The Quality Hub Podcast
Listen Below. Learn More.
ISO 9001 Clause 8.4 - Purchasing - Part 3
Episode 22 – ISO 9001 Clause 8.4 – Purchasing – Part 3
ISO 9001 Clause 8.4 – Purchasing – Part 3
In the final episode of “Purchasing” on the Quality Hub podcast, Xavier Francis, along with Murphy Shaw and Matthew Pilley conclude their discussion on ISO 9001 Clause 8.4.3, focusing on ensuring the adequacy of requirements communicated to external providers. Matthew emphasizes the importance of clearly defining and documenting all supplier requirements, while Murphy highlights that at Core, they help clients establish effective purchasing processes using formal documentation.
Xavier: Hello, everyone, and thanks for listening to the Quality Hub and chatting with ISO Experts. I’m your host, Xavier Francis, and today we are here for the final time for this section at least with Murphy Shaw and Matthew Pilley, both consultants here at Core Business Solutions. Glad you guys could be here one last time to finish up this podcast series on purchasing.
Murphy: It’s kind of sad that this series is coming to an end.
Xavier: Yeah, yeah. But we’ll have other stuff to talk about. If there’s one thing, the standard continues to grow and change. So we’ll talk about tons of things. Sounds good. All right. Well, thanks for being here, guys. And again, like I said, this is our final week of the three-part series. If you have not listened to part one or part two, we recommend you go listen to those before continuing with this one. Well, gentlemen, as I did in the past, I’m going to read a section of the clause, and this is Clause 8.4.3, just the first paragraph. “The organization shall ensure the adequacy of requirements before their communication to the external provider. So we’re going to start with Matthew this week.”
Matthew: What does that mean? So it comes down to making sure that you’ve got all the requirements that you need the supplier to meet properly defined and kind of laid out before you go to the supplier and ask them to deliver goods or services. Okay. You know, requirements for products, right? The competence of the people performing their work, any verification or testing requirements that you might expect the supplier to perform and meet before the delivery of products to you as an organization, right? So making sure these things are documented and communicated up front to set both organizations up for the highest level of success. Okay.
Xavier: So if we go further down in 8.4.3, it does give what the approval should be, what you’re looking for, things like competence, external providers, interactions with the organization, et cetera, et cetera. So you want to make sure you have all of those things from your perspective in place and then before you communicate anything to the actual supplier.
Matthew: Yeah, exactly. I think I mentioned in an earlier podcast, that it comes down to that whole clear communication thing, right? Make sure all of your expectations are laid out so that, again, both companies are set up for success.
Xavier: And have your ducks in a row before you talk to somebody.
Matthew: Yeah, for sure.
Xavier: And that might determine communicating with other people other than just purchasing because you’re going to have to talk to maybe somebody on the shop floor that says, hey, these are the tolerances we need. Make sure that’s set, you know, and getting people that are outside of just the purchasing organization involved in talking about it, management, breaking down what you need. So- 100%. That’s accurate. That’s accurate. Yep. Okay. All right. So Murphy, how does CORE approach this?
Murphy: Well, you know, here at CORE, we help the customer implement a good purchasing process, including how to outline and define those clear requirements that Matt was just talking about. You know, using purchase orders or contract agreements or terms and conditions is the most effective way to communicate requirements and expectations to the suppliers, right? So, you know, I tend to shy people away from verbal orders or email orders because it’s the lack of evidence of supplier commitments to you. You know, when they accept your purchase order or contract, that’s a legally binding document. So they, by their acceptance of that, they’re committed to fulfilling any requirement that you have listed there.
Xavier: And in flip-flop, you got to make sure they’re done prior from your perspective because if you hand them something, it doesn’t clearly define something. They did it one way, and that’s technically okay, but it’s not what you need, now that’s kind of on you.
Murphy: Yeah. It’s up for interpretation.
Xavier: Yeah. Exactly. Exactly. So I think in last week’s podcast, we talked about there need to be blueprints, if there need to be specifics that they need to get for specs and stuff, you got to make sure that’s right. Make sure it’s all defined. Yeah. Okay. Now, Matthew, how can an organization ensure that they communicate their quality and performance requirements clearly and effectively to the suppliers? We talked about it a little bit already, but can you go into a little more detail?
Matthew: Yeah. I mean, I would say some of the control mechanisms we’ve discussed previously are the best ways to ensure that suppliers are fully informed and agreeable to your needs, right? Definition of product specifications, clearly defined drawings, and blueprints, as you mentioned a minute ago, where applicable, right? You may not always have those things, but where they make sense, they should be established. Formal quality agreements that have been approved and signed by both parties are a great way to kind of lay things out ahead of time and make sure that expectations are met, not only on a purchase order basis but continually over some time, right? Covering things like delivery and quality expectations, warranty claim requirements, and so forth, again, the proper definition in your purchase orders, and then the terms and conditions that go along with that, right? Those types of controls. Okay.
