Iso & Iatf Corelation in Standards
Iso & Iatf Corelation in Standards
Iso & Iatf Corelation in Standards
requirement?
New/Modified/
Bolded text indicates new to ISO 9001:2015 and IATF 16949:2016
Carryover
NOTE 3: Understanding the internal context can be facilitated by considering issues related to values, culture, knowledge and
performance of the organization.
4.2 Understanding the needs and expectations of interested parties
Due to their effect or potential effect on the organization’s ability to consistently provide products and services that meet customer and The intent of this requirement is to ensure that the organization considers the
applicable statutory and regulatory requirements, the organization requirements of relevant interested parties beyond just those of the customer.
shall determine:
The intention is to focus on the interested parties which are relevant to the
ISO 9001 4.2 New a) the interested parties that are relevant to the quality management system; Quality Management System (QMS).
b) the requirements of these interested parties that are relevant to the quality management system. The organization shall monitor and
review information about these interested parties and their relevant requirements.
The organization shall monitor and review information about these interested parties and their relevant requirements.
4.3 Determining the scope of the quality management system
The organization shall determine the boundaries and applicability of the quality management system to establish its scope. The new revision to the standard now explicitly requires that before you set the
scope of the QMS, you must have previously considered and demonstrated
When determining this scope, the organization shall consider: that the issues within 4.1 and interested parties within 4.2 are completed, prior
the external and internal issues referred to in 4.1; to setting the scope and boundaries of the QMS.
the requirements of relevant interested parties referred to in 4.2;
It is important to note that ISO 9001:2015 requires that all requirements within
the products and services of the organization. the standard are to be met unless they do not apply. This scope must be
The organization shall apply all the requirements of this International Standard if they are applicable within the determined scope of its documented and include the products and services provided as well as any
quality management system. justification for any requirements that the organization has determined do not
ISO 9001 4.3 Modified apply.
The scope of the organization’s quality management system shall be available and be maintained as DOCUMENTED INFORMATION. The
scope shall state the types of products and services covered, and provide justification for any requirement of this International Standard
that the organization determines is not applicable to the scope of its quality management system.
Conformity to this International Standard may only be claimed if the requirements determined as not being applicable do not affect the
organization’s ability or responsibility to ensure the conformity of its
products and services and the enhancement of customer satisfaction.
The organization shall determine the processes needed for the quality management system and their application throughout the Sec. 4.4.1 is a paraphrase of the entire standard. If you think about the
organization, and shall: standard as a living organism, 4.4.1 would be the skeleton. the specifics for
4.4.1 can be found throughout the remainder of the standard.
a) determine the inputs required and the outputs expected from these processes;
b) determine the sequence and interaction of these processes; The outputs of the activities listed may include process flow maps,
interrelationships, authority and responsibilities, quality performance data,
ISO 9001 4.4.1 Modified c) determine and apply the criteria and methods (including monitoring, measurements and related performance indicators) needed to etc.,
ensure the effective operation and control of these processes;
d) determine the resources needed for these processes and ensure their availability;
e) assign the responsibilities and authorities for these processes;
f) address the risks and opportunities as determined in accordance with the requirements of 6.1;
g) evaluate these processes and implement any changes needed to ensure that these processes achieve their intended results;
h) defined responsibilities, definition of escalation process and flow of information, including top management, and customer notification;
IATF 16949 4.4.1.2 New
i) training identified by the organization or customer for personnel involved in product-safety related products and associated
manufacturing processes;
j) changes of product or process shall be approved prior to implementation, including evaluation of potential effects on product safety
from process and product changes (see ISO 9001, Section 8.3.6);
k) transfer of requirements with regard to product safety throughout the supply chain, including customer-designated sources (see
Section 8.4.3.1);
l) product traceability by manufactured lot (at a minimum) throughout the supply chain ( see Section 8.5.2.1);
m) lessons learned for new product introduction.
Note: Special approval is an additional approval by the function (typically the customer) that is responsible to approve such documents
with safety-related content.
To the extent necessary, the organization shall: The intent is to allow an organization to tailor the documentation around their
own value streams.
a) maintain DOCUMENTED INFORMATION to support the operation of its processes; Documented information is defined as maintained = documents and
ISO 9001 4.4.2 Modified
b) retain DOCUMENTED INFORMATION to have confidence that the processes are being carried out as planned. procedures & retained = records.
Standard Element Is this a new ISO 9001:2015 / IATF 16949:2016 Requirements Commentary Action / Resources Required
requirement?
New/Modified/
Bolded text indicates new to ISO 9001:2015 and IATF 16949:2016
Carryover
5 Leadership
5.1 Leadership and commitment
5.1.1 General
Top management shall demonstrate leadership and commitment with respect to the quality management system by: There are now specific requirements for Top Management to:
- Take accountability for the effectiveness of the QMS
a) taking accountability for the effectiveness of the quality management system;
- Promoting process approach and risk
b) ensuring that the quality policy and quality objectives are established for the quality management system and are compatible with the - Integration with business system
context and strategic direction of the organization;
This will assist in the integration of the QMS within the business system and to
c) ensuring the integration of the quality management system requirements into the organization’s business processes; keep the QMS from being thought of as a a stand-alone system.
d) promoting the use of the process approach and risk-based thinking;
The intent of this requirement is to establish the roles and responsibilities of
e) ensuring that the resources needed for the quality management system are available;
top management in relation to the effectiveness of the quality management
system, and the achievement of planned results.
ISO 9001 5.1.1 Modified f) communicating the importance of effective quality management and of conforming to the quality management system requirements;
g) ensuring that the quality management system achieves its intended results;
h) engaging, directing and supporting persons to contribute to the effectiveness of the quality management system;
i) promoting improvement;
j) supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility.
NOTE: Reference to “business” in this International Standard can be interpreted broadly to mean those activities that are core to the
purposes of the organization’s existence, whether the organization is public, private, for profit or not for profit.
New/Modified/
Bolded text indicates new to ISO 9001:2015 and IATF 16949:2016
Carryover
6.0 Planning
6.1 Actions to address risks and opportunities
When planning for the quality management system, the organization shall consider the issues referred to in 4.1 and the requirements Determine risks and opportunities, considering the issues raised and
referred to in 4.2 and determine the risks and opportunities that need to be addressed to: requirements identified. Then plan appropriate actions to reduce undesired
effects on the QMS and evaluate effectiveness.
a) give assurance that the quality management system can achieve its intended result(s);
ISO 9001 6.1.1 New
b) enhance desirable effects;
c) prevent, or reduce, undesired effects;
d) achieve improvement.
The organization shall plan: Having identified the risks and opportunities that may impact the quality
management system, the organization should plan actions to address each
a) actions to address these risks and opportunities; item.
b) how to:
1) integrate and implement the actions into its quality management system processes (see 4.4);
2) evaluate the effectiveness of these actions.
ISO 9001 6.1.2 New Actions taken to address risks and opportunities shall be proportionate to the potential impact on the conformity of products and
services.
