Supplier Audit (Desktop) Issues

[htquality]

I am currently performing an audit of one of our suppliers. The supplier is one of our logistics provider (warehousing/distribution) and the audit is conducted remotely. They have provided me with a lot of information to answer my queries, and they summarized processes for me, but they are unwilling to provide me with copies of any of their procedures or their quality manual. They keep saying that they can't provide me with any document related to QMS due to privacy disclosure (we do have a CDA with them) and legal issues; and that their QMS was assessed and validated by an independant reviewer as part of their ISO 9001 certification. I usually get copies of pretty much every relevant QMS document (sometimes with blacked out information), and have never faced a situation like this. Any recommendation/feedback would be greatly appreciated!

 

[keres]

The good practice is to be audited only this part of supplier activity that is related to your activity. And do not get copies from supplier's QMS documentation.

 

[Sorin]

I am currently performing an audit of one of our suppliers. The supplier is one of our logistics provider (warehousing/distribution) and the audit is conducted remotely. They have provided me with a lot of information to answer my queries, and they summarized processes for me, but they are unwilling to provide me with copies of any of their procedures or their quality manual. They keep saying that they can't provide me with any document related to QMS due to privacy disclosure (we do have a CDA with them) and legal issues; and that their QMS was assessed and validated by an independant reviewer as part of their ISO 9001 certification. I usually get copies of pretty much every relevant QMS document (sometimes with blacked out information), and have never faced a situation like this. Any recommendation/feedback would be greatly appreciated!

That's fishy...usually, the Quality Manual is a public document that can/could be handed in the street. As for the procedures related to the quality system they should be able (and willing) to distribute them to anyone.

Send them this link

http://metalcraft.net/

All, I mean ALL, their quality system douments are on-line. Including job descriptions and and work instructions.

 

[Sorin]

1.The good practice is to be audited only this part of supplier activity that is related to your activity.

2.And do not get copies from supplier's QMS documentation.

1.Uhmmm....nope. If I audit a supplier I need to see (read audit) how their processes are controlled and monitored, how the contract review is performed, how they are controlling their purchasing, etc. And that means auditing all their QMS.

2.How else I am supposed to do an audit. I may get compelled (through an NDA) to sent them back or destroy them, but that's another story.

 

[silentrunning]

Our company is an open book to any customer that wants to come and audit us, but no controlled documents leave the premesis. I have never had a customer balk at this arrangement.

 

[Sorin]

Our company is an open book to any customer that wants to come and audit us, but no controlled documents leave the premesis. I have never had a customer balk at this arrangement.

And there is the key word....how about an uncontrolled copy?

 

[qusys]

I am currently performing an audit of one of our suppliers. The supplier is one of our logistics provider (warehousing/distribution) and the audit is conducted remotely. They have provided me with a lot of information to answer my queries, and they summarized processes for me, but they are unwilling to provide me with copies of any of their procedures or their quality manual. They keep saying that they can't provide me with any document related to QMS due to privacy disclosure (we do have a CDA with them) and legal issues; and that their QMS was assessed and validated by an independant reviewer as part of their ISO 9001 certification. I usually get copies of pretty much every relevant QMS document (sometimes with blacked out information), and have never faced a situation like this. Any recommendation/feedback would be greatly appreciated!

Quality manual is a sort of "visiting card" of a company , so it is done to show how the QMS of an organization works. It is very strange that they do not want to show to you, it could means that they want to hide something.
To avoid this situation , we can go directly on their premises with an audit plan , checking if the requirement you should have agreed with them for the provided service are met or not.
In the planning phase of a supplier audit we can send them before a sort of check list ( questionaire) where they shall provide response you can successively check on their premises, a sort of self scoring that then you can confirm or not.
In my opinion , desk audit for suppliers are not so usefull. You should combine different input and verify them on the place. One of these input could be if they are still open action for corrective action with you and verify the related status of the action.

 

[keres]

1.Uhmmm....nope. If I audit a supplier I need to see (read audit) how their processes are controlled and monitored, how the contract review is performed, how they are controlling their purchasing, etc. And that means auditing all their QMS.

2.How else I am supposed to do an audit. I may get compelled (through an NDA) to sent them back or destroy them, but that's another story.

1. If you are my client I will not permit you to see any other information if it is not related to our contract and conducting of orders. In other case you will have access to information about other my clients wich is not good for them... and for me.

2. Watch, take interviews and review of documents.

 

[Sorin]

1. If you are my client I will not permit you to see any other information if it is not related to our contract and conducting of orders. In other case you will have access to information about other my clients wich is not good for them... and for me.

2. Watch, take interviews and review of documents.

1.Assume I am the customer.

a)I am sending you a PO. You review the PO and acknowledge that you are able to perform as per requirements that are explicit (and implicit) in the PO.

Up to this point I need to see how you are reviewing PO's (contracts, your control of internal and external documents (as well as statutory and regulatory standards) including drawings.

b)Schedule of my parts
I need to see your planning and risk management.

c)Start of manufacturing.
I need to see how you control and monitor your processes, calibration of equipments used to control and monitor, purchase and control upon reception of raw materials and services (including calibration), inspection and verification (in process and final), training of personnel that can affect the quality of the parts in process and upon inspection.

d)Shipping
I need to see how do you control the process of verication that all aspects detailed in my PO were verified and how do you ensure that the final product complies with them.

Now...are there aspects of your QMS that are not mentioned? Could be...but I did it just to show you that an audit from any customer could easily encompass all your QMS.

2.Keep in mind that are talking about your QMS, not about proprietary information.

 

[treesei]

An existing customer auditor can easily cover every aspect of a QMS and review documents from quality manual down to details records. A big part of a quality audit is to see if your practice comply with your procedures (do what you say, say what you do).

A potential customer may have restricted access to certain info, but the quality manual and many general secondary procedures are accessible.

To both existing and potential customers, documents (and areas if applicable) that are associated with another customer, for example, the process SOP or drawing of a product you build for another customer) are confidential.

Some other documents, for example, your AVL, can be confidential.

But the quality manual and many secondary procedures are always available to any auditor.