8 Operation
8.1 Operational planning and control
See ISO 9001:2015 requirements
8.1.1 Operation Planning and Control – Supplemental
When planning for product realization, the following topics shall be included:
a) customer product requirements and technical specifications;
b) logistics requirements;
c) manufacturing feasibility;
d) project planning (refer to ISO 9001, Section 8.3.2);
e) acceptance criteria.
The resources identified in ISO 9001, Section 8.1 c), refer to the required verification, validation,
monitoring, measurement, inspection, and test activities specific to the product and the criteria for
product acceptance
8.1.2 Confidentiality
The organization shall ensure the confidentiality of customer-contracted products and projects under
development, including related product information.
8.2 Requirements for products and services
8.2.1 Customer communication
See ISO 9001:2015 requirements
8.2.1.1 Customer Communication – Supplemental
Written or verbal communication shall be in the language agreed with the customer. The organization
shall have the ability to communicate necessary information, including data in a customer-specified
computer language and format (e.g., computer-aided design data, electronic data interchange).
8.2.2 Determining the requirements for products and services
See ISO 9001:2015 requirements
8.2.2.1 Determination of product and service requirements – Supplemental
These requirements shall include recycling, environmental impact, and characteristics identified as a
result of the organization's knowledge of the product and manufacturing processes.
Compliance to ISO 9001, Section 8.2.2 item a) 1), shall include but not be limited to the following:
all applicable government, safety, and environmental regulations related to acquisition, storage,
handling, recycling, elimination, or disposal of material.
8.2.3 Review of the requirements for products and services
8.2.3.1
See ISO 9001:2015 requirements
8.2.3.1.1 Review of product and service requirements – Supplemental
The organization shall retain documented evidence of a customer-authorized waiver for the
requirements stated in ISO 9001, Section 8.2.3.1, for a formal review.
8.2.3.1.2 Customer-designated special characteristics
The organization shall conform to customer requirements for designation, approval documentation,
and control of special characteristics.
8.2.3.1.3 Organization manufacturing feasibility
The organization shall utilize a multidisciplinary approach to conduct an analysis to determine if it is
feasible that the organization’s manufacturing processes are capable of consistently producing
product that meets all of the engineering and capacity requirements specified by the customer. The
organization shall conduct this feasibility analysis for any manufacturing or product technology new
to the organization and for any changed manufacturing process or product design.
Additionally, the organization should validate through production runs, benchmarking studies, or
other appropriate methods, their ability to make product to specifications at the required rate.
8.2.3.2
See ISO 9001:2015 requirements
8.2.4 Changes to product and service requirements
See ISO 9001:2015 requirements
8.3 Design and development of products and services
8.3.1 General
See ISO 9001:2015 requirements
8.3.1.1 Design and Development of Products and Services – Supplemental
The requirements of ISO 9001, Section 8.3.1, shall apply to product and manufacturing process design
and development and shall focus on error prevention rather than detection.
The organization shall document the design and development process.
8.3.2 Design and development planning
See ISO 9001:2015 requirements
8.3.2.1 Design and development planning – supplemental
The organization shall ensure that design and development planning includes all affected stakeholders
within the organization and, as appropriate, its supply chain. Examples of areas for using such a
multidisciplinary approach include but are not limited to the following:
a) project management (for example, APQP or VDA-RGA);
b) product and manufacturing process design activities (for example, DFM and DFA), such as
consideration of the use of alternative designs and manufacturing processes;
c) development and review of product design risk analysis (FMEAs), including actions to reduce
potential risks;
d) development and review of manufacturing process risk analysis (for example, FMEAs, process
flows, control plans, and standard work instructions).
NOTE__A multidisciplinary approach typically includes the organization’s design, manufacturing, engineering, quality, production,
purchasing, supplier, maintenance, and other appropriate functions.
8.3.2.2 Product design skills
The organization shall ensure that personnel with product design responsibility are competent to
achieve design requirements and are skilled in applicable product design tools and techniques.
Applicable tools and techniques shall be identified by the organization.
