Howdy, folks:

I am having a friendly dispute with one of my colleagues. I'd be interested in hearing your thoughts on the matter. The dispute relates to whether records are required when purchased product is verified. My buddy says no, based on this RAB interpretation of section 7.4.3, Verification of purchased Product:

"ISO 9001:2000 Clause(s) 7.4.3-- Does Clause 7.4.3 require records of the verification of purchased product? Interpretation: No."
[refer to Clause 7.4.3 - RFI-002 (http://www.tc176.org/pdf/rfi002_final7_4_3.pdf)]

I say this is flatly wrong, regardless of what RAB says. Here's my reason: Section 7.4.3 may not require records of verification, but section 8.2.4 (monitoring and measurement of product) certainly does:

“Evidence of conformity with the acceptance criteria shall be maintained. Records shall indicate the person(s) authorizing release of product (see 4.2.4).”

Since verification of purchased product clearly falls into the category of “monitoring and measurement of product,” the requirements from that section of the standard apply. Records are obviously required.

If this issue has been discussed in a previous thread, accept my apologies. If not, please sound off!

Thanks for your input,
Craig

Although I agree with you, I believe, the RAB has final say on the matter.

:topic: I was almost set to be down in Atlanta from Aug. 29 - Sept. 1...but last minute arrangements have our meeting being conducted at our Tampa location now. And here I was, all set, to spend a night or two at Loca Luna with their horrible caipirihna's, but awesome live music.

Back on topic, personally, I believe records are required. But, as your colleague pointed out, 7.4.3 does not require inspection records, simply records of supplier evaluations and actions arising from the evaluations.

To me, good business sense implies two approaches with regards to suppliers.

First off, is the CYA-methodology. :) Paperwork is your objective evidence that you received (or didn't recieve) what your ordered (or didn't order). I mean, to not have this stuff seems to go against all good business sense, doesn't it?

Secondly, doing actually on-site audits of suppliers can be expensive for some organizations. I know that for us, we have suppliers from Brazil, Italy, China, etc...while I would love to audit them, my passport would quickly fill up and the expense account would quickly drain with such travels. Having this paperwork is a good way to evaluate your supplier on such items as paperwork, on-time-delivery, and getting what you ordered....perfectly aligned with 8.2.4, and the base for a supplier evaluation programme.

It is rather suprising that there is no specific requirement for records 7.4.3. I'd like to think that the TC176 was thinking that the records would be demonstrated via 7.4.1, but 8.2.4 does, as you pointed out, Craig, provide that more definitive link to the maintaining of records for products received from suppliers.

The Accreditation Bureau (be it RAB, RvA, or whomever) has the final say based upon the response from TC176. I, too, am having a difficult understanding how "No" would be appropriate. Clearly, there is no need for records in 7.4.3, but when I read 8.2.4's "Evidence of conformity with the acceptance criteria shall be maintained", I am unable to see how records of incoming product can not be maintained.

I've got some circular logic racing through my brain right now - and I'm working on just a few sips of coffee. I mean, there's no explicit requirement (7.4.3), but how can you not have it (8.2.4)?

I need to muddle a bit more on this offline....

Can someone submit this issue for ISO Interpretation with the background presented with this post? It would be nice!

Thanks,
Doug

There are a number of different aspects of the question here.

Just because the standard does not say you must does not mean you don't, the old story about no work instruction about using the toilet.
There are a large number of things the standard does not say you must do but most organisations do any way.

I am afraid I must disagree with Craig and Roxane, according to my interpretation of product based on ISO9000:2000, the product in 8.2.4 is your product and not your suppliers, the release is that of you product.

If we go to ISO/TS 16949 then in
7.4.3.2 Supplier monitoring
Supplier performance shall be monitored through the following indicators:
- delivered product quality;
- customer disruptions including field returns;
- delivery schedule performance (including incidents of premium freight);
- special status customer
Here as I see it you must have records otherwise you cannot monitor "delivered product quality", here you must have at least Yes/No

Great discussion. Consider this—

ISO 9000:2000 defines product as the “result of a process.” With this definition, there is no doubt that purchased product is a PRODUCT.

