SBS - The best value in QMS software

Determining what are, and are not, Outsourced Processes

H

Helmut Jilling

Auditor / Consultant
#21
#21
Re: Determining what are and are not Outsourced Process

Big Jim said:
There is no requirement to list your outsourced processes.

What the standard says is:

"Where an organization chooses to outsource any process that affects product conformity to requirements, the organization shall ensure control over such processes. The type and extent of control to be applied to those processes shall be defined within the quality management system."

I don't see list in there anywhere.

You should appeal that nonconformance. The auditor appears to have fallen into "requirement creep".

I would view buying labels as simply making a purchase, not outsourcing.

The Auditing Practices Group has published guidelines on outsourcing that you may find useful. Google TC-176 and look on their site for Auditing Practices Group and look for information on outsourcing. TC-176 is the technical committee within ISO that is responsible for ISO 9001:2008.
Click to expand...

I agree the standard does not say you SHALL list them...but it would be kind of difficult to define what controls are in place if you don't identify what the processes are in the first place.

I describe it more as follows...

The standard, in cl 4.1, requires you to define all sorts of details about your processes...When it comes to outsourced processes, the standard still requires you to define them as a process related to your QMS, but allows you to do much less documenting of the details...just the necessary controls you have applied. I believe that is because the standard recognizes that most of the controls are provided by the suppliers. You just need to define any additional controls you bring to the party.

Also, it should be noted, all outsourced processes and purchases shall be controlled - some are controlled under the "Outsourced Processes" (cl 4.1) category, and the rest under Purchasing cl 7.4. So, if it is not one, it will fall under the other.
 
Free Trial of DISCUS Desktop
Elsmar Forum Sponsor
B

Big Jim

Super Moderator
#22
#22
Re: Determining what are and are not Outsourced Process

Helmut Jilling said:
I agree the standard does not say you SHALL list them...but it would be kind of difficult to define what controls are in place if you don't identify what the processes are in the first place.

I describe it more as follows...

The standard, in cl 4.1, requires you to define all sorts of details about your processes...When it comes to outsourced processes, the standard still requires you to define them as a process related to your QMS, but allows you to do much less documenting of the details...just the necessary controls you have applied. I believe that is because the standard recognizes that most of the controls are provided by the suppliers. You just need to define any additional controls you bring to the party.

Also, it should be noted, all outsourced processes and purchases shall be controlled - some are controlled under the "Outsourced Processes" (cl 4.1) category, and the rest under Purchasing cl 7.4. So, if it is not one, it will fall under the other.
Click to expand...
That's pretty much how I do it when writing an ISO 9001 or AS9100 manual. I do list them, but I don't try to make it an all inclusive list. Things change, so I usually say "outsourced processes include . . .", and try to list the main ones. Then I show that outsourcing is controlled by the purchasing process. Purchase orders or other purchasing documents clearly show what is being purchased and when completed the work and any accompanying certifications are compared against the purchasing documents to confirm outsurcing was properly controlled (or words to that effect).

The organization gets to define the controls. And by the way, the standard says define, not document or record.

I still think the OP's auditor was into mission creep.
 
T

treesei

#23
#23
Re: Determining what are and are not Outsourced Process

Big Jim said:
That's pretty much how I do it when writing an ISO 9001 or AS9100 manual. I do list them, but I don't try to make it an all inclusive list. Things change, so I usually say "outsourced processes include . . .", and try to list the main ones. Then I show that outsourcing is controlled by the purchasing process. Purchase orders or other purchasing documents clearly show what is being purchased and when completed the work and any accompanying certifications are compared against the purchasing documents to confirm outsurcing was properly controlled (or words to that effect).

The organization gets to define the controls. And by the way, the standard says define, not document or record.

I still think the OP's auditor was into mission creep.
Click to expand...
I agree with this approach. Personally or internally, one needs to know what processes are outsourced. However, it would be unwise to try to produce an inclusive list within the documentation/record system. Putting too many details unnecessarily in the QMS often is a trouble maker, at least not cost effective.
 
J

JuneFoo

Starting to get Involved
#24
#24
ehoqa said:
Thanks for all your help! (Love this place!)