NOTE 1: Options to address risks can include avoiding risk, taking risk in order to pursue an opportunity, eliminating the risk source,
changing the likelihood or consequences, sharing the risk, or retaining risk by informed decision.
NOTE 2: Opportunities can lead to the adoption of new practices, launching new products, opening new markets, addressing new
customers, building partnerships, using new technology and other desirable and viable possibilities to address the organization’s or its
customers’ needs.
New/Modified/
Bolded text indicates new to ISO 9001:2015 and IATF 16949:2016
Carryover
7 Support
7.1 Resources
7.1.1 General
The organization shall determine and provide the resources needed for the establishment, implementation, maintenance and continual A focus on the organization to consider internal capabilities, resources and
improvement of the quality management system. constraints. Also, what needs to be obtained from external sources.
ISO 9001 7.1.1 Modified The organization shall consider: Resources may include people, suppliers, equipment, etc.,
a) the capabilities of, and constraints on, existing internal resources;
b) what needs to be obtained from external providers.
7.1.2 People
The organization shall determine and provide the persons necessary for the effective implementation of its quality management system No impact. Resources needed to maintain the QMS must be determined and
ISO 9001 7.1.2 Carryover and for the operation and control of its processes. provided.
7.1.3 Infrastructure
The organization shall determine, provide and maintain the infrastructure necessary for the operation of its processes and to achieve No impact. The organization must identify, provide and maintain the
conformity of products and services. infrastructure necessary to ensure conformance of product including:
NOTE: Infrastructure can include: - Building, workspace and utilities
- Process equipment
ISO 9001 7.1.3 Carryover a) buildings and associated utilities; - Supporting services (i.e., transportation, communication)
b) equipment, including hardware and software;
c) transportation resources;
d) information and communication technology.
7.1.3.1 Plant, facility, and equipment planning
The organization shall use a multi-disciplinary approach including risk identification and risk mitigation methods for developing and This updated section includes an increased focus on risk identification and risk
improving plant, and equipment plans. In designing layouts, the organization shall: mitigation, evaluating manufacturing feasibility, re-evaluation of changes in
processes, and inclusion of on-site supplier activities.
a) optimize material flow, material handling, and value-added use of floor space including control of nonconforming product and;
The organization shall maintain process effectiveness, including periodic re-evaluation relative to risks, to incorporate any changes made
during process approval, control plan maintenance (see section 8.5.1.1) and verification of job set-ups (see section 8.5.1.3).
Assessments of manufacturing feasibility and evaluation of capacity planning shall be inputs to management reviews (see ISO 9001,
Section 9.3).
Note 1: These requirements should include the application of lean principles.
Note 2: These requirements should apply to on-site supplier activities, as applicable.
7.1.4 Environment for the operation of processes
The organization shall determine, provide and maintain the environment necessary for the operation of its processes and to achieve Key focus on addition of human and physical factors.
conformity of products and services.
The organization must identify and manage conditions of the work
NOTE: A suitable environment can be a combination of human and physical factors, such as: environment. This may include ergonomics, cleanliness, heat, noise, light, etc.
ISO 9001 7.1.4 Modified a) social (e.g. non-discriminatory, calm, non-confrontational);
b) psychological (e.g. stress-reducing, burnout prevention, emotionally protective);
c) physical (e.g. temperature, heat, humidity, light, airflow, hygiene, noise).
These factors can differ substantially depending on the products and services provided.
Note: Where third-party certification to ISO 45001 (or equivalent) is recognized, it may be used to demonstrate the organization's ---
IATF 16949 7.1.4 New
conformity to the personnel safety aspects of this requirements.
7.1.4.1 Environment for the operation of processes - supplemental
The organization shall maintain its premises in a state of order, cleanliness, and repair that is consistent with the product and This requirement was preserved from ISO/TS 16949.
IATF 16949 7.1.4.1 Carryover manufacturing needs.
The organization shall determine if the validity of previous measurement results has been adversely affected when measuring equipment
is found to be unfit for its intended purpose, and shall take appropriate action as necessary.
---
IATF 16949 7.1.5.2 New Note: A number or another identifier traceability to the device calibration record meets the intent of the requirements in ISO 9001:2015
IATF 16949 7.1.5.2.1 Modified d) when a piece of inspection measurement and test is found to be out of calibration or defective during its planned verification or
calibration or during its use, DOCUMENTED INFORMATION on the validity or previous measurement results obtained with this piece of
inspection measurement and test equipment shall be retained, including the associated standard's last calibration date and the next due
date on the calibration report;
e) notification to the customer if suspect product or material has been shipped;
f) statements of conformity to specification after calibration / verification;
g) verification that the software version used for product and process control is as specified;
h) records of the calibration and maintenance activities for all gauging (including employee-owned equipment, customer-owned
equipment, or on-site supplier-owned equipment);
i) production-related software verification used for product and process control (including software installed on employee-owned
equipment, customer-owned equipment, or on-site supplier-owned equipment).
7.1.5.3 Laboratory requirements
7.1.5.3.1 Internal laboratory
An organization's internal laboratory facility shall have defined scope that includes its capability to perform the required inspection, test, This section added a requirement to have the organization (client) define a
or calibration services. This laboratory scope shall be included in the quality management system documentation. The laboratory shall methodology to verify measurement system capability if no applicable national
specify and implement, as minimum, requirements for: or international standard(s) exist.
a) adequacy of the laboratory technical procedures; This clause also clarifies that the applied methodology must meet customer
requirements, if they exist.
b) competency of the laboratory personnel;
c) testing of the product;
IATF 16949 7.1.5.3.1 Modified d) capability to perform these services correctly, traceable to the relevant process standard (such as ASTM, EN, etc.) when no national or
international standard(s) is available, the organization shall define and implement a methodology to verify measurement system
capability;
e) customer requirements, if any;
f) review of related records.
Note: Third party accreditation to ISO/IEC 17025 (or equivalent) may be used to demonstrate the organization's in-house laboratory
conformity to this requirement.
7.1.5.3.2 External laboratory
This updated section allows the organization to conduct second-party
External/commercial/independent laboratory facilities used for inspection, test, or calibration services by the organization shall have assessments of laboratory facilities, but requires customer approval of the
defined laboratory scope that includes the capability to perform the required inspection, test, or calibration, and either: assessment method.
- the laboratory shall be accredited to ISO/IEC 17025 or national equivalent and include the relevant inspection test, or calibration service The clause also clarifies that internal laboratory requirements (Sec. 7.1.5.3.1)
in the scope of the accreditation (certificate); the certification or test report shall include the mark of a national accreditation body; or apply even when calibration is performed by the equipment manufacturer, and
- there shall be evidence that the external laboratory is acceptable to the customer. that use of calibration services may be subject to government regulatory
Note: Such evidence may be demonstrated by customer assessment, for example, or by customer-approved second-party assessment that confirmation, if required.