Xavier: Well, that’s all pretty clear there, Matthew. Murphy, what essential information should be communicated to suppliers, and why is this information critical? We’ve touched on it a little bit, but can you go even a little more into the weeds here? Sure, sure.
Murphy: You know, at the very basic level, obviously you want to outline what you are purchasing. For example, a part number or a description of the parts, or if it’s a service, what service are you purchasing from them?
Xavier: Okay.
Murphy: But, you know, in addition to that, other information that can be considered essential, I think Matt referenced them too, you know, delivery terms, outlining your expectations for delivery and timeliness, or payment terms even.
Xavier: Oh, okay.
Murphy: You know, because some companies are net 30, net 60, you know, they’re all different. Right. So it’s important to clearly define that to suppliers, and as stated in the ISO requirement, you know, some companies put other requirements on their suppliers, like stating how they want it inspected, or that they want material searched with the shipment. Or even training records of the people who worked on that job.
Xavier: Okay.
Murphy: If it is deemed critical by the company to communicate with the supplier, then you want it in that purchase order or service contract.
Xavier: Okay. It’s pretty, I think, obvious why this is important, because you’re going to have products coming in, services coming in, and you need to deliver quality to your customer. So if you don’t have this in place, you’re going to be late shipping your stuff. You’re going to be late, you know, getting things out in a proper manner. You’re going to be shipping potentially non-conforming products as well. So you must have these things in place. It’s clear and it’s right.
Murphy: Yeah, because again, if you leave it open to interpretation, you can get yourself into a legal bind between the supplier and you guys. And again, like to your point, the quality of delivery, you know, at that point the supplier interprets it the way they want to.
Xavier: Yep. Yep. Absolutely. All right. So you sure can get into the nitty-gritty here, but again, if it’s mission-critical, clearly important. Now, Matthew, how should organizations manage and communicate changes in product or service requirements to suppliers? So let’s say we got a change, and we need to adjust some things, how do we communicate it?
Matthew: Formally is my answer. Formally.
Xavier: Yeah.
Matthew: Firstly, get those changes, get them documented, right? Get them down on some kind of document that you can share, you know, whether this is through revised product specifications or drawings, you know, changes to any formal quality agreements that you might have in place with your supplier, whatever it is to ensure that it’s captured within your documentation and agreed to by the supplier. Okay. And as soon as you define the new requirements, communicate them kind of right away, right? And you want to make sure they’re not delayed.
Xavier: Right.
Matthew: Don’t wait until the last minute to communicate changes where you can provide your suppliers with ample time to review the changes or the new requirements and agree to them because they might have internal challenges that prevent them from being able to meet some aspects of whatever you’re changing. Yeah.
Xavier: Maybe they’re using a certain line and they have to add another piece of equipment in the middle of it to run your stuff. Well, if you only give them a short amount of time, they might not have time to tool it. Right.
Matthew: And then you’re risking the inability to deliver on your commitments to your customers, right? So giving suppliers ample time to kind of digest any changes and make sure that they’re agreeable to them is important. And I’ve been in situations where, you know, the supplier gives you 30 days’ notice of some major change, you know, a change in material composition or, you know, a production line shut down or something like that. And it’s in some of the industries that we serve, that’s impactful and not in a good way. Right. If you don’t provide enough time. So important to kind of put that practice in place right away, you know, giving suppliers enough time. So share the new requirements with your suppliers and then obtain their formal agreement to the changes, right? You want to get them to sign off on those changes and have something back that says that it’s documented, that says that they agreed to it.
Xavier: Yeah. They can do it. They’re going to move forward.
Matthew: Yeah.
Xavier: Okay. So gentlemen, either one of you can answer this, or both of you, or maybe neither. We’ve talked a lot about when it comes to this purchasing, we’re looking at it from a manufacturing standpoint. What are the slight differences when you’re dealing with purchasing in a service or tech company?
Murphy: Well, yeah. So we’re not talking about a physical product anymore, right? So if they’re delivering services, let’s say, you know, maintenance on a server or, or maintenance on a machine, you’re still going to have inspection data and test reports because they have to inspect it, you know, to make sure that they did the right thing. So you’re going to have some of the same stuff, but you know, you could have monthly status reports with the customers, you know, where they, they, they touch base every month to give you updates on the milestones of the project, to make sure that they’re staying on track, stuff like that.
