Certification of Suppliers- a requirement or semantics??? comply, certify

We sent out letters notifying our "sub-contractors" they would be known as "Suppliers" under ISO9001:2000 (TS where it applied) and indicated some deadlines for registration/certification.

Some are playing a game where they agree to "comply" with ISO, but not get certified. IS THERE ANY PRECEDENCE FOR THIS? It seems to place the monkey on our back (the Organization) to ensure they actually comply. In other words, WE audit THEM, and not a 3rd party. :confused:
Elsmar Forum Sponsor

M Greenaway


Sounds like a better approach to get what you actually want from your suppliers. Go for it, teach them a lesson (if necessary of course ;) )

If only we had the time... others here have commented that I conduct internal audits with a certain perverted zeal, but it is only to make us better. It is fun to see your peers sweat...

I just stumbled across a new word in Supplier QMS Development. CONFORMITY. I wish to get the audit monkey off my back, but this appears unlikely!

It's ironic that "Mutually beneficial supplier relationships" amounts to force-feeding and spit-up.:eek:

Thanks for thinking.

Mike S.

Happy to be Alive
Trusted Information Resource

Do you like to see your suppliers sweat, too? Maybe you should consider what your peers say and make sure you really aren't coming across to them in a counterproductive way.

If your suppliers are "compliant", and will document such to you, AND they have been good suppliers for you for over time, who cares if they have a 3rd-party cert. or not? I'd place much more value on personal history of good product from a supplier than a supplier I did not have personal history with who has a 3rd-party cert. Certs don't make or guarantee good product, and has been attested to by most everyone on this Cove.


According to the last paragraph of there does not seem to be much gray area:

Unless otherwise specified by the customer, suppliers to the organization shall be third party registered to ISO 9001: 2000 by an accredited third-party certification body.

It is pretty clear that you cannot do your own audit of your suppliers to meet this requirement. The only out appears to be a waiver from your customer - unless any interpretations come along as in QS.


The IATF Guidance to ISO/TS uses an interesting word in the explanation of "burden". Anyhow, the audit zeal sincerely stems from a desire to improve. I have been on the sweating end many times, by peers and customers. Suppliers are a new area for me- thanks for your counter-point!

As a rule, as Team participants (design, audits, improvement, or whatever) we follow the general guideline that a raised concern must be accompanied by a suggested solution. (Otherwise remain silent.) I fall in to the self-appointed category of those who just can't mind their own business or keep their mouth closed. (Perheps this is why I was selected to Champion our registration to ISO/TS?)

We are searching for a compromise between the "minimal approach to implementing ISO/TS", which follows your sentiment about personal history, and an enlightened approach to improving our QMS.

I am really hoping we can take the straingtforward approach, but going back to the IATF Guidance on Supplier quality management system development, the complete first sentence is:

The burden is on the organization to demonstrate compliance of its suppliers to this requirement including evidence of alternative arrangements specified by the customer.

Further down in the guidance, there is mention of conformity to ISO9001:2000, certification to the same, compliance with ISO/TS 16949, and evidence.

What stops all suppliers from asking for the waiver? The game I originally referred to actually relates to Mike's comments on the value of certification. Where is the "mutual"?

Excuse me while I wipe the sweat away...


Actually you have to request the waiver from YOUR customer. I agree that this requirement is going to cause a lot of headaches. Take a look at Angela's postings in the QS-9000 forum about the similar requirement for ISO certification.

How many suppliers are you having issues with? Is it something you can resource?

The same basic thing happened when QS started requiring labs to be Guide 25/ ISO 17025 registered. Many labs did not listen until their business started going away. We had a calibration lab that lost several key customers because the customer got written up on an audit. When the requirement kicked in in January 2001, it took about 3 months before they woke up to the calls of "we cannot use you". Their competitor across town was already 17025, so the business was lost.

I think you would have a tough time going the waiver route also. I doubt your customer is going to want to issue them. Perhaps if you can prove that you have reviewed their system. If I am the one signing the waiver, I am not going to buy "they don't want to do it". If it is a cost issue with a small supplier where they can't afford an audit, show me some evidence they are good, you have visited, etc. and I might sign. Anyone who issues a waiver is opening themselves up for blame when something goes wrong - I bet they are going to be tough to get.

The way I see things written now the only way to meet this requirement is:

1. Have a copy of an ISO 9001: 2000 certificate from a RAB (or equivalent) registrar for each of your critical suppliers.
2. Have a waiver signed by your customer stating "Supplier XYZ does not have to be ISO certified."



I would share on this issue that we are going to comply with requirement. But when we received survey result from all suppliers about ISO certification:

5 % received ISO 9000 : 2000 certificate
80 % received ISO 9000 : 1994 certificate with has a plan to develop to be ISO 9000 : 2000
15 % received ISO 9000 : 1994 without development plan.

In this situation, it's very hard either enforce suppliers to have ISO 9000 : 2000 certified by 3rd party or to get the waiver from all customers due to we have more than 50-60 customers. The the past of business, we have no major issue with customers and suppliers on this issue. What's happen if some customers could not sign the waiver and supplier no plan for development. If we choose new suppliers with ISO certify it will take time for qualification new suppliers and cost issue and some material is limitted of source.

Any good suggestions how to achieve requirement in this situation due to TS is required suppliers ISO 9000 : 2000 certified by third party.


Mike S.

