Other Remote Locations - Do they need to be under our ISO/AS9100 System?

[ACEQuality]

Hello everyone,

We recently acquired a small (3 people) distributor in another state. We also have a guy in another state that performs as an internal sales person. They both use our inventory system, process both sales/purchase orders. All of our Inventory is handled/stored/ through here.

So the questions are: In order to keep our ISO/AS certification are those 2 places going to need to be audited as well? Do I need some sort of a centralized control over those people, meaning does every document/record need to pass through here? Or, as long as I keep records of their training on file, can I leave this alone?

Thanks for any help with this matter,

Steve

 

[John Broomfield]

Re: Other Locations

Hello everyone,

We recently acquired a small (3 people) distributor in another state. We also have a guy in another state that performs as an internal sales person. They both use our inventory system, process both sales/purchase orders. All of our Inventory is handled/stored/ through here.

So the questions are: In order to keep our ISO/AS certification are those 2 places going to need to be audited as well? Do I need some sort of a centralized control over those people, meaning does every document/record need to pass through here? Or, as long as I keep records of their training on file, can I leave this alone?

Thanks for any help with this matter,

Steve

Steve,

Extend the scope of your management and quality policy to include them.

Invite them to contribute their objectives, procedures and other system documents to your management system.

You may find they have effective processes and procedures. Centralizing control without good reason could build resentment, so make the case for them using your procedures very carefully.

You could invite one of them to join your internal audit team so together you can see how well the management system as a whole fulfills its objectives.

John

 

[ACEQuality]

Thank you John,

The company that we acquired was not ISO/AS certified or compliant. Nor did they have a quality system/manual. When I applied our processes and procedures they were very welcoming. They felt the guidance/direction/purpose was needed. Again, my main emphasis here is to make sure that we can hold our certification. When our certification body comes for the next audit, I want to be prepared to handle this.

I guess I should explain more as to what I meant by centralized control. Do I need to have their quotes/sales orders/purchase orders come through here for approval(signature) before they are sent to the final destination?

 

[John Broomfield]

Thank you John,

The company that we acquired was not ISO/AS certified or compliant. Nor did they have a quality system/manual. When I applied our processes and procedures they were very welcoming. They felt the guidance/direction/purpose was needed. Again, my main emphasis here is to make sure that we can hold our certification. When our certification body comes for the next audit, I want to be prepared to handle this.

I guess I should explain more as to what I meant by centralized control. Do I need to have their quotes/sales orders/purchase orders come through here for approval(signature) before they are sent to the final destination?

Steve,

Your top management may need to delegate authority to them so your new organization can work more effectively decentralized than centralized. But they need your recommendation first.

This rather depends on the compentence available and required to make the decisions remotely. And do they have access to the information required for trusted decisions?

You could facilitate a risk assessment session with the stakeholders as necessary to make this recommendation to your top management. Focus on the shared processes and the decisions inherent to those processes.

You may need a plan to develop any shortfalls in competence or resources so decisions are made where best for customers.

John

 

[Big Jim]

Hello everyone,

We recently acquired a small (3 people) distributor in another state. We also have a guy in another state that performs as an internal sales person. They both use our inventory system, process both sales/purchase orders. All of our Inventory is handled/stored/ through here.

So the questions are: In order to keep our ISO/AS certification are those 2 places going to need to be audited as well? Do I need some sort of a centralized control over those people, meaning does every document/record need to pass through here? Or, as long as I keep records of their training on file, can I leave this alone?

Thanks for any help with this matter,

Steve

The short answer here is that you do not need to include them in your quality management system unless you want to. If they are not in your scope now you don't need to add them and you can leave things alone.

When I write a quality manual for companies in your situation that don't want to include the satellite operations, just to keep everything clear and above board, I often add a statement shortly after the scope statement to the effect of "ABC company also has operations in city XYZ that is outside of the scope of this registration".

There could be good business reasons to either include them or not include them, and that is up to top management to determine what they want to do.

 

[ACEQuality]

Jim,

Thank You. They are fully operating and trained under our name and quality system. They completely use our system, processes and procedures. Our customers call on them in full belief they are part of us. If I were to leave them out of our scope then would they be able to continue to do so? Would we be operating acceptable in the realm of ISO/AS?

We are a small company (25 people) and so often we evaluate cost vs. opportunity closely and often. Honestly we are trying to avoid the cost of onsite audits at our new facility and our 1 guy operation's home if at all possible. And so we are trying to determine if we have to have centralized control or have those places audited to keep our ISO/AS9120 intact. If we were to write them out our scope, could they continue to operate using our systems?

Thanks,
Steve

 

[Big Jim]

Jim,

Thank You. They are fully operating and trained under our name and quality system. They completely use our system, processes and procedures. Our customers call on them in full belief they are part of us. If I were to leave them out of our scope then would they be able to continue to do so? Would we be operating acceptable in the realm of ISO/AS?

We are a small company (25 people) and so often we evaluate cost vs. opportunity closely and often. Honestly we are trying to avoid the cost of onsite audits at our new facility and our 1 guy operation's home if at all possible. And so we are trying to determine if we have to have centralized control or have those places audited to keep our ISO/AS9120 intact. If we were to write them out our scope, could they continue to operate using our systems?

Thanks,
Steve

If you choose not include the other locations you would need to make sure that you do not hold up to the world that they are certified. You can simply not advertise that you are certified and provide that information when it is asked for. Your cert will only show the address of the certified location. Your employees would need to make sure that they don't allude that the whole company is certified.

If you choose to include all locations then you need to have all locations audited and you are free to advertise that all are part of the scope of certification.

I can't tell you which would be best for your company. That is a top management decision.

 

[ACEQuality]

Jim,

I guess I am confused a bit. If we are to exclude them, does that mean they cannot do the every day tasks for the company? Under the requirements of some of our aerospace/defense customers we must be AS9120 certified. Would they need to divert all calls into our main locations for those customers than?
Again, my thoughts before I wrote the 1st post was that if I had all data come through and be signed off at our main location we could get by without having those places audited. This isn't to hide anything, it is only to avoid the costs it at all possible.
Bottom line, if the address of the 2 outside sales locations(no inventory is handled) are not included into the cert, what limitations must they follow?

Can they only handle customers that don't have the ISO/AS certified requirement?

Thanks,
Steve

 

[Big Jim]

I see your concern.

The best way to avoid those concerns would be to certify all locations.

Otherwise, as long as it is clear that the other locations are not certified, it is up to your customer as to if that mattered or not. They can (and often do) decide to buy from non-certified suppliers.

This part of the conversation should probably take place with your major customers AND your Certification Body.

 

[quality1]

Hope this helps, we had similar issue when preparing for AS9100 certification, our purchasing, IT, HR functions are in another state. I suggest you look at Section 4.1 General requirements for outsourced processes. yes I understand it's the same company, however we listed as "outsourced" and had no problems with getting the AS 9100 certification. In our QA manual we wrote" ....have determined the following as outsourced processes that affect product conformity to requirements, and we shall ensure control over such processes: Purchasing, Human Resources, IT." we monitor their performance semi-annually.