IATF 16949 7.1.5.3.2 Modified the laboratory meets the intent of ISO/IEC 17025 or national equivalent. The second-party assessment may be performed by the
organization assessing the laboratory using customer-approved method of assessment.
Calibration services may be performed by the equipment manufacturer when a qualified laboratory is not available for a given piece of
equipment. In such cases, the organization shall ensure that the requirements listed in section 7.1.5.3.1 have been met.
Use of calibration services, other than by qualified (or customer accepted) laboratories, may be subject to government regulatory
confirmation, if required.
7.1.6 Organizational knowledge
This is an entirely new requirement and focuses upon organic type of
The organization shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and information being shared.
services. This knowledge shall be maintained and be made available to the extent necessary. When addressing changing needs and
trends, the organization shall consider its current knowledge and determine how to acquire or access any necessary additional The organization should consider how to determine and manage organizational
knowledge and required updates. knowledge required to achieve conformity of products and services and to
meet its present and future needs.
NOTE 1: Organizational knowledge is knowledge specific to the organization; it is generally gained by experience. It is information that is
ISO 9001 7.1.6 New used and shared to achieve the organization’s objectives. People and their experiences are the foundation of organizational knowledge.
NOTE 2: Organizational knowledge can be based on: Capturing and sharing such experiences can generate synergies.
a) internal sources (e.g. intellectual property; knowledge gained from experience; lessons learned from failures and successful projects;
capturing and sharing undocumented knowledge and experience; the results of improvements in processes, products and services);
b) external sources (e.g. standards; academia; conferences; gathering knowledge from customers or external providers).
7.2 Competence
The organization shall: The organization's personnel whose work impacts product requirements must
be competent.
a) determine the necessary competence of person(s) doing work under its control that affects the performance and effectiveness of the
quality management system; The emphasis here is on competence.
b) ensure that these persons are competent on the basis of appropriate education, training, or experience;
A training record will usually not be enough to demonstrate competence. The
ISO 9001 7.2 Modified c) where applicable, take actions to acquire the necessary competence, and evaluate the effectiveness organization will want to assess the output of the employee's job.
of the actions taken;
d) retain appropriate DOCUMENTED INFORMATION as evidence of competence.
NOTE: Applicable actions can include, for example, the provision of training to, the mentoring of, or the reassignment of currently
employed persons; or the hiring or contracting of competent persons.
7.2.1 Competence - supplement
The organization shall establish and maintain a documented process(es) for identifying training needs including awareness (see section This section adds a requirement of "awareness".
7.3.1) and achieving competence of all personnel performing activities affecting conformity to product and process requirements.
Personnel performing specific assigned tasks shall be qualified, as required, with particular attention to the satisfaction of customer Note that the use of the term "process" rather than "procedure" implies that
IATF 16949 7.2.1 Modified requirements. these activities need to be managed (via the plan-do-check cycle), and not
merely performed.
Where training is provided to achieve competency, DOCUMENTED INFORMATION shall be retained to demonstrate the trainer's
competency with the above requirements.
Maintenance of and improvement in internal auditor competence shall be demonstrated through:
f) executing a minimum number of audits per year, as defined by the organization; and
g) maintaining knowledge of relevant requirements based on internal changes (e.g. process technology, product technology) and
external changes (e.g. ISO 9001, IATF 16949, core tools, and customer specific requirements).
7.2.4 Second-party auditor competency
The organization shall demonstrate the competence of the auditors undertaking the second-party audits. Second-party auditors shall This new section outlines requirements for second-party auditors ensuring they
meet customer specific requirements for auditor qualification and demonstrate the minimum following core competencies, including are properly qualified to conduct these types of audits, with customer specific
understanding of: requirements being the main focus.
a) the automotive process approach to auditing, including risk based thinking; The same core competencies that apply to internal auditors should, at a
minimum, also apply to second-party auditors.
IATF 16949 7.2.4 New b) applicable customer and organization specific requirements;
c) applicable ISO 9001 and IATF 16949 requirements related to the scope of the audit;
d) applicable manufacturing process(es) to be audited, including PFMEA and control plan;
e) applicable core tool requirements related to the scope of the audit;
f) how to plan, conduct, prepare audit reports, and close out audit findings.
7.3 Awareness
The organization shall ensure that persons doing work under the organization’s control are aware of: As stated.
a) the quality policy;
b) relevant quality objectives;
ISO 9001 7.3 Modified
c) their contribution to the effectiveness of the quality management system, including the benefits of improved performance;
d) the implications of not conforming with the quality management system requirements.
7.3.1 Awareness - supplemental
The organization shall maintain DOCUMENTED INFORMATION that demonstrates that all employees are aware of their impact on Includes additional requirements to ensure that all employees are aware of
product quality and the importance of their activities in achieving, maintaining, and improving quality, including customer requirements their impact on the organization's (client's) product quality output, customer
IATF 16949 7.3.1 Modified and the risks involved for the customer with nonconforming product. specific requirements, and risks involved for the customer with nonconforming
product.
7.4 Communication
The shift is from Top Management to the Organization. The steps are more
The organization shall determine the internal and external communications relevant to the quality management system, including: specific and it mentions internal and external sources.
a) on what it will communicate; Examples may include: work group meetings, bulletin boards, quality alerts,
ISO 9001 7.4 Modified b) when to communicate; town hall meetings, emails, etc.,
c) with whom to communicate;
d) how to communicate;
e) who communicates.
7.5 Documented information
7.5.1 General
The organization’s quality management system shall include: No specific requirement for a Quality Manual, but it may be used if wanted by
the Organization.
a) DOCUMENTED INFORMATION required by this International Standard;
b) DOCUMENTED INFORMATION determined by the organization as being necessary for the effectiveness of the quality management Major change from specific documents and records to the term of
system. "DOCUMENTED INFORMATION".
ISO 9001 7.5.1 Modified
NOTE: The extent of DOCUMENTED INFORMATION for a quality management system can differ from one organization to another due to: The intent is upon the organization to determine these.
- the size of organization and its type of activities, processes, products and services;
- the complexity of processes and their interactions;
- the competence of persons.
7.5.1.1 Quality management system documentation
The organization's quality management system shall be documented and include a quality manual, which can be a series of documents The IATF retained the quality manual requirement that was removed in the ISO
(electronic or hard copy). 9001:2015; however, the quality manual can be one main document or a series
of multiple documents (hard copy or electronic).
The format and structure of the quality manual is at the discretion of the organization and will depend on the organization's size,
culture, and complexity. If a series of documents is used, then a list shall be retained of the documents that comprise the quality manual This section also requires that the organization's processes and interactions are
for the organization. documented as part of their QMS.
The quality manual shall include, at a minimum, the following The quality manual needs to document where in the organization's QMS
a) The scope of the quality management system, including details of and justification for any exclusions customer-specific requirements are addressed.
IATF 16949 7.5.1.1 Modified
b) documented processes established for the quality management system, or reference to them
c) the organization's processes and their interactions (input and outputs), including type and extent of control of any outsourced processes
d) a document (i.e. matrix) indicating where within the organization's quality management system their customer specific requirements
are addressed.