NOTE__An example of product design skills is the application of digitized mathematically based data.
8.3.2.3 Development of products with embedded software
The organization shall use a process for quality assurance for their products with internally developed
embedded software. A software development assessment methodology shall be utilized to assess the
organization’s software development process. Using prioritization based on risk and potential impact
to the customer, the organization shall retain documented information of a software development
capability self-assessment.
The organization shall include software development within the scope of their internal audit
programme (see Section 9.2.2.1).
8.3.3 Design and development inputs
See ISO 9001:2015 requirements
8.3.3.1 Product design input
The organization shall identify, document, and review product design input requirements as a result
of contract review. Product design input requirements include but are not limited to the following:
a) product specifications including but not limited to special characteristics (see Section 8.3.3.3);
b) boundary and interface requirements;
c) identification, traceability, and packaging;
d) consideration of design alternatives;
e) assessment of risks with the input requirements and the organization’s ability to
mitigate/manage the risks, including from the feasibility analysis;
f) targets for conformity to product requirements including preservation, reliability, durability,
serviceability, health, safety, environmental, development timing, and cost;
g) applicable statutory and regulatory requirements of the customer-identified country of
destination, if provided;
h) embedded software requirements.
The organization shall have a process to deploy information gained from previous design projects,
competitive product analysis (benchmarking), supplier feedback, internal input, field data, and other
relevant sources for current and future projects of a similar nature.
NOTE__One approach for considering design alternatives is the use of trade-off curves.
8.3.3.2 Manufacturing process design input
The organization shall identify, document, and review manufacturing process design input
requirements including but not limited to the following:
a) product design output data including special characteristics;
b) targets for productivity, process capability, timing, and cost;
c) manufacturing technology alternatives;
d) customer requirements, if any;
e) experience from previous developments;
f) new materials;
g) product handling and ergonomic requirements; and
h) design for manufacturing and design for assembly.
The manufacturing process design shall include the use of error-proofing methods to a degree
appropriate to the magnitude of the problem(s) and commensurate with the risks encountered.
8.3.3.3 Special Characteristics
The organization shall use a multidisciplinary approach to establish, document, and implement its
process(es) to identify special characteristics, including those determined by the customer and the
risk analysis performed by the organization, and shall include the following:
a) documentation of all special characteristics in the drawings (as required), risk analysis (such
as FMEA), control plans, and standard work/operator instructions; special characteristics are
identified with specific markings and are cascaded through each of these documents;
b) development of control and monitoring strategies for special characteristics of products and
production processes;
c) customer-specified approvals, when required;
d) compliance with customer-specified definitions and symbols or the organization’s equivalent
symbols or notations, as defined in a symbol conversion table. The symbol conversion table
shall be submitted to the customer, if required.
8.3.4 Design and development controls
See ISO 9001:2015 requirements
8.3.4.1 Monitoring
Measurements at specified stages during the design and development of products and processes shall
be defined, analysed, and reported with summary results as an input to management review (see
Section 9.3.2.1).
When required by the customer, measurements of the product and process development activity shall
be reported to the customer at stages specified, or agreed to, by the customer.
NOTE__When appropriate, these measurements may include quality risks, costs, lead times, critical paths, and other measurements.
8.3.4.2 Design and development validation
Design and development validation shall be performed in accordance with customer requirements,
including any applicable industry and governmental agency-issued regulatory standards. The timing
of design and development validation shall be planned in alignment with customer-specified timing,
as applicable.
Where contractually agreed with the customer, this shall include evaluation of the interaction of the
organization’s product, including embedded software, within the system of the final customer’s
product.
8.3.4.3 Prototype programme
When required by the customer, the organization shall have a prototype programme and control plan.
The organization shall use, whenever possible, the same suppliers, tooling, and manufacturing
processes as will be used in production.
All performance-testing activities shall be monitored for timely completion and conformity to
requirements.
When services are outsourced, the organization shall include the type and extent of control in the
scope of its quality management system to ensure that outsourced services conform to requirements
(see ISO 9001, Section 8.4).
