For automotive suppliers who are having a difficult time meeting the requirements of the new IATF 16949 quality standard, Minimum Automotive Quality Management System Requirements for Sub-Tier Suppliers (MAQMSR) may be an option you want to consider in conjunction with ISO 9001 certification. With initial audit results coming in from certification bodies, it is evident that companies are failing to comply and in some cases IATF certification can’t be achieved.
IAOB released the top IATF 16949 findings based on 3,172 audits conducted as of August 2017 – the top 5 non-conformances overall were written against:
- 5.1.5 Total productive maintenance
- 5.1.1 Control plan
- 1.2.3 Contingency plans
- 5.1 Control of production and service provision
- 2.3 Internal auditor competency
As an option for suppliers, the Minimum Automotive Quality Management System Requirements for Sub-Tier Suppliers (MAQMSR) was released in September 2017 as a possible intermediate step for a supplier’s Quality Management System (QMS) under the authorization of IATF 16949, Section 188.8.131.52.c and Sanctioned Interpretation, SI #8.
Conformance to MAQMSR helps a lower tiered supplier transition to IATF 16949 by allowing many of the key Automotive Requirements to be met while developing the remainder of the QMS. The ultimate goal of the supplier development process is to achieve 3rd party registration to IATF 16949. It is important to note that the customer determines the path and steps, so approval must first be obtained before proceeding. The suggested steps of supplier development referencing 184.108.40.206 are as follows:
- Certification to ISO 9001 through 3rd party audits
- Certification to ISO 9001 + compliance to MAQMSR through 2nd party audits* (suppliers who did not achieve upgrade transition may consider this)
- Certification to ISO 9001 + compliance to IATF 16949 through 2nd party audits*
- Then finally certification to IATF 16949 through third party audits
MAQMSR aligns the Automotive QMS Requirements with the corresponding IATF 16949:2016 section(s); however, it is not certifiable or a third party auditable standard, though the guideline may be referenced during a second party audit *(by customer or with a qualified 2nd party like simpleQuE).
SimpleQuE consultants have been assisting companies to understand their options and make the change to drop ISO/TS 16949 and prepare for ISO 9001:2015 certification. Upon receiving customer approval to use 2nd party audits to be compliant with MAQMSR, our consultants can provide guidance for that process and perform the audits. For more information on MAQMSR, contact us.
By Jim Lee, President of simpleQuE
With the deadline for ISO 9001:2015, ISO 14001:2015, AS9100:2016 and IATF 16949:2016 approaching on September 14, 2018, companies have been slow to transition. The statistics are sobering, although not unexpected. The new ISO standards have been in effect for 2 years but only 6-20% have made the leap. (The number varies among registrars and the ANAB.) The final draft for the AS 9100 series followed a year later, but with the same deadline, and only 3% have upgraded. Even fewer IATF companies have transitioned – and all have only 1 year left to get the upgrade completed.
What should you be doing if you’re one of these companies that has pushed out the inevitable?
- Know that your next scheduled annual audits are the dates when you must transition to the new standards. If your next audit is a recertification and upgrade, you will need to perform the audit at least 2 months prior to your certificate expiring to give you enough time to address any potential nonconformances.
- Review the new standard and do a gap analysis to see where there are differences in your quality (and/or environmental) management system and the changes to the standard. Generic basic checklists are available from your certification body, or detailed gap checklists with tips and explanations can be purchased from simpleQuE. Learn more about simpleQuE’s Gap Checklist for: ISO 9001:2015, ISO 14001:2015, or IATF 16949:2016. Note that IAQG offers a free AS9100D Gap Assessment Workbook.
- Establish an action plan that will have you ready for your audits. Assign responsibilities and due dates to ensure you’re ready on time.
- Train your internal auditors and perform a full system audit to make sure your system is on track and in compliance. You must have evidence of a full internal audit and subsequent management review prior to upgrading with your certification body. If you can’t get your audits done in time you’ll need to outsource them. (SimpleQuE can conduct an internal audit to the new standard after the implementation effort to prepare you for the external audit.)
