AS9100 8.4.1 Supplier Selection/Evaluation criteria and reevaluations

#1
Hi guys. I'm in the process of making some adjustments to our QMS and one of the areas, due to past external audits and my first internal, is supplier quality. We're a small sized machine shop (30ish) employees. So our providers are typically raw material, hardware, and any special processes (mostly plating, heat treat, paint, and some weld specs we aren't certified to). We do have an approved supplier list but due to some QM turnover, it hasn't been maintained. What I'm here to ask about is if what I have in mind in terms of selection and evaluation criteria, and reevaluations would work to satisfy the standard. Currently there is no stated criteria listed in our QMS for how we select or evaluation vendors. It's stated that external provider perfomance is monitored (which is true in conformity and on time delivery) and reported on during management reviews. What I'd like to do is write up a Supplier Quality procedure, and state the criteria as something along the lines of

Vendors will be approved if they hold a current AS9100 or NADCAP certification. Vendors not currently certified may be approved by the President, and monitored on product or service conformity and OTD.

Luckily this is already the case with most of our product and service providers, I'm in the tedious process of storing a copy of their certifications in our software as a record, and making sure the expiration dates are correct on our approved vendor list. My re-evaluation would be to check our approved vendor list annually and reach out to any vendors who's certification has expired. Between that and an annual review of external providers conformity and OTD, is this enough level of control in your view? I'm trying to keep it lean, as most of our providers have been in business with us for quite some time, and do not contribute very often to nonconformities, but I want to do what is required.

The only other aspect of the standard I have to figure something out on is what to do is what actions to take when external providers do not meet requirements. Luckily we haven't had much trouble but there's no criteria set for what we do. I'm interested to see other peoples opinions on this. I'm thinking something as simple as "2 or supplier corrective action requests send in a 12 month period will cause vendor to be placed on a conditional standing, or provoke an on site visit, I'm not real sure. Any thoughts?
 
Elsmar Forum Sponsor

John Predmore

Quite Involved in Discussions
#2
Section 8.4.1 of AS9100 includes the NOTE: "the organization can use quality data from objective and reliable external sources, (e.g., information from accredited quality management system ... Use of such data would be only one element of an organization’s external provider control process and the organization remains responsible for verifying that externally provided processes, products, and services meet specified requirements" [emphasis added]. That means evidence of AS9100 or NADCAP certification should not be your only qualification.

Section 8.4.2 lists different examples of control over vendors, and your decision should be balanced against risk. Whatever review you say you do in your procedure, be sure a record exists. You stated your QMS allows your President to approve an exception (Vendor not currently certified) but it would be wise to enact additional controls on the exception supplier(s) and the product/service provided, to address risk in line with section 8.4.2. My company wrote a separate Supplier QMS Exception procedure to document in detail how that exception scenario is handled.
 
#3
Section 8.4.1 of AS9100 includes the NOTE: "the organization can use quality data from objective and reliable external sources, (e.g., information from accredited quality management system ... Use of such data would be only one element of an organization’s external provider control process and the organization remains responsible for verifying that externally provided processes, products, and services meet specified requirements" [emphasis added]. That means evidence of AS9100 or NADCAP certification should not be your only qualification.

Section 8.4.2 lists different examples of control over vendors, and your decision should be balanced against risk. Whatever review you say you do in your procedure, be sure a record exists. You stated your QMS allows your President to approve an exception (Vendor not currently certified) but it would be wise to enact additional controls on the exception supplier(s) and the product/service provided, to address risk in line with section 8.4.2. My company wrote a separate Supplier QMS Exception procedure to document in detail how that exception scenario is handled.

Good points John. Our company has used surveys in the past and I have been trying to move away from them, but it might be an option in one or both of these cases. I've already considered a procedure for the exceptions, glad to see that recommendation as well.
 

Kronos147

Trusted Information Resource
#4
It may help to keep a log of receipts or methods to measure supplier OTD and Quality. What makes a lot of sense is to use the key metrics used for your organization.

A simpler log may just be issues and or kudos that are used as part of your annual eval.

I just mentioned the use of OASIS on another thread. You can register all of your AS9100 suppliers on your OASIS watch list and issues (decertification) would be communicated to you. It also makes it easy to access their current certificates.
 

