We are ISO/TS16949 certified semiconductor company since many years. We deliver products to both automotive and non automotive industry. More and more our products content software (like microcontrollers) or we even deliver software directly to our customers in addition to product (e.g. platforms + development software).
It is unclear what the rules are for our software suppliers (subcontractors) : should they be ISO/TS16949 certified or just compliant or only ISO9001 certified.
Same question applies for our internal organizations or sites delivering software to our business groups.
Has anybody a clear understanding of the rules and where to find reference documentation on this matter ?