8.3.4.4 Product approval process
The organization shall establish, implement, and maintain a product and manufacturing approval
process conforming to requirements defined by the customer(s).
The organization shall approve externally provided products and services per ISO 9001, Section 8.4.3,
prior to submission of their part approval to the customer.
The organization shall obtain documented product approval prior to shipment, if required by the
customer. Records of such approval shall be retained.
NOTE__Product approval should be subsequent to the verification of the manufacturing process.
8.3.5 Design and development output
See ISO 9001:2015 requirements
8.3.5.1 Design and Development Output – supplemental
The product design output shall be expressed in terms that can be verified and validated against
product design input requirements. The product design output shall include but is not limited to the
following, as applicable:
a) design risk analysis (FMEA);
b) reliability study results;
c) product special characteristics;
d) results of product design error-proofing, such as DFSS, DFMA, and FTA;
e) product definition including 3D models, technical data packages, product manufacturing
information, and geometric dimensioning & tolerancing (GD&T);
f) 2D drawings, product manufacturing information, and geometric dimensioning & tolerancing
(GD&T);
g) product design review results;
h) service diagnostic guidelines and repair and serviceability instructions;
i) service part requirements;
j) packaging and labeling requirements for shipping.
NOTE__Interim design outputs should include any engineering problems being resolved through a trade-off process.
8.3.5.2 Manufacturing process design output
The organization shall document the manufacturing process design output in a manner that enables
verification against the manufacturing process design inputs. The organization shall verify the outputs
against manufacturing process design input requirements. The manufacturing process design output
shall include but is not limited to the following:
a) specifications and drawings;
b) special characteristics for product and manufacturing process;
c) identification of process input variables that impact characteristics;
d) tooling and equipment for production and control, including capability studies of equipment
and process(es);
e) manufacturing process flow charts/layout, including linkage of product, process, and tooling;
f) capacity analysis;
g) manufacturing process FMEA
h) maintenance plans and instructions;
i) control plan (see Annex A);
j) standard work and work instructions;
k) process approval acceptance criteria;
l) data for quality, reliability, maintainability, and measurability;
m) results of error-proofing identification and verification, as appropriate;
n) methods of rapid detection, feedback, and correction of product / manufacturing process
nonconformities.
8.3.6 Design and development changes
See ISO 9001:2015 requirements
8.3.6.1 Design and development changes – supplemental
The organization shall evaluate all design changes after initial product approval, including those
proposed by the organization or its suppliers, for potential impact on fit, form, function, performance,
and/or durability. These changes shall be validated against customer requirements and approved
internally, prior to production implementation.
If required by the customer, the organization shall obtain documented approval, or a documented
waiver, from the customer prior to production implementation.
For products with embedded software, the organization shall document the revision level of software
and hardware as part of the change record.
8.4 Control of externally provided processes, products and services
8.4.1 General
See ISO 9001:2015 requirements
8.4.1.1 General – supplemental
The organization shall include all products and services that affect customer requirements such as
sub- assembly, sequencing, sorting, rework, and calibration services in the scope of their definition of
externally provided products, processes, and services.
8.4.1.2 Supplier selection process
The organization shall have a documented supplier selection process. The selection process shall
include:
a) an assessment of the selected supplier’s risk to product conformity and uninterrupted supply
of the organization’s product to their customers;
b) relevant quality and delivery performance;
c) an evaluation of the supplier’s quality management system;
d) multidisciplinary decision making; and
e) an assessment of software development capabilities, if applicable.
Other supplier selection criteria that should be considered include the following:
− volume of automotive business (absolute and as a percentage of total business);
− financial stability;
− purchased product, material, or service complexity;
− required technology (product or process);
− adequacy of available resources (e.g., people, infrastructure);
− design and development capabilities (including project management);
− manufacturing capability;
− change management process;
− business continuity planning (e.g., disaster preparedness, contingency planning);
− logistics process;
− customer service.
8.4.1.3 Customer-directed sources (also known as “Directed-Buy”)
When specified by the customer, the organization shall purchase products, materials, or services from
customer-directed sources.