Note: A matrix of how the requirements of this Automotive QMS standard are addressed by the organization's processes may be used
to assist with linkages of the organizations' processes and this Automotive QMS.
7.5.2 Creating and updating
When creating and updating DOCUMENTED INFORMATION, the organization shall ensure appropriate: Key focus upon the term "DOCUMENTED INFORMATION" in lieu of documents
and records from the previous standard.
a) identification and description (e.g. a title, date, author, or reference number);
ISO 9001 7.5.2 Modified b) format (e.g. language, software version, graphics) and media (e.g. paper, electronic); The intent on control is still in place, but the organization is to determine the
c) review and approval for suitability and adequacy. extent.
Note: Production part approval DOCUMENTED INFORMATION may include product, applicable test equipment records, or approved test
data.
7.5.3.2.2 Engineering specifications
The organization shall have a documented process describing the review, distribution, and implementation of all customer engineering Added an engineering specifications requirement that the process is
standards/specifications and related revisions based on customer schedules, as required. documented and agreed with the customer.
This section also clarifies product design changes and product realization
process changes, and the alignment to related sections.
This section also clarifies product design changes and product realization
When an engineering standard/specification change results in a product design change, refer to the requirements in ISO 9001 Section process changes, and the alignment to related sections.
8.3.6. when an engineering standard/specification change results in a product realization process change, refer to the requirements in
section 8.5.6.1. The organization shall retain record of the date on which each change is implemented in production. Implementation shall
IATF 16949 7.5.3.2.2 Modified include updated documents.
Review should be completed within 10 working days of receipt of notification of engineering standards/specifications changes.
Note: A change in these standards/specifications may require an updated record of customer production part approval when these
specifications are referenced on the design record or if the affect documents of the production part approval process, such as control plan,
risk analysis (such as FMEAs), etc.
Standard Element Is this a new ISO 9001:2015 / IATF 16949:2016 Requirements Commentary Action / Resources Required
requirement?
New/Modified/
Bolded text indicates new to ISO 9001:2015 and IATF 16949:2016
Carryover
8 Operation
8.1 Operation planning and control
The organization shall plan, implement and control the processes (see 4.4) needed to meet the requirements for the provision of products Added the requirement to "control" the processes.
and services, and to implement the actions determined in Clause 6, by:
It is important to define what the "product" is and to plan and define the
a) determining the requirements for the products and services; manner in which the product is realized.
b) establishing criteria for:
The organization must determine if 8.1 a - 8.1 e is appropriate and act
1) the processes; accordingly. If the organization outsources any processes, they must be
2) the acceptance of products and services; controlled.
c) determining the resources needed to achieve conformity to the product and service requirements;
ISO 9001 8.1 Modified d) implementing control of the processes in accordance with the criteria;
e) determining, maintaining and retaining DOCUMENTED INFORMATION to the extent necessary:
1) to have confidence that the processes have been carried out as planned;
2) to demonstrate the conformity of products and services to their requirements.
The output of this planning shall be suitable for the organization’s operations.
The organization shall control planned changes and review the consequences of unintended changes, taking action to mitigate any
adverse effects, as necessary.
The organization shall ensure that outsourced processes are controlled (see 8.4).
8.1.1 Operation planning and control - supplement
When planning for product realization, the following topics shall be included: This section features enhanced detail to ensure key processes are included and
considered when planning for product realization.
a) customer product requirements and technical specifications
b) logistics requirements The section also clarifies the "resources needed to achieve conformity"
c) manufacturing feasibility encompasses all aspects of the development process, not just the
IATF 16949 8.1.1 Modified manufacturing process requirements.
d) project planning (refer to ISO 9001, section 8.3.2)
e) acceptance criteria
The resources identified in ISO 9001, section 8.1c), refer to the required verification, validation, monitoring, measurement, inspection,
and test activities specific to the product and the criteria for the product acceptance.
8.1.2 Confidentiality
The organization shall ensure the confidentiality of customer-contracted products and projects under development, including related Features only a minor edit to clarify confidentiality "includes" related product
IATF 16949 8.1.2 Modified product information. information. There is no change in intent.
The organization shall ensure that contract or order requirements differing from those previously defined are resolved.
The customer’s requirements shall be confirmed by the organization before acceptance, when the customer does not provide a
documented statement of their requirements.
NOTE: In some situations, such as internet sales, a formal review is impractical for each order. Instead, the review can cover relevant
product information, such as catalogues.
8.2.3.1.1 Review of the requirements for products and services - supplemental
The organization shall retain documented evidence of a customer-authorized waiver for the requirements stated in ISO 9001, Section This section changes the action from "demonstrate" conformity to "conform",
8.2.3.1, for a formal review. and clarifies that it refers to "approval documentation", rather than just
"documentation".
IATF 16949 8.2.3.1.1 Modified
There is no change in intent.
The organization shall retain DOCUMENTED INFORMATION, as applicable: Documented information must be kept showing the results of the review and
of any changes. This was previously called "records".
ISO 9001 8.2.3.2 Modified a) on the results of the review;
b) on any new requirements for the product and services.
8.2.4 Changes to requirements for products and services
The organization shall ensure that relevant DOCUMENTED INFORMATION is amended, and that relevant persons are made aware of the No major impact. The people who are involved in the process must be made
ISO 9001 8.2.4 Modified changed requirements, when the requirements for products and services are changed. aware of any changes that occur.
Note: An example or product design skills is the application of digitized mathematically based data.
8.3.2.3 Development of products with embedded software
This new section adds requirements for organization-responsible embedded
The organization shall use a process for quality assurance for their products with internally developed embedded software. A software software development and software development capability self-assessments.
development assessment methodology shall be utilized to assess the organizations software development process. Using prioritization
based on risk and potential impact to the customer, the organization shall retain DOCUMENTED INFORMATION of a software
IATF 16949 8.3.2.3 New
development capability self-assessment.
The organization shall include software development within the scope of their internal audit program.
The organization shall have a process to deploy information gained from previous design projects, competitive product analysis
(benchmarking), supplier feedback, internal input, filed data, and other relevant sources for current and future projects of a similar nature.
Note: One approach for considering design alternatives is the use of trade-off curves
8.3.3.2 Manufacturing process input
The organization shall identify, document, and review manufacturing process design input requirements including but not limited to the Expanded the list of manufacturing process design inputs including: product
following: design output data including special characteristics, targets for timing;
manufacturing technology alternatives; new materials; product handling and
a) product design output data including special characteristics; ergonomic requirements, and; design for manufacturing and design for
b) targets for productivity, process capability, timing, and cost; assembly.
c) manufacturing technology alternatives; This section also further strengthened the requirements by transforming the
d) customer requirements, if any; former NOTE regarding error-proofing methods into a requirement.
IATF 16949 8.3.3.2 Modified
e) experience from previous developments;
f) new materials;
g) product handling and ergonomic requirements; and
h) design for manufacturing and design for assembly.
assembly.
