Customer Related Processes and Requirements - ISO 13485 Clauses 7.2.1 and 7.2.2

Morlock

Involved In Discussions
#21
By ISO 13485 definition we are a "contract manufacturer", so this is the terminology I used. Correct, we provide R&D services in that we apply different coatings in different manners to produce different results, but it is the customer who determines the needs and acceptability of the performance of the coating, and they provide all of the substrate and are responsible for all upstream and downstream processing. Our scope is typically fairly limited with regards to the entire device lifecycle.

After the customer is satisfied with the R&D outputs, we obtain a drawing for the final "coated-level" spec for the component, containing information such as coating components, coating length, lubricity specifications, FM specifications, etc. This customer-supplied drawing is held in our QMS as a reference document, and is approved by Engineering, Manufacturing, and Quality. Any revision to this document by the Customer is reviewed by us and requires approval within our QMS prior to manufacturing to the revision.

When manufacturing, this reference drawing (and revision) is checked after each customer order is placed, and if there are any discrepancies, they must be resolved prior to continuing with the processing of the order. All orders are reviewed and approved by Manufacturing.

To me, this satisfies the "records of evaluation of customer requirements" criteria. Is that too simplistic?
 
Elsmar Forum Sponsor

Ronen E

Problem Solver
Staff member
Moderator
#22
It sounds OK for the manufacturing side (assuming the review by manufacturing covers all relevant aspects, including e.g. availability and timeframes, not just tech specifications), but downplaying the R&D service doesn't change the essence of the situation on that side. If you provide such a service, there must be an upfront documented review addressing that activity/service - that's my reading of the standard.
 

Morlock

Involved In Discussions
#23
That's fair. I would think our test protocol reports (which include feedback from the customer), and which are approved within our QMS, would suffice the "upfront document review" regarding the R&D activity.

Does the ISO requirement require us to document all of this for every order placed by every customer? It seems like it would be redundant, especially with routine customers (customers placing the same order quantities for the same parts with the same coating specs...) If so, what might be a quick and efficient way to document the review of specs, availability, timeframes, etc.?

We are a small job shop, and the base units are supplied by our customers, so line availability and unit availabilty aren't really an issue. The lead times are listed on the quotes, which are approved in house and by the customer. We coat however many parts they send us (quantity is also listed on the Purchase Orders), so inventory isn't an issue...

I am waiting to hear back from the auditor to further clarify what they were looking for, and what the shortcomings were...

Thanks for the help.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#24
It sounds OK for the manufacturing side (assuming the review by manufacturing covers all relevant aspects, including e.g. availability and timeframes, not just tech specifications), but downplaying the R&D service doesn't change the essence of the situation on that side. If you provide such a service, there must be an upfront documented review addressing that activity/service - that's my reading of the standard.
In terms of certification to the ISO 13485 standard, the registrant still has the latitude to limit the scope.

If they do not want to have the R&D support service as part of the scope of certification and include only the contract manufacturing part of the business, they are allowed to do so.
 

Ronen E

Problem Solver
Staff member
Moderator
#25
In terms of certification to the ISO 13485 standard, the registrant still has the latitude to limit the scope.

If they do not want to have the R&D support service as part of the scope of certification and include only the contract manufacturing part of the business, they are allowed to do so.
Fair enough. Did they?
 

Ronen E

Problem Solver
Staff member
Moderator
#26
I would think our test protocol reports (which include feedback from the customer), and which are approved within our QMS, would suffice the "upfront document review" regarding the R&D activity.
Sorry, I don't understand how this is related to my previous post. Please note that I wrote "upfront documented review", not "upfront document review". It's not necessarily a review of documents. Rather, the point was that it has to be recorded (documented), as opposed to a chat at the lunchroom (which might also qualify as a review - depending on the contents), and it has to be upfront, i.e. before the order is accepted (or before a quote is issued).

The review I thought of was more about understanding what R&D services - in some reasonable detail - the customer is asking for / needs in the specific instance, verifying that the understanding was correct, making sure you have what's necessary in the specific instance (all aspects - knowledge, tech, resources etc.), communicating back any assumptions, exclusions, limitations etc. etc...

Does the ISO requirement require us to document all of this for every order placed by every customer? It seems like it would be redundant, especially with routine customers (customers placing the same order quantities for the same parts with the same coating specs...) If so, what might be a quick and efficient way to document the review of specs, availability, timeframes, etc.?
In my understanding - yes, for every order. Even if the orders are identical, your situation might be different, for 1001 reasons. This might or might not be significant, but if you don't review, how will you know? Maybe have a checklist to quickly go over all aspects, and for each aspect where nothing is different (including circumstances and outcomes) just note "same as order XXX". The point is to actually have a review held, and have the record on file. If later there are any issues, you can trace back, identify root causes, initiate CAPA if warranted, etc.

