IATF16949 中英文对照版 201710 - 图文(9)

的潜在风险，目标是推动供应商通过以下的开发进展： a） 经由第三方审核通过ISO 9001认证，除非顾客另有规定，组织的供应商应通过保持认证机构出具的第三方认证证明来证实对ISO 9001的符合性，证明上应有被承认的IAF MLA（国际认可论坛多边相互承认协议）成员的认可标志，其中，认可机构的主要范围包括ISO /IEC 17021管理体系认证； b） 经由第二方审核通过ISO 9001认证，同时符合其他顾客确定的质量管理体系要求（例如：次级供应商最低汽车质量管理体系要求[MAQMSR]或等效要求）； c） 通过ISO 9001认证，同时经由第二方审核符合IATF 16949； d） 经由第三方审核通过IATF 16949认证（IATF 认可的认证机构进行的有效的供应商IATF 16949第三方认证）。 注： 如果由顾客批准，质量管理体系开发的最低可接受水平可以是经由第二份审核符合ISO9001. 8.4.2.3.1 汽车产品相关软件或带有嵌入式软件的汽车产品 组织应要求其汽车产品相关软件或带有嵌入式软件的汽车产品的供应商为各自产品实施并保持一个软件质量保证过程。 应采用软件开发评估方法来评估供应商软件开发过程。组织应按照风险和对顾客潜在影响的优先级，要求供应商为软件开发能力自评估保存形成文件的信息。 8.4.2.4 供应商监视 组织应为供应商绩效评价制定形成文件的过程和准则，以便确保外部提供的产品、过程和服务符合内Unless otherwise authorized by the customer, a QMS certified to ISO9001 is the initial minimum acceptable level of deveiopment. Based on current performance and the potential risk to the customer, the objective is to move suppliers through the following QMS development perogression: a）certification to ISO 9001 through third-party audits； unless otherwise specified by the customer，suppliers to the organization shall demonstrate conformity to ISO 9001 by maintaining a third- party certification issued by a certification body bearing the accreditation mark of a recognized lAF MLA（International Accreditation Forum Multilateral Recognition Arrangement）member and where the accreditation body's main scope includes management system certification to ISO/IEC 17021； b）certification to ISO 9001 with compliance to other customer-defined QMS requirements（such as Minimum Automotive Quality Management System Requirements for Sub-Tier Suppliers [MAQMSR] or equivalent）through second-party audits； c）certification to IS09001 with compliance to IATF 16949 through second-party audits； d）certification to IATF 16949 through third-party audits（valid third-party certification of the supplier to IATF 16949 by an lATF-recognized certification body）. NOTE: The minimum acceptable level of QMS development may be compliance to ISO 9001 through second-party audits, if authorized by the customer. 8.4.2.3.1 Automotive product-related software or automotive products with embedded software The organization shall require their suppliers of automotive product-related software，or automotive products with embedded software，to implement and maintain a process for software quality assurance for their products. A software development assessment methodology shall be utilized to assess the supplier's software development process. Using prioritization based on risk and potential impact to the customer，the organization shall require the supplier to retain documented information of a software development capability self-assessment. 8.4.2.4 Supplier monitoring The organization shall have a documented process 部要求和外部顾客要求。 至少应监视以下供应商绩效指标： a） 已交付产品对要求的符合性； b） 在收货工厂对顾客造成的干扰，包括整车候检和停止出货； c） 交付排程的绩效； d） 超额运费发生次数； 如顾客有所规定，组织还应视情况在供应商绩效监控中包括： e） 与质量或交付有关的特殊状态顾客通知； f） 经销商退货、保修、使用现场措施和召回。 8.4.2.4.1 第二方审核 组织的供应商管理办法中包括一个第二方审核过程。第二方审核可以用于： a） 供应商风险评估； b） 供应商监视； c） 供应商质量管理体系开发； d） 产品审核； e） 过程审核。 基于风险分析，包括产品安全/法规要求、供应商绩效和质量管理体系认证水平，组织应至少对第二方审核的需求、类型、频率和范围的确定准则形成文件。 组织应保留第二方审核报告的记录； 如果第二方审核的范围是评估供应商的质量管理体系，则方法应与汽车过程方法相符。 注：可从IATF审核员指南和ISO 19011获得指导。 and criteria to evaluate supplier performance in order to ensure conformity of externally provided products，processes，and services to internal and external customer requirements. At a minimum，the following supplier performance indicators shall be monitored: a）delivered product conformity to requirements； b）customer disruptions at the receiving plant，including yard holds and stop ships； c）delivery schedule performance； d）number of occurrences of premium freight. If provided by the customer，the organization shall also include the following，as appropriate，in their supplier performance monitoring: e）special status customer notifications related to quality or delivery issues； f）dealer returns，warranty，field actions，and recalls. 