All requirements of Section 8.4 (except the requirements in IATF 16949, Section 8.4.1.2) are applicable
to the organization's control of customer-directed sources unless specific agreements are otherwise
defined by the contract between the organization and the customer.
8.4.2 Type and extent of control
See ISO 9001:2015 requirements
8.4.2.1 Type and extent of control – supplemental
The organization shall have a documented process to identify outsourced processes and to select the
types and extent of controls used to verify conformity of externally provided products, processes, and
services to internal (organizational) and external customer requirements.
The process shall include the criteria and actions to escalate or reduce the types and extent of controls
and development activities based on supplier performance and assessment of product, material, or
service risks.
8.4.2.2 Statutory and regulatory requirements
The organization shall document their process to ensure that purchased products, processes, and
services conform to the current applicable statutory and regulatory requirements in the country of
receipt, the country of shipment, and the customer-identified country of destination, if provided.
If the customer defines special controls for certain products with statutory and regulatory
requirements, the organization shall ensure they are implemented and maintained as defined,
including at suppliers.
8.4.2.3 Supplier quality management system development
The organization shall require their suppliers of automotive products and services to develop,
implement, and improve a quality management system certified to ISO 9001, unless otherwise
authorized by the customer [e.g., item a) below], with the ultimate objective of becoming certified to
this Automotive QMS Standard. Unless otherwise specified by the customer, the following sequence
should be applied to achieve this requirement:
a) compliance to ISO 9001 through second-party audits;
b) certification to ISO 9001 through third-party audits; unless otherwise specified by the
customer, suppliers to the organization shall demonstrate conformity to ISO 9001 by
maintaining a third- party certification issued by a certification body bearing the accreditation
mark of a recognized IAF MLA (International Accreditation Forum Multilateral Recognition
Arrangement) member and where the accreditation body's main scope includes management
system certification to ISO/IEC 17021;
c) certification to ISO 9001 with compliance to other customer-defined QMS requirements (such
as Minimum Automotive Quality Management System Requirements for Sub-Tier Suppliers
[MAQMSR] or equivalent) through second-party audits;
d) certification to ISO9001 with compliance to IATF 16949 through second-party audits
e) certification to 16949 through third-party audits (valid third-party certification of the supplier
to IATF 16949 by an lATF-recognized certification body).
8.4.2.3.1 Automotive product-related software or automotive products with embedded software
The organization shall require their suppliers of automotive product-related software, or automotive
products with embedded software, to implement and maintain a process for software quality
assurance for their products.
A software development assessment methodology shall be utilized to assess the supplier’s software
development process. Using prioritization based on risk and potential impact to the customer, the
organization shall require the supplier to retain documented information of a software development
capability self-assessment.
8.4.2.4 Supplier monitoring
The organization shall have a documented process and criteria to evaluate supplier performance in
order to ensure conformity of externally provided products, processes, and services to internal and
external customer requirements.
At a minimum, the following supplier performance indicators shall be monitored:
a) delivered product conformity to requirements;
b) customer disruptions at the receiving plant, including yard holds and stop ships;
c) delivery schedule performance;
d) number of occurrences of premium freight.
If provided by the customer, the organization shall also include the following, as appropriate, in their
supplier performance monitoring:
e) special status customer notifications related to quality or delivery issues;
f) dealer returns, warranty, field actions, and recalls.
8.4.2.4.1 Second-party audits
The organization shall include a second-party audit process in their supplier management approach.
Second-party audits may be used for the following:
a) supplier risk assessment;
b) supplier monitoring;
c) supplier QMS development;
d) product audits;
e) process audits.
Based on a risk analysis, including product safety/regulatory requirements, performance of the
supplier, and QMS certification level, at a minimum, the organization shall document the criteria for
determining the need, type, frequency, and scope of second-party audits.
The organization shall retain records of the second-party audit reports.
If the scope of the second-party audit is to assess the supplier’s quality management system, then the
approach shall be consistent with the automotive process approach.
NOTE__Guidance may be found in the IATF Auditor Guide and ISO 19011.