The examples from the link Harry provided helped: "However, some outsourced processes are often overlooked, including hiring and training, internal auditing, calibration, lab testing, customer surveys, call centers, purchasing, field service, equipment preventive maintenance, installation, and records archiving."

I'm pretty new to this so the links and all your responses will give me something to work with. Appreciate it much!
Click to expand...
I never thought of "training & calibration" shall consider as an outsourced process, in such, what kinds of control we shall implement?
 
T

treesei

#25
#25
JuneFoo said:
I never thought of "training & calibration" shall consider as an outsourced process, in such, what kinds of control we shall implement?
Click to expand...
Training and calibration are often outsourced. To start, when selecting a provider, you check its credibility. You set up criteria for providers. You send them questionnaires as part of periodical reviews etc. For calibration labs, you usually want to see its ISO cert. There are many controls you may implement but they must fit your need.
 
B

Big Jim

Super Moderator
#26
#26
It's pretty much like any other purchase. You describe what you want on the PO or other purchasing documents (such as a contract) and you confirm you got what you asked for on or after delivery.

Don't forget that outsourcing controls need to be defined within you quality management system, and be aware the defined doesn't have to mean documented. If you have a purchasing procedure, it is common to define outsourcing controls there.
 
A

Alatriste

#27
#27
Re: Determining what are and are not Outsourced Process

I need your help. I need to help a small facility (4 people) to get ISO 9001 certification by the end of the year. As it is a small coupling facility, I am thinking to added as a another, already ISO-certified facility instead as either remote facility or an outsource facility.
My question is what is the difference between remote facility and outsourced facility, and what is the easier way to do it? As long as this small facility is included in any ISO certificate mentioned, it is ok.

Thanks in advance for your help.
 
Jim Wynne

Jim Wynne

Staff member
Admin
#28
#28
Re: Determining what are and are not Outsourced Process

Alatriste said:
I need your help. I need to help a small facility (4 people) to get ISO 9001 certification by the end of the year. As it is a small coupling facility, I am thinking to added as a another, already ISO-certified facility instead as either remote facility or an outsource facility.
My question is what is the difference between remote facility and outsourced facility, and what is the easier way to do it? As long as this small facility is included in any ISO certificate mentioned, it is ok.

Thanks in advance for your help.
Click to expand...
Welcome to the Cove. :)

I'm not sure what you mean by "coupling facility," or what you hope to accomplish by adding another facility. If the one you want to be certified is a subsidiary of another, it's possible for one of them to be considered a support site. I'm not sure how outsourcing (contracting with another company to operate a process) would play into any of this.

If you could clarify your intentions it would help.
 
A

Alatriste

#29
#29
Re: Determining what are and are not Outsourced Process

The small facility currently provides coupling services to a sister, bigger, hose facility. The hose facility can do the coupling by themselves but they decided to use the small sister facility for commercial reasons. Now, there are only 4 people in the small facility and they do not have any Quality documentation at all, so I think is better if we look for the small facility to be added (and mentioned in ISO certificate) instead of trying to get a single ISO certification for small facility from scratch (and so little resources).

