Internal Approval of Deviations - ISO 9001:2008 & ISO 13485:2003

W

WilBryan

#1
Ok so here is a tricky question...
Background:
Our company (9001:2008 & 13485:2003) builds capital equipment that is 'design & build' or 'build to print' with minor engineering adjustments as needed to correct customer drawings (with sign-offs). Every project & customer is unique and they span across several industries.
We exempt some parts from inspection process due to long-term experiences with the parts and supplier performance. Other parts, if problematic on repeat builds, we will of course inspect.

Recently inspection flagged a part as nonconforming because its two dowel-pin holes were +0.0004 out of tolerance. The project manager was notified, he reviewed the part and the specifications and made an informed decision based on experience with the product, the customer and his masters in engineering that the part would work and would not impact the function of the machine.
Our registrar audit was being conducted the same day and the instance was discovered, we were flagged a non-conformance for control of nonconfroming product as a result. The auditors logic is that we did not confirm the change in specification from the part's drawing (one of 800+) with the customer prior to approving it for use.

I understand the perspective of the auditor, however, it is our experience that this exact type of approval is what the customer doesn't want to be bothered with and that they hire us to address. Similarly, this customer (and many others) are slow to respond to drawing changes when we do submit them and as a result, one department in a customer organization can impact our delivery commitments to other business units in the customer organization.

How does everyone mitigate this? Surely others building custom machines do not have to get sign off for every (+,-) 0.00001 tolerance issue... do they?

We define "materials" as the items that contribute to the product (parts) and we define "product" as a machine that has passed all designated functional tests. We define "customer specifications" as the customer provided drawings and information needed to build the machine. Should we just redefine 'specifications' as the product dimensions and requirements specified in the proposal?

We have pulled a ton of benefits from the ISO standards and have a near flawless audit history with a very involved and committed management. if I can't resolve this nonconformance without having to petition customers for every ten-thousandth out may have to drop our certifications. Any suggestions for navigating some very murky water?

crossing my fingers for help... :cfingers:
 
Elsmar Forum Sponsor
#3
[ The project manager was notified, he reviewed the part and the specifications and made an informed decision based on experience with the product, the customer and his masters in engineering that the part would work and would not impact the function of the machine. ]
If the auditor does not have the competency to ask more questions and assess the informed decisions and review your records of this decision, then you are dealing with a young and unseasoned auditor. If this does not change, you escalate and even consider working with better CB.
We work in a ISO9001 + ISO 13485 environment and are contract manufacturing. We make informed decisions on deviations, record them, and signoff. We do an adverse effect study and only if we find there is no adverse effect, the same is recorded and moved further. The records also govern certain batch or volume or quantity and are closed off.
 
Last edited:
W

WilBryan

#4
Jim,
I appreciate the perspective and as I said, I understand where the auditor and you are coming from in this regard.
My question is more to how I can address this and retain our certifications. It isnt just that our management would refuse to get customer sign off for nominal drawing issues, it is that our customers will not respond to requests for redraws or revisions when we submit them, unless they are related to form, fit, or function. If the part had a change or if it was a critical measure it would certainly have sign off, but isnt it the PMs job to act as customer-advocate for decisions like this?

At the end of the day, our product is the machine we deliver to the customer, and the specifications they provide are the dimensions, functions, cycle rates, duty-times, and outputs of the machine. In literally every circumstance there is no set of drawings that if followed to precise detail would actually assemble to a functioning machine that meets the outlined product specifications. We update their drawings and they have the feedback but simply won't respond to this type of request. In the customer's eyes, this is the minutia they hire us to navigate.

If the customer won't respond to requests for drawing revisions, is it our job to give them a list of conforming parts assembled or is it our job to give them a functioning machine that meets the proposal and the performance specifications?
 
W

WilBryan

#5
Somashekar,
I tend to agree with your assessment, it was an inexperienced auditor and we are looking at appealing the entire audit, however, I also have to approach it from the perspective that we will lose the appeal and have to respond to the corrective. That way we are covered regardless. It is a real challenge to resolve unless we can define that drawings are not product specifications.
thank you for the input!
 

Sidney Vianna

Post Responsibly
Leader
Admin
#6
and we define "product" as a machine that has passed all designated functional tests.
Your definition of product contravenes the normative ISO 9000 definition of the term. Product is NOT only the finished good, but all of its contributing components as well.

Having said that, if the nonconforming dimension does not affect the product performance nor compliance with regulations AND the customer has not indicated/requested to be involved with the disposition of nonconforming products, you have the authority to disposition it, without involving the customer.
 
W

WilBryan

#7
Sidney,
Thanks for the reply. Where are you pulling that definition from? I'm not questioning it, I would just like the source to cite to our management team. I am walking a fine line stuck between the registrar and the company.

