“You should prioritize agility, but find ways to take risks without sacrificing sound execution that can jeopardize both customer satisfaction and, more importantly, safety.”
—PWC “2016 Auto Industry Trends”
Perhaps no sector is so thoroughly driven to balance innovation and safety as is the global automotive industry. With annual unit sales in excess of 70 million vehicles, the world’s automakers—and the vast supply chain that supports them—cannot afford to rely on guesses or good intent. That is why so many of these organizations embrace the ISO 9001 standard for quality management systems, as well as its industry-specific sibling, ISO/TS 16949. These standards help ensure consistent business operations and product quality.
Both of these standards have recently received significant updates by their respective technical stewards. The core ISO 9001 standard moves from its 2008 version to the 2015 version, and the automotive standard of ISO/TS 16949 has now evolved into IATF 16949. These standards share interdependencies, and each also contains significant updates in its compliance requirements.
Of most significance, the automotive standard has been decoupled from ISO 9001 in both title and structure. The International Automotive Task Force (IATF), not the International Organization for Standardization (ISO), now controls IATF 16949 and is responsible for future updates to its specifications and audit requirements. Thus, although IATF 16949 requires compliance to ISO 9001:2015, it exists as a completely separate document subject to its own review and update process.
“This is a major step for the automotive industry,” says Ismael Belmarez, accreditation manager for DNV GL Business Assurance North America. “Separating the automotive standard from ISO 9001 allows greater flexibility to respond to regulatory and technical advances unique to automotive industry. It’s really the best of both worlds.”
Belmarez also points out that after Oct. 1, 2017, all certification audits for organizations previously registered to ISO/TS 16949 will be conducted to the new standard. By IATF rule, the transition audits will be the same duration as a recertification audit.
Organizations with ISO/TS 16949 certification, particularly suppliers to the original equipment manufacturers (OEMs), are strongly encouraged to schedule their transition audit to IATF 16949 as soon as possible. Leaving it to the last minute runs the risk of the certificate expiring, which can cause serious business issues with customers and business partners.
The IATF maintains a database of certificates which includes information about expiration dates and audit nonconformities. Notices of noncompliance are automatically sent to OEMs from this database, making early action on the new standard a very smart idea.
The ultimate “final” deadline, established by ISO and IATF, is September 2018, at which time registrations to both ISO 9001:2008 and ISO/TS 16949:2009 will become obsolete. Certificates to these versions of the standards will thereupon be revoked.
Even as IATF assumes its own path, it remains inherently linked to ISO 9001. As mentioned, IATF 16949 certification continues to require full compliance with ISO 9001. In a change from the current ISO/TS standard, however, IATF will not publish the ISO 9001 requirements as part of the IATF 16949 standards document.
All organizations seeking IATF 16949 certification are well-advised to obtain a fresh copy of the ISO 9001:2015 standard and understand its requirements. During the IAFT 16949 certification audit, you will be held accountable for compliance to ISO 9001 as well.
And speaking of ISO 9001… the 2015 version now contains 10 chapters instead of eight as it adopts what the ISO calls a “high-level structure.”
“ISO wanted to create a common framework for its key management standards,” says Wendy Parr, owner of Parr Consulting. “This is part of a larger evolution to adapt ISO to changes in the global economy, and to enable organizations to pursue multiple certifications without having to learn a new ‘language’ for each.”
Parr adds that the high-level structure is akin to a software operating system—a consistent foundation on which multiple unique applications run.
“It’s all about flexibility,” says Parr. “Business have enough pressure to perform, and to succeed; they don’t want to reinvent the wheel each time they pursue a management standard for running their business or to comply with industry expectations. Variation is antithetical to the idea of ‘standard.’ The high-level structure addresses that.”
In addition to the high-level structure, the new ISO 9001:2015 standard reflects a wholesale adoption of risk-based thinking. Whereas “risk analysis” is part of good business practice—and was touched upon in the 2008 standard—the whole concept of risk has blossomed into a strategic mandate within the 2015 standard.
“We’re seeing a lot of automotive companies struggling with this concept,” says Parr. “Partly because ISO now asks you to find opportunities for growth within your risk approach, but also because IATF has different demands on documentation than the ISO standard on which it’s based.”
Specifically, ISO 9001:2015 does not prescribe or insist upon any specific documentation for risk management; IATF 16949, however, does. So, while both standards share the same philosophy, i.e., adopt “risk-based thinking” in everything you do, the IATF standard clearly requires that evidence be provided during an audit.
Bottom line: You need to get recertified and you need to do it soon. The benefits are substantial in terms of the flexibility and business impact offered by both ISO 9001:2015 and IATF 16949:2016. But the transition requires you to do some homework and think carefully through what will be expected of you in your recertification process.
To learn more, join Belmarez and Parr on Tues., March 21, 2017, at 11 a.m. Eastern/8 a.m. Pacific for the webinar, “IATF 16949:2016 Transition Experiences.” Quality Digest editor in chief Dirk Dusharme hosts. Click here to register.
Add new comment