Section 7.4.3 requires inspection or other activities to ensure purchased product meets requirements. If the organization inspects, tests, checks, analyzes, or otherwise verifies the purchased product, then it is clearly monitoring and/or measuring a product. This brings us back to the requirements of section 8.2.4, monitoring and measurement of product, which requires records.

This isn’t just an academic argument. It’s something that comes up all the time during audits and consulting work. Most organizations maintain records of purchased product verification because their accounts payable departments won’t pay any invoices unless they can match them to records of receipt and verification. It’s a common-sense control issue. In this case, the ISO 9001:2000 requirements and common-sense controls match one another. The spider-web construction of ISO 9001:2000 just doesn’t make it very clear.

Howard, the closest reference to this issue in TS 16949 is probably 7.4.3.1, Incoming product quality, not 7.4.3.2, Supplier monitoring. If you look at the 3rd bullet of 7.4.3.1 it mentions “records of acceptable delivered product quality.”

Here’s a real good argument starter: The RAB does not have the final say in any issue. The people who have the final say are the users of standards and the people who teach them. If something in the standard is not clear--and the RAB’s clarification makes it even less clear--then it’s up to us to make sense out of it. I usually teach five or six RAB accredited ISO 9001 Lead Auditor courses every year. You don’t have to guess what I’m telling people about this requirement. I’m telling them what makes sense from a business standpoint, and I’m backing it up by showing how the requirements of ISO 9001 link to one another in a logical manner (i.e., like a set of interrelated processes).

More thoughts?

Craig

It seems cut and dry that you need to verify purchased products thus some type of record is required so why wouldn't you maintain it?

Craig,
I agree and of the same opinion as Howard.Not that one does not trust his supplier but incoming inspection greatly contributes to lesser process interruptions and product requirements ARE verified. IMHO it all depends on the cost of incoming inspection as well as the implications of an adverse situation.
Records further help to prove a case when needed.

The depth of our incoming inspection depends on the impact of the purchased product on the final product. Some items are inspected per the Open P.O. report and acceptance is indicated on the receiving report. Others require the completion of an incoming inspection report which has specific instructions for the item code being receivied. Some require the taking and recording of measurements while others require comparison of the incoming good(s) to an approved sample. Either way, we maintain records of inspection and do so in order to ensure that we are meeting the requirements of section 8.2.4, monitoring and measurement of product, which requires records.

Each inspection record indicates acceptance or rejection of the incoming product and the person responsible for the decision which ensures that we can meet the requirements of 4.2.4 - "Evidence of conformity with the acceptance criteria shall be maintained. Records shall indicate the person(s) authorizing release of product."

So IMHO records of incoming inspection must be completed and maintained in order to meet the requirements of ISO 9001:2000. Not to mention the fact that it just makes sense to verify the quality of incoming product to your requirements.

Very good question Craig,

First of all I think we’re all agreed that it usually is a good idea (regardless of how the standard is interpreted) to keep records from verification of purchased product. And so we shall… If we decide that keeping records is necessary to ensure that the purchased product meets the requirements. I’m certain that most of us decide that it is.

I would suggest that the key clause here is in fact 7.1d. What records do we need to ensure that processes and resulting product meet requirements? Those are the records we must have. But: What if we decide that no inspection of purchased product is necessary?

/Claes

Even if parts the parts do not require inspection, someone probably verifies that the packing list and the purchase order match (i.e. part number, quantity, description). While this is not a formal inspection the person is verifying the receipt of what was ordered.

Very good question Craig,

First of all I think we’re all agreed that it usually is a good idea (regardless of how the standard is interpreted) to keep records from verification of purchased product. And so we shall… If we decide that keeping records is necessary to ensure that the purchased product meets the requirements. I’m certain that most of us decide that it is.

I would suggest that the key clause here is in fact 7.1d. What records do we need to ensure that processes and resulting product meet requirements? Those are the records we must have. But: What if we decide that no inspection of purchased product is necessary? :agree1: I agree Claes, my current employer does not perform receiving inspection per sey. We perform a supplier qualification and a first piece. After that we are pretty much a dock to stock system. Why would a company want to perform inspections for something the supplier is responsible for.

