Non-ISO 9001 Suppliers - Customer approval letters to use

[SteelWoman]

I have a supplier who for reasons that have to do with STAYING IN BUSINESS is our major supplier, however they are not certified to any standard, though they've been working on it for several years now. I need to make sure I'm dotting all my "i's" and crossing all my t's in relation to this supplier. Any input will be appreciated.

* Regarding the simple lack of certification, I have customer approval letters on all our automotive customers granting their approval to use this supplier until they are certified. This tactic was approved in our initial TS upgrade audit. Is this going to play forever? I have several years worth of emails promising certification within the next few months.
* Regarding the note in 7.4.1 (since this supplier recently purchased and began running a new process that directly impacts our product) I requested several ppaps but the supplier refused on the basis of lack of anyone who knows how to do one and the belief that they shouldn't HAVE to do one. I am documenting that in my file - I don't really have any other options in regard to that, right?
* Regarding supplier development, I have adequate records to demonstrate several years worth of tracking their development toward ISO certification including offering assistance (which was never accepted).

What am I missing? I have often contemplated performing an audit of their facility and quality system to date, but the supplier is not open to that at all and short of trying to storm their facility I don't seem to have any real option there, either. Before anyone suggests it, NO there is no chance we're going to quit using this supplier - not an option at all if we intend to stay in business. I'm not comfortable having such a major supplier who is not certified, but it's waaaaaayyyy out of my hands.

Am I missing anything I should be doing/chasing/getting in regards to this supplier? We have a surveillance audit in December and this should get a really close look at that time. If I was auditing us I'd be looking for something in my files that we got to show we are confident in the quality of the material being provided to us, but short of testing we routinely do anyway on the material we receive from them, should I be doing something else?

Thanks !

 

[qualitygoddess - 2010]

Wow! What a tough situation to be in. First thought -- do you allow for all this "lack of certification" in your supplier cert procedures? Some kind of special status of approval without doing the things your other suppliers are doing?

Second thought -- do you want to do the PPAP on the new process? I know that this is not how it should be done, but if you need the PPAP to meet other requirements, maybe this is a solution? I ran into this a long time ago when one company I was with got an automotive customer, and we had no background in doing the APQP stuff. The customer sent an engineer and we did it together. They even helped me write the instruction for doing the PPAP the next time. Plus doing the PPAP gives you a good record to add to the collection on this supplier. IMO, it would give you something to show at the December audit to see that progress is being made. Will they let you in the door to do it?

I think you have your bases covered, based on what you wrote. What I don't get is why this supplier has not done the certification stuff. It's not that hard, or that expensive....... good luck!

 

[SteelWoman]

We weren't asking for the PPAP to meet the requirements of any of OUR customers - we are Tier 2 and only perform about a dozen ppaps a year, typically to non-automotive customers (go figure). We requested it on the basis of 7.3.6.3 AND 7.4.1, NOTE 2 because the PPAP would satisfy our needs in regard to both those clauses.

Yes, our procedure for supplier, in keeping with the TS standard, allows for a non-certified supplier IF we have customer approval to use them.

 

[AllanJ]

If I may say this. Regardless of whether or not registration is worth anything, you apparently have a contractual requirement from your customer that your supplier must be registered. I experienced this situation many years ago. It comes down to "whose job is it to manage a supplier?"

The answer is: purchasing. That is the department responsible for the Ts & Cs and all attchments which form the overall contract conditions. It is not your responsibility.

If a supplier will not do what is requiired in your Ts & Cs (and I am assuming you have included registration as one of those features, if not that raises another question for which you MAY be accountable), it is for your responsible buyer/ purchasing manager/ contract manager/ VP procurement (or whatever title) to enforce those terms. That may include a monetary penalty, loss of furture business - whatever.

If your purchasing department will not enforce those requirements, take the matter to your CEO, or whoever else is that department's boss. Raise a CAR; get it into the management review and minuted; cross your fingers and hop your registrar may actually raise the matter if it is not then addressed (I do like a little joke occasionally!)

When you are told they are essential, ask this "For how long? What other competing sources of supply are there on a global basis? What other sources have you investigated?" etc of the purchasing deprtment. It is that deprtment that may have got you into an awkward sole source situation that place your firm in its own potential breach of contract situation with your own customer. If purchasing wants to pass the buck to "design" on the basis that they specified the source for technical reasons, go there and ask what alternative designs, technical features etc have they considered so as to get away from the sole source. There may be an opportunity to do some VA/VE and get a new solution which allows you to source elsewhere.

