ISO 9001 Clause 4.6.2 - Subcontractor (Supplier) Development


Arturo Rosales

ISO 9001 4.6.2 Evaluation of Subcontractors.

“ Define the type and extent of control exercised by the supplier over subcontractors.”
Would you give me some ideas on implementing this SALL from the standard….

Best regards, Arturo Rosales


Fully vaccinated are you?
This isn't a biggie. Mainly they're looking for things like do you reserve the right to audit a supplier's (to you) facility or do acceptance testing at a supplier's facility. That they be ISO9001 registered and maintain their registration. Just think about it. 'Type and extent of control' is the key part of this.

I think often the word 'Control' in that requirement phrase throws people.

[This message has been edited by Marc Smith (edited 10-23-98).]


Subject: Re: QS-9000 Subcontractor Development /Scott/Hillyer
Date: Mon, 16 Aug 1999 14:19:57 -0600
From: ISO Standards Discussion

From: larryhillyer
Subject: RE: QS-9000 Subcontractor Development /Scott/Hillyer

--> >Subject: Q: QS-9000 Subcontractor
--> Development /Scott
--> > Hi List,
--> Clause of QS-9000 3rd Edition speaks to the need for a
--> supplier to, eventually, develop its subcontractors' quality systems
--> to QS-9000 compliance. I have two related questions:
--> 1) To paraphrase, "subcontractors" are defined in the glossary as
--> providers of production materials, or production or service parts
--> directly to the Big Three or other customers subscribing to QS-9000
--> 3rd Edition. What does it mean to subscribe to QS-9000?
--> 2) Isn't it unrealistic to expect a "Mom 'n Pop" subcontractor to
--> become compliant to QS-9000?

I've been in this automotive thing long before the ISO/QS9000 thing all came about (it was needed!).

"Subcribing". Well, the interpretation can be very literal, if you supply as a tier 1, 2 or 3, you better have systems compliant to the guidelines! Of course, if the customer requires that you have the systems and registration, you have no choice. Subscribe then means "do it or else"! As an automotive supplier, down the food chain, requires the systems to comply, following the AIAG manuals provided. I really do not know how else to explain this. If your company has a choice in the matter, they had better benchmark with others to see if it falls into their business plan and strategy for the future. Many companys are doing it for good business sense, like mine. They currently provide product that must meet ISO9001, but with potential automotive(T-3) business coming (2-3 yrs.), it makes good sense to reach for the QS9000 early-on, and not be forced.

As far as the mom-pop shops go, they have no choice. I have had to deal with this very situation from coast to coast, most recently in CA, now in LA, and it is a stark reality, if business is to be had, you had better do it or seek other types of business. Most of the smaller businesses can support the QS9000 guidelines alot easier than the big ones. The cost of the registration and related start-up costs now-a-days can be off-set by state supported grants, etc.. You need to seek out your individual state offered fundings. Some larger corporations that had the same registrar world wide, can many times work with their registrar to offer their supply base reduced rates.




Fully vaccinated are you?
Related threads include:
purchasing-vendor evaluation
Subcontractor Evaluation


From: ISO Standards Discussion
Date: Mon, 28 Feb 2000 12:50:28 -0600
Subject: Re: Q: Supplier Evaluation /Giede/Humphries

From: Edwin Humphries


> My questions are: Does an ongoing evaluation of suppliers satisfy
> "periodic evaluation?" If a supplier is in the database, and purchases
> can be made from the suppliers listed (purchases from "unapproved"
> suppliers can not be done, even though their name would still appear),
> would that satisfy "follow-up actions?"

This clause of the standard is one of the most frequently misunderstood and bureaucratized.

The reality is that any company that is successful has to be making some sort of on-going (= periodic) assessment of its suppliers. The all to frequent interpretation is that one must have a formal evaluation process - sometimes even an audit process - with questionnaires, schedules for reassessment, classification systems and so on. I'll invite you to read the standard and find any of these things: you won't.

The first rule of ISO implementation is to document what you do; then you look at it and find out whether, in principle, it meets the standard's requirements. If so, leave it, or at most, rephrase it so that an auditor will recognise it as conforming. If it doesn't identify the areas where there is a shortcoming, and address only those, in such a way as to support basic business objectives. Under no circumstances accept some arbitrary method of supplier assessment if it doesn't make business sense to you.


1. You must have some way of ensuring that information about consistently under-performing suppliers reaches those who make supplier choices. The capture of such information is as good a form of review as any.

2. There must be some way that routine purchases from such suppliers can be prevented. This must mean some form of record, whether it is a flag in your purchasing or inventory control database or a quite separate register. This provides a record that the assessment has been done, and if it also has a date, provides some evidence of its regularity.

3. When faced with the situation, you must also have a system that evaluates the ability of a new supplier to meet the company's needs (this includes, but is not restricted to, quality; therefore, price, delivery, technical support, etc, may also be relevant - they are also company needs).