Big Jim

Super Moderator
#5
Section 8.4.1 of AS9100 includes the NOTE: "the organization can use quality data from objective and reliable external sources, (e.g., information from accredited quality management system ... Use of such data would be only one element of an organization’s external provider control process and the organization remains responsible for verifying that externally provided processes, products, and services meet specified requirements" [emphasis added]. That means evidence of AS9100 or NADCAP certification should not be your only qualification.

Section 8.4.2 lists different examples of control over vendors, and your decision should be balanced against risk. Whatever review you say you do in your procedure, be sure a record exists. You stated your QMS allows your President to approve an exception (Vendor not currently certified) but it would be wise to enact additional controls on the exception supplier(s) and the product/service provided, to address risk in line with section 8.4.2. My company wrote a separate Supplier QMS Exception procedure to document in detail how that exception scenario is handled.
First of all I think it a bad practice to approve a vendor based solely on AS9100 or NADCAP certification / accreditation.

But I also must note that notes in the standard are not auditable. You can't audit to a note by itself. Pay attention to the word "should" in the note. Should is a recommendation, not a requirement.
 

CanadianQA

Involved In Discussions
#6
First of all I think it a bad practice to approve a vendor based solely on AS9100 or NADCAP certification / accreditation.
Hi Jim,

Can you explain why it is bad practice? AS9100 / NADCAP certification gives a level of confidence that a QMS is in place, processes and customer satisfaction / OTD are being monitored, audits are being done internally and by an independent 3rd party and corrective action processes are in place. Why would it be bad practice to use these sought after certifications as the basis for any vendor approval? What other criteria should companies be using to approve their suppliers in addition to AS9100 / NADCAP approvals?
 

outdoorsNW

Quite Involved in Discussions
#7
Even companies with AS9100 can still have big problems. I have not seen the same level of system failures or repeat problems with Nadcap, but we also have fewer requirements to use Nadcap suppliers.

There are several suppliers we are forced to use for various reasons that are AS9100 but they have frequent quality problems. Reasons for continuing to use the problem suppliers include being customer mandated or they provide such specialized services or products they have little to no competition.

There is one outsourced process we purchase where there are only two AS9100 suppliers in the entire US, and one is poor and the other is much worse. The much worse supplier has a great webpage and I suspect the person behind the webpage is able to talk their way out of problems with auditors and customers. If a customer requires an AS9100 certified supplier for this service, we are stuck because most of our work is ITAR.

One supplier has had many problems, including several repeat problems, that indicate system level problems. Their corrective actions, even on problems that could easily affect any and all customers, are awful. I don't understand how they keep their AS9100 certification. Either they have been lucky several times in the audit samples or they have a poor auditor. I think they had better quality in the past which may be how they became the incumbent customer specified supplier.
 

CanadianQA

Involved In Discussions
#8
Agreed, that some AS9100 companies are better than others. Some of the reason that the not so good ones are able to keep their certificates may be an uneven application of the rules by the various registrars or even between auditors. I have seen one line corrective actions in OASIS signed off by an auditor that would never have been signed off by the auditor that audits my company.

These things aside, what other criteria would you use if not AS9100 / NADCAP to evaluate and approve a supplier? I've heard others say what Big Jim said a number of times, but no one has ever given me a solid answer as to what would be a better method of evaluating / approving suppliers if not their AS / NADCAP certifications.
 

Jim Wynne

Staff member
Admin
#9
Agreed, that some AS9100 companies are better than others. Some of the reason that the not so good ones are able to keep their certificates may be an uneven application of the rules by the various registrars or even between auditors. I have seen one line corrective actions in OASIS signed off by an auditor that would never have been signed off by the auditor that audits my company.

These things aside, what other criteria would you use if not AS9100 / NADCAP to evaluate and approve a supplier? I've heard others say what Big Jim said a number of times, but no one has ever given me a solid answer as to what would be a better method of evaluating / approving suppliers if not their AS / NADCAP certifications.
Visit candidate suppliers and see their processes in operation, and ask questions. There is little or no value in formal audits, but a visit from a person who understands the processes in question can be helpful.
 

CanadianQA

Involved In Discussions
#10
Thanks Jim. I agree and have done that with some of our local suppliers, however that type of oversight gets more difficult the further they are geographically from you and will also depend on the budget. Also if your supply base is small (15 - 30 suppliers) that approach will work well, but for companies that have need of a larger number of suppliers, I don't know how realistic it would be to visit each of them.
 
