transición de doce pasos desde ISOTS 16949: 2009 a IATF 16949: 2016
Resumen ejecutivo
La última revisión de IATF 16949 salió en noviembre de 2016, y cuando se acerca la fecha límite para la transición, la gente comienza a preocuparse por los pasos que deben seguir para asegurarse de que cumplen con esta última versión. Es cierto que IATF 16949: 2016 ha traído algunos cambios sustanciales con respecto a los conceptos y métodos, pero no es demasiado difícil. Mientras las empresas se tomen el tiempo para planificar adecuadamente la transición y abordar el proceso sistemáticamente, no hay ninguna razón por la cual no se pueda completar antes de la fecha límite. El proceso de transición es confuso para muchas organizaciones, desde preguntas sobre cuáles son los cambios hasta dónde comenzar y cómo asegurarse de que el sistema actualizado cumpla totalmente con IATF 16949. Este documento técnico está destinado a las organizaciones que ya han implementado ISO / TS 16949 y están planificando la transición a IATF 16949. Explica el tiempo de transición y los pasos que se deben seguir para realizar una transición exitosa.
Este documento técnico está destinado a las organizaciones que ya han implementado ISO / TS 16949 y están planificando la transición a IATF 16949. Explica el tiempo de transición y los pasos que se deben seguir para realizar una transición exitosa.
Propósito
Este informe técnico está destinado a las empresas que ya implementaron ISO / TS 16949, y están planificando la transición a IATF 16949; esta transición debe llevarse a cabo antes de la fecha límite en septiembre de 2018 para que la empresa siga siendo compatible y mantenga la certificación IATF 16949. Este documento describe los pasos sugeridos en el proceso de transición.
Tiempo para la transición A partir del 1 de octubre de 2017, todas las nuevas auditorías de certificación deben llevarse a cabo de acuerdo con el nuevo IATF 16949: 2016 y el IATF Rules 5th edition. Las organizaciones ya certificadas contra ISO / TS 16949: 2009 pueden hacer la transición para su próxima auditoría de recertificación. Cuando el período de gracia finalice el 14 de septiembre de 2018, los antiguos certificados ISO / TS 16949: 2009 ya no serán válidos. Aquellas organizaciones que necesiten hacer la transición de ISO / TS 16949: 2009 a IATF 16949: 2016 tendrán que pasar una auditoría de transición, incluida la aprobación de VETO para la certificación, en o antes de la fecha límite del 14 de septiembre. Aquellas compañías que se someten a su auditoría de transición entre julio y septiembre de 2018 tendrán 120 días, como máximo, para recibir una decisión positiva de VETO después de que se complete su auditoría de transición.
Proceso de transición de doce pasos La forma más fácil de realizar la actualización a la revisión de IATF 16949: 2016 es siguiendo estos pasos: 1) Definir el contexto de la organización La cláusula 4 de la revisión de 2016 es un nuevo requisito que implica definir el contexto de la organización. Este es un cambio crítico, ya que esta consideración formará la base de todo su Sistema de Gestión de Calidad (SGC). Las organizaciones ahora deben considerar todos los elementos que pueden influir en el rendimiento del QMS, incluidos factores externos, internos, culturales, sociales, económicos, tecnológicos y legales. Se consideran factores que influirán en los objetivos, el propósito y la sostenibilidad de la organización. Se aconseja que la consideración y el resultado de este proceso se demuestre en su Política de calidad o documento equivalente. Considere este nuevo requisito cuidadosamente, ya que sirve como base de su nuevo Sistema de gestión de calidad (QMS). No existen requisitos adicionales más allá de los de ISO 9001: 2015, pero debido a la naturaleza de la industria, IATF 16949 es conocida por elevar el estándar, por lo que debe anticipar que esta cláusula se examinará detenidamente cuando llegue el momento de la auditoría de certificación. . Para obtener más información, consulte: Cómo definir el contexto de la organización en IATF 16949: 2016. 2) Enumere todas las partes interesadas Técnicamente, esto es parte de la misma cláusula donde encontrará el contexto de la organización, pero debido a que es nuevo, es posible que desee prestar más atención. Identificar a todas las partes interesadas y reconocer sus expectativas será importante al definir la dirección estratégica de la compañía. Los clientes, propietarios, proveedores, banqueros, sindicatos, reguladores, socios de grupos sociales, competidores e incluso grupos de presión deben considerarse como posibles "partes interesadas" que pueden verse afectadas por las decisiones tomadas por su empresa o por el alcance de su QMS . Por ejemplo, si tomó una decisión comercial para aumentar las actividades de su organización al tener un patrón de turnos de 24 horas, los residentes locales que pudieran verse afectados por el aumento de tráfico o actividad desde y hacia su sitio se convertirían en una "parte interesada". debe ser capaz de demostrar que ha tomado todos estos factores en consideración para cumplir esta cláusula.
Executive summary
The latest revision of IATF 16949 came out in November of 2016, and as the deadline for transitioning gets closer, people are starting to become concerned about what steps they need to take to make sure they are compliant with this latest version.
