SOP or Work Instruction for PFMEA?

#1
Hello,

We were recently audited by a new customer and were cited for not having a procedure for PFMEAs. We are a TS16949 company and generate PFMEAs during the Contract Review and include them in our PPAPs per AIAG. There is no separate procedure (SOP/WI) on PFMEA but the PFMEA Form is referenced in some of our existing SOPs. How is the PFMEA Process normally invoked/controlled in an organization? Do we need to create a separate SOP or Work Instruction in order to spell out the details from inception to monitoring or is it enough to just reference our PFMEA Form in the existing SOPs? I really do not want to create another "Procedure" if we are already covered somewhere else.

The SQE auditor also mentioned that because of having no procedure, we do not have clearly identified RPN numbers for each process that would trigger an action (corrective action). As a newbie to PFMEA, I was under the impression that it is not advisable to use threshold numbers but rather evaluate the process risks individually.

I would appreciate any comments.

gjkoenig
 

Stijloor

Super Moderator
Staff member
Super Moderator
#2
Hello,

We were recently audited by a new customer and were cited for not having a procedure for PFMEAs. We are a TS16949 company and generate PFMEAs during the Contract Review and include them in our PPAPs per AIAG. There is no separate procedure (SOP/WI) on PFMEA but the PFMEA Form is referenced in some of our existing SOPs. How is the PFMEA Process normally invoked/controlled in an organization? Do we need to create a separate SOP or Work Instruction in order to spell out the details from inception to monitoring or is it enough to just reference our PFMEA Form in the existing SOPs? I really do not want to create another "Procedure" if we are already covered somewhere else.

The SQE auditor also mentioned that because of having no procedure, we do not have clearly identified RPN numbers for each process that would trigger an action (corrective action). As a newbie to PFMEA, I was under the impression that it is not advisable to use threshold numbers but rather evaluate the process risks individually.

I would appreciate any comments.

gjkoenig
This auditor is totally off-base! There is no requirement for an FMEA procedure. In addition, RPN's should not be used to trigger (or prioritize) the need for action.
 

Golfman25

Trusted Information Resource
Trusted
#3
The auditor is out of his mind. Like you, we handle it in contract review - where we basically indicate what documents we create. I suppose our "procedure" is that blue FMEA book. Cause that is what we refer to when we do them. IMO, the whole RPN thing has become a joke perpetuated by simpletons.

However, since it is a customer audit, I guess you are in trouble. Unless you can talk some sense to the guy, you'll have to come up with a "fix." Good luck.
 
#4
Thanks for the response. I don't know if it matters, but the customer audit was VDA 6.3 Process Audit. The auditor was reviewing a PFMEA included in a PPAP for one of their parts and asked for the PFMEA Plan that controls the RPN numbers. As a newbie, I was tongue-tied as we have no procedure but our PFMEA Form and risk numbers model the AIAG format.

I am becoming a little more comfortable defending our current PFMEA process in that I do not want to create a separate "procedure" but rather take note of where PFMEA is referenced in our other established SOPs.

gjkoenig
 

Ron Rompen

Trusted Information Resource
Trusted
#5
VDA 6.3 is different than TS 16949, so that may explain some (not all) of his comments. In my past experience, I have always referenced the PFMEA in my APQP procedure/process map as one of the outputs. If you state clearly in your procedure that the AIAG manual is used as the guideline for PFMEA development and maintenance, that should cover it.

As far as using RPN's to trigger actions, there are still many out there who look for a threshold number - this goes against the intent of risk analysis; you need to analyze your HIGHEST risk(s) and take appropriate action, whether they exceed an arbitrary number or not. Again, if you clearly note this in your procedure, you should be covered.
 
#6
IMHO, a procedure, aka documented information ;), should be used to define the responsibilities (who completes the PFMEA), Authorities (who authorizes/approves the PFMEA), to define use of symbols (e.g. do you use customer symbols for critical characteristics, or your own, do your symbols "equate" to the customer's symbols via a translation table), to clarify you do not take action on the highest RPN - but rather on the highest ___, frequency of review, and so forth.

As there are other considerations for inclusion in a Procedure, you may want to write a Procedure for APQP and cover all the requirements in one document... You "might" include the sequence of work (Contract Review > PFD > FMEA > MSA > Ctrl Pln > ...), how Change Management flows back into the FMEA, and the flow of subcontractor assessment and PPAP into your own flow.


-wizuurd
:magic:
 

Top