 31, 2016.

What do you like most about working for simpleQuE?  SimpleQuE doesn’t take a one-size-fits-all approach – we understand that each client is unique and has different needs.

What is your greatest accomplishment – work or personal? My greatest personal accomplishment is raising two wonderful children.

When you are not working, where can people find you? Either spending time with my family or relaxing with a good book.

What is your hometown? Canton, OH.

Client satisfaction is pinnacle to your background. What are your client-focused approaches to simpleQuE? I am quick to follow up on any questions and or concerns, I like to pick up the phone and talk to our clients. In this day and age it’s so easy to send off an email, but I have always found that most clients really like to speak to someone personally.

Explain how simpleQuE is different from their competition. Most of our staff and subcontractors have certification body experience which I believe makes a very big difference.

Where is your favorite getaway? I love the beach and one of my favorite vacation spots is Cancun.

How would other people describe you in three words? Ethical, passionate about things that I believe in and caring.

LSI Combines Unique Lighting and Graphics Capabilities to Deliver Image-Enhancing Cost Saving Opportunities to Customers Nationwide

Photo from left to right:  Larry Vance, VP SimpleQuE; Yvette Kilburn, Corporate ISO Coordinator, LSI;  Shawn Toney, President of LSI Lighting;  Virgilio Acevedo, Corporate Director of Quality
Photo from left to right: Larry Vance, VP SimpleQuE; Yvette Kilburn, Corporate ISO Coordinator, LSI; Shawn Toney, President of LSI Lighting; Virgilio Acevedo, Corporate Director of Quality

Whether it’s from New York’s George Washington Bridge to multitudes of CVS retail locations or Burger King restaurants around the country, LSI Industries’ high-performance, energy-efficient lighting and image-enhancing graphics are optimizing customers’ brands, products and services.  For 40 years, LSI has been proudly serving the commercial, industrial, institutional and specification markets with a broad offering of architectural and professional-grade lighting fixtures utilizing a range of integrated controls and lighting technologies from LED to traditional HID and fluorescent.

LSI is committed to advancing solid-state LED technology to make affordable, high performance, energy-efficient lighting and custom graphic products that bring value to their customers. With a vast offering of innovative solutions for virtually any lighting or graphics application, LSI provides sophisticated lighting and energy management control solutions to help customers manage their energy performance. And in addition, offers a full range of design support, engineering, installation and project management services to customers.

LSI’s major markets include commercial / industrial lighting, entertainment venues, petroleum / convenience stores and multi-site retail facilities (including automobile dealerships, restaurants and national retail accounts). Headquartered in Cincinnati, Ohio, LSI has facilities both there and in seven other states.

Guided by Larry Vance, Jim Bannan and a team of simpleQuE consultants, LSI achieved ISO 9001:2015 certification through Eagle RegistrationsCongratulations LSI Lighting!

The Quality Connection

SQ_QualityConnection

As a consulting company, simpleQuE specializes in quality and environmental management systems and we are frequently asked what services we provide and how we are different from a certification body. This article explains the objectives, roles and responsibilities of the organization, consulting company and certification body to provide a better understanding of the connection between all three.

Organization (Manufacturing or Service Company)

Seeks to achieve one or more of the following objectives:

  • Implement and develop a new quality (QMS) and/or environmental management system (EMS)
  • Upgrade certification or expand to a new standard
  • Improve and/or simplify an existing QMS or EMS registration
  • Obtain certification

Consulting Company (simpleQuE)

Assists organizations with implementation, improvement or transition by:

  • Providing customized consulting, training and internal auditing services and solutions
  • Assessing existing processes through a gap analysis and developing an action plan
  • Offering internal and supplier audits
  • Training for internal auditors and management including implementation and full standard reviews

Helps organization partner with Certification Body:

  • Assuring a common language for auditing and interpretation of the standard so it corresponds with the expectations of the Certification Body and requirements of the standard

Certification Body (Registrar)

Issues certifications: Provides organizations a resource for management system certification by evaluating policies and procedures to verify implementation and effectiveness against the specific requirements of the standard.  Assessment consists of a series of audits:

  • Document review (sometimes combined with Stage 1)
  • Initial certification audit – Stage 1
    • Confirm that organization is ready (or not) for a full Certification Audit. Typically 30-60 days prior to the Stage 2 Certification Audit.
    • Verifies required documentation exists, certain requirements have been met such as a full internal audit completed, a management review completed, and risks considered.
    • Verifies processes have been established and is appropriate for the scope of certification, and that appropriate monitoring and measuring of processes are in place with appropriate objectives.
    • Plans the Certification Audit based on information and data gathered
  • Certification audit – Stage 2
    • A full QMS or EMS audit. Confirms that the management system fully conforms to the requirements of the standard.
    • Certification is issued upon successful completion of Stage 2 assessment and closure of any findings.
  • Surveillance audit
    • Certification is maintained through a series of annual surveillance audits (sometimes semi-annual). Every third year a full recertification audit is performed and a new certificate issued.

In summary, good communication between all partners is important to ensure all requirements and objectives are met in a simple straightforward way to comply with the standard. At simpleQuE we partner with the client and Certification Body to make quality excellence “simple”.

SimpleQuE Spotlight: Blake Russell

SQ_Spotlight_Blake_V2

What is your position and what do you do for simpleQuE?
Senior Director and I work with clients to implement and manage their ISO/AS Quality Management Systems and EMS Environmental Management Systems

What do you like most about working for simpleQuE?
simpleQue is an industry leader in providing ISO consulting and training services.

What is your greatest accomplishment – work or personal?
With my wife, we raised three beautiful daughters who are now intelligent, funny, and productive adults.

What is your favorite QMS standard and why?
ISO 9001 because I have worked with it for almost 30 years and understand how it improves a business.

What attracted you to SimpleQuE?
The leadership and their vision.

When you are not working, where can people find you?
Working around my home, exercising, mountain biking, and enjoying time with my wife.

What was your first job?
Ranch hand in Abilene, TX Continue reading “SimpleQuE Spotlight: Blake Russell”