8.4.2.5 Supplier development
The organization shall determine the priority, type, extent, and timing of required supplier
development actions for its active suppliers. Determination inputs shall include but are not limited to
the following:
a) performance issues identified through supplier monitoring (see Section 8.4.2.4);
b) second-party audit findings (see Section 8.4.2.4.1);
c) third-party quality management system certification status;
d) risk analysis.
The organization shall implement actions necessary to resolve open (unsatisfactory) performance
issues and pursue opportunities for continual improvement.
8.4.3 Information for external providers
See ISO 9001:2015 requirements
8.4.3.1 Information for external providers – supplemental
The organization shall pass down all applicable statutory and regulatory requirements and special
product and process characteristics to their suppliers and require the suppliers to cascade all
applicable requirements down the supply chain to the point of manufacture.
8.5 Production and service provision
8.5.1 Control of production and service provision
See ISO 9001:2015 requirements
NOTE__Suitable infrastructure includes appropriate manufacturing equipment required to ensure product compliance. Monitoring and
measuring resources include appropriate monitoring and measuring equipment required to ensure effective control of manufacturing
processes.
8.5.1.1 Control Plan
The organization shall develop control plans (in accordance with Annex A) at the system, subsystem,
component, and/or material level for the relevant manufacturing site and all product supplied,
including those for processes producing bulk materials as well as parts. Family control plans are
acceptable for bulk material and similar parts using a common manufacturing process.
The organization shall have a control plan for pre-launch and production that shows linkage and
incorporates information from the design risk analysis (if provided by the customer), process flow
diagram, and manufacturing process risk analysis outputs (such as FMEA).
The organization shall, if required by the customer, provide measurement and conformity data
collected during execution of either the pre-launch or production control plans. The organization shall
include in the control plan:
a) controls used for the manufacturing process control, including verification of job set-ups;
b) first-off / last-off part validation, as applicable;
c) methods for monitoring of control exercised over special characteristics (see Annex A) defined
by both the customer and the organization;
d) the customer-required information, if any;
e) specified reaction plan (see Annex A); when nonconforming product is detected, the process
becomes statistically unstable or not statistically capable.
The organization shall review control plans, and update as required, for any of the following:
f) the organization determines it has shipped nonconforming product to the customer;
g) when any change occurs affecting product, manufacturing process, measurement, logistics,
supply sources, production volume changes, or risk analysis (FMEA) (see Annex A);
h) after a customer complaint and implementation of the associated corrective action, when
applicable;
i) at a set frequency based on a risk analysis.
If required by the customer, the organization shall obtain customer approval after review or revision
of the control plan.
8.5.1.2 Standardized work – operator instructions and visual standards
The organization shall ensure that standardised work documents are:
a) communicated to and understood by the employees who are responsible for performing the
work;
b) legible;
c) presented in the language(s) understood by the personnel responsible to follow them;
d) accessible for use at the designated work area(s).
The standardised work documents shall also include rules for operator safety.
8.5.1.3 Verification of job setups
The organization shall:
a) verify job set-ups when performed, such as an initial run of a job, material changeover, or job
change that requires a new set-up;
b) maintain documented information for set-up personnel;
c) use statistical methods of verification, where applicable;
d) perform first-off / last-off part validation, as applicable; where appropriate, first-off parts
should be retained for comparison with the last-off parts; where appropriate, last-off-parts
should be retained for comparison with first-off parts in subsequent runs;
e) retain records of process and product approval following set-up and first-off / last-off part
validations.
8.5.1.4 Verification after shutdown
The organization shall define and implement the necessary actions to ensure product compliance with
requirements after a planned or unplanned production shutdown period.
8.5.1.5 Total productive maintenance
The organization shall develop, implement, and maintain a documented total productive maintenance
system.
