Gurus, Need your help.
My subcon is an ISO 9001 certified firms.
They are purchasing components based on the qualified manufacturers and part number list that my company provided. However, i have just found recently that this subcon is buying parts from unauthorized distributor of the supplier. This distributor is not an ISO certified organization, is my subcon commit any violation on element 7.4 of ISO 9001 such as purchasing?

If my subcon is ISO certified does it follows that they are bound by ISO to purchase parts only from an ISO firms also?

Gurus, Need your help.
My subcon is an ISO 9001 certified firms.
They are purchasing components based on the qualified manufacturers and part number list that my company provided. However, i have just found recently that this subcon is buying parts from unauthorized distributor of the supplier. This distributor is not an ISO certified organization, is my subcon commit any violation on element 7.4 of ISO 9001 such as purchasing?

If my subcon is ISO certified does it follows that they are bound by ISO to purchase parts only from an ISO firms also?

Welcome to the Cove, QualityLearn.

If your organization is ISO 9001 then you have a purchasing process including requirements on how you evaluate your suppliers' ability to consistently meet your organization's requirements, right? If your organization has said that your suppliers must be ISO 9001 registered, that's okay...it's not a rule, but many organizations have taken that route.

But your purchasing requirements do not necessarily apply to the subcontractor (i.e., supplier to your supplier) unless it is clearly stated in the purchasing contract between your organization and your direct supplier.

Now, your supplier is ISO 9001 registered, they, too, will have a purchasing process including how they evaluate their suppliers and what their requirements are. They are not required to purchase from ISO 9001 registered organizations unless their process states that.

To add to Roxane's good reply, please also bear in mind that ISO Certification does not equate to good quality. Generally, when all things (metrics) are equal, then the ISO certified firm is given priority due to the existence of a Quality Management System.

To add to Roxane's good reply, please also bear in mind that ISO Certification does not equate to good quality. Generally, when all things (metrics) are equal, then the ISO certified firm is given priority due to the existence of a Quality Management System.

Yeah...I didn't want to go down that road this early on a Monday morning. :notme: We've had that discussion here in the Cove before about ISO 9001 registration and the level of quality provided. However, many organizations (my own included) often accept ISO 9001 registration as the criteria to make it onto an Approved Vendor List. Once on the list, however, their performance is what keeps 'em there. :cool:

Just going a little further on what the others have stated I would add that if you have real concerns you could always audit your subcon to learn the real quality issues first hand.

Thank you very much.
Yes the audit should have save my organization from knowing that my subcon are buying product from unscrupolous suppliers. However, being an ISO certified subcon they should be purchasing only based on their approved vendor list.. this would be my next step..find out if the approved vendor list exists and if they have violated their own requirement.

However, being an ISO certified subcon they should be purchasing only based on their approved vendor list.. this would be my next step..find out if the approved vendor list exists and if they have violated their own requirement.

Just remember, before you go into an audit of your subcontractor, you need to get rid of any preconceived notions of what is required, unless it truly comes from the standard. At the risk of repeating advice already shared, there is NO requirement within the ISO 9001 standard that says that you must purchase only from ISO 9001 registered companies.

You mention unscrupulous....that kind of scares me about your frame of mind when looking into the situation. Now, mayber they are, maybe they are not. But, you will find the whole process easier if you do not project that kind of attitude when dealing with this subcontractor.:2cents:

BTW, welcome to the Cove!:bigwave:

Now that sounds like very good advice to me!!

I think it depends on a number of things as to your reaction but keep it in proportion.

Are you buying paper clips or space suits? What’s the criticality here big or small?
Are you worrying from a certification point of view or output point of view?

Last point: I assume that others sell similar products for the same sort of money?

Well good luck anyway.

Thank you very much.
Yes the audit should have save my organization from knowing that my subcon are buying product from unscrupolous suppliers. However, being an ISO certified subcon they should be purchasing only based on their approved vendor list.. this would be my next step..find out if the approved vendor list exists and if they have violated their own requirement.

Just to stir the pot up a little more - ISO 9001 does not require the use of an approved vendor list. The standard says an organization shall evaluate and select suppliers based on their ability to supply product to the requirements and that records of this evaluation shall be maintained.

Unless you have placed additional requirements on your supplier, do not expect them to have an approved supplier list.

However, i have just found recently that this subcon is buying parts from unauthorized distributor of the supplier. This distributor is not an ISO certified organization, is my subcon commit any violation on element 7.4 of ISO 9001 such as purchasing?As already stated: No, not unless you have required them to do so and they have agreed to that, or their own procedures require it. Look at it this way: If there was such a requirement in the standard, just about all suppliers on earth would have to be registered...

Just to stir the pot up a little more - ISO 9001 does not require the use of an approved vendor list. The standard says an organization shall evaluate and select suppliers based on their ability to supply product to the requirements and that records of this evaluation shall be maintained.We certainly don't have one per se. If you are able to select a supplier in our purchasing system, that supplier is approved. We block them if they are not.

