This month's first question
ISO 9001:2015 clause 4.2 requires an organization to determine relevant interested parties and their relevant requirements. How extensive should the list of needs and expectations be? Is a list of common generic needs enough?
Interested parties are the stakeholders who receive or are affected by the organization’s products or services, or the parties who otherwise have a significant interest in the organization. This includes customers, owners, suppliers, partners, competitors and people in the organization.
Because understanding the expectations of interested parties is a new requirement in ISO 9001:2015, an organization should allow itself time to develop an understanding of its internal and external stakeholder interests that are relevant to its quality management system (QMS). This information should be gathered, reviewed and monitored regularly through different meetings, such as management review meetings.
The list of interested parties is not generic because a QMS differs from organization to organization, and the needs and expectations of an organization’s interested parties may change over time. An organization also must consider what interested party requirements are relevant to its QMS.
Therefore, the list of relevant interested parties should be determined based on their effect or potential effect on the organization’s ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements. By monitoring and reviewing information about interested parties and their relevant requirements, those requirements might become inputs into the organization’s QMS and products.
This response was written by Mahboubeh Shabani, senior quality engineer supervisor, Trojan Battery Co., Santa Fe Springs, CA.
This month's second question
Does ISO 9001:2015 or AS9100D differentiate “deviations” from “waivers”? Historically, a deviation has been defined as a request to accept a nonconformance that is understood prior to work starting, while a waiver applies to a nonconformance found during production.
My experience has led to the same understanding of these terms. However, neither term is mentioned in either of these standards, except that “deviation” is used when discussing risk-based thinking. Neither standard mentions a nonconformance being associated with taking exception to a specified requirement, which is a deviation or departure from a specified requirement, which—if accepted by the customer—is a waiver.
When a request for quote or an unsolicited order is received, the organization must thoroughly review the customer’s requirements before agreeing to supply products or services.
Specific to AS9100D, which uses the term “amended” versus “deviation” or “waiver,” the following is described in subclause 184.108.40.206: “If upon review the organization determines that some customer requirements cannot be met or can only partially be met, the organization shall negotiate a mutually acceptable requirement with the customer.”1 This is considered a deviation.
Whereas Military Handbook 61A: Configuration Control, Clause 6.3—Request for Deviation has this definition: “A deviation is a specific written authorization to depart from a particular requirement(s) of an item’s current approved configuration documentation for a specific number of units or a specified period of time.”2
Military Standard 973 (cancelled without replacement on Sept. 30, 2000), clause 3.31, provides an additional definition, which clarifies a deviation from an engineering change. An approved engineering change requires corresponding revision of the item’s current approved configuration documentation, whereas a deviation does not.3
Often, terms and conditions of purchase orders will define a waiver as: “A waiver is an unplanned variance from the configuration documentation specified on the purchase order requiring written authorization to accept an item which, during manufacture, or after having been submitted for inspection or acceptance (including test), is found to depart from specified requirements, but nevertheless is considered suitable for ‘use as is’ or after repair by an approved method.”
Part of the contract review activity includes a comparison to the quote sent to the customer to verify that the order reflects the same exact requirements and has not imposed requirements differing from those previously expressed.
With multiple standards that directly relate to configuration management, the need to differentiate “deviations” from “waivers” in these quality management standards is basically redundant.
- Society of Automotive Engineers International, AS9001D—Quality management systems—Requirements for aviation, space, and defense organizations, subclause 220.127.116.11.
- Department of Defense (DoD), Military Handbook 61A: Configuration Management Guidance, clause 6.3, https://tinyurl.com/yczdvc23.
- DoD, Military Standard 973: Configuration Management, https://tinyurl.com/ybyh5xk5.
This response was written by Bernie Carpenter, lead auditor, Carpenter Services Group, Inc., Costa Mesa, CA, and reviewed by Wayne Drysol, quality assurance director, 3V Fasteners, Corona, CA.