There is much more I could suggest. But, so long as you allow those other departments to pass the buck to you, you will not get out of this hole. Don't try: pass the matter faor and square to those who are paid to do the job: quality is not the place for solving this one as others probably got you into it.

 

[SteelWoman]

Nope, we do not have a contractual agreement with any of our customers that OUR suppliers will be certified, but in keeping with the TS standard that's what we require (though as I mentioned above we do have an "exception" clause in our procedure for uncertified suppliers whose use is approved by the customer). As for going to the CEO or whatever, while I completely understand what you're saying it just ain't gonna' happen. It is literally a case of use this supplier or go out of business... period. No other options. This is one of those situations where I'm not happy with it in regards to the Quality System, but I've gotta figure out some way to make it work.

Regarding Quality Goddess's question about why they don't just go ahead and get certified... good question for which I have no answer. I've been tracking them carefully for several years, and they've been through several quality folks in that time. Keeping my fingers crossed that they will succeed THIS time, but who knows. Like I said, in the meantime I just need to make sure I'm covering US.

 

[AllanJ]

If your company has chosen to adopt TS standard, it should have thoroughly considered the ramifications. One is, the matter of supplier certification. But, whether that is to TS or ISO 9K (as I recall TS gives an option there), presumably your CEO has signed the quality policy etc. If the signature is to mean anything, you should get backing. In any case, you still have management review and you still have the requirement for purchasing to take care of that "key process" - purchasing and meeting the chosen standard. And, there is still the "almighty and dreaded" power of the registrar (I still enjoy a good joke, as you see) if management does not try to back up its decision to adopt TS.

And, I still maintain purchasing is responsible - unless, of course, you are also the responsible buyer for that particular supplier. If so, look in the mirror and ask why you won't look for an alternative source. Remember one of the beauties of globalization is the possibility of securing a better source at a cheaper price.

In the 1970s when I was with a well known American company, we developed alternative suppliers as a matter of course: suppliers who had NO experience of the nuclear power business, in which we operated. And they became excellent sources for our crucial supplies.

I cannot believe there is no alternative source. I cannot believe you are trading with a monopoly firm. If you are, the Sherman anti-trust laws ought to take effect!

If, though, you HAVE to go there, as a matter of edict, maybe some people in your firm have (what is euphemistically called) a "special relationship" or "special interest" in your firm continuing to trade with that firm.

Whatever: you may feel obliged to update your cv if your company won't do what is sensible, good business practice, back the quality prog (a la TS), won't back you requiring purchasing to control its assigned process etc.

 

[howste]

As long as you have the customer waivers, you should have no problem. Even without the waiver, as long as you have a development plan and progress toward it is being made, you can still maintain your registration for up to the three-year certificate life. See FAQ #2 at the IAOB website: (broken link removed)

Supplier development was written purposely that way, with the provision that "unless otherwise agreed with the customer" - meaning - if not possible to do, get customer approval of a different approach. "Customer" in this context is defined in the guidance supplement as the "affected" customers. Also, guidance includes wording "a process to achieve the above" - meaning you could accept a plan to achieve the requirement - and as far as maximum timing of that plan - our view is that it should be achievable during the three year life of the certificate. Surveillance visits shall monitor achievement of the plan."

 

[SteelMaiden]

SteelWoman,

I've been through this myself. purchasing our major raw material from a sister division that was not certified. (back in another life) After awhile, they had pretty much implemented a compliant system just through our pushing on them (we were QS at the time) and they decided at that point they might as well get certified. It was a long drawn out process, but they were a better mill because of it. Hope the same thing happens for you.

 

[qualitytrec]

How about this as a loop hole? Customer applies to both internal and external customers so why not have your internal customer sign a waiver exempting that company from a registered QMS due to the fact that they (internal customer) verify the product themselves before use, or something like that. Not fully sure if it would be within the intent of the standard or not but it would be fun to try. I think that would be a fun discussion with the auditor as well. Auditor ---> <---me.
Mark

This is a joke btw.

 

[Hershal]

Back in the day........

When I was in the military, we had a protocol for situations like you are in......the TLA is CYA. TLA is three letter acronym, and CYA is cover your rear (being PC here).

Put another way, you don't control the events, but you are likely to catch the fire from it, so over document and cover yourself every way you can. By doing that you will also cover your company.

I realize this sounds a bit terse, but I have been singed in similar situations.....and learned. Your external auditors don't need to know all the why's and wherefore's, but do want to see that you have made and documented every effort and method of verifying and protecting yourself, your company, and your customers.

Hope this helps a bit.

Hershal