At a minimum, the system shall include the following:
a) identification of process equipment necessary to produce conforming product at the required
volume
b) availability of replacement parts for the equipment identified in item a);
c) provision of resource for machine, equipment, and facility maintenance;
d) packaging and preservation of equipment, tooling, and gauging;
e) applicable customer-specific requirements;
f) documented maintenance objectives, for example: OEE (Overall Equipment Effectiveness),
MTBF (Mean Time Between Failure), and MTTR (Mean Time To Repair), and Preventive
Maintenance compliance metrics. Performance to the maintenance objectives shall form an
input into management review (see ISO 9001, Section 9.3);
g) regular review of maintenance plan and objectives and a documented action plan to address
corrective actions where objectives are not achieved;
h) use of preventive maintenance methods;
i) use of predictive maintenance methods, as applicable;
8.5.1.6 Management of production tooling and manufacturing, test, inspection tooling and equipment
The organization shall provide resources for tool and gauge design, fabrication, and verification
activities for production and service materials and for bulk materials, as applicable.
The organization shall establish and implement a system for production tooling management, whether
owned by the organization or the customer, including:
a) maintenance and repair facilities and personnel;
b) storage and recovery;
c) set-up;
d) tool-change programmes for perishable tools;
e) tool design modification documentation, including engineering change level of the product;
f) tool modification and revision to documentation;
g) tool identification, such as serial or asset number; the status, such as production, repair or
disposal; ownership; and location.
The organization shall verify that customer-owned tools, manufacturing equipment, and test /
inspection equipment are permanently marked in a visible location so that the ownership and
application of each item can be determined.
The organization shall implement a system to monitor these activities if any work is outsourced.
8.5.1.7 Production scheduling
The organization shall ensure that production is scheduled in order to meet customer
orders/demands such as Just-In-Time (JIT) and is supported by an information system that permits
access to production information at key stages of the process and is order driven.
The organization shall include relevant planning information during production scheduling, e.g.,
customer orders, supplier on-time delivery performance, capacity, shared loading (multi-part station),
lead time, inventory level, preventive maintenance, and calibration.
8.5.2 Identification and traceability
See ISO 9001:2015 requirements
NOTE__Inspection and test status is not indicated by the location of product in the production flow unless inherently obvious, such as
material in an automated production transfer process. Alternatives are permitted if the status is clearly identified, documented, and achieves
the designated purpose.
8.5.2.1 Identification and traceability – supplemental
The purpose of traceability is to support identification of clear start and stop points for product
received by the customer or in the field that may contain quality and/or safety-related
nonconformities. Therefore, the organization shall implement identification and traceability processes
as described below.
The organization shall conduct an analysis of internal, customer, and regulatory traceability
requirements for all automotive products, including developing and documenting traceability plans,
based on the levels of risk or failure severity for employees, customers, and consumers. These plans
shall define the appropriate traceability systems, processes, and methods by product, process, and
manufacturing location that:
a) enable the organization to identify nonconforming and / or suspect product;
b) enable the organization to segregate nonconforming and/or suspect product;
c) ensure the ability to meet the customer and / or regulatory response time requirements;
d) ensure documented information is retained in the format (electronic, hardcopy, archive) that
enables the organization to meet the response time requirements;
e) ensure serialized identification of individual products, if specified by the customer or
regulatory standards;
f) ensure the identification and traceability requirements are extended to externally provided
products with safety/regulatory characteristics.
8.5.3 Property belonging to customers or external providers
See ISO 9001:2015 requirements
8.5.4 Preservation
See ISO 9001:2015 requirements
8.5.4.1 Preservation – supplemental
Preservation shall include identification, handling, contamination control, packaging, storage,
transmission or transportation, and protection
Preservation shall apply to materials and components from external and/or internal providers from
receipt through processing, including shipment and until delivery to/acceptance by the customer
In order to detect deterioration, the organization shall assess at appropriate planned intervals the
condition of product in stock, the place/type of storage container, and the storage environment
The organization shall use an inventory management system to optimize inventory turns over time
and ensure stock rotation, such as “first-in-first-out” (FIFO).
The organization shall ensure that obsolete product is controlled in a manner similar to that of
nonconforming product.
Organizations shall comply with preservation, packaging, shipping, and labelling requirements as
provided by their customers.