8.4.2.4.1 Second-party audits The organization shall include a second-party audit process in their supplier management approach. Second-party audits may be used for the following: a) supplier risk assessment; b) supplier monitoring; c) supplier QMS development; d) product audits; e) process audits. Based on a risk analysis, including product safety/regulatory requirements, performance of the supplier, and QMS certification level，at a minimum，the organization shall document the criteria for determining the need，type，frequency，and scope of second-party audits. The organization shall retain records of the second-party audit reports. If the scope of the second-party audit is to assess the 8.4.2.5 供应商开发 组织应为其活跃供应商确定所需供应商开发行动的优先级、类型、程度和时程安排。用于确定的输入应包括但不限于： a） 通过供应商监视（见第8.4.2.4 条）识别的绩效问题； b） 第二方审核发现（见第8.4.2.4.1 条）； c） 第三方质量管理体系认证状态； d） 风险分析。 组织应采取必要措施，以解决未决的（不符合要求的）绩效问题并寻求持续改进的机会。 8.4.3 提供给外部供方的信息 见ISO 9001：2015的要求。 supplier’s quality management system，then the approach shall be consistent with the automotive process approach. NOTE Guidance may be found in the IATF Auditor Guide and ISO 19011. 8.4.2.5 Supplier development The organization shall determine the priority，type，extent，and timing of required supplier development actions for its active suppliers. Determination inputs shall include but are not limited to the following: a）performance issues identified through supplier monitoring（see Section 8.4.2.4）； b）second-party audit findings（see Section 8.4.2.4.1）； c）third-party quality management system certification status； d）risk analysis. The organization shall implement actions necessary to resolve open（unsatisfactory） performance issues and pursue opportunities for continual improvement. 8.4.3 Information for external providers See ISO 9001:2015 requirements. The organization shall ensure the adequacy of requirements prior to their communication to the external provider. The organization shall communicate to external providers its requirements for: a) the processes, products and services to be provided; b) the approval of: 1) products and services; 2) methods, processes and equipment 3) the release of products and services; c) competence, including any required qualification of persons; d) the external providers’ interactions with the organization; e) control and monitoring of the external providers’ performance to be applied by the organization; f) verification or validation activities that the organization, or its customer, intends to perform at the external 组织应确保在与外部供方沟通之前所确定的要求是充分和适宜的。 组织应与外部供方沟通以下要求： a) 需提供的过程、产品和服务； b)对下列内容的批准： 1) 产品和服务； 2) 方法、过程和设备； 3) 产品和服务的放行； c) 能力，包含所要求的人员资格； d) 外部供方与组织之间的接口； e) 组织使用的对外部供方绩效的控制和监视； f) 组织或其顾客拟在外部供方现场实施的验证或确认活动。 providers’ premises. 8.4.3.1外部供方的信息----补充 8.4.3.1 Information for external providers – supplemental 组织应向其供应商传达所有适用的法律法规要求以 及产品和过程特殊特性，并要求供应商沿着供应链The organization shall pass down all applicable 直至制造，贯彻所有适用的要求。 statutory and regulatory requirements and special product and process characteristics to their suppliers and require the suppliers to cascade all applicable requirements down the supply chain to the point of manufacture. 8.5 Production and service provision 8.5 生产服务提供 8.5.1 Control of production and service provision See ISO 9001:2015 requirements. 