Internal Approval of Deviations - ISO 9001:2008 & ISO 13485:2003

WilBryan

Involved In Discussions
#1
Ok so here is a tricky question...
Background:
Our company (9001:2008 & 13485:2003) builds capital equipment that is 'design & build' or 'build to print' with minor engineering adjustments as needed to correct customer drawings (with sign-offs). Every project & customer is unique and they span across several industries.
We exempt some parts from inspection process due to long-term experiences with the parts and supplier performance. Other parts, if problematic on repeat builds, we will of course inspect.

Recently inspection flagged a part as nonconforming because its two dowel-pin holes were +0.0004 out of tolerance. The project manager was notified, he reviewed the part and the specifications and made an informed decision based on experience with the product, the customer and his masters in engineering that the part would work and would not impact the function of the machine.
Our registrar audit was being conducted the same day and the instance was discovered, we were flagged a non-conformance for control of nonconfroming product as a result. The auditors logic is that we did not confirm the change in specification from the part's drawing (one of 800+) with the customer prior to approving it for use.

I understand the perspective of the auditor, however, it is our experience that this exact type of approval is what the customer doesn't want to be bothered with and that they hire us to address. Similarly, this customer (and many others) are slow to respond to drawing changes when we do submit them and as a result, one department in a customer organization can impact our delivery commitments to other business units in the customer organization.

How does everyone mitigate this? Surely others building custom machines do not have to get sign off for every (+,-) 0.00001 tolerance issue... do they?

We define "materials" as the items that contribute to the product (parts) and we define "product" as a machine that has passed all designated functional tests. We define "customer specifications" as the customer provided drawings and information needed to build the machine. Should we just redefine 'specifications' as the product dimensions and requirements specified in the proposal?

We have pulled a ton of benefits from the ISO standards and have a near flawless audit history with a very involved and committed management. if I can't resolve this nonconformance without having to petition customers for every ten-thousandth out may have to drop our certifications. Any suggestions for navigating some very murky water?

crossing my fingers for help... :cfingers:
 
Elsmar Forum Sponsor

Big Jim

Super Moderator
#2
I think you already know the answer. You were not authorized to make the change. You didn't bother to ask for a deviation. How can you expect this to be OK?
 

somashekar

Staff member
Super Moderator
#3
[ The project manager was notified, he reviewed the part and the specifications and made an informed decision based on experience with the product, the customer and his masters in engineering that the part would work and would not impact the function of the machine. ]
If the auditor does not have the competency to ask more questions and assess the informed decisions and review your records of this decision, then you are dealing with a young and unseasoned auditor. If this does not change, you escalate and even consider working with better CB.
We work in a ISO9001 + ISO 13485 environment and are contract manufacturing. We make informed decisions on deviations, record them, and signoff. We do an adverse effect study and only if we find there is no adverse effect, the same is recorded and moved further. The records also govern certain batch or volume or quantity and are closed off.
 
Last edited:

WilBryan

Involved In Discussions
#4
Jim,
I appreciate the perspective and as I said, I understand where the auditor and you are coming from in this regard.
My question is more to how I can address this and retain our certifications. It isnt just that our management would refuse to get customer sign off for nominal drawing issues, it is that our customers will not respond to requests for redraws or revisions when we submit them, unless they are related to form, fit, or function. If the part had a change or if it was a critical measure it would certainly have sign off, but isnt it the PMs job to act as customer-advocate for decisions like this?

At the end of the day, our product is the machine we deliver to the customer, and the specifications they provide are the dimensions, functions, cycle rates, duty-times, and outputs of the machine. In literally every circumstance there is no set of drawings that if followed to precise detail would actually assemble to a functioning machine that meets the outlined product specifications. We update their drawings and they have the feedback but simply won't respond to this type of request. In the customer's eyes, this is the minutia they hire us to navigate.

If the customer won't respond to requests for drawing revisions, is it our job to give them a list of conforming parts assembled or is it our job to give them a functioning machine that meets the proposal and the performance specifications?
 

WilBryan

Involved In Discussions
#5
Somashekar,
I tend to agree with your assessment, it was an inexperienced auditor and we are looking at appealing the entire audit, however, I also have to approach it from the perspective that we will lose the appeal and have to respond to the corrective. That way we are covered regardless. It is a real challenge to resolve unless we can define that drawings are not product specifications.
thank you for the input!
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#6
and we define "product" as a machine that has passed all designated functional tests.
Your definition of product contravenes the normative ISO 9000 definition of the term. Product is NOT only the finished good, but all of its contributing components as well.

Having said that, if the nonconforming dimension does not affect the product performance nor compliance with regulations AND the customer has not indicated/requested to be involved with the disposition of nonconforming products, you have the authority to disposition it, without involving the customer.
 

WilBryan

Involved In Discussions
#7
Sidney,
Thanks for the reply. Where are you pulling that definition from? I'm not questioning it, I would just like the source to cite to our management team. I am walking a fine line stuck between the registrar and the company.

We are currently working from the definition located here: https://www.iso.org/obp/ui/#iso:std:iso:9000:ed-4:v1:en:term:3.8.10
stating "Product: Output (3.7.5) of an organization (3.2.1) that can be produced without any transaction taking place between the organization and the customer (3.2.4)"
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#8
I stand corrected. As far as I remember, in a previous definition of the term product, ISO 9000 clarified via a note that the term applied to the whole product realization cycle from raw materials all the way through finished goods.