We are currently working from the definition located here: https://www.iso.org/obp/ui/#iso:std:iso:9000:ed-4:v1:en:term:3.8.10
stating "Product: Output (3.7.5) of an organization (3.2.1) that can be produced without any transaction taking place between the organization and the customer (3.2.4)"
 

Sidney Vianna

Post Responsibly
Leader
Admin
#8
I stand corrected. As far as I remember, in a previous definition of the term product, ISO 9000 clarified via a note that the term applied to the whole product realization cycle from raw materials all the way through finished goods.

The definition no longer makes that clarification, but, in my opinion, it still applies. If we were to (mis) understand product only as the finished product, a lot of the requirements would not make sense.

So, despite the definition not matching my previous comment, we should understand "product" as components, software, sub assemblies, etc... and not ONLY the finished product.
 
#10
Can you at least get the client to respond by email that this small deviation is OK? If not can you get them to give you such authority in writing?

As it is now, at very best, you are on very thin ice.
 
Thread starter Similar threads Forum Replies Date
S Internal Calibration Laboratory Inspection/Approval General Measurement Device and Calibration Topics 3
A Methods for Approval of Internal and Outsourced Manufacturing Processes 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
D What are the IATF rules regarding doing internal audits remotely? IATF 16949 - Automotive Quality Systems Standard 1
S 7.1.5.3.1 Internal Lab Scope IATF 16949 - Automotive Quality Systems Standard 14
K Best Internal Auditor Training Internal Auditing 18
S 9001 + 14001 Internal Auditing Process checklist, flowchart or questionnaire ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
B Single fault analysis and negligible probability of IC internal fault IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
T AS9100D Risk-Based Internal Audit Schedule AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
S AS9120 - New Internal Auditor Training requirement? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 11
A Internal Audits - skipped clauses? Internal Auditing 11
S Minimum Retention Time for Records of internal audit results as per AS9100 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
B Does anyone copyright their internal QMS documents? Document Control Systems, Procedures, Forms and Templates 24
B Establishing topics for IATF internal audit processes Internal Auditing 9
L Internal Audits during the MDR Transition Period EU Medical Device Regulations 5
T Robust internal audit program AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
J Average number of Nonconformances during internal quality audit for Medical Device Manufacturers Internal Auditing 3
Q AS9100:D Counterfeit internal audit questions AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
D ISO 9001:2015 Internal Audit Check Sheet ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
K Qualified MDR internal auditor? EU Medical Device Regulations 8
L Internal audits for IATF IATF 16949 - Automotive Quality Systems Standard 7
E FDA & Internal Audits US Medical Device Regulations 3
LabCat Internal SOP for a validated (ISO) method? ISO 17025 related Discussions 2
L Documenting internal audit of customer specific requirements IATF 16949 - Automotive Quality Systems Standard 7
T Internal and external communication procedure for Food Safety Food Safety - ISO 22000, HACCP (21 CFR 120) 2
R Looking for ISO 13485 Internal Audit Checklist ISO 13485:2016 - Medical Device Quality Management Systems 8
E Cybersecurity for Internal Tool Validation Medical Device and FDA Regulations and Standards News 1
G During internal audit - finding poor action plans ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
G Opening meeting - internal audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
G NC criteria during internal audits ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
A Information on Process-based Internal Auditing Needed Internal Auditing 6
N Internal NCR Meetings Benchmarking 15
H Ever given an Operations Manager an internal Corrective Action Request? Nonconformance and Corrective Action 5
TheAxiomaticHamster Internal ISO17025:2017 Compliant Reporting ISO 17025 related Discussions 2
Mr Roo Discovered dishonesty after performing an internal audit General Auditing Discussions 5
Q Internal calibration (stopwatch) IATF 16949 - Automotive Quality Systems Standard 3
C Internal Laboratory (7.1.5.3.1) IATF 16949 - Automotive Quality Systems Standard 3
W IATF 9.2.2.1 Internal Audit how to determine risk IATF 16949 - Automotive Quality Systems Standard 12
B Consistently Late Internal Audits- Any Suggestions? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 116
X Looking for 17025 auditor to perform internal audit on IT software testing laboratory ISO 17025 related Discussions 3
M Customer Dimensions on Internal Drawing, all of them? IATF 16949 - Automotive Quality Systems Standard 3
B Internal Auditor Competence for Automotive CSR's IATF 16949 - Automotive Quality Systems Standard 6
M ISO27001 18.2.1 - Internal Independent review IEC 27001 - Information Security Management Systems (ISMS) 1
J 9001 Internal Audit of Client Onboarding process ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
F Internal Laboratory Manual IATF 16949 - Automotive Quality Systems Standard 5
G Internal Laboratory Scope IATF 16949 - Automotive Quality Systems Standard 10
B Internal audit checklist Internal Auditing 5
V Internal Audit Software IATF 16949 - Automotive Quality Systems Standard 5
J Internal Audit Schedule IATF Internal Auditing 4
J API Q1 4.3.2.2 Personnel Competence for Internal Auditors Oil and Gas Industry Standards and Regulations 5
D Internal auditor competence assessment Internal Auditing 13

Similar threads

Top Bottom