Академический Документы
Профессиональный Документы
Культура Документы
1 OF 61
AS Interpretation Rev. 0 - May 9, 2007
AS9100 Interpretations
Element 4: Quality Management System
4.1: General
Section 4.1 includes the general requirements that must be met in order to establish, implement
and continually improve the effectiveness of a quality management system meeting the
requirements of the standard. These requirements are referenced to and/or further defined in
subsequent clauses of the standard. Table A, shown below, contains the cross-linked references.
Continual improvement of the effectiveness of the quality management system may be reflected
in a number of different areas. These may include:
Quality objectives;
Corrective and preventive actions;
Internal audits;
External audits;
Review of customer satisfaction surveys and associated action items;
Operation meetings producing improvement actions;
Actions initiated by suggestion programs;
Process Changes;
Infrastructure and environment changes;
Management Reviews
If continual improvement has become a way of life for a company, it is unlikely that a
demonstration of company wide continual improvement will come from only a few sources.
System deterioration would not necessarily lead to non-conformity if all actions were positive
and the improvement path is still evident and logical. The system would be questionable if the
company did not recognize it or had not reacted to the issues appropriately.
Note: It is the responsibility of the company to demonstrate improvement rather than the
auditor to look for it. Accordingly, it is useful audit practice to ask management to
identify any improvement initiatives taken since the previous visit, and any planned for
the future.
4.1 a) Process identification Bureau Veritas Certification auditors will expect to see a process
model that explains the key processes of the business and how each relates and links to the
others. The depth of process explanation may be as detailed as the company chooses, but should
2 OF 61
AS Interpretation Rev. 0 - May 9, 2007
Effect on quality
Risk of customer dissatisfaction
Statutory and/or regulatory requirements
Economic risk
Effectiveness and efficiency
Competence of personnel
Complexity of processes
Process completed wholly or partially by a sister facility outside the scope of registration.
Such as corporate performing design, purchasing or customer related processes. This may
include the entire element or a subsection i.e. corporate completes supplier evaluation and
re-evaluation of suppliers and the registered site initiates purchase orders.
Processes completed by an outside vendor or subcontractor such as heat treating, plating,
calibration, painting, powder coating, etc.
Documented objective evidence must be ascertained to ensure that these processes are being
controlled beyond the basic purchasing requirements, which are focused on controlling products
not processes. The organization is responsible to ensure that the outsourced process is meeting
applicable requirements to ISO9001:2000. Outsourced processes may be controlled through such
methods as (not limited to):
Internal Audits
Internal Agreements between two sites where only the audited site is under the scope of
registration (Interface Agreements Bureau Veritas Certification terminology)
4 OF 61
AS Interpretation Rev. 0 - May 9, 2007
ISO/TC 176/SC 2/N 630R2 ISO 9000 Introduction and Support Package: Guidance on
'Outsourced Processes: An outsourced process can be performed by a supplier that is totally
independent from the organization, or which is part of the same parent organization (i.e. a
separate department or division that is not subject to the same quality management system). It
may be provided within the physical premises or work environment of the organization, at an
independent site, or in some other manner The organization has to demonstrate that it
exercises sufficient control to ensure that this process is performed according to the relevant
requirements of ISO 9001:2000, and any other requirements of the organizations quality
management system. The nature of this control will depend, among other things, on the
importance of the outsourced process, the risk involved, and the competence of the supplier to
meet the process requirements (http://www.bsi.org.uk/iso-tc176-sc2).
Flowcharts;
Written text;
Diagrams;
System maps;
Process maps;
Process Turtles.
7 OF 61
AS Interpretation Rev. 0 - May 9, 2007
- when referencing the documented procedures, the relationship between the requirements of
this International Standard [AS9100] and the documented procedures shall be clearly shown.
