SBS - The best value in QMS software

IATF 16949 News Risked Based Audit Day Calculation

Sidney Vianna

Post Responsibly
Staff member
Admin
#1
From the IATF website. A clear example of an Industry-augmented oversight (pseudo) accreditation scheme that forces CB's and certified organizations to increase audit resources if and when the performance of the certified system is being questioned. In the "vanilla" ISO 9001 accreditation schemes, the AB's don't enforce the concept.

23 February 2021
Risked Based Audit Day Calculation
The IATF has developed a more defined concept of when and how the minimum audit days must be increased based on customer risk.
This concept clarifies how to add audit time to certified organizations who are Tier 1 suppliers to an IATF OEM. These Tier 1 suppliers will have some time (hours) added to their audit if they are not meeting the IATF OEM specified quality and delivery performance targets. The IATF-recognized certification body will use the additional audit time to focus on the corrective action process and prevention of recurrence, including for related processes and products.
The IATF has approved additional Rules 5th Edition Sanctioned Interpretations (SIs 26 – 28) which define the method to implement this concept. Please refer to the attached two Communique’s for more details.
The SIs for Rules 5th Edition
 
Elsmar Forum Sponsor

jelly1921

Quite Involved in Discussions
#2
Question 1: Shall the increased audit time be used continuously (un-interrupted, e.g.: 8:00-12:00) or intermittently (e.g. 8:00-9:00; 10:00-11:00; 13:00-15:00)?

Question 2: In the IATF Stakeholder Communiqué February 2021, it says: If the CB auditor discovers that the IATF OEM quality and delivery performance targets were not being met during the minimum 1-hour verification of data and changes review before the audit, additional audit time would also be required. If the client has just received the news that the quality/delivery performance target is not met, the corrective action has not been conducted, even root causes have not analyzed, what can I review during the increased audit hours? To conduct root causes analysis with the client or risk analysis with client? I guess this is consultation! Remember: 4 hours will be added at least!

Question 3: About exception: as I understand, if the client had provided evidence of effective implementation of the corrective actions, that means the corrective actions had been conducted by the client and verified by the client, and the conclusion is OK. In the IATF Stakeholder Communiqué February 2021, it requires CB to collect IATF OEM scorecards 3 months ahead of planned audits, If the corrective actions associated with the IATF OEM quality and/or delivery targets not being met had been conducted, by the time the client submitted the IATF OEM scorecard to CB, but the effectiveness of corrective actions is verified before the audit conducted and the conclusion is OK, then the audit time should be increased?
 

Sebastian

Trusted Information Resource
#3
I don't think it was IATF idea, but OEM, who are not satisfied from own suppliers performance and are not willing to use own staff.

I will try to give unsanctioned interpretations.
1. Additional time will be added to auditing process, where customer satisfaction is addressed, as part of standard review of customer claims from past 12 months.
2. Performance reports shall be submitted 3 month ahead of audit, so meanwhile during 3 months worse things might happen and it should be discovered by auditor during review before audit opening meeting. So focus is on these 3 months, not on "yesterday you've received a claim and still nothing?".
3. Yes, purpose is to give more time for evaluating by auditor (3rd party person perspective) to evaluate organizational (1st person perspective) process of managing customer (2nd person perspective) claims, even closed by customer representative. Challenging root cause analysis results, proposed corrective actions, evaluation of effectiveness, etc.

Generally, it can help, but why OEM SQA teams are not doing their job and why get NC for problem solving after time, when rejection in time would be better solution.

Last but not least, there is a bigger concern for me, or maybe I am blind.
Communique says "...Tier 1 suppliers to an IATF OEM ...", but rules do not give definition of IATF OEM. There are sometimes "IATF OEM member" mentioned and there is no doubt who is it. There are also "IATF OEM" mentioned and it can apply to all Tier-1, who manufacture parts which are integral part of vehicle. Some people can see Tier-2 as Tier-1 for Tier-1, so communique apply also to them. I would like to see clear answer that IATF OEM are only vehicle manufacturers.
 