It’s true that IATF 16949:2016 has brought some substantial changes with regard to concepts and methods, but it’s nothing too difficult. As long as companies take the time to properly plan for the transition, and approach the process systematically, there’s no reason why it can’t be completed before the deadline. The transition process is confusing for many organizations, from questions on what the changes are to where to start and how to be sure the updated system is fully compliant with IATF 16949.
This white paper is intended for organizations that have already implemented ISO/TS 16949 and are planning the transition to IATF 16949. It explains the transition timing and what steps are to be taken in order to perform a successful transition.
Purpose
This white paper is intended for companies that have already implemented ISO/TS 16949, and are planning to transition to IATF 16949; this transition needs to take place before the deadline in September 2018 for the company to remain compliant and maintain IATF 16949 certification. This paper describes the suggested steps in the transition process. Copyright © 2018 Advisera Expert Solutions Ltd. All rights reserved. 4
Timing for the transition
As of October 1, 2017, all new certification audits must be conducted according to the new IATF 16949:2016 and the IATF Rules 5th edition. Organizations already certified against ISO/TS 16949:2009 can make the transition for their next recertification audit. When the grace period ends on September 14, 2018, the old ISO/TS 16949:2009 certificates will no longer be valid.
Those organizations that need to transition from ISO/TS 16949:2009 to IATF 16949:2016 will need to pass a transition audit, including VETO approval for certification, on or before the September 14 deadline. Those companies undergoing their transition audit between July and September of 2018 will have 120 days, at a maximum, to receive a positive VETO decision after their transition audit is complete. Copyright © 2018 Advisera Expert Solutions Ltd. All rights reserved. 5
Twelve-step transition process
The easiest way to make the upgrade to the IATF 16949:2016 revision is by following these steps:
1) Define the context of the organization
Clause 4 of the 2016 revision is a new requirement that involves defining the context of the organization. This is a critical change, as this consideration will form the basis of your whole Quality Management System (QMS). Organizations must now consider all items that may influence the QMS performance, including external, internal, cultural, social, economic, technological, and legal factors. These are considered to be factors that will influence the organization’s objectives, purpose, and sustainability. It is advised that the consideration and outcome of this process be demonstrated within your Quality Policy, or equivalent document.
Consider this new requirement carefully, as it serves as the foundation of your new Quality Management System (QMS). There are no extra requirements beyond those of ISO 9001:2015, but due to the nature of the industry, IATF 16949 is known for raising the bar, so you should anticipate this clause to be looked at closely when it comes time for the certification audit.
For more information, see: How to define the context of the organization in IATF 16949:2016.
2) List all interested parties
Technically, this is part of the same clause where you’ll find context of the organization, but because it is new, you may want to pay extra attention. Identifying all interested parties and acknowledging their expectations will be important when defining the company’s strategic direction.
Customers, owners, providers, bankers, unions, regulators, partners in society groups, competitors, and even pressure groups should all be considered as potential “interested parties” who may be affected by decisions made by your company, or the scope of your QMS. For example, if you made a business decision to ramp up your organization’s activities by having a 24-hour shift pattern, then local residents who may be affected by increased traffic or activity to and from your site would become an “interested party.” You must be able to demonstrate that you have taken all these factors into consideration to satisfy this clause.
Read more here: Determining interested parties and their requirements according to IATF 16949:2016.
3) Review the scope of the QMS
Now is the time to take another look at the existing scope of your Quality Management System, because the reliability and integrity of your QMS depend on it. The new revision of the standard requires the evaluation of customer-specific obligations, and their inclusion in the scope of the QMS. Copyright © 2018 Advisera Expert Solutions Ltd. All rights reserved. 6
The scope of the QMS, according to IATF 16949, needs to include supporting functions, whether on-site or remote. Supporting functions include design centers, corporate headquarters, and distribution centers.
For more information, see: How to define scope of the QMS according to IATF 16949:2016.
4) Demonstrate leadership
There is a marked change in the “leadership” requirements in the new version, which appear in clause 5. The 2016 revision calls for leaders to be “active” and responsible, rather than the more passive role that could be interpreted from the 2009 revision. The standard assigns responsibility to the organizational leader for strategic quality objectives, QMS scope and results, policies and processes, communication, culture, fostering a commitment to quality, providing resources and training opportunities, and even “inspiring, encouraging and recognizing the contribution of people.” Therefore, it is clear that “top management” involvement and inclusion in all aspects of your QMS will become a requirement. For instance, making decisions on issues like risk assessment topics will now be almost impossible without strategic leadership advice, except in the instance of responding to an “incident.”
Leadership requirements in the new revision of the standard are nearly identical to those for management commitment in the last version. However, IATF 16949:2016 places even greater importance on organizational leadership, with additional requirements listed for corporate responsibility. Top management can show leadership by creating a Quality Policy and quality objectives, holding themselves accountable for the Quality Management System, and providing adequate resources to keep it running smoothly.