Added later: I forgot to welcome you to the Cove... Welcome :bigwave:

/Claes

Just remember, before you go into an audit of your subcontractor, you need to get rid of any preconceived notions of what is required, unless it truly comes from the standard. At the risk of repeating advice already shared, there is NO requirement within the ISO 9001 standard that says that you must purchase only from ISO 9001 registered companies.

You mention unscrupulous....that kind of scares me about your frame of mind when looking into the situation. Now, mayber they are, maybe they are not. But, you will find the whole process easier if you do not project that kind of attitude when dealing with this subcontractor.:2cents:

BTW, welcome to the Cove!:bigwave:
Ok.... will look at the situation with fresh eyes...anyway, should i found this subcon violating some clauses on Purchasing such as there was no established supplier evaluation and selection process, on the purchasing information the distributor could no relate to quality management system requirement such as documentation trails of parts purchased, what should be the action from my part when these incompliances were discovered?

Your organisation has to make a choice; talk to your purchasing manager maybe. Either way you have to make a choice if you find something you’re not comfortable with.
Raise a NC or just shoot em… :notme:

• Some of the things you might like to think about could be:-
• Is this supplier part of your group (Hope not Huh..)!
• Do you have alternative suppliers on your ap.list?
• Have parts been delivered out of conformity that will endanger your output conformity?
• Are the parts delivered fit for purpose and within specification?

Again, the severity of the situation is the key I would have thought. Just go through it a step at a time.

Ok.... will look at the situation with fresh eyes...anyway, should i found this subcon violating some clauses on Purchasing such as there was no established supplier evaluation and selection process, on the purchasing information the distributor could no relate to quality management system requirement such as documentation trails of parts purchased, what should be the action from my part when these incompliances were discovered?

First off, have you audited and actually found problems, or are you speculating that you might?

such as there was no established supplier evaluation and selection process
If they are ISO registered, they have to have some sort of evaluation process. Did they tell you that they have none? I do not see how they could have gained registration without providing evidence to their registrar that they met the requirements of the ISO 9001 standard. (OK, guys, I can see the the future here, and it is not pretty, nor fully applicable to this discussion, so if you want to refute this statement, let's do it in another thread)

on the purchasing information the distributor could no relate to quality management system requirement such as documentation trails of parts purchased, what should be the action from my part when these incompliances were discovered?
I am making a leap and assuming that you are talking about traceability of the parts they are purchasing? Is it necessary? We sell to many customers who do not maintain traceability once they receive our product. Tracability is only required when, well, it is required. Without knowing your product/their product I cannot make any judgements as to whether they should be maintaining traceability. Does your contract demand thant everything that goes into the product they supply to you needs to be fully traceable?

Thanks to all who have shared their thought on this issue. I just came up with supplier quality control specification and required the supplier of my subcon to be ISO Certified, should that is not possible for some materials I need to be informed for approval. It is now an explicit mandatory requirement.

Thanks to all who have shared their thought on this issue. I just came up with supplier quality control specification and required the supplier of my subcon to be ISO Certified, should that is not possible for some materials I need to be informed for approval. It is now an explicit mandatory requirement.

Why would you make that a requirement? :( You may be creating unnecessary bureaucracy and run the risk of the subcon refusing to work with your supplier any more. This, in turn, could force your supplier to work with a more expensive supplier driving their costs (and thus your costs) up.

If there are no problems with the subcon and your supplier is meeting your needs, you're just creating work with no value added to either the process or the product.

You place to much wieght behind being iso certified, unless you have a problem with parts not meeting specs then you have overreacted. Therefore doing exactly the wrong thing, you can end up costing your company money from such a move. Quality Control is based on saving and making the company money not wasting money on some crazy cert.

Firstly a lot of what has gone before is good advice. Look at what controls you need (depending on the parts you are buying and decide what controls you need to have in place.

Gurus, Need your help.
My subcon is an ISO 9001 certified firms.
They are purchasing components based on the qualified manufacturers and part number list that my company provided. However, i have just found recently that this subcon is buying parts from unauthorized distributor of the supplier. This distributor is not an ISO certified organization, is my subcon commit any violation on element 7.4 of ISO 9001 such as purchasing? Short answer - no. They have to ensure that their supplier can supply goods that meet their (your) requirements.

They may, however be in breach of part of clause 4.1 if they are subcontracting manufacture of your part without "ensuring control over such processes" (slight change of ISO wording). It is more likely they are in breach of their certification body's rules and regulations. Most CBs require their clients to inform customers if goods they suply are not produced through the certified quality system.

If my subcon is ISO certified does it follows that they are bound by ISO to purchase parts only from an ISO firms also? Again - no.