The definition no longer makes that clarification, but, in my opinion, it still applies. If we were to (mis) understand product only as the finished product, a lot of the requirements would not make sense.

So, despite the definition not matching my previous comment, we should understand "product" as components, software, sub assemblies, etc... and not ONLY the finished product.
 

Big Jim

Super Moderator
#10
Can you at least get the client to respond by email that this small deviation is OK? If not can you get them to give you such authority in writing?

As it is now, at very best, you are on very thin ice.
 
Thread starter Similar threads Forum Replies Date
S Internal Calibration Laboratory Inspection/Approval General Measurement Device and Calibration Topics 3
A Methods for Approval of Internal and Outsourced Manufacturing Processes 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
M Major vs. Minor for Internal Audits? Internal Auditing 10
T Internal Nonconformance procedure thoughts (AS9100) AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
M Tips on preparing for IATF 16949 Internal Lead Auditor exam Manufacturing and Related Processes 1
C Internal Audits in a tiny Dx Company Internal Auditing 33
H AS9100 Checklist for Internal Audit needed AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
A What are the pros and cons of using an audit software for internal auditing? General Auditing Discussions 4
F Internal Audit before Pre-Assessment ISO 17025 related Discussions 2
Q Internal audit plan template Internal Auditing 5
E PEMS Hazards - IEC 60601 Clause 14.6 - Internal data use - Pressure sensor IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
L Internal audit during COVID-19 restrictions ISO 13485:2016 - Medical Device Quality Management Systems 5
A QMS Overhaul - Reorganizing and Renaming Documents - Internal References Document Control Systems, Procedures, Forms and Templates 18
N Sampling Plan for Internal Audits - ISO 2859 or 3951 - Or Neither? Internal Auditing 6
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
B Using Unreleased Documents & Process Maps for Internal Audit purposes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
M Help me improve the definition for internal PPM Manufacturing and Related Processes 3
S ISO 13485 Lead Auditor - Debate between our Quality Team and Regulatory Auditor - Internal Auditor Training ISO 13485:2016 - Medical Device Quality Management Systems 17
S Risk based internal auditing Internal Auditing 6
O Informational Scaling back internal audits due to corona virus while avoiding a NC Internal Auditing 7
N Small Company - Internal audit process - Who does the audit? Internal Auditing 16
J Does anyone have an excel IATF 16949 Internal Audit checklist I could use? IATF 16949 - Automotive Quality Systems Standard 7
G Addressing Non-Conformances from an Internal Audit that are not product related ISO 13485:2016 - Medical Device Quality Management Systems 11
S Software for Supplier Charge back and internal PPM General Information Resources 2
G Internal Audits and Employee engagement Internal Auditing 16
I What direction do you provide your internal auditors on OFIs? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 38
S Internal calibrations - Part of an ISO 17025 accredited testing laboratory (Automotive) ISO 17025 related Discussions 3
F AS9100D Internal auditing requirements Internal Auditing 3
B Internal and external auditor competency to CSR's IATF 16949 - Automotive Quality Systems Standard 20
R Does any here use an internal auditing tool that works on different platforms? Internal Auditing 3
D Impartiality of Internal Auditor ISO 9001/13485 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
W Does anyone have an API Q2 checklist for internal auditing? Oil and Gas Industry Standards and Regulations 1
S Internal audit discrepancy - We missed a few audits that were scheduled Internal Auditing 12
Raffy ISO 14001 9.2.2 Internal Audit Programme Content Internal Auditing 9
N Internal Audit Schedule – Who gets to set the schedule? Internal Auditing 16
Ron Rompen Internal Quality Alert Program Document Control Systems, Procedures, Forms and Templates 0
V IATF 16949 9.2.2.1 Internal Audit Program - "Process Changes" IATF 16949 - Automotive Quality Systems Standard 11
F ISO 17025 8.8 Internal Audits in a segmented company ISO 17025 related Discussions 5
U Changes to Internal Processes and Risk Evaluation - Mitigations Risk Management Principles and Generic Guidelines 10
qualprod Internal Audits - Categories of non conformances Internal Auditing 12
G Non Conformance During ISO 9001 Audit - Not All Internal Audits Completed General Auditing Discussions 19
B Using external FDA and ISO 13485 audit as internal audit Internal Auditing 6
T Internal Audit Schedule when Hiring Out Internal Auditing 7
K A way to monitor our Internal Audits as a KPI AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
M IATF 16949 7.2.3 Internal Auditor Competency - Trainer's competency Internal Auditing 7
D ISO 9001:2015 Internal Audit Training Advice Internal Auditing 10
C Recommendations for UK-based ISO 13485 internal auditor training ISO 13485:2016 - Medical Device Quality Management Systems 1
M Internal audit consultant ISO 13485 (English speaker) Consultants and Consulting 3
blackholequasar Internal Auditing Inspiration - Getting volunteers to perform internal audits. Internal Auditing 22
S Implementing a 45001 Health & Safety standard - Internal audit plan wanted Internal Auditing 1

Similar threads

Top Bottom