If you have all the above, document these systems, and do nothing more: a reasonable auditor should find no problem.

Best Regards

Andy Bassett

This might be a good place to gather some opinions on the following;

A client (Small electronic manufacturer 10 people) is horrified by Element 6. He has never before carried out any assessment of suppliers because he his working in a environment where the projects change frequently and involve short production runs. If he needs any components he simply picks up the phone and buys the cheapest diodes/chips whatever. The majority of his suppliers are distributors who have very little influence over the manufacturers quality.

It also seems that electronic components are traded as something of a commodity, with people buying and selling according to the price in the market place. Which means that suppliers change quite rapidly

My reaction has been to state in the handbook that company *****carries out evaluation of vendors that manufacture the parts supplied to *****, or according to a design from company*****. IE i have excluded dealers and distributors.(Even to classify them as a 'C' supplier on the Acceptable Supplier List would mean the nightmare scenario of constantly updating a list that is not used or wanted by anybody).

The result is that i am now down to 18 suppliers that exist on the Supplier List and are evaluated?

What do you think will i get away with it?


Andy B

David Mullins

In response to Andy's query:
If you have classification levels for suppliers, does that dictate the level of receiving inspection to be appied to the purchased product? I don't see that 'C' suppliers need to be continually updated. If the supplier list covers all potential suppliers (all those used in last 2 years , and may be used in the future - for example) and these are assigned a classification, and inspection levels are applied for particular classifications, then all should be fine!

In short, yes you'll get away with it, depending on the receiving inspection aspect?
Counter thoughts?


Andy Bassett

Hello Dave

In short no - The supplier list is not connected to any sort of inspection status. Inpsection is done according to a wide variety of factors including how important that particular part is too the product, or if the product has never been used before etc.

It is not linked to the status of the supplier on the supplier list.


Andy B

Alan Cotterell

You might be interested in the Purchasing policy I wote into a recent Management Manual (please note - it is not a procedure):
3.4.1 POLICY
Partnerships with suppliers and contractors shall enhance organisational performance in meeting customer requirements.
It is the policy of Automation Engineering to:
 Maintain long-term, mutually beneficial relationships with key suppliers.
 Ensure that suppliers meet their contractual obligations to Automation Engineering and our customers.
A list of approved suppliers/contractors shall be maintained by the Company Secretary. To qualify for approval, suppliers shall demonstrate that they:
a) have a proven history of quality supplies; and
b) have been certified, or are in the process of becoming certified to AS/NZS ISO 9001 or AS/NZS ISO 9002; or,
c) adopt policies consistent with AS/NZS ISO9000
Each supplier/contractor shall have a demonstrated capability to furnish product that meets all the requirements of the specifications, drawings and purchase documents, and the Automation Engineering Management Manual.
The methods of establishing this capability can include, but are not limited to, any combination of the following:
a) on-site evaluation of contractor’s competence;
b) evaluation of product samples;
c) past history with similar products;
d) test results of similar products;
e) published experience of others.
Suppliers/contractors who exhibit continuous poor performance in the areas of quality, delivery, or safety shall be removed from the list of approved suppliers. Notification of removal shall be given in writing, after appropriate corrective action requests have been raised.
Purchasing documents shall contain a clear description of the product or service ordered including a ‘purchase specification’. If it is not possible to nominate an Australian Standard, industry standards may be used, If it is not possible to nominate any standard, a summary of requirements shall be made and attached to the purchase documents.
Where appropriate or when specified in tender contracts, Automation Engineering shall verify at either the contractor’s works or on receipt at our premises, that the goods or services meet the specified requirements and are fit for the intended purpose.
Where required by the contract, Automation Engineering customers are afforded the right to verify at either source or upon receipt that the product conforms to specified requirements. However such verification on the part of the customer does not absolve Automation Engineering from the responsibility for providing acceptable products.
Automation Engineering reserves the right to reject unsatisfactory or noncompliance of products when received or at any subsequent time up to the expiry of the contractually agreed warranty period.


4.6.2 Subcontractor Development

Our company is QS-9000 certified and does not use subcontractors. We do have suppliers for purchasing packaging materials. Does this element apply to us? If our packaging suppliers are ISO certified, why would we have to send them a self assessment audit? Shouldn't the fact that they are ISO, and have a resgistrar audit them on a regular basis, be enough? And what about our suppliers that are not ISO? They are small companys, that have no intention of becoming ISO, and don't understand the self assessment audit enough to answer the questions and send it back. If you could clear up any confusion on this I would appreciate it.


4.6.2 Subcontractor Development

Our company does not have subcontractors but does have suppliers. These are not production critical supplies, the closest to it would be packaging. Do we still have to send out self assessment audits? To all the suppliers, or just the ISO certified? I'm pretty new to this and I could really use some help. Thanks
Top Bottom