BV Certification: Points of reference may be throughout the manual when discussing pertinent
subjects (imbedded in the text). All of the referenced procedures may be listed together in an appendix
/ attachment to the manual. Or, the pertinent procedure(s) may be called out at the beginning or end of
each major section of the manual. A cross reference matrix is especially effective - linking specific
clauses in the Standard to corresponding paragraphs in the quality manual down to specific
paragraphs in the detailed procedure (or W/I as appropriate). Regardless of the approach, the intent of
the Standard is that there be a clear, unbroken, definitive trail from a particular requirement in the
Standard, into and through the quality manual, down to the procedural (and or work instruction) level
such that users of the documentation can clearly and readily arrive at a description of how that
requirement in the Standard is satisfied / fulfilled in the organizations system documentation.
4.2.2 c) Interaction between processes This requirement ties closely to section 4.1 b), which is
discussed in the previous paragraphs. The interactions between the quality management system
processes do not have to be separately described, or illustrated, by charts, tables or maps. If an
organization chooses to use a process map to show interaction, just using arrows is not sufficient
9 OF 61
AS Interpretation Rev. 0 - May 9, 2007
Retrieval any special requirements for retrieval. Generally dependant on location and
protection. May be a request process.
Retention time identification of how long each record will be maintained.
Disposition of records method for disposing of records i.e. shredding, burned, trash
5.4: Planning
5.4.1 Quality Objectives
Auditor must determine that the organization has developed measurable quality objectives for
relevant functions and levels of the organization. Bureau Veritas Certification expects overall
objectives to be established at the facility/corporate level and objectives established for each
identified process. Process objectives shall support the organizations overall objectives.
The organization must establish what the relevant functions of the organization are, however at
a minimum this will include all defined processes (reference 4.1 a, c, e). Sub-processes, projects,
or individual objectives would be at the discretion of organization. The auditor may want to ask
what criteria were used to determine if functions are relevant or not. It would be left up to the
company to determine if a cost or added value benefit would result from including or not
including functions of the operation when establishing quality objectives.
15 OF 61
AS Interpretation Rev. 0 - May 9, 2007
All those planning activities undertaken to establish the QMS in accordance with
clause 4.1.
The existence of an effective, documented, and implemented QMS that provides
collective evidence demonstrating that these planning activities have been performed
effectively.
Deficiencies in the quality system that may indicate that these planning activities
were not quite effective.
The evidence and use of Strategic Plans, Business Plans, Management Review
results, Contingency Plans, Quality Objectives, any programs or plans, documented
or not, such as Minutes of meetings, Memos, Internal communications.
16 OF 61
AS Interpretation Rev. 0 - May 9, 2007
19 OF 61
AS Interpretation Rev. 0 - May 9, 2007
20 OF 61
AS Interpretation Rev. 0 - May 9, 2007
Organizations will choose whichever form best suits their needs at any particular moment. Other
actions to bridge competence gaps might include:
Recruitment;
Outsourcing;
Acquisitions;
Use of experts and/or consultants.
Documented procedures or work instructions
All such means are acceptable as long as an organization has ensured the availability of the
competencies needed.
6.2.2 c) Evaluate the effectiveness of the actions taken - The requirement is aimed at ensuring
that the training or other activity has produced the desired result. This requirement could be met
in a variety of ways, including, but are not limited to:
the
Training;
Memos, and/or meetings regarding the impact of various individual or departmental goals
on quality objectives;
Plant tours or briefings where an individuals work and goals are shown as an integral
part of the larger processes;
Cross functional teams working towards quality objectives and reporting their progress to
their departments.
Any activity that allows individuals to understand how their efforts affect quality objectives may
satisfy this requirement. All personnel need to know the specific measurable objective(s) for the
process that they work in; they should also know what organizational objective their process
effects. They should be able to demonstrate that they know what the actual measurable is, their
progress towards that goal, what the plan is to achieve the goal. If they do not know the actual
numbers, they should be able to communicate the topics of the measurable and know where the
actual measurements are maintained or posted.
6.2.2 e) Maintain appropriate records - The requirement expands record keeping requirements to
include education, skills and experience, in addition to training, where appropriate. There are a
great variety of ways to record and provide evidence of training, education, skills and
experience. Records may include:
Diplomas;
Certificates;
Training log;
Annotations in shift logs;
Toolbox meeting notes;
Attendance lists;
Resumes;
Employment history;
Test results.