We are a small job shop, and the base units are supplied by our customers, so line availability and unit availabilty aren't really an issue. The lead times are listed on the quotes, which are approved in house and by the customer. We coat however many parts they send us (quantity is also listed on the Purchase Orders), so inventory isn't an issue...
Good, that means your review should be easier. Additionally, It might make sense to begin the review before a quote is submitted (maybe capture the reasoning behind quoted lead time etc.), then quickly revisit and finalise before accepting an order.
 

Morlock

Involved In Discussions
#27
Fair enough. Did they?
R&D is not within our scope of certification, only manufacturing.

Please note that I wrote "upfront documented review", not "upfront document review". It's not necessarily a review of documents. Rather, the point was that it has to be recorded (documented), as opposed to a chat at the lunchroom (which might also qualify as a review - depending on the contents), and it has to be upfront, i.e. before the order is accepted (or before a quote is issued).
That's fair. I see the difference.

Maybe have a checklist to quickly go over all aspects, and for each aspect where nothing is different (including circumstances and outcomes) just note "same as order XXX". The point is to actually have a review held, and have the record on file.
Might you have a template, or know if there is a template in the forum? I've searched a little, and will keep searching, and I can update/link it here if I find one.

Again, thanks to everybody for the continued discussion. It is very enlightening for me.
 
#29
We are a provider of class 1 devices to hospitals and clinics. Our products are not sold direct to consumers as they would have no need for such products. Customer include Hospitals (private, commercial and government-VA). We are ISO 13485 accredited with design in our scope, and manufacture 90% of our products in-house, with some subcontracting and some re-branding. We have agreements with our customers and with distributors of our product (mostly, oversea). These contracts state our basic terms, etc. including net 30 payment, etc. We have a line of customer service order processors, who receive and respond to customer orders via EDI, email, phone and, rarely, fax). Orders are generally for x number of boxes of type Y product, etc. Which are pulled from our inventory system and shipped.
During an internal audit, the auditor wrote up a nonconformance when he observed that many of the orders coming in, especially in emails, had a page of pages of T&Cs attached to the PO or referenced a URL in the PO to review related PO T&Cs. The order processor was not reviewing the attachments, etc., as they are not trained or qualified to do so. The auditor said these attachments constituted customer requirements that needed to be reviewed. We responded in the related corrective action request that we have a signed agreement with our customers outlining our terms which they signed, and that as far as we were concerned, this trumped anything extra they were flowing.
In reviewing the action taken, the auditor subsequently rejected our answer, saying that you can’t ignore a customer’s requirement and, once you execute on the PO/contract, you are agreeing to the terms as outlined there. Adding, failing to review information flowed from a customer introduces potential risk that should be considered.
If we have to review every T&C, etc. the customer is flowing, it would add a significant burden on how quickly we can turn an order around… this would not be in the customer’s best interest. What do you think?
 

Tagin

Trusted Information Resource
#30
....The auditor said these attachments constituted customer requirements that needed to be reviewed. We responded in the related corrective action request that we have a signed agreement with our customers outlining our terms which they signed, and that as far as we were concerned, this trumped anything extra they were flowing.
In reviewing the action taken, the auditor subsequently rejected our answer, saying that you can’t ignore a customer’s requirement and, once you execute on the PO/contract, you are agreeing to the terms as outlined there. Adding, failing to review information flowed from a customer introduces potential risk that should be considered.
If we have to review every T&C, etc. the customer is flowing, it would add a significant burden on how quickly we can turn an order around… this would not be in the customer’s best interest. What do you think?
It seems like a legal opinion is possibly needed to determine whether the signed contract or the PO T&C take precedence. That's not the auditor's role to decide. Aside from that, having it added explicitly in the signed contract that the terms therein supersede any other terms indicated by the customer on a PO, etc. could resolve it. It seems like the auditor is overreaching just to get a finding.
 