5) Assess risks and opportunities
The latest revision requires the assessment of risks and opportunities. The focus is on the organization’s ability to achieve the planned results, as well as other concepts like compliance obligations and context of the organization. Risk assessment should include past experiences from audits, customer complaints, product recalls, scrap and rework, and field returns and repairs. Once risks and opportunities have been assessed, plans should be made to address them.
This is a new and key requirement of the new version of the standard, and appears in clause 6 of the standard. Risks and opportunities now need to be considered for all aspects of the QMS, including all compliance requirements and even the context of the organization. After this, there should be a documented plan for how the business should address that risk. Therefore, the assessment of risk and opportunity is intended to become an integral part of all major QMS components and decision-making processes. Add to this the increased reliance on leadership mentioned above, and it is easy to see how real business benefits will be attained for most organizations. One way to comply is a “Risk Log” for your top team, which they can populate when assessing, taking actions, and mitigating risk.
6) Align QMS objectives with strategic direction of the company
Your company’s Quality Management System cannot be in opposition to the company’s overall business strategy. Likewise, quality objectives should be aligned with the company’s other activities. The new Copyright © 2018 Advisera Expert Solutions Ltd. All rights reserved. 7
revision requires the creation of plans for achieving the objectives, as well as the definition, establishment, and maintenance of quality objectives to meet customer requirements.
The new version of the standard requires the organization to ensure that the quality objectives are compatible with the strategic direction of the company. The revision also requires that plans for achieving these objectives must be created.
For more information, see: How to Write IATF 16949 Quality Objectives.
7) Control documented information
The new term “documented information” includes both procedures and records. The transition is a good time to make improvements to your existing documentation while you work on realigning your existing procedures with the new clause numbers.
For example, as “documented information” and a “process approach” are now critical, why not consider replacing some of your more wordy or cumbersome process instructions with one single process diagram? While improving your documentation is an excellent opportunity to demonstrate continual improvement, you are advised to ensure that your existing documentation still meets the needs of the standard.
For more information, see: A new approach to document and record control in IATF 16949.
8) Increase operational control
IATF 16949:2016 calls for better control over processes – for example, operating criteria, and the implementation of controls over processes according to these criteria. In addition, confidentiality requirements have been increased, along with expansion of operational planning and control obligations.
Improved operational control versus the stated criteria is one of the goals of the new version. The stated criteria are that your organization must define the criteria and processes for services and products to be effectively delivered, and ensure that the documentation and resources to deliver them are in place. Therefore, it is important that your process documentation reflects this improved accuracy and operational control to comply with the new standard. For example, are your stated criteria and defined processes aligned to produce the targeted results and outcomes? Can you show that resources have been planned and delivered and that the product conforms to the stated requirements?
9) Redefine the design and development process
The definition of your design and development process needs to be expanded to include inputs, outputs, controls, and responsibilities; as well as how changes to the design and development process will be managed – like who is authorized to make changes, who will review the results of any changes, and what will be done to avoid negative impacts.
There is a marked change in the level of control the standard requires in terms of design and development relative to the 2008 version. Responsibilities, inputs and outputs, controls, change control, Copyright © 2018 Advisera Expert Solutions Ltd. All rights reserved. 8
change authorization, and action required to prevent adverse impacts are among the factors that now need specific consideration. Documentation of these aspects is also critical. For example, if you have a product that has changed in terms of specifications, can you evidence who authorized and approved that change, and provide documented proof that shows that this person is deemed “qualified” to do so? This is the level of detail that this clause demands to protect the integrity of the process and product, and the needs of your customer.
10) Control external providers
The purchasing process has been renamed “Control of externally provided processes, products and services.” The requirement basically says that you must do whatever you have to, in order to make sure your providers deliver what is expected. The main thread is that you must ensure that your organization’s externally provided products and services fulfill your stated requirements. Therefore, your organization must determine what type and extent of controls and related information need to be provided to any external parties to ensure their delivery matches your requirements exactly. For example, can you illustrate an exact specification, timescale, quality expectation, and cost for an outsourced product? IATF 16949 requires this to be done, documented, and implemented. This can be achieved through verifying that processes, services, and products supplied by external providers comply with your requirements. To do this, you’ll have to determine what information needs to be provided to suppliers, including type and extent of any controls.
11) Evaluate QMS performance
Clause 9 of the standard deals with “Performance Evaluation.” There is now a requirement to evaluate the effectiveness and performance of your QMS, in a similar way that key performance indicators have been used elsewhere in the past. Again, your organization is required to keep documented evidence of the results, so for instance, continual improvement can be developed from this process.
The organization is required to evaluate its QMS with regards to its performance, effectiveness, and efficiency. You may already be familiar with KPIs (key performance indicators) – you just need to figure out what needs to be monitored, how it should be monitored, and how often.
12) Measure and report
Measuring and reporting are assigned greater importance in the new standard, particularly when it comes to the performance evaluation mentioned previously. Likewise, management review and the internal audit process must be aligned with the new standard. Even though there’s no change to the methods of conducting these activities, some changes have been made to the requirements to be audited as part of the internal audit, as well as to the input elements for the management review.