The manufacturing process design shall include the use of error-proofing methods to a degree appropriate to the magnitude of the
problem(s) and commensurate with the risks encountered.
8.3.3.3 Special characteristics
The organization shall use a multidisciplinary approach to establish, document, and implement its process(es) to identify special The changes in this section relate to identifying the source of special
characteristics, including those determined by the customer and the risks analysis performed by the organization, and shall include the characteristics and including risk analysis to be performed by the customer or
following: organization.
a) documentation of all special characteristics in the drawings (as required), risk analysis (such as FMEA), control plans, and standard This section also expands the list of sources used to identify special
work/operator instructions; special characteristics are identified with specific markings and are cascaded through each of these characteristics, along with the related requirements.
IATF 16949 8.3.3.3 Modified documents;
Special characteristics need to be marked in all applicable cascaded quality
b) development of control and monitoring strategies for special characteristics of products and production processes; planning documents.
c) customer-specified approvals, when required;
d) compliance with customer-specified definitions and symbols or the organization's equivalent symbols or notations, as defined in a
symbol conversion table. The symbol conversion table shall be submitted to the customer, if required.
8.3.4 Design and development controls
The organization shall apply controls to the design and development process to ensure that: Added the wording "process" to design to provide emphasis on process
approach.
a) the results to be achieved are defined;
b) reviews are conducted to evaluate the ability of the results of design and development to meet requirements; Added verification and validation activities here.
c) verification activities are conducted to ensure that the design and development outputs meet the input requirements; Design reviews must be performed according to planned arrangements. There
reviews are essential to keeping the project on track and ensuring the product
d) validation activities are conducted to ensure that the resulting products and services meet the requirements for the specified will meet customer and the organization's specifications.
ISO 9001 8.3.4 Modified application or intended use;
Design review should be multi-disciplinary. DOCUMENTED INFORMATION of
e) any necessary actions are taken on problems determined during the reviews, or verification and validation activities; the reviews and actions must be kept.
When required by the customer, measurements of the product and process development activity shall be reported to the customer at
IATF 16949 8.3.4.1 Modified stages specified, or agreed to, by the customer.
Note: When appropriate, these measurements may include quality risks, costs, lead times, critical paths, and other measurements.
Where contractually agreed with the customer, this shall include evaluation of the interaction of the organization's product, including
embedded software, within the system of the customer's product.
8.3.4.3 Prototype programme
The changes in this section strengthen the standard by focusing the
When required by the customer, the organization shall have a prototype programme and control plan. The organization shall use, organization on the quality management system for managing outsourced
whenever possible, the same suppliers, tooling, and manufacturing processes as will be used in production. products and services.
IATF 16949 8.3.4.3 Modified
All performance-testing activities shall be monitored for timely completion and conformity to requirements.
When services are outsourced, the organization shall include the type and extent of control in the scope of its quality management
system to ensure that outsourced services conform to requirements (see ISO 9001, Section 8.4).
8.3.4.4 Product approval process
The organization shall establish, implement, and maintain a product and manufacturing approval process conforming to requirements These changes clarify approval requirements, with an emphasis on outsourced
defined by the customer(s). products and/or services and the record retention required.
The organization shall approve externally provided products and services per ISO 9001, Section 8.4.3, prior to submission of their part The use of the word "process" instead of procedure implies that the activities
IATF 16949 8.3.4.4 Modified approval to the customer. should be managed with an effectiveness review.
The organization shall obtain documented product approval prior to shipment, if required by the customer. Records of such approval
shall be retained.
Note: Product approval should be subsequent to the verification of the manufacturing process.
8.3.5 Design and development outputs
The organization shall ensure that design and development outputs: Design outputs must be provided in a manner that facilitates verification
a) meet the input requirements; against inputs.
b) are adequate for the subsequent processes for the provision of products and services; These outputs must meet input requirements, provide information for
ISO 9001 8.3.5 Modified c) include or reference monitoring and measuring requirements, as appropriate, and acceptance criteria; purchasing, production and service provision, contain or reference product
criteria for safe and proper use.
d) specify the characteristics of the products and services that are essential for their intended purpose and their safe and proper provision.
The organization shall retain DOCUMENTED INFORMATION on design and development outputs.
8.3.5.1 Design and development outputs - supplemental
The product design output shall be expressed in terms that can be verified and validated against product design input requirements. The Product design output additions include a recognition of the use of 3D models,
product design output shall include, but is not limited to the following, as applicable: and inclusion of service parts and packaging.
a) design risk analysis (FMEA); The application of GD&T tolerancing and positioning systems allows
b) reliability study results; organizations to remove ambiguity and specify dimensions and related
tolerances based on functionality relationships.
c) product special characteristics;
d) results of product design error-proofing, such as DFSS, DFMA, and FTA;
e) product definition including 3D models, technical data packages, product manufacturing information, and geometric dimensioning &
IATF 16949 8.3.5.1 Modified tolerancing (GD&T);
f) 2D drawings, product manufacturing information, and geometric dimensioning & tolerancing (GD&T);
g) product design review results;
h) service diagnostic guidelines and repair and serviceability instructions;
i) service part requirements;
j) packaging and labeling requirements for shipping.
Note: Interim design outputs should include any engineering problems being resolved through a trade-off process.
8.3.5.2 Manufacturing process output
Changes in this section strengthened verification requirements, process input
The organization shall document the manufacturing process design output in a manner that enables verification against the variables, capacity analysis, maintenance plans and correction of process
manufacturing process design inputs. The organization shall verify the outputs against manufacturing process design input nonconformities.
requirements. The manufacturing process design output shall include, but is not limited to the following:
a) specifications and drawings; More specifically, it clarifies that the process approach methodology of
verifying outputs against inputs applies to the manufacturing design process.
b) special characteristics for product and manufacturing process;
c) identification of process input variables and impact characteristics; The list of manufacturing design outputs has also expanded.
d) tooling and equipment for production and control, including capability studies of equipment and process(es);
e) manufacturing process flow charts/layout, including linkage of product, process, and tooling;
IATF 16949 8.3.5.2 Modified f) capacity analysis;
g) manufacturing process FMEA;
h) maintenance plans and instructions;
i) control plan (see Appendix A);
j) standard work and work instructions;
k) process approval acceptance criteria;
l) data for quality, reliability, maintainability, and measurability;
m) results of error-proofing identification and verification, as appropriate;
n) methods of rapid detection, feedback, and correction of product/manufacturing process nonconformities.
8.3.6 Design and development changes
All design and development changes must be identified and recorded.
The organization shall identify, review and control changes made during, or subsequent to, the design and development of products and
services, to the extent necessary to ensure that there is no adverse impact on conformity to requirements. DOCUMENTED INFORMATION of the results of the review of changes and any
actions must be kept.
The organization shall retain DOCUMENTED INFORMATION on:
ISO 9001 8.3.6 Modified
a) design and development changes;
b) the results of reviews;
c) the authorization of the changes;
d) the actions taken to prevent adverse impacts.