Such records may be filed in any location as long as the requirements of 4.2.4 are observed.
22 OF 61
AS Interpretation Rev. 0 - May 9, 2007
25 OF 61
AS Interpretation Rev. 0 - May 9, 2007
7.3.6.1 Documentation of Design and/or Development Verification and Validation: At the completion
of design and/or development, the organization shall ensure that reports, calculations, test results, etc.,
demonstrate that the product definition meets the specification requirements for all identified
operational conditions.
BV Certification: This is added check to ensure, at the conclusion of the D&D effort that
documentation and supporting data that was generated during the design and subsequent
verification/validation does in fact meet all the input requirements. This clause supports the
conclusions that should have been reached at Design Review. The auditor would expect to see
evidence that verification and validation satisfy the input requirements.
7.3.6.2 Design and/or Development Verification and Validation Testing: Where tests are necessary for
verification and validation, these tests shall be planned, controlled, reviewed, and documented to ensure
and prove the following:
a) test plans or specifications identify the product being tested and the resources being used,
define test objectives and conditions, parameters to be recorded, and relevant acceptance
criteria;
b) test procedures describe the method of operation, the performance of the test, and the
recording of the results;
c) the correct configuration standard of the product is submitted for the test;
d) the requirements of the test plan and the test procedures are observed;
31 OF 61
AS Interpretation Rev. 0 - May 9, 2007
7.4: Purchasing
7.4.1 Purchasing Process
It would be extremely uncommon for purchasing to be excluded from the quality management
system (i.e., perhaps applying to such situations as small consultancies using no subcontractors,
and using proprietary office materials and equipment that do not directly impact on product or
service performance but not to many other situations).
Where procurement is centrally controlled by a corporate procurement organization outside the
scope of the QMS of the auditee organization, this is not justification for exclusion of 7.4 in its
entirety. The audited organization is certainly responsible for providing purchasing information
(7.4.2) to the corporate procurement organization, and for verification of purchased product
(7.4.3) and perhaps participating in the re-evaluation process. In the event that a corporate
office or other entity, outside the scope of registration, performs any sections of purchasing this
32 OF 61
AS Interpretation Rev. 0 - May 9, 2007
The organization shall be responsible for the quality of all products purchased from suppliers,
including customer-designated sources.
BV Certification: In the context of this and other requirements of the Standard, product includes
parts, materials, process services, etc. It is readily apparent that an organization is ultimately
responsible for the quality of product purchased from its own suppliers / subcontractors. This
requirement extends the scope of the organizations responsibility to include that for product
purchased from customer-designated and/or customer-designated sources. The type and extent of
control exercised over customer-designated or customer-approved sources may be justifiably different
than that exercised over sources chosen / approved by the organization themselves. Regardless,
customer-approval and/or customer-designation of sources does not relieve the organization of the
responsibility to procure conforming product.
The organization shall
a) maintain a register of approved suppliers that includes the scope of the approval.
BV Certification: A register could be in most any format and media hardcopy, electronic, a paper
listing, an electronic file as part of a procurement software program, or even a manual card file. The
register must be a complete, finite compilation of all approved suppliers / vendors / subcontractors including those that are customer-designated / approved. The register must include sources that
provide goods, products and services that relate to the organizations products, processes and Quality
management system. Compiling the register(s) is a relatively simple and direct task. The second part
of this requirement . . . that includes the scope of the approval. involves more thought. The
scope of approval should describe the extent (or limitation) on what the source can (or cant) provide
or perform. The description of the scope can be narrative or coded. Some examples:
Acme Machining conventional metal machining except for chemical milling and wire EDM.
Acme Hardware Distributors all metal, mechanical fasteners except for rivets.
Acme Metal Distributors all ferrous and non-ferrous metals except for titanium and inconel.
Acme Heat Treating heat treating processes
.
