In less than a year, all ISO/TS 16949:2009 certificates will officially expire, with IATF 16949:2016 replacing the standard on September 14, 2018. Over 67,000 suppliers will need to make the transition, and there’s no time to waste in understanding the new requirements and gaps to address.
So what are the big changes automotive suppliers need to comply with? More than just a basic update, IATF incorporates dozens of new requirements covering areas like management accountability, risk management, and internal audits.
1. Management Accountability for KPIs
One of the most important areas of focus in IATF 16949 is management accountability for key performance indicators (KPIs). The new standard requires that companies not only set targets, but also provide details on action plans if they aren’t meeting them.
Questions third-party certification auditors will be looking to answer include:
- How often are you conducting management reviews of KPIs?
- Who participates in these reviews?
- Are leaders involved in performing audits? How do you ensure compliance with your internal audit schedule?
- What are your processes for meeting your KPI targets, and how are you implementing them to ensure effectiveness?
Under ISO/TS 16949, companies could often get away with simply documenting procedures or delegating responsibility for KPIs to someone else. These classic “check the box” moves to comply are just what IATF 16949 seeks to improve.
So if your KPIs are showing that you generate 9% scrap and your target is 2%, expect pointed questions about why that’s happening and steps you’re taking to correct it. If broken equipment is impacting your KPIs, you should be ready to hand over the purchase order proving that you’ve ordered replacement parts.
2. Risk Management, IATF 16949 and ISO 9001:2015
IATF 16949 certification requires compliance with (but not certification to) ISO 9001 for quality management systems, which received a major face-lift in 2015. Risk mitigation is a specific area of expanded requirements in both of the new standards, showing up in no less than 42 clauses in IATF 16949 alone.
What are some key clauses that include requirements to incorporate risk into your decision-making?
- Product safety: IATF 16949 features an entirely new section dedicated to product safety. Organizations need checks to ensure product safety at the APQP phase with multi-level control plan and failure mode and effects analysis (FMEA) approval.
- Embedded software: Companies must now assess embedded software as part of their product validation, warranty and troubleshooting processes. Notably, these requirements also cover outsourced parts.
- Manufacturing feasibility: IATF 16949 expands requirements for manufacturing feasibility assessments for operational changes. Organizations must demonstrate that they can meet timing and performance needs of customers to reduce the risk of defects and delays.
- Employee training: You need to be able to verify competence of workers, such as with post-training assessments and performance tracking. If training is a common root cause of non-conformances, it’s a sure sign your employee training program is introducing unnecessary risk.
- Managing non-conformances: IATF 16949 provides new requirements on how organizations must reduce quality risk through non-conformance management. The standard is clear that organizations are responsible for mitigating non-conformance risk not just in your own facilities, but throughout the supply chain.
3. IATF 16949 Audit Requirements
IATF 16949 expands a number of requirements aimed at helping organizations improve their internal and supplier audit processes. Individual requirements are broken out across quality management system (QMS) auditors, manufacturing process auditors and product auditors.
To earn your IATF 16949 certification, you’ll need to document the competency of first- and second-party auditors in areas that include:
- The automotive process approach to auditing
- Risk-based thinking
- Relevant AIAG Automotive Core Tools requirements
- Customer-specific requirements that apply to your organization
Experts recommend auditors and management attend overview training on the new standard, and you’ll also need a certified internal lead auditor for certification. Organizations need to document audits and non-conformance closure procedures, areas where an automated audit platform can generate many of the required artifacts.
If you’ve done well on past ISO/TS 16949 audits, you stand a decent chance of a smooth transition—assuming you effectively incorporate the new IATF 16949 and customer specific requirements. Those suppliers who have struggled with the standard in the past, however, face an uphill battle.
In both cases, preparation, in-depth knowledge and effective risk management are essential to a successful transition and maintaining customer trust.