Auditing the Procurement and Supply Chain Processes This paper provides guidance on how certification auditors should assess compliance to the requirements of clause 7.4 of ISO 9001:2000 to ensure the substantial fulfilment of the objectives of the standard. 1. Introduction When establishing a management system, organizations have to put in place processes to control the purchasing of products (or services) and their verification, to satisfy the requirements of clause 7.4 of ISO 9001:2000. However, the way organizations consider such requirements are fulfilled may not necessarily be the most appropriate one. Similarly, auditors may consider it sufficient to confirm compliance by just checking that an approved supplier list is up-to-date, that orders have been placed only with approved suppliers and activities necessary for ensuring conformity with the specified purchase requirements have been carried out. In many instances, however, it may not be sufficient to ensure that purchased products simply meet original specifications in all respects. In such cases, it would be preferable to review the wider processes for procurement and supply chain management. 2. Auditing the Procurement Process In auditing the process for the management of procurement, the following should be considered: • Procurement should start during the design and development of a product when a specification is prepared; • Inter-departmental discussions should take place to ensure that potential suppliers can provide a product that meets the design specification at the required cost; • The organization should ensure that the specified purchase requirements are correct prior to their communication to the supplier; • Statutory & regulatory requirements should have been included in the purchase requirements, as applicable; and, • The degree of risk associated with a component or product and the controls required to ensure that it meets the design specification should have been assessed. Practical suggestions of ways to achieve objective evidence that the above elements have been considered are: • Confirm that the specification quoted in a purchase order is the same as the specification contained in the design (or the specification received from the customer); • Identify whether or not there were discussions inside the organization and between the organization and potential suppliers regarding the design specification of critical components during the design process or prior to an order being placed; • Was there some form of “approval” of the specification before the final specification/order was confirmed to the supplier? • Does the purchase order contain or refer to any statutory or regulatory requirements? 3. Auditing the Supply Chain In many cases, audits of the evaluation and selection of suppliers simply consists of a review of the organization’s approved supplier list and whether this list has been reviewed at regular intervals. There are cases, however, in which this may not be sufficient to ensure that the organization has effective control of all of those suppliers within its supply chain. Issues to be considered, in this regard, include: • Are suppliers of critical components/products selected based only on their ability to supply at an economical price or is their ability to supply consistently to specifications also taken into consideration? • Is the maintenance of suppliers in the approved lists solely based on their continued certification/registration against a recognised quality standard or is the scope of this certification/registration reviewed? Note: In some cases, it may be advantageous for the organization to audit the intended supplier to establish clear lines of communication, product specifications, delivery parameters, etc. • How frequently are credit notes raised by the organization for product rejected but subsequently accepted by the organization? • How many concessions have been raised allowing the organization to accept previously rejected products? 4. Conclusions Generally, for an experienced auditor, reviewing the procurement process and supply chain of an organization is straight forward common sense but there are situations where the nature of the products or components may indicate that additional investigation is necessary. Every product is unique, just as all audit situations are unique. _____________________________________________________________________________________________________ For further information on the ISO 9001 Auditing Practices Group, please refer to the paper: Introduction to the ISO 9001 Auditing Practices Group Feedback from users will be used by the ISO 9001 Auditing Practices Group to determine whether additional guidance documents should be developed, or if these current ones should be revised. Comments on the papers or presentations can be sent to the following email address: charles.corrie@bsi-global. The other ISO 9001 Auditing Practices Group papers and presentations may be downloaded from the web sites:
Posted on: Sat, 02 Aug 2014 19:39:54 +0000
Recently Viewed Topics
© 2015