IATF 16949 News Risked Based Audit Day Calculation

[Sidney Vianna]

From the IATF website. A clear example of an Industry-augmented oversight (pseudo) accreditation scheme that forces CB's and certified organizations to increase audit resources if and when the performance of the certified system is being questioned. In the "vanilla" ISO 9001 accreditation schemes, the AB's don't enforce the concept.

23 February 2021
Risked Based Audit Day Calculation
The IATF has developed a more defined concept of when and how the minimum audit days must be increased based on customer risk.
This concept clarifies how to add audit time to certified organizations who are Tier 1 suppliers to an IATF OEM. These Tier 1 suppliers will have some time (hours) added to their audit if they are not meeting the IATF OEM specified quality and delivery performance targets. The IATF-recognized certification body will use the additional audit time to focus on the corrective action process and prevention of recurrence, including for related processes and products.
The IATF has approved additional Rules 5th Edition Sanctioned Interpretations (SIs 26 – 28) which define the method to implement this concept. Please refer to the attached two Communique’s for more details.

• IATF Stakeholder Communique SC-2021-001
• CB Communique 2021-002 Rules 5th Edition SIs

The SIs for Rules 5th Edition

• Rules 5th Edition Sanctioned Interpretations (SIs) #26-28 – issued in February 2021, effective 30 June 2021

 

[jelly1921]

Question 1: Shall the increased audit time be used continuously (un-interrupted, e.g.: 8:00-12:00) or intermittently (e.g. 8:00-9:00; 10:00-11:00; 13:00-15:00)?

Question 2: In the IATF Stakeholder Communiqué February 2021, it says: If the CB auditor discovers that the IATF OEM quality and delivery performance targets were not being met during the minimum 1-hour verification of data and changes review before the audit, additional audit time would also be required. If the client has just received the news that the quality/delivery performance target is not met, the corrective action has not been conducted, even root causes have not analyzed, what can I review during the increased audit hours? To conduct root causes analysis with the client or risk analysis with client? I guess this is consultation! Remember: 4 hours will be added at least!

Question 3: About exception: as I understand, if the client had provided evidence of effective implementation of the corrective actions, that means the corrective actions had been conducted by the client and verified by the client, and the conclusion is OK. In the IATF Stakeholder Communiqué February 2021, it requires CB to collect IATF OEM scorecards 3 months ahead of planned audits, If the corrective actions associated with the IATF OEM quality and/or delivery targets not being met had been conducted, by the time the client submitted the IATF OEM scorecard to CB, but the effectiveness of corrective actions is verified before the audit conducted and the conclusion is OK, then the audit time should be increased?

 

[Sebastian]

I don't think it was IATF idea, but OEM, who are not satisfied from own suppliers performance and are not willing to use own staff.

I will try to give unsanctioned interpretations.
1. Additional time will be added to auditing process, where customer satisfaction is addressed, as part of standard review of customer claims from past 12 months.
2. Performance reports shall be submitted 3 month ahead of audit, so meanwhile during 3 months worse things might happen and it should be discovered by auditor during review before audit opening meeting. So focus is on these 3 months, not on "yesterday you've received a claim and still nothing?".
3. Yes, purpose is to give more time for evaluating by auditor (3rd party person perspective) to evaluate organizational (1st person perspective) process of managing customer (2nd person perspective) claims, even closed by customer representative. Challenging root cause analysis results, proposed corrective actions, evaluation of effectiveness, etc.

Generally, it can help, but why OEM SQA teams are not doing their job and why get NC for problem solving after time, when rejection in time would be better solution.

Last but not least, there is a bigger concern for me, or maybe I am blind.
Communique says "...Tier 1 suppliers to an IATF OEM ...", but rules do not give definition of IATF OEM. There are sometimes "IATF OEM member" mentioned and there is no doubt who is it. There are also "IATF OEM" mentioned and it can apply to all Tier-1, who manufacture parts which are integral part of vehicle. Some people can see Tier-2 as Tier-1 for Tier-1, so communique apply also to them. I would like to see clear answer that IATF OEM are only vehicle manufacturers.