8.5.1 生产和服务提供的控制 见ISO 9001：2015的要求。 The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable: a) the availability of documented information that defines: 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed; 2) the results to be achieved; b) the availability and use of suitable monitoring and measuring resources; c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; d) the use of suitable infrastructure and environment for the operation of processes; e) the appointment of competent persons, including any required qualification; f) the validation, and periodic revalidation, of the ability to achieve planned results of the processes for production and service provision, where the resulting output cannot be verified by subsequent monitoring or measurement; g) the implementation of actions to prevent human error; h) the implementation of release, delivery and post-delivery activities.. 组织应在受控条件下进行生产和服务的提供。 适用时，受控条件包括： a) 可获得成文信息，以规定以下内容： 1) 拟生产的产品、提供的服务或进行的活动的特征 2) 拟获得的结果； b) 可获得和使用适宜的监视和测量资源； c) 在适当阶段实施监视和测量活动，以验证是否符合过程或输出的控制准则以及产品和服务的接收准则； d) 为过程的运行提供适宜的基础设施，并保持适宜的环境； e) 配备胜任的人员，包括所要求的资格； f) 若输出的结果不能由后续的监视或测量加以验证，应对生产和服务提供过程实现策划结果的能力进行确认，并定期再确认； g) 采取措施防止人为错误； h) 实施放行、交付和交付后活动。 注：适当的基础设施包括保证产品符合性所需的适当制造设备。监视和测量资源包括确保制造过程有效控制所需的适当监视和测量设备。 NOTE Suitable infrastructure includes appropriate manufacturing equipment required to ensure product compliance. Monitoring and measuring resources include appropriate monitoring and measuring equipment required to ensure effective control of 8.5.1.1 控制计划 组织应针对相关制造现场和所有提供的产品，在系统、子系统、部件和/或材料各层次上（根据附录A）制定控制计划，包括那些生产散装材料和零件的过程。采用共同制造过程的散装材料和相似零件可接受使用控制计划族。 组织应制定投产前控制计划和量产控制计划，显示设计风险分析（如果顾客提供了）、过程流程图和制造过程风险分析输出（例如FMEA）的联系，并在计划中包含从这些方面获得的信息。 如顾客要求，组织应提供在投产前或量产控制计划执行期间收集的测量和符合性数据。组织应在控制计划中包含以下内容： a） 用于制造过程的控制手段，包括作业准备验证； b） 首件/末件确认，如适用； c） 用于顾客和组织确定的特殊特性（见附录A）控制的监视方法； d） 顾客要求的信息，如有； e） 规定的反应计划（见附录A）；当检测到不合格品时，过程变得不稳定或统计能力不足时。 组织应针对如下任一情况对控制计划进行评审，并在需要时更新： f） 当组织确定其已经向顾客发运了不合格品； g） 当发生任何影响产品、制造过程、测量、物manufacturing processes. 8.5.1.1 Control plan The organization shall develop control plans（in accordance with Annex A） at the system，subsystem，component，and/or material level for the relevant manufacturing site and all product supplied，including those for processes producing bulk materials as well as parts. Family control plans are acceptable for bulk material and similar parts using a common manufacturing process. The organization shall have a control plan for pre-launch and production that shows linkage and incorporates information from the design risk analysis（if provided by the customer），process flow diagram，and manufacturing process risk analysis outputs（such as FMEA）. The organization shall，if required by the customer，provide measurement and conformity data collected during execution of either the pre-launch or production control plans. The organization shall include in the control plan: a）controls used for the manufacturing process control，including verification of job set-ups； b）first-off/last-off part validation，as applicable； c）methods for monitoring of control exercised over special characteristics（see Annex A） defined by both the customer and the organization； d）the customer-required information，if any； e）specified reaction plan（see Annex A）； when nonconforming product is detected，the process becomes statistically unstable or not statistically capable. The organization shall review control plans，and update as required，for any of the following: f）the organization determines it has shipped