- Don’t expect to wing it and do nothing in preparation for these changed standards, or you will fail your next audit and lose your certification. Worst case if you aren’t ready in time, you may have to let your certification lapse and then become recertified at a later time when you’re ready. No one wants to hear that, but it is a reality for some who haven’t started.
- If you still aren’t sure how to proceed, work with a consulting firm (like simpleQuE) with certified experts who can provide consulting, training and customized plan to guide you through the transition.
Cherie Reiche, program manager for International Automotive Oversight Bureau (IAOB) recently presented at Eagle Certification Group’s June Boot Camp to discuss progress of the IATF 16949 transition and the unique intent behind some of the new requirements. While no FAQs or SIs have yet been published for IATF 16949:2016, Cherie shared some of the common questions that IAOB and IATF members have received for interpretation and clarification from Certification Body automotive auditors.
Must both ISO 9001:2015 and IATF 16949:2016 be used when conducting audits?
Answer: Yes, as it states in the IATF 16949 Foreword – Automotive QMS Standard, IATF 16949 is not a stand-alone standard, it must be used in conjunction with ISO 9001:2015.
Will the IATF be granting waivers for those organizations who cannot meet the transition plan timing?
Answer: No, there are no plans to approve/grant waivers. If the organization does not complete their transition audit in a timely manner (including allowing time for Non Conformance management and CB certification decision), then the organization will lose their certification. ISO/TS 16949 certificates are not valid past their expiry or September 14, 2018.
Is IATF 16949, Section 220.127.116.11 related to product safety during manufacturing or final customer product safety concerns?
Answer: 18.104.22.168 was created to address final customer safety concerns (braking systems, airbags, fuel systems, etc.). If the product (or process) is a safety item on the final product, then the organization has to identify the statutory and regulatory product safety requirements that must be met, along with items a) through m) in 22.214.171.124. This is one of IATF 16949’s required documented processes, so inputs/outputs, metrics, etc. are required.
Can an organization demonstrate competence only through degrees and certifications for their employees?
Answer: No, there are multiple ways for an organization to identify training needs and achieving the necessary competence for their personnel. It is up to the organization to define (and document) training needs, including awareness, and competency requirements for all personnel performing activities that impact conformity to product and process requirements.
What about competency for internal auditors and second party auditors? Do they all have to take an IATF-sanctioned lead auditor training course?
Answer: No. Organizations are responsible for ensuring key personnel, including their auditors, are properly trained and competent. The IATF supports the use of IATF-recognized training providers; however, the IATF does NOT mandate the use of a lead auditor training course for all auditors in the organization. Organizations are still allowed to have key personnel trained and certified as lead auditors, and then use those key personnel to train-the-trainer to disseminate the information throughout the organization.
If an organization is not design responsible for the software used in their product, does 126.96.36.199 (embedded software) apply?
Answer: Section 188.8.131.52 refers to internally developed embedded software, not “functional test” software to see if a widget works (or not) during production. For those organizations that are design responsible for the software used in their product, they must use a software development assessment methodology to assess their own software development process. Annex B contains suggested Software Process Assessments such as CMMI or SPICE.
What is the goal of 184.108.40.206? Do all organizations supplying automotive product have to be IATF 16949 certified?
Answer: The ultimate objective is to have IATF 16949 certification; however, the IATF recognizes that for various reasons, that is not feasible for all organizations. At a minimum, the expectation is for organizations to be certified to ISO 9001:2015, unless otherwise authorized by the organization’s customers. Items a) through e) are a cadence which is applicable to the entire automotive supply base.
How are 220.127.116.11 and 18.104.22.168.1 different?
Answer: 22.214.171.124 refers to the organization itself and their internally developed embedded software. 126.96.36.199.1 refers to the organization’s suppliers of automotive product related software. The organization needs to ensure that their suppliers of automotive product related software implement and maintain a process for software quality assurance for their products.