8.3.6.1 Design and development changes - supplemental
This section strengthens the requirement for change validation and approval
The organization shall evaluate all design changes after initial product approval, including those proposed by the organization or its prior to implementation, and also added embedded software.
suppliers, for potential impact on fit, form, function, performance, and/or durability. These changes shall be validated against customer
requirements and approved internally, prior to production implementation. For products with embedded software, the change record needs to document
IATF 16949 8.3.6.1 Modified the revision level of the software (and hardware) to assure that it is managed
If required by the customer, the organization shall obtain documented approval, or a documented waiver, from the customer prior to properly.
production implementation.
For products with embedded software, the organization shall document the revision level of software and hardware as part of the
change record.
8.4 Control of external provided processes, products and services
8.4.1 General
The organization shall ensure that externally provided processes, products and services conform to requirements. The organization must control how it ensures externally provided product,
services and its processes conforms to specified requirements.
The organization shall determine the controls to be applied to externally provided processes, products and services when:
Criteria for evaluation, selection, monitoring of performance and re-evaluation
needs to be defined and providers selected accordingly.
a) products and services from external providers are intended for incorporation into the organization’s own products and services;
ISO 9001 8.4.1 Modified b) products and services are provided directly to the customer(s) by external providers on behalf of the organization;
c) a process, or part of a process, is provided by the external provider as a result of a decision by the organization;
The organization shall determine and apply criteria for the evaluation, selection, monitoring of performance, and re-evaluation of external
providers, based on their ability to provide processes or products and services in accordance with requirements. The organization shall
retain DOCUMENTED INFORMATION of these activities and any necessary actions arising from the evaluations.
The process shall include the criteria and actions to escalate or reduce the types and extent of controls and development activities
based on supplier performance and assessment of product, material, or service risks.
8.4.2.2 Statutory and regulatory requirements
The updates clarify and strengthen the applicability of statutory and regulatory
The organization shall document their process to ensure that purchased products, processes, and services conform to the current requirements.
applicable statutory and regulatory requirements in the country of receipt, the country of shipment, and the customer-identified country
of destination, if provided.
IATF 16949 8.4.2.2 Modified
If the customer defines special controls for the certain products with statutory and regulatory requirements, the organization shall
ensure they are implemented and maintained as defined, including at suppliers.
8.4.2.3 Supplier quality management system development
This section provides a method to strengthen ISO 9001 certification, aligns with
The organization shall require their suppliers of automotive products and services to develop, implement, and improve a quality customer-specific requirements, and clarifies the acceptable third-party
management system certified to ISO 9001, unless otherwise authorized by the customer [e.g., item a) below], with the ultimate certification bodies (which shall be recognized by the IATF).
objective of becoming certified to this Automotive QMS Standard. Unless otherwise specified by the customer, the following sequence
should be applied to achieve this requirement: Instead of requiring organizations to simply "develop" the supplier QMS, this
sections outlines a progressive approach that goes from compliance to ISO
a) compliance to ISO 9001 through second-party audits;
9001 via second-party audits all the way through certification to IATF through
third-party audits.
b) certification to ISO 9001 through third-party audits; unless otherwise specified by the customer, suppliers to the organization shall
demonstrate conformity to ISO 9001 by maintaining a third-party certification issued by a certification body bearing the accreditation
IATF 16949 8.4.2.3 Modified mark of a recognized IAF MLA (International Accreditation Forum Multilateral Recognition Arrangement) member and where the
accreditation body's main scope includes management system certification to ISO/IEC 17021;
c) certification to ISO 9001 with compliance to other customer-defined QMS requirements (such as Minimum Automotive Quality
Management System Requirements for Sub-Tier Suppliers [MAQMSRJ or equivalent) through second-party audits;
third-party audits.
d) certification to ISO 9001 with compliance to IATF 16949 through second-party audits;
e) certification to 16949 through third-party audits (valid third-party certification of the supplier to IATF 16949 by an IATF-recognized
certification body).
8.4.2.3.1 Automotive product-related software or automotive products with embedded software
The organization shall require their suppliers of automotive product-related software, or automotive products with embedded software, This new section added requirements for software development assessment
to implement and maintain a process for software quality assurance for their products. methodology. These requirements align to those presented in section 8.3.2.3,
but are now cascaded down to suppliers.
A software development assessment methodology shall be utilized to assess the supplier's software development process. Using
prioritization based on risk and potential impact to the customer, the organization shall require the supplier to retain DOCUMENTED
IATF 16949 8.4.2.3.1 New INFORMATION or a software development capability self-assessment.
If provided by the customer, the organization shall also include the following, as appropriate, in their supplier performance monitoring:
f) verification or validation activities that the organization, or its customer, intends to perform at the external providers’ premises.
f) the validation, and periodic revalidation, of the ability to achieve planned results of the processes for production and service provision,
where the resulting output cannot be verified by subsequent monitoring or measurement;
This section also expanded the scope of activities to be included within the
control plan.
a) controls used for the manufacturing process control, including verification of job set-ups;
b) first-off/last-off part validation, as applicable;
IATF 16949 8.5.1.1 Modified c) methods for monitoring of control exercised over special characteristics (see Annex A) defined by both the customer and the
organization;
d) the customer-required information, if any;
e) specified reaction plan (see Annex A); when nonconforming product is detected, the process becomes statistically unstable or not
statistically capable.
The organization shall review control plans, and update as required, for any or the following:
f) the organization determines it has shipped nonconforming product to the customer,
g) when any change occurs affecting product, manufacturing process, measurement, logistics, supply sources, production volume changes,
or risk analysis (FMEA) (see Annex A);
h) after a customer complaint and implementation of the associated corrective action, when applicable;
i) at a set frequency based on a risk analysis.
If required by the customer, the organization shall obtain customer approval after review or revision of the control plan.
8.5.1.2 Standardized work - operator instructions and visual standards
The organization shall ensure that standardized work documents are: IATF 16949 strengthens the requirements for standardized work, including the
requirement to address specific language needs.
a) communicated to and understood by the employees who are responsible for performing the work;
b) legible; Standardized work documents need to be clearly understood by the
IATF 16949 8.5.1.2 Modified organization's operators.
c) presented in the language(s) understood by the personnel responsible to follow them;
d) accessible for use at the designated work area(s).
The standardized work documents shall also include rules for operator safety.
8.5.1.3 Verification of job set-ups
The organization shall: The changes in this section elevate a NOTE to a requirement, and clarify record
retention.
a) verify job set-ups when performed, such as an initial run of a job, material changeover, or job change that requires a new set-up;
d) perform first-off/last-off part validation, as applicable; where appropriate, first-off parts should be retained for comparison with the
last-off parts; where appropriate, last off-parts should be retained for comparison with first-off parts in subsequent runs;
e) retain records of process and product approval following set-up and first-off/ last-off part validations.
