The AS9100 family of standards has completed very important updates, raising the business management quality bar again for aerospace and defense suppliers and OEMs. The transition to the new standards caught quite a few organizations somewhat flat-footed; particularly with the emphases on risk management and top-management participation (leadership). Getting it right is important; certification to one of the standards is rapidly becoming a requirement of the aerospace and defense industry.
ADVERTISEMENT |
The updated standards have proven challenging for small to midsized supplier organizations that need certification to advance their positions in the global supply chain. Even for larger companies and the major OEMs, the new revision of the standards is demanding.
Much like recent updates to core ISO standards (ISO 9001, ISO 14001, and ISO 45000), the revisions to AS9100, AS9110, and AS9120 demand a broader view of quality and organizational impacts. Some of the changes are very specific and technical; others are conceptual.
The official transition phase concluded in the fall of 2018. At this point, all AS91XX certifications are to the new revisions. Having worked with organizations of all sizes and types during the transition, we can see a few common hot spots companies have been running into with the revisions:
• Risk mindset: It’s pervasive in the new standard. Clauses 6 and 8, which address big-picture risks and opportunities, and operational risks, respectively, have given many companies trouble. Most organizations are more comfortable and adroit at defining operational risk, i.e., those pertaining to product or service design at the tactical level, than they are at identifying large-scale organizational risks and opportunities.
• Leadership involvement: Easier said than done. Nevertheless, it’s a key requirement of the new revisions. It’s not good enough for top brass to shuttle all the responsibility to a project team or “designated representative.” The standards demand the full attention of senior management.
• Root cause: For some reason (perhaps a combination of the above two issues) companies have difficulty identifying the root cause of their nonconformities. That’s leading to a rise in rejections of their responses to nonconformity reports (NCRs) by certification bodies; data which are clearly indicated in the OASIS database. Getting to root cause is like peeling the proverbial onion. There’s a tendency to settle for what’s easy and obvious, and while that sometimes is exactly where the root cause lies, it’s not an effective strategy for dealing with nonconformities. You miss too many underlying issues and are more likely to see your NCR rejected.
The key insight here is that certification is a reflection of business vibrancy. If you’re working with a reputable certification body, and you are either having trouble understanding the requirements, or seeing a lot of nonconformities, you need to take a deep breath and understand why. Not to please the auditors, but to make your organization stronger.
In many ways, getting certified to one of the standards is a tough, honest look in the mirror. Having auditors examine your workflows and policies, and ask you why you do things the way you do, is an exercise in self-discovery. If you are truly committed to the level of quality suggested by the certificate you earn, you welcome the chance to benchmark yourself against a stringent standard. The ISO-based standards, like AS9100, AS9110, and AS9120, are not a “do it this way” recipe; they are frameworks that allow you to execute in a way that works for your organization, so long as you can prove it works.
This is perhaps the biggest lesson we have learned in the transition: Certification, particularly to demanding standards like AS9100, AS9110, and AS9120, is not a test; it’s a strategic business tool. The hurry-up-and-get-certified mindset is going to undermine your certification program for two reasons: 1) because you’re likely to suffer an unnecessary number of NCRs, which protracts the process; and 2) because you’ll be leaving a lot of value on the table—namely the chance to improve your organization and grow your business.
Meanwhile, upcoming updates to the larger family of AS9100 standards focus primarily on the certification bodies and accreditation bodies themselves. For example, AS9104-1 addresses the core requirements of being an accreditation body (AB) or certification body (CB); AS9104-3 is updating the requirements for auditors, and AS9101F deals with the forms used in the OASIS database. These are in various stages of working group development and review.
To learn more about these changes to aerospace standards, join Ronda Culbertson, the aviation, space, and defense technical manager at the Global Compliance Unit for DNV GL Business Assurance; and Quality Digest editor in chief Dirk Dusharme on Tues., May 21, 2019, at 1 p.m. Central/11 a.m. Pacific for the webinar, “Aerospace AS91XX Lessons Learned: Be Prepared for Your Next Audit!” Click here to register.
Add new comment