33 OF 61
AS Interpretation Rev. 0 - May 9, 2007
38 OF 61
AS Interpretation Rev. 0 - May 9, 2007
7.5.1.2 Control of Production Process Changes: Persons authorized to approve changes to production
processes shall be identified.
40 OF 61
AS Interpretation Rev. 0 - May 9, 2007
7.5.1.3 Control of Production Equipment, Tools and Numerical Control (NC) Machine Programs:
Production equipment, tools and programs shall be validated prior to use and maintained and inspected
periodically according to documented procedures. Validation prior to production use shall include
verification of the first article produced to the design data/specification.
BV Certification: see section 7.5.1.3 above.
Storage requirements, including periodic preservation/condition checks, shall be established for
production equipment or tooling in storage.
BV Certification: No interpretation necessary.
7.5.1.4 Control of Work Transferred, on a Temporary Basis, Outside the Organizations Facilities:
When planning to temporarily transfer work to a location outside the Organizations facilities, the
organization shall define the process to control and validate the quality of the work.
BV Certification: It is incumbent on the organization to demonstrate that work transferred outside,
even on a temporary basis, is performed to the requirements of this AS9100 standard. Generally, the
level of control should be more than a purchase order. Examples of such control could be approval of
41 OF 61
AS Interpretation Rev. 0 - May 9, 2007
7.5.1.5 Control of Service Operations: Where servicing is a specified requirement, service operation
processes shall provide for
a) a method of collecting and analyzing in-service data,
b) actions to be taken where problems are identified after delivery, including investigation,
reporting activities, and actions on service information consistent with contractual and/or
regulatory requirements,
c) the control and updating of technical documentation,
d) the approval, control, and use of repair schemes, and
e) the controls required for off-site work (e.g., organizations work undertaken at the
customers facilities).
BV Certification: Clearly this section applies to organizations with off-site field service functions.
This section also applies to those organizations that assist customers with end use applications for
delivered products or have in-house repair operations. Merely addressing customer product related
complaints does not constitute service. It is important to verify collection and analysis of in-service
data. It is important also that service data are disseminated within the organization and included in the
corrective action process, as appropriate. Organizations that are strictly make-to-print shops may be
able to justify exclusion of this section.
control of the significant operations and parameters of special processes in accordance with documented
process specifications and changes thereto,
Packaging material
Transport
Intellectual property drawings, specifications etc including customer furnished data used
for design, production and/or inspection.
BV Certification: The aerospace community makes extensive use of proprietary blueprints, drawings,
specifications and similar documents, in electronic and/or hard copy format. The documents themselves
often indicate the confidential nature of these documents. The organization must have evidence of a
process for proper disposition of obsolete documents. Dumpster does not demonstrate adequate
control.
Equipment or tools
Handling - auditor will verify that suitable handling methods are implemented throughout
the processes. This may include bulk handing using moving equipment or physical
contact where handling may influence product conformity.
Packaging - auditor will expect to see that methods have been established for packaging
product to preserve integrity.
Storage - auditor will expect to see that product is stored in locations and in a manner to
safe guard product.
Protection auditor will verify that appropriate measures are in place to protect product.
This may vary widely depending on the product.
Preservation of product shall also include, where applicable in accordance with product specifications
and/or applicable regulations, provisions for:
a) cleaning;
b) prevention, detection and removal of foreign objects;
c) special handling for sensitive products;
45 OF 61
AS Interpretation Rev. 0 - May 9, 2007
7.6 a) be calibrated or verified at specific intervals or prior to use. Devices must be calibrated
using measurement standards traceable to international or national measurement standards.
Where there is no standard available for the device the basis for calibration or verification
must be recorded. Auditor expects to see that traceable standards are used and where
applicable have not expired. Where calibration is completed by an outsourced process
(vendor), the records of traceability must be reviewed.
7.6 b) Adjusted or readjusted as necessary. Auditor will expect to see evidence that devices
found to be out of calibration are adjusted/re-adjusted by qualified personnel and the
validity of the previous measuring results are accessed when a device is found to be out of
calibration and appropriate action is taken (may include recall of product). Auditor will
expect to see that a process is in place to provide traceability of each device to the
process/product the device was used on. The results of calibration and verification are
required to be maintained as quality records.