8.5.1.4 Verification after shutdown
The organization shall define and implement the necessary actions to ensure product compliance with requirements after a planned or Defines a new requirement for verification after shutdown, integrating industry
unplanned production shutdown period. lessons learned and/or best practices.
IATF 16949 8.5.1.4 New
The organization shall establish and implement a system for production tooling management, whether owned by the organization or the This requirement extends the scope to production and service materials, and
customer, including: for bulk materials as applicable, and clarifies that requirements apply whether
tooling is owned by the organization or by the customer.
a) maintenance and repair facilities and personnel;
b) storage and recovery;
c) set-up;
IATF 16949 8.5.1.6 Modified d) tool-change programmes for perishable tools;
e) tool design modification documentation, including engineering change level of the product;
f) tool modification and revision to documentation;
g) tool identification, such as serial or asset number, the status, such as production, repair or disposal; ownership; and location.
The organization shall verify that customer-owned tools, manufacturing equipment, and test/inspection equipment are permanently
marked in a visible location so that the ownership and application of each item can be determined.
The organization shall implement a system to monitor these activities if any work is outsourced.
8.5.1.7 Production scheduling
This section emphasized the importance of planning information and
The organization shall ensure that production is scheduled in order to meet customer orders/demands such as Just-In-Time (JIT) and is integrated IATF OEM customer lessons learned.
supported by an information system that permits access to production information at key stages of the process and is order driven.
This suggests the organization needs a robust feasibility review process
IATF 16949 8.5.1.7 Modified regarding production scheduling.
The organization shall include relevant planning information during production scheduling, e.g., customer orders, supplier on-time
delivery performance, capacity, shared loading (multi-part station), lead time, inventory level, preventive maintenance, and calibration.
The organization shall identify the status of outputs with respect to monitoring and measurement requirements throughout production
ISO 9001 8.5.2 Modified and service provision.
The organization shall control the unique identification of the outputs when traceability is a requirement, and shall retain the
DOCUMENTED INFORMATION necessary to enable traceability.
Clarification not previously included in ISO/TS 16949.
NOTE: Inspection and test status is not indicated by the location of product in the production flow unless inherently obvious, such as
IATF 16949 8.5.2 New material in an automated production transfer process. Alternatives are permitted if the status is clearly identified, documented, and
achieves the designated purpose.
IATF 16949 8.5.2.1 Modified a) enable the organization to identify nonconforming and/or suspect product;
b) enable the organization to segregate nonconforming and/or suspect product;
c) ensure the ability to meet the customer and/or regulatory response time requirements;
d) ensure documented information is retained in the formal (electronic, hardcopy, archive) that enables the organization to meet the
response time requirements;
IATF 16949 8.5.2.1 Modified
e) ensure serialized identification of individual products, if specified by the customer or regulatory standards;
f) ensure the identification and traceability requirements are extended to externally provided products with safely/regulatory
characteristics.
8.5.3 Property belonging to customers or external providers
The organization shall exercise care with property belonging to customers or external providers while it is under the organization’s control The organization must ensure conformity of the product during internal
or being used by the organization. operations and delivery to the intended destination.
The organization shall identify, verify, protect and safeguard customers’ or external providers’ property provided for use or incorporation
into the products and services.
ISO 9001 8.5.3 Modified
When the property of a customer or external provider is lost, damaged or otherwise found to be unsuitable for use, the organization shall
report this to the customer or external provider and retain DOCUMENTED INFORMATION on what has occurred.
NOTE: A customer’s or external provider’s property can include materials, components, tools and equipment, premises, intellectual
property and personal data.
8.5.4 Preservation
The organization shall preserve the outputs during production and service provision, to the extent necessary to ensure conformity to The organization shall preserve the outputs during production and service
requirements. provision, to the extent necessary to ensure conformity to requirements.
ISO 9001 8.5.4 Modified
NOTE: Preservation can include identification, handling, contamination control, packaging, storage, transmission or transportation, and
protection.
8.5.4.1 Preservation - supplemental
Preservation shall include identification, handling, contamination control, packaging, storage, transmission or transportation, and Adds specificity to preservation controls and includes application to internal
protection. and/or external providers.
Preservation shall apply to materials and components from external and/or internal providers from receipt through processing, Preservation principles need to be applied from the point of receiving materials
including shipment and until delivery to/acceptance by the customer. all the way to product acceptance by the customer.
In order to detect deterioration, the organization shall assess at appropriate planned intervals the condition of product in stock, the
IATF 16949 8.5.4.1 Modified place/type of storage container, and the storage environment.
The organization shall use an inventory management system to optimize inventory turns over time and ensure stock rotation, such as
"first-in-first-out” (FIFO).
The organization shall ensure that obsolete product is controlled in a manner similar to that of nonconforming product.
Organizations shall comply with preservation, packaging, shipping, and labeling requirements as provided by their customers.
8.5.5 Post-delivery activities
The organization shall meet requirements for post-delivery activities associated with the products and services. The organization must have methods in place for release, delivery and post-
delivery activities, if applicable.
In determining the extent of post-delivery activities that are required, the organization shall consider:
a) statutory and regulatory requirements; This links back to Sec. 8.2.2 - determination of requirements related to the
b) the potential undesired consequences associated with its products and services; product.
ISO 9001 8.5.5 Modified c) the nature, use and intended lifetime of its products and services;
d) customer requirements;
e) customer feedback.
NOTE: Post-delivery activities can include actions under warranty provisions, contractual obligations such as maintenance services, and
supplementary services such as recycling or final disposal.
8.5.5.1 Feedback of information from service
The organization shall ensure that a process for communication of information on service concerns to manufacturing, material handling, Requirements for the section feature an expanded scope to include material
logistics, engineering, and design activities is established, implemented, and maintained. handling and logistics.
IATF 16949 8.5.5.1 Modified NOTE 1: The intent of the addition of “service concerns" to this sub-clause is to ensure that the organization is aware of nonconforming The new 2nd NOTE also clarifies "service concerns".
product(s) and material(s) that may be identified at the customer location or in the field.
NOTE 2: "Service concerns” should include the results of field failure test analysis (see Section 10.2.6) where applicable.
8.5.5.2 Service agreement with customer
When there is a service agreement with the customer, the organization shall: This section clarifies that service centers need to comply with all applicable
requirements when there is a service agreement with the customer.
a) verify that the relevant service centers comply with applicable requirements;
IATF 16949 8.5.5.2 Modified
b) verify the effectiveness of any special purpose tools or measurement equipment;
c) ensure that all service personnel are trained in applicable requirements.
8.5.6 Control of changes
The organization shall review and control changes for production or service provision, to the extent necessary to ensure continuing New ISO clause to emphasize this topic.
conformity with requirements.
If the organization was using Sec. 7.3 for design and development of
ISO 9001 8.5.6 Modified The organization shall retain DOCUMENTED INFORMATION describing the results of the review of changes, the person(s) authorizing the manufacturing, then this would be roughly equivalent, otherwise it is a new
change, and any necessary actions arising from the review. requirement.