At another company we were the supplier to three (3) different ISO certified companies and they did not perform receiving inspection. In fact, it was our job (as supplier) to not only deliver to the dock but deliver and stage the products in the required bins on their manufacturing floor. For the most part each product was bar coded and we would scan the code on the product and on the bin which updated the customers inventory and secured payment of invoice. Further, should a problem develop, we had to send in teams to correct the problems. So not all ISO certified companies perform receiving inspection. :cool:

my current employer does not perform receiving inspection per sey. We perform a supplier qualification and a first piece. After that we are pretty much a dock to stock system. Why would a company want to perform inspections for something the supplier is responsible for.Yes, why indeed? Perhaps because that's been the generally accepted course of action for longer than we care to think about?At another company we were the supplier to three (3) different ISO certified companies and they did not perform receiving inspection. In fact, it was our job (as supplier) to not only deliver to the dock but deliver and stage the products in the required bins on their manufacturing floor. For the most part each product was bar coded and we would scan the code on the product and on the bin which updated the customers inventory and secured payment of invoice. Further, should a problem develop, we had to send in teams to correct the problems. So not all ISO certified companies perform receiving inspection. http://elsmar.com/Forums/images/smilies/cool.gif Right. Some don't, which brings us back to 7.4.3: The organization shall establish and implement the inspection or other activities necessary for ensuring that purchased product meets specified purchase requirements. This is "other activities, of course, but back to Craig's original question: When we do perform the verification ourselves: Are records always required?


/Claes

Let me put on my "lawyer-like technicality hat". Okay, I'm ready.

The question to TC 176 was, "Does Clause 7.4.3 require records of the verification of purchased product?" The answer was "No" with no explanation.

I agree with TC 176. Because 7.4.3 does not require records to be kept.

Clause 8.2.4, however, does require the records.

So, if the question is "Does Clause 7.4.3 require records of the verification of purchased product?" the correct answer is no.

If the question is "Does ISO 9001-2000 require records of the verification of purchased product?" then the answer is yes.

JMO.

I will remove that hat now as it hurts my head. :bonk:

What about monitoring and measurement of process ?

Is your goods inwards inspection record a measurement of your purchasing process ?

As Mike said I am putting on my lawyer's hat. Whether one should or should't record verification of purchased material is irrelevant for the sake of Craigs question.

As the initial question was
The dispute relates to whether records are required when purchased product is verified. My buddy says no, based on this RAB interpretation of section 7.4.3,

There is no argument that there is no need for records according to this clause, the discussion has been about showing that other clauses require these records.
I claimed that the definition in ISO 9000 of product excludes the use of 8.2.4,
as seen here Craig disagrees,
Great discussion. Consider this—

ISO 9000:2000 defines product as the “result of a process.” With this definition, there is no doubt that purchased product is a PRODUCT.
....
Craig

I agree that this is the definition of product but if one studies the Scope of ISO 9001:2000 then in the note to this clause 1.1 it says
NOTE In this International Standard, the term “product” applies only to the product intended for, or required by, a customer.
Thus the product of 7.4.3 is not a product that should be measured in 8.2.4
Now we have the point raised by M Greenaway who points to the requirement of measuring processes in 8.2.3.
This is a possibility but not necessary, the clause says "The organization shall apply suitable methods", these are in your hands and as long as you can show "the ability of the processes to achieve planned results." you can choose any manner you wish.

Question, is it a requirement to measure every single process in the organisation?

Please remember that RAB is not the only accreditation body in the world. Any inputs?

Great discussion

Thus the product of 7.4.3 is not a product that should be measured in 8.2.4Sorry Craig, but I have to agree with Howard here.

Now we have the point raised by M Greenaway who points to the requirement of measuring processes in 8.2.3.
This is a possibility but not necessary, the clause says "The organization shall apply suitable methods", these are in your hands and as long as you can show "the ability of the processes to achieve planned results." you can choose any manner you wish.Yes, I agree to that as well.