SimpleQuE will be sharing more information from IAOB and other Eagle Boot Camp sessions in future posts and on social media. Follow us on Facebook, LinkedIn and Twitter for the latest quality and certification news.
The new IATF 16949:2016 standard, was released October 1, and will be available for purchase October 3. The new Rules 5th Edition will be available for purchase November 1. Continue reading “Transition to IATF 16949 with simpleQuE”
In October 2016 IATF 16949:2016 will be published by IATF and it will replace the current ISO/TS 16949, defining the requirements of a quality management system for organizations in the automotive industry. It will be aligned with ISO 9001:2015 and its structure and requirements. IATF 16949:2016 will be implemented as a supplement to, and in conjunction with, ISO 9001:2015. www.iatfglobaloversight.org
IATF has also released a new transition strategy document for automotive suppliers and certification bodies to help with the transition. It includes information about timing and transition audit requirements. After October 1, 2017 no audits (initial, surveillance, recertification or transfer) will be conducted to ISO/TS 16949:2009. IATF Transition Strategy ISO/TS 16949 › IATF 16949
It is also important to note that IATF/IAOB will recognize TS certified companies that have upgraded to ISO 9001:2015 prior to IATF 16949 and allow reduced audit days when the company does eventually upgrade to the new IATF 16949 standard. Companies should coordinate with their registrar to determine the optimal audit approach and cost benefit. (Separate audits may be not be cost effective, but it will depend on each company’s situation.)
SimpleQuE consultants and instructors are ready to assist companies now with implementation, transitioning and training for ISO 9001:2015 and TS 16949:2009. Consulting and training for IATF 16949 will be available after its release in October. Contact simpleQuE
Tight Transition Timelines
Important updates regarding the Aerospace and Automotive industries were shared with SimpleQuE representatives attending the Smithers Quality Assessment’s annual conference on July 14th. Speakers from the International Automotive Oversight Bureau (IAOB) and International Aerospace Quality Group (IAQG) provided insight into the upcoming changes to the ISO/TS 16949 and AS9100 standards. All are targeted for release in the last 4 months of this year, with certification bodies ready to audit to the new standards in the first quarter of 2017 for AS and possibly later for TS. Transition timelines are going to be exceedingly tight. Here are a few key takeaways:
- The IAOB recommends TS certified companies upgrade to ISO 9001:2015 now, prior to upgrading to TS. The benefit will be less audit days when upgrading to 16949:2016
- The IATF is still working on how it can have more time beyond the September 15, 2018 expiration, before ISO/TS 16949:2009 expires and the 16949:2016 standard has to be implemented.
- The IAOB was very careful not to say the new TS standard is based around ISO 9001:2015, but said it does follow the 10 clauses from Annex SL. They were also careful not to call the new standard ISO/TS 16949:2016.
- There are only 4,353 active TS certificates in the US, down from a high of almost 6,000 prior to the recession.
- OEM’s are raising the bar with the new TS standard and performance is key for the automotive supply chain. (See our previous post – Shifting into High Gear for what we learned about the Rome, Italy meeting with TS stakeholders earlier this year. Many things are still changing from that meeting, so expect differences with the final release.)
- AS is accelerating requirements to upgrade. After June 15, 2017 no certification body can perform audits to the current AS standards. After 6/15/17 all scheduled surveillance and recertification audits must be to the new 2016 standard.
- This prevents companies from waiting until the last minute to upgrade because there are a limited number of AS certification body auditors and it would not be possible to get everyone upgraded near the deadline.
- There is concern regarding the extremely tight timelines. Companies have a shorter amount of time to retrain internal auditors, conduct audits, do a new management review, and get upgraded at the next scheduled audit after 6/15/17. Watch for simpleQuE’s aerospace training on the new standard.
- Here are two scenarios of the new timing requirements communicated by SQA:
- If your last registrar audit was June 1, 2016 then you could delay upgrading to your June 2018 annual audit.
- If your last registrar audit was June 21, 2016 then you must upgrade during your June 2017 annual audit, and have no choice to delay until 2018.