AS9100D, Clause 8.4.1.1d - actions to take when external providers do not meet requirements

LincolnQA

Starting to get Involved
Good afternoon. I'm new to AS9100 and this site. My company provides a service to DoD in the form of manpower...Our work is with the Military and we receive parts through the military supply system. Does anyone have recommended actions to take when my supplier, the military, doesn't meet my requirements? We just went through our certification audit and we received an NCR for not addressing Clause 8.4.1.1d. We didn't address it because our customer provides the products we use. We just install them into aircraft. Any recommendations would be appreciated. Thank you.
 

Michael_M

Trusted Information Resource
So how does your company define 'What is required"? The clause states that you shall "define the necessary actions to take when dealing with external providers that do not meet requirements". What are the defined requirements and where they carried out when your external supplier did not meet requirements?

Follow up questions based on possible answers:
1. why did you not take the required action when the supplier did not meet the requirement:
...a Is the criteria too stringent and are you requiring too much?
 

Randy

Super Moderator
It's called doing a QDR, Quality Deficiency Report. I literally wrote a ton of those and that's all you can do. If it deadlines or makes what you're doing unsafe or un-usuable then report the higher risk category. Each branch has it's own process, like the Army has Army Regulation (AR) 702 – 7
 

LincolnQA

Starting to get Involved
So how does your company define 'What is required"? The clause states that you shall "define the necessary actions to take when dealing with external providers that do not meet requirements". What are the defined requirements and where they carried out when your external supplier did not meet requirements?

Follow up questions based on possible answers:
1. why did you not take the required action when the supplier did not meet the requirement:
...a Is the criteria too stringent and are you requiring too much?

We are a lot different than most organizations since we provide "people" to the military to work on aircraft and systems. We use their tools and equipment and we receive "parts" and "components" from their military supply system. We don't do anything with Counterfeit Parts (8.1.4) since the items come thru military channels. So, when we talk about "meeting requirements," we have technical data that we use to order the specific pieces and someone much higher than us has already ensured that what is ordered "meets requirements." I'm trying to understand what actions we can take if that supplier doesn't meet our requirements.. I'm guessing that, as someone noted in another reply, we would do a QDR. That's great but my auditor is looking for something like, "would you elect to give the supplier poor marks on a Supplier Evaluation?" Well, the supplier, indirectly, is also my customer...If I give my supplier a poor Supplier Evaluation, I'm cutting off the hand that feeds me... I know what my organization does is quite different than most other organizations...
 

LincolnQA

Starting to get Involved
Aren’t you dealing with customer supplied property here?

I guess it could be seen as customer supplied property. However, the customer does receive the items from outside vendors, e.g. OEMs and other component manufacturers. I'm trying to understand "actions to take" such as cure notices, notice to terminate agreement, etc. on a supplier that IS indirectly, my customer...
 

LincolnQA

Starting to get Involved
It's called doing a QDR, Quality Deficiency Report. I literally wrote a ton of those and that's all you can do. If it deadlines or makes what you're doing unsafe or un-usuable then report the higher risk category. Each branch has it's own process, like the Army has Army Regulation (AR) 702 – 7

Your response is basically, all I can do in my current position/situation...However, the 3rd party auditor is wanting a "process" or set of steps, even if we wouldn't use them... Seems very inefficient to me to create a series of steps that we would never implement...
 

John Predmore

Trusted Information Resource
If there was a particular finding based on a particular incident, you could respond to that specifically. If the audit finding is more generic, "for not addressing Clause 8.4.1.1d ", then I think the appropriate response will be broad and generic. In your operational procedure, when there is a problem encountered, point to your Control of Non-Conforming Outputs procedure (whatever you have written to address 8.7). Section 8.7 gives a pretty good outline what steps to take. Our company uses the 8-D form, which outlines a sequence to take for any problem - including define, contain, root cause determination, correction and corrective action. We use the same 8-D outline of steps for hardware problems, software, and procedural problems.
 

Randy

Super Moderator
Your response is basically, all I can do in my current position/situation...However, the 3rd party auditor is wanting a "process" or set of steps, even if we wouldn't use them... Seems very inefficient to me to create a series of steps that we would never implement...

Then the auditor has no business auditing government contractors if he doesn't understand the relationship between contractors, the organization being served, the contract itself and the government contracting offices & regulations. Actually pretty typical for an auditor to be as lost as a blind folded duck in a duststorm.
 
Top Bottom