Question, is it a requirement to measure every single process in the organisation? No.



/Claes

Claes

Where does ISO define which processes must be measured such that you can give your categorical 'no' answer to the question - must all processes be measured ?

Howard

What if I buy something, do nothing to it, and sell it on - how does that fit in your definition of 'product' ?

If the purchased product is used to fulfill customer requirements (such as equipment that comes in contact with the customer) or is incorporated into the final product (such as raw materials or components), then it is definitely “intended for, or required by, a customer.” Otherwise, we wouldn’t be buying it, would we?

The note you referenced is primarily used to narrow down the extremely broad definition of product being the “result of a process.” In this definition, an audit report would be a product, but the requirements of 8.2.4 obviously don’t apply to an audit report (unless our business is providing auditing services to customers).

Great discussion…

Craig

If the purchased product is used to fulfill customer requirements (such as equipment that comes in contact with the customer) or is incorporated into the final product (such as raw materials or components), then it is definitely “intended for, or required by, a customer.” Otherwise, we wouldn’t be buying it, would we?



FWIW, that's the way I would interpret it.

All this is just another example of how ambiguous ISO 9001 can be. :bonk:

Hi All,
Great thread Craig and excellent points expressed by all. I looked in a few books and came up with no solid answers. 9004 told me nothing so I looked in my old course material from my Registrar 'Understanding the ISO 9000:2000 standards'. My certification body is the largest in Australasia and it's parent is Standards Australia (the ultimate governing body)
In th notes, 7.4.3 spells out the actual standard and underneath that it says:
'You also need to determine the verification methods of any purchased product. This may vary depending on the type and impact of the product. If it is to be verified and released at the supplier's premises, this needs to be documented in the purchase information.'
So as you can see, this is as clear as mud. Personally, I agree with those that state this clause deals with incoming product only....but...you would be mad not to document the receipt of this product against a checklist of requirements (specification). This is exactly what we do because if later we tried to use it and it failed we would have a weaker case against the supplier. It also gives us peace of mind that the product going into our processes meets the same standards as those we take form our own mines.

8.2.4 again it goes thru the standard and then states 'On a day to day basis, the processes and products required to satisfy customer requirements must be monitored. Hopefully, through this monitoring, you identify potential supply problems before they become a problem. The product must be verified at each key step of the realisation, with records to demonstrate acceptance to be maintained, and should identify the person with authority to release acceptable product. If the product or service does not pass all checks, it can only proceed with customer's authority' Now this statement would tend to back up Craig's original post as it includes the initial supplied product as the start of the overall inputs and thus part of the realisation process. (This could get very confusing if we weren't rationale, level headed people :lmao: ).
My company monitors both areas thru documentation, records and specifications. As Roxane and others state Good Business Practises dictate that we must ensure conformity of our product and the only way to do this is to 'check it'. The standard needs to be clearer and 7.4.3 should be amended to reference 8.2.4.

Claes

Where does ISO define which processes must be measured such that you can give your categorical 'no' answer to the question - must all processes be measured ?Fair question... I was on my way home when I wrote that, and didn’t quite finish it (to put it mildly).…http://elsmar.com/Forums/images/smilies/embarrassed.gif
4.1: The organization shall

a) identify the processes needed for the quality management system and their application throughout the organization (see 1.2),
e) monitor, measure and analyse these processes,


8.2.3:

The organization shall apply suitable methods for monitoring and, where applicable, measurement of the quality management system processes. Imo, 4.1 seems to indicate that there could be other processes, and 8.2.3 requires measurement where applicable.

/Claes

Craig,
As already stated by myself and others records are needed. Further to your question I am of the opinion that RAB’s interpretation is very misleading and wrong.

Clause 7.4.3 is dictating (shall) that inspection of purchased product must be established and implemented to ensure that the product (purchased, my brackets) meets specified purchase requirements.

Furthermore
Clause 7.1 Planning of product realization
The organization shall plan and develop the processes needed for product realization…………..quality management systems (see 4.1)
Clause 7.1 d) states
Records needed to provide evidence that the realization processes (“purchasing” where the most essential is that the purchased product is what we want, my brackets) and resulting product meet requirements.