Thread starter Similar threads Forum Replies Date
somashekar Customer Related Processes when a Customer is within the Corporation ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
C 7.2 Customer Related Processes - Everything we do is Outsourced ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
A Internal Audit-Customer Related Processes Internal Auditing 2
A Exclusion of Customer Related Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
RoxaneB A "Customer-related processes" curveball ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
R 7.2. Customer-related processes IATF 16949 - Automotive Quality Systems Standard 1
J 7.2 Customer-related processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
M IATF16949 Clause 9.1.2.1e - Customer notification related IATF 16949 - Automotive Quality Systems Standard 4
Q When to issue a Customer Complaint related to efficacy of a Medical Device? ISO 13485:2016 - Medical Device Quality Management Systems 3
Moncia Problem with Corrective Action for Flavor / Fragrance related Customer Returns Records and Data - Quality, Legal and Other Evidence 9
T Risk based Impact Level related to Customer Complaints 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
B Looking for Customer Service related Procedures Customer Complaints 2
I How to reply to customer 8D Fishbone related to a corrosion issue? Preventive Action and Continuous Improvement 7
K Should prices be included in customer related process ISO 13485:2016 - Medical Device Quality Management Systems 1
L Customer Requirements related to Retention Documents and Records period Records and Data - Quality, Legal and Other Evidence 1
M Customer Related Process Questions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
J How to comply with 7.2.1 - Customer Related Process ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
M Exclusion of 7.2 Customer Related Process ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 32
M Workmanship Related Failures - Responding to a customer CAR Nonconformance and Corrective Action 12
J TS 16949 8.5.2 Corrective Action - Auditor did not like the customer related form Nonconformance and Corrective Action 13
I Non-ISO9001:2000 'related' procedures - A separate NC system for Customer Service ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
D Control Of Customer Survey Forms and Related Forms Document Control Systems, Procedures, Forms and Templates 7
G Management Review 5.6.3 b) Improvement of product related to customer requirements Management Review Meetings and related Processes 7
L Customer Related standards in ISO/DIS 9000:2000 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
D Suggestions for Ishikawa for hyperdetailed customer - plastic molding automotive parts Nonconformance and Corrective Action 9
J WAIVED ON Q1 - We Don't have to comply with FORDS customer specific requirements IATF 16949 - Automotive Quality Systems Standard 2
A Customer Approval (Medical Devices) Document Control Systems, Procedures, Forms and Templates 4
M Reduce occurrence rating based on the PMS data and customer complaint data ISO 14971 - Medical Device Risk Management 2
G Too many customer complaints Customer Complaints 16
lanley liao Does the customer`s trademark belong to customer-supplied property? Oil and Gas Industry Standards and Regulations 2
J Customer Complaint & SCAR, false data Nonconformance and Corrective Action 14
S Annual Inspection Layout - Based on Customer print ? IATF 16949 - Automotive Quality Systems Standard 8
G Risk of stopping your customer's line IATF 16949 - Automotive Quality Systems Standard 4
S Calibration/Verification of customer fixtures IATF 16949 - Automotive Quality Systems Standard 6
D CB and customer audits considered as internal audits? General Auditing Discussions 9
O Informational Ford Motor Company Customer Specific Requirements for IATF 16949:2016 - 08 Jan 2021 Customer and Company Specific Requirements 0
G Bad Parts cause Customer line stop IATF 16949 - Automotive Quality Systems Standard 13
O IATF 16949 News Ford Motors Customer Specific Requirements Update - Nov 2020 IATF 16949 - Automotive Quality Systems Standard 5
D Question regarding customer feedback process ISO 13485:2016 - Medical Device Quality Management Systems 3
D Change Approval Requirements - Does every change need formal customer approval? Design and Development of Products and Processes 17
B Retention Samples when Customer Leaves Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 1
M Email Template that go to a customer and then get returned to us for RMA/Warranty Document Control Systems, Procedures, Forms and Templates 1
B FCA US Customer Specific IATF 16949- Critical Characteristics 8.6.2 Customer and Company Specific Requirements 0
D ISO 13485 8.2.1 and 8.2.2 - Customer Feedback and Customer Complaints ISO 13485:2016 - Medical Device Quality Management Systems 5
J Customer Complaint Response 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 3
V Quality review Meeting with Customer for complaints we received Customer Complaints 6
D IATF16949 - Interpretation of Customer Requirements clauses IATF 16949 - Automotive Quality Systems Standard 3
S Obligation to accept customer audits? IATF 16949 - Automotive Quality Systems Standard 23
D IATF16949 7.5.3.2.1 Record Retention - Our Product or Customer Product? Elsmar Cove Forum Suggestions, Complaints, Problems and Bug Reports 1
S Customer Specific Requirements (CSR) not signed/approved IATF 16949 - Automotive Quality Systems Standard 17

Similar threads

Top Bottom