Last edited:
Thread starter Similar threads Forum Replies Date
S DHF/DMR/MDF for a software-only, cloud-based, single-instance device Medical Information Technology, Medical Software and Health Informatics 2
S Annual Inspection Layout - Based on Customer print ? IATF 16949 - Automotive Quality Systems Standard 8
F IVD registration in EU - Northern Ireland based company EU Medical Device Regulations 0
M Medical device substance based-leachables Other Medical Device Related Standards 2
A API Spec Q1 Purchasing Process - Supplier Reevaluation based on Supplier Risks 5.6.1.4 Oil and Gas Industry Standards and Regulations 15
P Testing cloud-based backups IT (Information Technology) Service Management 7
silentmonkey Rationalising the level of effort and depth of software validation based on risk ISO 13485:2016 - Medical Device Quality Management Systems 10
P Conformity assessment based on a quality management system or production quality assurance EU Medical Device Regulations 3
DuncanGibbons Model-Based procedures and Architecting the QMS as a System Document Control Systems, Procedures, Forms and Templates 2
M IT validation for a paper based MD repair company QMS ISO 13485:2016 - Medical Device Quality Management Systems 6
B Do you use paper or web-based templates for CAPA processes? ISO 13485:2016 - Medical Device Quality Management Systems 3
B How to classify a medical device based on MDR? EU Medical Device Regulations 3
I How to classify a medical device based on FDA? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 3
D Tolerance definition based on expected Cp/cpk Reliability Analysis - Predictions, Testing and Standards 14
S Risk based internal auditing Internal Auditing 6
G Any good examples of CAPA forms that include a risk based approach? ISO 13485:2016 - Medical Device Quality Management Systems 8
R Expected life span of Medical devices - X-Ray based diagnostic medical devices ISO 13485:2016 - Medical Device Quality Management Systems 6
M HR (Human Resources) based software recommendations Human Factors and Ergonomics in Engineering 2
was named killer CLOUD BASED QUALITY DOCUMENTATION vs. SERVER BASED Document Control Systems, Procedures, Forms and Templates 5
S How to start with ISO process in project based team - Documentation Document Control Systems, Procedures, Forms and Templates 4
A Using Arduino based sensors for Poke-Yoke Manufacturing and Related Processes 6
D Reduction of software class based on multiple external risk controls IEC 62304 - Medical Device Software Life Cycle Processes 5
M Informational Critical Thinking and the Process of Evidence-Based Practice Medical Device and FDA Regulations and Standards News 0
B We need a QMS: file-based templates or software Other Medical Device Related Standards 23
H QMS Software Recommendation (US based, Hemp) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
D Validation of existing equipment - Risk based approach example ISO 13485:2016 - Medical Device Quality Management Systems 3
S Validation of eQMS - Cloud based out of the box solution Other Medical Device Related Standards 18
D Requirement of Pharmacovigilance (Drug Safety) Risk Based Strategic and Tactical Audit Plan General Auditing Discussions 0
M Informational Several US FDA draft guidances, including some specific device guidances for the Safety and Performance Based Pathway Medical Device and FDA Regulations and Standards News 0
M Informational USFDA final guidance – Safety and Performance Based Pathway Medical Device and FDA Regulations and Standards News 0
Ed Panek Are audit non conformances also risk based? ISO 13485:2016 - Medical Device Quality Management Systems 1
C Recommendations for UK-based ISO 13485 internal auditor training ISO 13485:2016 - Medical Device Quality Management Systems 1
qualprod Criteria to raise a Nonconformance based on KPI values ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 39
S Moving from client-server to cloud-based, is that a new submission? Medical Information Technology, Medical Software and Health Informatics 3
N Time source for paper-based documentation (research nurses) US Food and Drug Administration (FDA) 1
C Usability IEC 62366-1:2015 and MDR 2017/745 - Risk based approach IEC 62366 - Medical Device Usability Engineering 1
shimonv Creating a new commercial product based on a modification to an existing product Other US Medical Device Regulations 4
T GRR based on part tolerance or process variation. Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 7
M Informational USFDA – Review framework for artificial intelligence-based medical devices Medical Device and FDA Regulations and Standards News 1
Z Security for Approvals - Cloud based Complaint, NC, and CAPA systems Qualification and Validation (including 21 CFR Part 11) 8
M Informational USFDA draft guidance – A Risk-Based Approach to Monitoring of Clinical Investigations Questions and Answers Guidance for Industry Medical Device and FDA Regulations and Standards News 0
P Looking for Risk Assessment Template - Not necessarily Asset based IEC 27001 - Information Security Management Systems (ISMS) 1
S Can anybody share a sample risk assessment prepared based on ISO 17025:2017? ISO 17025 related Discussions 15
M APQC PCF (Process Classification Framework) and ISO 9001 - Processes Based Approach ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
E Basic Risk based thinking questions Risk Management Principles and Generic Guidelines 5
M Informational USFDA Final Guidance – Safety and Performance Based Pathway Medical Device and FDA Regulations and Standards News 2
D FDA QSR task checklist based on inspection citations 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 5
M FDA News USFDA – Safety and Performance Based Pathway Guidance Medical Device and FDA Regulations and Standards News 0
T FDA proposed labeling standalone software cloud based US Food and Drug Administration (FDA) 4
QIE Anyone have experience with BPA Quality (QMS system based on Office365/Sharepoint) Quality Assurance and Compliance Software Tools and Solutions 1

Similar threads

Top Bottom