8.5.5 Post-delivery activities
See ISO 9001:2015 requirements
8.5.5.1 Feedback of information from service
The organization shall ensure that a process for communication of information on service concerns to
manufacturing, material handling, logistics, engineering, and design activities is established,
implemented, and maintained.
NOTE 1 The intent of the addition of “service concerns” to this sub-clause is to ensure that the organization is aware of nonconforming
product(s) and material(s) that may be identified at the customer location or in the field
NOTE 2 “Service concerns” should include the results of field failure test analysis (see Section 10.2.6) where applicable.
8.5.5.2 Service agreement with the customer
When there is a service agreement with the customer, the organization shall:
a) verify that the relevant service centres comply with applicable requirements;
b) verify the effectiveness of any special purpose tools or measurement equipment;
c) ensure that all service personnel are trained in applicable requirements.
8.5.6 Control of changes
See ISO 9001:2015 requirements
8.5.6.1 Control of changes – supplemental
The organization shall have a documented process to control and react to changes that impact product
realization. The effects of any change, including those changes caused by the organization, the
customer, or any supplier, shall be assessed.
The organization shall:
a) define verification and validation activities to ensure compliance with customer requirements;
b) validate changes before implementation;
c) document the evidence of related risk analysis;
d) retain records of verification and validation.
Changes, including those made at suppliers, should require a production trial run for verification of changes
(such as changes to part design, manufacturing location, or manufacturing process) to validate the impact
of any changes on the manufacturing process
When required by the customer, the organization shall:
e) notify the customer of any planned product realization changes after the most recent product
approval;
f) obtain documented approval, prior to implementation of the change;
g) complete additional verification or identification requirements, such as production trial run and
new product validation.
8.5.6.1.1 Temporary change of process controls
The organization shall identify, document, and maintain a list of the process controls, including
inspection, measuring, test, and error-proofing devices, that includes the primary process control and
the approved back-up or alternate methods.
The organization shall document the process that manages the use of alternate control methods. The
organization shall include in this process, based on risk analysis (such as FMEA), severity, and the
internal approvals to be obtained prior to production implementation of the alternate control method.
Before shipping product that was inspected or tested using the alternate method, if required, the
organization shall obtain approval from the customer(s). The organization shall maintain and
periodically review a list of approved alternate process control methods that are referenced in the
control plan.
Standard work instructions shall be available for each alternate process control method. The
organization shall review the operation of alternate process controls on a daily basis, at a minimum,
to verify implementation of standard work with the goal to return to the standard process as defined
by the control plan as soon as possible. Example methods include but are not limited to the following
− daily quality focused audits (e.g., layered process audits, as applicable);
− daily leadership meetings.
Restart verification is documented for a defined period based on severity and confirmation that all
features of the error-proofing device or process are effectively reinstated
The organization shall implement traceability of all product produced while any alternate process
control devices or processes are being used (e.g., verification and retention of first piece and last piece
from every shift).
8.6 Release of products and services
See ISO 9001:2015 requirements
8.6.1 Release of products and services – Supplemental
The organization shall ensure that the planned arrangements to verify that the product and service
requirements have been met encompass the control plan and are documented as specified in the
control plan (see Annex A).
The organization shall ensure that the planned arrangements for initial release of products and
services encompass product or service approval.
The organization shall ensure that product or service approval is accomplished after changes
following initial release, according to ISO 9001, Section 8.5.6.
8.6.2 Layout inspection and functional testing
A layout inspection and a functional verification to applicable customer engineering material and
performance standards shall be performed for each product as specified in the control plans. Results
shall be available for customer review.
NOTE 1 Layout inspection is the complete measurement of all product dimensions shown on the design record(s).
NOTE 2 The frequency of layout inspection is determined by the customer.
8.6.3 Appearance items
For organizations manufacturing parts designated by the customer as “appearance items,” the
organization shall provide the following:
a) appropriate resources, including lighting, for evaluation;
b) masters for colour, grain, gloss, metallic brilliance, texture, distinctness of image (DOl), and
haptic technology, as appropriate;
c) maintenance and control of appearance masters and evaluation equipment;
d) verification that personnel making appearance evaluations are competent and qualified to do
so.