Thread starter Similar threads Forum Replies Date
was named killer AS9100 Supplier Approval Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
R AS9100 DELTA FAI - Sub-supplier for plating changed AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
C Spares Market Supplier - Do we need to follow AS9110 or AS9100? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
J AS9100 Rev. D - Question about 8.4.3 (k) - Supplier Certificates AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 9
S Supplier Evaluation - External Provider Evaluation (AS9100) AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 8
I Difference between ASQR (Aerospace Supplier Quality Requirements) and AS9100 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 20
S AS9100 Approved Supplier List (ASL) Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
S Supplier Retained Records Requirements - AS9100 4.2.4 Control of Records AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
V Application of AS9100 clause 7.5.1.1 - Tooling Supplier AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
D Corrective Action - AS9100 Approved Supplier List Audit Nonconformance Nonconformance and Corrective Action 14
T AS9100 and related AS9102 Supplier First Article Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
C Supplier Management Requirements - AS9100 vs. ISO13485 Supplier Quality Assurance and other Supplier Issues 5
G Auditor Requirements - AS9100 Vendor (Supplier) Audits Quality Manager and Management Related Issues 2
J Audit of Supplier who is working toward AS9100 certification General Auditing Discussions 5
S AS9100 Requirements for Supplier & Subtier Supplier Control Federal Aviation Administration (FAA) Standards and Requirements 4
V AS9100 and AS9102 - Does our supplier have to do the FAI using the 3 AS9102 forms? Document Control Systems, Procedures, Forms and Templates 3
F AS9100 8.5.2 g - Flowing Down Corrective Action Requirements to a Supplier AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Q AS9100 Clause 7.4.1 Purchasing Process and Approved Supplier List Records AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 37
K Supplier Performance and Supplier Rating Process - AS9100 Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 12
T Transition to AS9100 from ISO 9001 (Cost) - We are an Aerospace and Military Supplier AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 31
A AS9100 - Verification of Raw Material Supplier Test Reports AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 21
G Does AS9100 require approving your Customer as a Supplier? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 8
E AS9100 Interpretation - Delegation of Verification Activities to the Supplier AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 19
W AS9100 Supply Chain - Supplier evaluation and auditing Supplier Quality Assurance and other Supplier Issues 5
A AS9100 vs. AECMA vs. Oasis (Online Aerospace Supplier Information System) AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
L AS9100 - Product and Service Provision 8.5.1q AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
T Temperature Requirements For In House Calibration - AS9100 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
T What does AS9100 mean when it says you must establish a process to do X? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 24
G Tool tracebility and First calibration requirements for aerospace (AS9100) organisation AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
T Internal Nonconformance procedure thoughts (AS9100) AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
A AS9100 Training - Where do I start? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 11
SocalSurfer Can you recommend an enterprise QMS for new AS9100 startup AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
L Open Positions During AS9100 Audit AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
SocalSurfer AS9100 new certificate, but need QMS software, help Quality Assurance and Compliance Software Tools and Solutions 2
C AS9120 or AS9100 Cert pertaining to inventory? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 0
H AS9100 Checklist for Internal Audit needed AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
hockeyhead Existing process never included in AS9100 scope of certification AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
W Major NCRs within AS9100 - What is the most frequent reason for Major NCRs? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Q AS9100:2016 D - Intent of 8.4.3 (K) - Implement QMS AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
R AS9100 - 8.4.2 - Receiving Inspection Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
S Effective nonconforming process for AS9100 8.7 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
O Adding ISO 13485 to an AS9100 QMS ISO 13485:2016 - Medical Device Quality Management Systems 10
M Customers Request AS9100 certification - Small Company (less than 20 employees) AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 8
NDesouza AS9100 - D Capacity Planning Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
D ISO 9001 & AS9100 Certificate issued by a consultant for a Distributor Registrars and Notified Bodies 11
B FAR/Prime Contractor Flow-down Tool - AS9100 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
K AS9100 - 7.3 - Are these black and white questions with specific correct answers AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
A Does AS9100 require traceability to operators performing the work? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
R Traceability on Unmarked Parts - AS9100 requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
M When is FAI required? AS9100 8.5.1.3 and 8.4.3 requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 9

Similar threads

Top Bottom