7.6 c) be identified to show calibration status. Auditor will expect to see that each device is
identified in such a way that the user can determine that the device has current calibration.
Generally this is accomplished with a calibration sticker that provides a unique
identification for the device, current calibration date and next calibration date. Other
methods may be used however must clearly identify the calibration status. Where the
47 OF 61
AS Interpretation Rev. 0 - May 9, 2007
48 OF 61
AS Interpretation Rev. 0 - May 9, 2007
ISO 9000:2000, 3.3.5 defines the Customer as the organization or person that receives a
product. The examples stated are; consumer, client, end-user, retailer, beneficiary and
purchaser. It is intended that the customer satisfaction measurements be focused on external
customer but in addition can include internal customers. Internal customer satisfaction measures
can be contained in the establishment of the organizations defined internal process measurable
objectives. Measuring only internal customer satisfaction would not meet the intent of this clause
and must include all interested parties where appropriate.
Customer Satisfaction is determined by the organization measuring its customers perception as to
whether they have satisfied their customers requirements and may be somewhat subjective or
qualitative as much as quantitative. Customer complaints are a common indicator of low
customer satisfaction but their absence does not necessarily imply high customer satisfaction.
Simply capturing customer complaints and product returns will only gauge dis-satisfaction
which does not fully meet the intent of the clause and will not satisfy these requirements. The
organizations management should analyse the implications of the absence or existence of
customer complaints.
Process definition is needed. The various techniques, methodologies, tools, resources, etc.
(forms, surveys, frequency, targeted customers, responsibilities, external survey service
companies, benchmarking, etc.) and applicable procedures need to be determined for:
49 OF 61
AS Interpretation Rev. 0 - May 9, 2007
requirements
5.2
8.4 a)
8.5.1
5.6.2 b)
7.2.3
in
8.2.1
interrelate
closely
with
those
in
sub-clauses:
requirements
of
8.2.3
interrelate
closely
with
those
in
sub-clauses:
The organization should identify monitoring, and, where appropriate, measurement methods to
evaluate process performance. The organization should incorporate these measurements into
processes and use the measurements in process management. Measurements of process
performance should cover the needs and expectations of interested parties in a balanced manner.
Examples (from ISO 9004:2000) might include:
Process capability
Reaction time
Cycle time or throughput
Measurable aspects of dependability
Yield
The effectiveness and efficiency of the organizations people
Utilization of technologies
Waste reduction
Cost allocation and reduction
8.2.4.2 First Article Inspection: The organizations system shall provide a process for the inspection,
verification, and documentation of a representative item from the first production run of a new part, or
following any subsequent change that invalidates the previous first article inspection result.
NOTE: See (AS) (EN) (SJAC) 9102 for guidance.
BV Certification: First article inspection, as opposed to first piece inspection, is performed in
response to contract requirements. The auditor would expect to see evidence of representative first
article inspection and customer acceptance (e.g. stamp or signature).
54 OF 61
AS Interpretation Rev. 0 - May 9, 2007
There are only four possibilities auditors should see as dispositions of nonconforming product, 1scrap, 2- rework or repair, 3- re-grading of the product, or 4 use with the concession of the
customer and records maintained. Obviously reworked or repaired product requires subsequent
verification prior to release.
The organization shall not use dispositions of use-as-is or repair, unless specifically authorized by the
customer, if
- the product is produced to customer design, or
- the nonconformity results in a departure from the contract requirements.
Certification: No interpretation necessary.
55 OF 61
AS Interpretation Rev. 0 - May 9, 2007
Process performance
Product / Process Characteristics
Trends in Products / Processes
Opportunities for Preventive Action
Suppliers and subcontractors (i.e., all as defined in 8.4 a)-d))
5.6.2
8.5.1
8.5.2
8.5.3
8.5: Improvement
8.5.1: Continual Improvement
Distinction must be made between continual and continuous improvement. Unlike
continuous improvement (which must be constant, steady and always positive), continual
improvement may show signs of dwells, momentary set-backs, delays or slight reversal
provided the overall trend is positive/improving.
