Customer Specific Requirements

MSUENG

Starting to get Involved
As a Tier 2 supplier of automotive stampings, we have our IATF 16949 certification. A finding from our latest audit, determined we need to better document how we are confirming our CSR's. (Better will be easy since we are not currently documenting it at all.) After combing through our customer's supplier quality manual and supplier portal requirements, I have not found where any OEM CSR's are passed down to us. I plan to put a blurb in our quality manual that states that any revision to our customer's quality manual would trigger a review to search for any CSR's that are potentially passed on as a part of the revision. So for our record I only plan to do a matrix to document the review of each new release of our customers supplier quality manual for any added OEM CSR's. Other than that, the only thing left would be the MAQMSR for us to adhere to. Since we are IATF1649, I believe we should be able to ignore those requirements since they would be automatically accounted for as a part of the IATF requirements. Can someone confirm my understanding of this requirement is correct and if the IATF requirement would be met using my planned documentation method? Thanks in advance for your assistance.
 

Ashland78

Quite Involved in Discussions
I think you are misunderstanding some. It is even simpler than updating a matrix. Every plant procedure you have in the scope or the procedure itself state CSR will be followed.

You won't have to update each time one of your SQAM are updated.

Example - Toyota requires 25 years for retaining of records. GM requires 15 years (there is a GMW15029 (I think) document you should have as well in your standards if you supply to GM). Auditors/Certification Bodies, love seeing suppliers have these documents.

That being said if Toyota changes to 10 years, then you don't need to revise all procedures.

I hope you are auditing your CSR internally in your 3 year audit plan as well. That will help build trust with the team that audits you.
 

Golfman25

Trusted Information Resource
As a Tier 2 supplier of automotive stampings, we have our IATF 16949 certification. A finding from our latest audit, determined we need to better document how we are confirming our CSR's. (Better will be easy since we are not currently documenting it at all.) After combing through our customer's supplier quality manual and supplier portal requirements, I have not found where any OEM CSR's are passed down to us. I plan to put a blurb in our quality manual that states that any revision to our customer's quality manual would trigger a review to search for any CSR's that are potentially passed on as a part of the revision. So for our record I only plan to do a matrix to document the review of each new release of our customers supplier quality manual for any added OEM CSR's. Other than that, the only thing left would be the MAQMSR for us to adhere to. Since we are IATF1649, I believe we should be able to ignore those requirements since they would be automatically accounted for as a part of the IATF requirements. Can someone confirm my understanding of this requirement is correct and if the IATF requirement would be met using my planned documentation method? Thanks in advance for your assistance.
Basically do what you did — review your customer requirements for any differences (usually additions) to the IATF requirements (I.e: PPAP — everyone seems to have their own quirks). They should have a document of CSRs that follow the IATF requirements To make it easy. Use a matrix for each customer to identify, and make sure you’re complying. Monitor to address any changes. You don’t really need to worry about the OEM CSRs because you’re a step or two away. MAQMSR are applicable to those not yet certified to IATF so they aren’t applicable to you. Good luck.
 

MSUENG

Starting to get Involved
You won't have to update each time one of your SQAM are updated.

That being said if Toyota changes to 10 years, then you don't need to revise all procedures.

I hope you are auditing your CSR internally in your 3 year audit plan as well. That will help build trust with the team that audits you.
The auditor was asking how we document that we are reviewing customer requirements for any new CSR's. Since we currently have no such document, I planned to do this using our new CSR matrix (we didn't have one of these either) by updating the SQAM issue rev level and date on the CSR matrix. I saw that as a "2 birds/1 stone" approach. And I was thinking that would be all I needed to update.

So, using your example, we would only update the matrix for the updated Toyota SQAM rev and date and nothing else would need to change.

I planned to add a CSR review block to the form we use to document our internal audits.

I think it would meet the requirements with a minimum amount of change and maintenance to the system. Does it make sense and do you see any holes in this?
 

Ashland78

Quite Involved in Discussions
I think you are on the right path. I would hope you have in your 'QMS procedures' that you meet all CSR's. You can include it on forms, but if in the core QMS procedures (what is the start) you would be safe I imagine.

Do you have QMS procedures for roles and responsibilities, employee engagement, business planning, PPAP, CoQ, packaging, leadership involvement, and management review? These are all part of CSR's but could be forgotten.

Maybe we could set up a phone call, and I can assure the intent of what you are needing is met.
 

Golfman25

Trusted Information Resource
But it's not really a customer specific requirement if it is an IATF requirement, is it?
The IATF tweaks the ISO requirements. Likewise, a customer can tweak the IATF requirements. True customer specific requirements will identify the IATF clause that they are tweaking.
 

Golfman25

Trusted Information Resource
The auditor was asking how we document that we are reviewing customer requirements for any new CSR's. Since we currently have no such document, I planned to do this using our new CSR matrix (we didn't have one of these either) by updating the SQAM issue rev level and date on the CSR matrix. I saw that as a "2 birds/1 stone" approach. And I was thinking that would be all I needed to update.

So, using your example, we would only update the matrix for the updated Toyota SQAM rev and date and nothing else would need to change.

I planned to add a CSR review block to the form we use to document our internal audits.

I think it would meet the requirements with a minimum amount of change and maintenance to the system. Does it make sense and do you see any holes in this?
I would think you would need to update your document management process/procedure to revise the new requirement. For example, I would assume you have something some where that says for customer ABC, retain documents for X years. If they make a change, then you would need to update to say for customer ABC, retain documents for Y years. How else are you flowing down the actual requirements.
 

MSUENG

Starting to get Involved
I would think you would need to update your document management process/procedure to revise the new requirement. For example, I would assume you have something some where that says for customer ABC, retain documents for X years. If they make a change, then you would need to update to say for customer ABC, retain documents for Y years. How else are you flowing down the actual requirements.
If you are using this an example of a "what if", then I would see this as correct, if an added requirement would actually change an internal process.
But if the added requirement was documented on the customer's PPAP checklist or the like, then maybe no.
 
Top Bottom