Changes, including those made at suppliers, should require a production trial run for verification of changes (such as changes to part
design, manufacturing location, or manufacturing process) to validate the impact of any changes on the manufacturing process.
The organization shall document the process that manages the use of alternate control methods. The organization shall include in this The organization must identify, document and maintain a list of process
process, based on risk analysis (such as FMEA), severity, and the internal approvals to be obtained prior to production implementation controls that includes both primary process control and the approved back-up
of the alternate control method. or alternate methods.
These methods must be carried out at appropriate times during the process.
ISO 9001 8.6 Modified
The organization must monitor and measure those characteristics necessary to
verify requirements are met.
The release of products and services to the customer shall not proceed until the planned arrangements have been satisfactorily These methods must be carried out at appropriate times during the process.
completed, unless otherwise approved by a relevant authority and, as applicable, by the customer.
ISO 9001 8.6 Modified
The organization shall retain DOCUMENTED INFORMATION on the release of products and services. The DOCUMENTED INFORMATION
shall include:
a) evidence of conformity with the acceptance criteria;
b) traceability to the person(s) authorizing the release.
8.6.1 Release of products and services - supplemental
The organization shall ensure that the planned arrangements to verify that the product and service requirements have been met This further detail strengthens the standard to ensure process controls align
encompass the control plan and are documented as specified in the control plan (see Annex A) . with the control plan.
The organization shall ensure that the planned arrangements for initial release of products and services encompass product or service The organization should conduct a regular control plan audit that compares the
IATF 16949 8.6.1 New approval. current approval status with the actual controls applied in the manufacturing
The organization shall ensure that product or service approval is accomplished after changes following initial release, according to ISO process.
9001, Section 8.5.6.
The organization shall also ensure compliance with the original or superseding specifications and requirements when the authorization
expires. Material shipped under concession shall be properly identified on each shipping container (this applies equally to purchased
product). The organization shall approve any requests from suppliers before submission to the customer.
The organization shall have a documented process for rework confirmation in accordance with the control plan or other relevant
IATF 16949 8.7.1.4 Modified DOCUMENTED INFORMATION to verify compliance to original specifications.
Instructions for disassembly or rework, including re-inspection and traceability requirements, shall be accessible to and utilized by the
appropriate personnel.
The organization shall retain DOCUMENTED INFORMATION on the disposition of reworked product including quantity, disposition,
disposition date, and applicable traceability information.
8.7.1.5 Control of repaired product
The organization shall utilize risk analysis (such as FMEA) methodology to assess risks in the repair process prior to a decision to repair The changes in this section clarify the requirement and the need for follow-up
the product. The organization shall obtain approval from the customer before commencing repair of the product. with detailed information for reworked product.
The organization shall have a documented process for repair confirmation in accordance with the control plan or other relevant The requirements for repaired products are essentially the same as those for
documented information. reworked products outlined in Sec. 8.7.1.4.
IATF 16949 8.7.1.5 Modified Instructions for disassembly or repair, including re-inspection and traceability requirements, shall be accessible to and utilized by the
appropriate personnel.
The organization shall obtain a documented customer authorization for concession for the product to be repaired.
The organization shall retain DOCUMENTED INFORMATION on the disposition of repaired product including quantity, disposition,
disposition date, and applicable traceability information.
8.7.1.6 Customer notification
The organization shall immediately notify the customer(s) in the event that nonconforming product has been shipped. Initial While customer notification is mentioned twice in ISO/TS 16949:2009, it did not
communication shall be followed with detailed documentation of the event. address customer notification in a stand alone section.
IATF 16949 8.7.1.6 Modified
New/Modified/
Bolded text indicates new to ISO 9001:2015 and IATF 16949:2016
Carryover
9.0 Performance Evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.1.1 General
The organization shall determine: The organization must determine the need for and implement monitoring,
measurement, analysis, and improvement opportunities needed to ensure
a) what needs to be monitored and measured;
conformity of the product, the quality management system, and to continually
b) the methods for monitoring, measurement, analysis and evaluation needed to ensure valid results; improve.
ISO 9001 9.1.1 Modified c) when the monitoring and measuring shall be performed;
The organization must retain DOCUMENTED INFORMATION.
d) when the results from monitoring and measurement shall be analyzed and evaluated.
The organization shall evaluate the performance and the effectiveness of the quality management system.
The organization shall retain appropriate DOCUMENTED INFORMATION as evidence of the results.
9.1.1.1 Monitoring and measurement of manufacturing processes
Updates to this section clarify the requirement for targeting process
The organization shall perform process studies on all new manufacturing (including assembly or sequencing) processes to verify process effectiveness and efficiency, which is an extension of the requirement to have
capability and to provide additional input for process control, including those for special characteristics. effective and efficient processes instead of just having a process.
Significant process events, such as tool change or machine repair, shall be recorded and retained as DOCUMENTED INFORMATION.
The organization shall initiate a reaction plan indicated on the control plan and evaluated for impact on compliance to specifications for
characteristics that are either not statistically capable or are unstable. These reaction plans shall include containment of product and 100
percent inspection, as appropriate. A corrective action plan shall be developed and implemented by the organization indicating specific
actions, timing, and assigned responsibilities to ensure that the process becomes stable and statistically capable. The plans shall be
reviewed with and approved by the customer, when required.
The frequency of audits shall be reviewed and, where appropriate, adjusted based on occurrence of process changes, internal and
external nonconformities, and/or customer complaints. The effectiveness of the audit program shall be reviewed as a part of
management review.
New/Modified/
Bolded text indicates new to ISO 9001:2015 and IATF 16949:2016
Carryover
10.0 Improvement
10.1 General
The organization shall determine and select opportunities for improvement and implement any necessary actions to meet customer The purpose of improvement is for an organization to both plan and actually
requirements and enhance customer satisfaction. implement actions in order to achieve intended results and enhance customer
satisfaction.
These shall include:
a) improving products and services to meet requirements as well as to address future needs and expectations;
ISO 9001 10.1 Modified
b) correcting, preventing or reducing undesired effects;
c) improving the performance and effectiveness of the quality management system.
NOTE: Examples of improvement can include correction, corrective action, continual improvement, breakthrough change, innovation
and re-organization.
10.2 Nonconformity and corrective action
When a nonconformity occurs, including any arising from complaints, the organization shall: The organization must identify and control nonconforming product and
services. This could include eliminating the nonconformity, obtaining a waiver
a) react to the nonconformity and, as applicable: or deviation permit, or re-working the product.
1) take action to control and correct it;
2) deal with the consequences; Re-verification must take place when nonconforming product is corrected.
b) evaluate the need for action to eliminate the cause(s) of the nonconformity, in order that it does not recur or occur elsewhere, by:
Where requested by the customer, this shall include analysis of the interaction of embedded software of the organization's product
IATF 16949 10.2.6 Modified within the system of the final customer's product.
The organization shall communicate the results of testing/analysis to the customer and also within the organization.