The auditor will expect to see a process is in place for establishing and implementing continual
improvement. Significant or sustained lack of improvement must be met with corrective action
(i.e. get well plan) unless the undesirable condition is expected/predicted resulting from a
conscious/deliberate decision by management (i.e. willingness to accept a temporary setback in
productivity while new equipment/ processes are introduced.)
Drivers, or impetus for continual improvement must come from the use of (as a minimum):
Preventive actions
Management review
Note: it is the responsibility of the company to demonstrate improvement rather than the auditor
to look for it. Accordingly, it is useful audit practice to ask management to identify any
improvement initiatives taken since the previous visit, and also any planned for the future.
Customer complaints
Nonconformity reports
Internal audit reports
Output from management review
Output from data analysis
Outputs from satisfaction measurements
Relevant quality management system records
The organizations people
58 OF 61
AS Interpretation Rev. 0 - May 9, 2007
Process measurements
Results of self assessment
8.5.2 b) Determining cause auditor will expect to see a process is in place for determining root
cause.
8.5.2 c) Evaluating action needed to prevent recurrence auditor will expect to see evidence that
action(s) are evaluated and developed to prevent the noncoformance from recurring.
8.5.2 d) Implementing action evidence that actions are implemented. There is no requirement
for time however auditor will expect to see evidence that actions are taken in a timely manner.
8.5.2 e) Maintaining records - corrective actions are required to be maintained as quality records
per 4.2.4.
8.5.2 f) Reviewing action taken auditor will expect to see a process in place for reviewing
completed corrective action to ensure that the action taken was effective in correcting the
nonconformity.
8.5.2 g) flow down of the corrective action requirement to a supplier, when it is determined that the
supplier is responsible for the root cause, and
BV Certification: Suppliers need to undertake corrective action to address nonconformities that they
have caused. The Supplier Corrective Action Request (SCAR), although not specifically required as
such, is commonly used. The organization needs to obtain evidence from the supplier of corrective
action that meets the corrective action protocol as defined by the AS9100 standard. Organizations
often claim that is difficult to get a meaningful corrective action response from a supplier.
Nevertheless, when a nonconformity requires more than simple correction, the auditor would expect to
see evidence that the organization is working with the supplier to achieve effective corrective action.
This could include the organizations assistance. In some cases, the organizations quality and
engineering may support of the suppliers corrective action initiatives.
A documented procedure shall be established to define requirements for
8.5.2 h) specific actions where timely and/or effective corrective actions are not achieved.
BV Certification: The clients procedure that controls corrective action must define those specific
actions that the organization takes where timely and/or effective corrective actions are not achieved.
There are many types of actions that might be taken. These include discussion of open corrective
actions at management review meetings, e-mail reminders to the responsible individual(s) and
escalation of notification, often up to the ranking site executive. The auditor would expect to see
evidence that the specific actions were indeed taken. The auditor may want to review also the
59 OF 61
AS Interpretation Rev. 0 - May 9, 2007
Note: The organization may choose to maintain one document for both corrective and preventive
action. While this is acceptable, Bureau Veritas Certification believes that the processes are
unique and should be documented separately.
Note: Organizations are free to use their own terminology (i.e., many define corrective action as
the fix and preventive action as the subsequent cure). There is no problem with this provided
they are not claiming that this preventive action (i.e., after the event) meets the requirements of
8.5.3 (action taken before the event).
Note: For multi-site/corporate certifications auditors will expect to see that evaluation of
corrective actions across all sites is being performed and analyzed (usually from the headquarters
location). This would be an input to management review (see 5.6.2).
60 OF 61
AS Interpretation Rev. 0 - May 9, 2007
Reviewed By Authorized By
Ralph
McLouth
Zach Pivarnik
Rev Date
New May 9,
2007
Rev # Location
0
BMS
61 OF 61
AS Interpretation Rev. 0 - May 9, 2007
Change History