Happy to be Alive
Trusted Information Resource
This kind of crap (customers demanding suppliers be certified to 9001:2000 regardless of the size or level of performance of the supplier) is one of the things that gives ISO a bad name, IMO. We all know the waivers will be as scarce as hen's teeth. It perpetuates the "I just want the cert." attitude and forces suppliers to spend money on the process if they want to stay in business, regardless of the actual quality of the supplier. These customers making the ISO demands either know that the cert. itself doesn't guarantee quality or else they are stupid, but it is the easy way out for the customer. Jim Wade and others may rail against the "I'm just in it for the cert." companies, but I can understand where they're coming from in some cases. Who would you rather buy from if your company's success hung in the balance? The non-certified supplier who has sent you great product for years, or the new but certified company you know nothing else about? Sorry, you don't get to choose!!!!
Thread starter Similar threads Forum Replies Date
L Informational IATF 16949 certification requirement for Tier 2/Tier 3 Suppliers IATF 16949 - Automotive Quality Systems Standard 15
Q TS 16949 Certification date requirement of suppliers by Bosch, Delphi & Siemens IATF 16949 - Automotive Quality Systems Standard 6
I The certification requirement for Tier II suppliers is ISO 9001:2000 Supplier Quality Assurance and other Supplier Issues 4
L Automotive Companies which require ISO 14001 certification of suppliers ISO 14001:2015 Specific Discussions 17
Q Panasonic Automotive CSR - TS 16949 certification from their Suppliers? IATF 16949 - Automotive Quality Systems Standard 1
D Supplier certification waiver format - ISO/TS16949:2002 Suppliers Supplier Quality Assurance and other Supplier Issues 16
T Is QS-9000 certification acceptable for suppliers or must they be ISO 9001:2000? Supplier Quality Assurance and other Supplier Issues 4
F QS-9000 Certification of Remanufacturing Suppliers QS-9000 - American Automotive Manufacturers Standard 1
H R&D Lab ISO 9001 certification ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
L Significant subcontractor update, still under MDD Certification, possible? CE Marking (Conformité Européene) / CB Scheme 3
B ISO 13485 Certification ISO 13485:2016 - Medical Device Quality Management Systems 2
S How to calculate Effective Number of People for ISO 13485 Certification? General Auditing Discussions 2
S Inventory prior to AS9120 certification AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
P Certification process for registered device China Medical Device Regulations 11
F Medical cart self certification EU Medical Device Regulations 1
B Managed Certification Projects FAA vs EASA EASA and JAA Aviation Standards and Requirements 0
B Regulatory Affairs Certification (RAC) Book - Fundamentals of Medical Device Regulations Medical Device and FDA Regulations and Standards News 0
B IATF Certification Body Recommendations Registrars and Notified Bodies 3
C Certification vs Accreditation Training (General) Training - Internal, External, Online and Distance Learning 1
I Class VI certification on seals, o-ring and plastic for a WFI system Qualification and Validation (including 21 CFR Part 11) 0
G Trying to get a financially reasonable ISO Certification Body Registrars and Notified Bodies 8
A Selling products with OEM certification expired EU Medical Device Regulations 0
G ISO 13485 Certification - Can we get the ISO 13485 certification prior to shipment of the device? ISO 13485:2016 - Medical Device Quality Management Systems 6
N Does anyone use SGS for ISO 13485 / CE certification Registrars and Notified Bodies 0
S Clean room not part of my certification ISO 13485:2016 - Medical Device Quality Management Systems 3
J EC Certification transfer from CMO to Legal Manufacturer Possible? CE Marking (Conformité Européene) / CB Scheme 0
A Can a organization use a disclaimer "pending AS9100 Certification" in Marketing Information? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
S Certification Body Changeover - Transfer of Certificate Registrars and Notified Bodies 9
N Traditional 510K Submission-Financial Certification or Disclosure Statement 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 6
J Quality Objective for QMS prior to Certification AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 8
J Where to get a Black belt certification ASQ, ANAB, UKAS, IAF, IRCA, Exemplar Global and Related Organizations 13
D ISO 13485 & CE Certification for Surgical Gloves CE Marking (Conformité Européene) / CB Scheme 0
K MDR Class 1 Self Certification - Competent Authority or Notified Body? EU Medical Device Regulations 6
R GMDN and UMDNS Codes certification EU Medical Device Regulations 0
M ISO 13485:2016 Certification Scope ISO 13485:2016 - Medical Device Quality Management Systems 3
R IATF 16949 Certification for new site with transferred product--what is the impact with CSR and scorecards? IATF 16949 - Automotive Quality Systems Standard 4
B IATF 16949 Cert Expire- New certification body IATF 16949 - Automotive Quality Systems Standard 5
C Budgetary cost to obtain ASME NQA-1 Quality Program Certification Quality Management System (QMS) Manuals 0
V Certified Auditor - Need of additional certification specific to industry ( GMPs) ASQ vs ECA vs others Professional Certifications and Degrees 1
Le Chiffre Online training available for ISO/IEC 17021-1: Requirements for bodies providing audit and certification of management systems Training - Internal, External, Online and Distance Learning 3
B Cybersecurity Maturity Model Certification for military customers AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
M Scope for ISO 13485 Certification of a Translation Service Provider ISO 13485:2016 - Medical Device Quality Management Systems 17
A ISO 13485 Certification for Resin Manufacturer ISO 13485:2016 - Medical Device Quality Management Systems 4
X ISO 17025 certification for Laboratory for online gambling products ISO 17025 related Discussions 3
N 93/42/EEC certification without ISO 13485 EU Medical Device Regulations 3
V New Product Model CE Mark Certification under MDR EU Medical Device Regulations 0
H What ISO certification is for an IT department? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
P ISO 9001 certification with zero customers? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
E ISO 13485 QMS certification as a Supplier ISO 13485:2016 - Medical Device Quality Management Systems 8
G IATF Rules for COVID 5th revision - Re-certification audit timing IATF 16949 - Automotive Quality Systems Standard 3

Similar threads

Top Bottom