8.6.4 Verification and acceptance of conformity of externally provided products and services
The organization shall have a process to ensure the quality of externally provided processes, products,
and services utilizing one or more of the following methods:
a) receipt and evaluation of statistical data provided by the supplier to the organization;
b) receiving inspection and/or testing, such as sampling based on performance;
c) second-party or third-party assessments or audits of supplier sites when coupled with records
of acceptable delivered product conformance to requirements;
d) part evaluation by a designated laboratory;
e) another method agreed with the customer.
8.6.5 Statutory and regulatory conformity
Prior to release of externally provided products into its production flow, the organization shall confirm
and be able to provide evidence that externally provided processes, products, and services conform to
the latest applicable statutory, regulatory, and other requirements in the countries where they are
manufactured and in the customer-identified countries of destination, if provided.
8.6.6 Acceptance criteria
Acceptance criteria shall be defined by the organization and, where appropriate or required, approved
by the customer. For attribute data sampling, the acceptance level shall be zero defects (see Section
9.1.1.1).
8.7 Control of nonconforming outputs
8.7.1
See ISO 9001:2015 requirements
8.7.1.1 Customer authorization for concession
The organization shall obtain a customer concession or deviation permit prior to further processing
whenever the product or manufacturing process is different from that which is currently approved.
The organization shall obtain customer authorization prior to further processing for “use as is” and
rework dispositions of nonconforming product. If sub-components are reused in the manufacturing
process, that sub-component reuse shall be clearly communicated to the customer in the concession
or deviation permit.
The organization shall maintain a record of the expiration date or quantity authorized under
concession. The organization shall also ensure compliance with the original or superseding
specifications and requirements when the authorization expires. Material shipped under concession
shall be properly identified on each shipping container (this applies equally to purchased product).
The organization shall approve any requests from suppliers before submission to the customer.
8.7.1.2 Control of nonconforming product – customer specified process
The organization shall comply with applicable customer-specified controls for nonconforming
product(s).
8.7.1.3 Control of suspect product
The organization shall ensure that product with unidentified or suspect status is classified and
controlled as nonconforming product. The organization shall ensure that all appropriate
manufacturing personnel receive training for containment of suspect and nonconforming product.
8.7.1.4 Control of reworked products
The organization shall utilize risk analysis (such as FMEA) methodology to assess risks in the rework
process prior to a decision to rework the product. If required by the customer, the organization shall
obtain approval from the customer prior to commencing rework of the product.
The organization shall have a documented process for rework confirmation in accordance with the
control plan or other relevant documented information to verify compliance to original specifications.
Instructions for disassembly or rework, including re-inspection and traceability requirements, shall
be accessible to and utilized by the appropriate personnel.
The organization shall retain documented information on the disposition of reworked product
including quantity, disposition, disposition date, and applicable traceability information.
8.7.1.5 Control of repaired product
The organization shall utilize risk analysis (such as FMEA) methodology to assess risks in the repair
process prior to a decision to repair the product. The organization shall obtain approval from the
customer before commencing repair of the product.
The organization shall have a documented process for repair confirmation in accordance with the
control plan or other relevant documented information.
Instructions for disassembly or repair, including re-inspection and traceability requirements, shall be
accessible to and utilized by the appropriate personnel.
The organization shall obtain a documented customer authorization for concession for the product to
be repaired.
The organization shall retain documented information on the disposition of repaired product
including quantity, disposition, disposition date, and applicable traceability information.
8.7.1.6 Customer notification
The organization shall immediately notify the customer(s) in the event that nonconforming product
has been shipped. Initial communication shall be followed with detailed documentation of the event.
8.7.1.7 Nonconforming product disposition
The organization shall have a documented process for disposition of nonconforming product not
subject to rework or repair. For product not meeting requirements, the organization shall verify that
the product to be scrapped is rendered unusable prior to disposal.
The organization shall not divert nonconforming product to service or other use without prior
customer approval.
8.7.2
See ISO 9001:2015 requirements
|