Therefore based on the above objective evidence records of incoming inspection findings are needed.

I hope that my new post helps in some way.

I agree that this is the definition of product but if one studies the Scope of ISO 9001:2000 then in the note to this clause 1.1 it says
"NOTE In this International Standard, the term “product” applies only to the product intended for, or required by, a customer."

Even more confusingly, ISO9000:2000 defines a "Customer" as: "an organization (3.3.1) or person that receives a product (3.4.2) ... NOTE A customer can be internal or external to the organization".

ISO9001:2000 then uses the term only in relation to the "external" definition.

How can we rely on these two documents to help us make sense of this when they contradict each other?

Even more confusingly, ISO9000:2000 defines a "Customer" as: "an organization (3.3.1) or person that receives a product (3.4.2) ... NOTE A customer can be internal or external to the organization".

ISO9001:2000 then uses the term only in relation to the "external" definition.

How can we rely on these two documents to help us make sense of this when they contradict each other?

I beg to differ for the simple reason that if you look at Figure1-Model of a process based quality managment system ( sorry but I cannot display the figure).
It puts the pruduct realizer smack in the middle between the customers requirement (input) and the customer satisfaction (output).

In a very plain manner it says that customers are in fornt and behind us.

I can't help this,
It could be that the next edit standard may include customers to the sides :bonk:

I beg to differ for the simple reason that if you look at Figure1-Model of a process based quality managment system ( sorry but I cannot display the figure).
It puts the pruduct realizer smack in the middle between the customers requirement (input) and the customer satisfaction (output).

In a very plain manner it says that customers are in fornt and behind us.

I can't help this,
It could be that the next edit standard may include customers to the sides :bonk:

We are agreeing without realising it - the so-called model of a management system shows customers as being external to the organisation. Not a problem to me, and it's the way many people think of a "customer", but it all gets confused and confusing when you then get the concept of "internal" customers receiving "products" from "processes" such as "staff training and development" (eg).

Far better to think of an organisation providing goods and services to its customers (normally in return for payment). How it organises itself, and manages the creation and delivery of these goods and services, is where "quality" needs to be applied, and the idea of "internal customers" is important.

Sorry if I have gone "off topic" a bit, but I feel that there are some really basic definitions and concepts in the standard that make life difficult. Plain English is needed - or perhaps Plain American?

I'm coming into this discussion a few months after it was posted, but I'm wondering, if there are no records kept, how would one audit receiving inspection? If there is no objective evidence, how can the auditor verify that the process has been effectively implemented?

The 2000 rev relies on records more heavily than previous revs. 4.2.4 states that "Records shall be established and maintained to provide evidence of conformity..."

It seems to me that 4.2.4 and 8.2.2 are the real controlling clauses on this issue.

:2cents:

ANSI/ISO/ASQ Q9000-2000:

3.1.2
requirement
need or expectation that is stated, generally implied or obligatory

3.8.1
objective evidence
data supporting the existance or verity of something

3.8.4
Verification
Confirmation through the provision of objective evidence(3.8.1) that specified requirements(3.1.2) have been fulfilled

Other than records what would be objective evidence ?

Other than records what would be objective evidence ?
An auditor's observation can be objective evidence. I mean if the registrar cannot trust its own auditor's judgement then why send them out to carry out audits.

Jaime

An auditor's observation can be objective evidence. I mean if the registrar cannot trust its own auditor's judgement then why send them out to carry out audits.

Jaime In the context of this thread concerning receiving inspection. Besides, the auditor would make a record of the observation, if nothing more than a mark on a checklist.

I need some help. Have others asked about evidence of conformity and records when using the new LEAN Mfg. process, Supermarkets and SAP transactions to inventory. Our Supermarket process doesn't require operators to wan off on building sub assemblies, and Inventory Control uses a code to place these sub assemblies into inventory. When I review the SAP screens, there is NO indication of who did the job. Will this pass with external auditor?
Maria