Thank you in advance for your support.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
R Determining which Processes are Outsourced Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
S Determining the requirements for the products and services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
Q Determining Adverse Effects of Corrective/Preventive Actions ISO 13485:2016 - Medical Device Quality Management Systems 2
S Determining sample sizes for PQ Qualification and Validation (including 21 CFR Part 11) 4
M Determining if an Insulin Pen Testing Machine is a Medical Device? EU Medical Device Regulations 4
M Determining a tolerance value for Measuring devices in-house inspection General Measurement Device and Calibration Topics 12
D Determining the the maximum number of reprocessing cycles of attachments CE Marking (Conformité Européene) / CB Scheme 2
R Determining Uncertainty from Gage R&R Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 1
A IATF 16949 4.3.1 - Determining the scope of the quality management system - supplemental IATF 16949 - Automotive Quality Systems Standard 9
D ISO 9001:2015 4.3 Determining the Scope of the QMS ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
J Determining SPC tolerance Statistical Analysis Tools, Techniques and SPC 21
B Determining SAT Offsets vs TUS Offsets per SAE AMS 2750E AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 0
B Determining sample size for device sterility Inspection, Prints (Drawings), Testing, Sampling and Related Topics 3
D Determining of sample size for 'Operational Qualification' AQL - Acceptable Quality Level 5
R Question on determining defective units - I am not recording fixture to part rejected Statistical Analysis Tools, Techniques and SPC 5
S Clause 8.2.2 Determining the requirements for products and services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
D Determining Calibration Frequency schedule for items used in production Manufacturing and Related Processes 2
C Determining if Maintenance Contractor is an External Service subject to ISO 9001 Clause 8.4 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 43
S AS9100D PEAR - Examples for organization's method for determining process results? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
I Determining Calibration Tolerance of a Measurement Device General Measurement Device and Calibration Topics 2
J ISO 17025 Documented Procedure for 6.2.5 - Determining competency ISO 17025 related Discussions 4
V Determining FDA 820 (registration) vs ISO 13485 - Supplier gives us the kit ISO 13485:2016 - Medical Device Quality Management Systems 1
J ISO 9001 8.4.1 - Determining controls applied to externally provided processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
E Determining what is good and what is bad can be subjective - when is it a quality issue? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
F Determining what type of scrap to include in my internal PPM calculation Quality Manager and Management Related Issues 5
M Determining number of employees within the "Scope" of the QMS ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
A Determining the Scope of the QMS during Stage 1? Registrars and Notified Bodies 11
W Minor Audit Nonconformance Against Determining the scope of QMS IATF 16949 - Automotive Quality Systems Standard 12
D Determining Critical Components for conformity with IEC 60601-1 IEC 60601 - Medical Electrical Equipment Safety Standards Series 21
Q ISO 9001, section 4.3 Determining the scope of our QMS ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
R Determining Sample Size for Medical Device Component Validation Inspection, Prints (Drawings), Testing, Sampling and Related Topics 0
A What does 8.2.2.1, Determining the requirements related to products and services,mean IATF 16949 - Automotive Quality Systems Standard 1
A Determining Retention Period for Medical Device QMS documents Document Control Systems, Procedures, Forms and Templates 5
S Surveillance Sampling Test - Determining Sample Size Inspection, Prints (Drawings), Testing, Sampling and Related Topics 5
F ISO 9001:2015 4.3 - Determining the scope of the quality management system ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
B Standards Needed In House - Determining what standards are applicable Various Other Specifications, Standards, and related Requirements 3
W Determining Medical Device Classification in Mexico Other Medical Device Regulations World-Wide 5
K Determining Effect of Failure without a DFMEA (Design FMEA) FMEA and Control Plans 1
W Determining the Status and Importance of the Processes and Areas to be Audited Internal Auditing 7
T Determining Customer Requirements for the US Postal Service (USPS) IATF 16949 - Automotive Quality Systems Standard 4
Crimpshrine13 Rules of achieving and maintaining IATF recognition - Determining audit days IATF 16949 - Automotive Quality Systems Standard 2
R Developing procedure for Determining Company's Context And Interested Parties ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 53
W Determining Asset Life or Depreciation Life for M&TE General Measurement Device and Calibration Topics 1
N Reason for determining no adverse effect on reworked product ISO 13485:2016 - Medical Device Quality Management Systems 8
N Procedure for determining pinhole position in condom Inspection, Prints (Drawings), Testing, Sampling and Related Topics 1
alonFAI Determining PCBA Xray Test Sampling Size Statistical Analysis Tools, Techniques and SPC 1
S Determining sample size for inspection to achieve x% confidence re defects Misc. Quality Assurance and Business Systems Related Topics 10
S Determining Sample Size - AQL & LQ AQL - Acceptable Quality Level 10
R Determining the feasibility/scope for FDA IQ/OQ against a very simple application US Food and Drug Administration (FDA) 2
B Determining the "storage volume" (ISO 8536-8:2004 clause 6.14) Other Medical Device Related Standards 4

Similar threads

Top Bottom