Xavier: If they’re doing a service and then there are certain points where you need to inspect or take a look at it like you said, milestones, you know, maybe you’re inspecting before they move forward to the next part of the process. Right. Okay. If it’s a tech company, maybe we talked, I mentioned it earlier, but you know, let’s say you’re getting some software that you’re going to incorporate into your software. Maybe you need to make sure that they have tested it with XYZ on certain operating systems or, or certain potential things that, that might change in an environment other than just their particular environment where they’re making something.
Murphy: Sure. You could use the core as an example. You know, we have a validation report where, you know, when the software updates, we run it to make sure all the bugs are fixed and make sure everything’s operating correctly before we release it.
Xavier: Yep. Yep. And what’s specific to, in that case, web browsers, different browsers, what we recommend, what we don’t recommend, and things like that. It’s a bit eye-opening and informative, and it does make you, again, what the standard does, it makes you think about what you need and think before you do something so that you’re less likely to have bad outcomes, which I think is cool. Do you guys have any last things you want to say? Anything?
Matthew: Yeah. I mean, so, you know, I’ve, I’ve kind of seen both sides of it, right, where, where, where changes are communicated with, with ample time to be able to, to determine the impact that change is going to have on your business, right? Right. Is there a supplier to you? And then I’ve seen where, you know, decisions are made that, that negatively impact you based on a supplier not providing you with either ample information or correct amount of time, whatever it is, to be able to assess and then react to whatever that change is, right? Because now I’ve got customers, now you’ve got customers, I mean, it depends on what industry you’re talking about here, right?
Maybe with ISO 9001, maybe not so much, but, you know, in some of the other areas that Murph and I have worked in, those, those changes really can, to kind of halt things, right? Things come kind of crashing to a stop, and no business wants that, right? Right. So you want to keep them, you want to keep the wheels turning, so to speak. So I’ve seen that side of it also seen from, you know, an auditing perspective, as I had, we had a client one time say, we want you to use this supplier for the, for, for something. And, the supplier was supposedly great. And then when we, when we visited their facility, it was, you know, I couldn’t, I couldn’t pass them as a supplier because their, their facility, their people, their process was just so out of control that I couldn’t in good conscience, yeah.
Determine that they were going to be an approved supplier. There was no evidence that they would be able to consistently provide good products and services. So, you know, we decided not to use them. So I’m not sure beyond that, I’m not sure. But the customer forced you to. Yeah. But you had, yes. I mean, you can have that case, right? So you have to, then it’s a bit, it becomes a business decision, right? And, if, if you determine that you’re going to, you’re going to use the supplier to satisfy that customer, then you’re taking on some level of risk.
Xavier: Yeah. Right. Now you’re getting your risk and opportunity.
Matthew: Or you say, or you say to your client, Hey, you know, you’re taking on all the risk here. You know, whatever, whatever negative impacts occur based on this, if they occur, then, you’re owning that. We’re not, we’re not owning it. Right. Because you’re forcing our hand here. Yeah.
Xavier: But you’re making an informed decision. Yeah. You know, if you wouldn’t have gone back and looked behind the curtain, as it were, right? And you just would have, all right, cool. Oh, you know, somebody that does that. Great. All right. We’ll use them.
Murphy: And that’s a good point. I mean, you can have all the good controls in place for your company, but if one of your customers says you have to use this supplier and they stink as a supplier, like Matt was saying, it’s a business, it’s a business risk decision. And you go, you put it back on the customer saying, Hey, you know, you guys can control these guys.
Xavier: Yeah.
Murphy: But, uh, they don’t satisfy our requirements.
Xavier: Right. So how are we going to handle that when, if, and when something comes up? But again, you’ve made clear how it’s going to be handled before may have become a problem.
Matthew: Right.
Xavier: When I can understand, certainly, I know you guys were in the medical field and medical devices and stuff like that. I mean, you were talking about how change can affect it. I mean, let’s say there’s something that’s being put in a human body, you know, and then it’s a device. So let’s say it’s made out of metal and they changed the material composition of that. Right. That’s got to take a huge amount of time to see, all right, where are we going to source it? How are we going to implement it? Yada, yada, yada down the line, you know, that could be R and D involved in everything.
Matthew: Yeah. I mean, we could go down a rabbit hole here with all of that, but yeah, I mean, when you’re talking about those types of products, yeah, those changes can’t be done on the fly. Right. Right. They have, there are regulations you have to meet. Things have to be formally approved. Yep. Potentially by other organizations too, right? Right. So it kind of depends on what industry you’re working in, but yeah, it gets, the tougher the industry, the tougher the requirements.
Xavier: And that gets all down into other aspects of the standard where it’s risks and opportunities and diversification, you know, so you’re not just solely selling one thing, yada, yada, yada, but it just goes beyond our podcast today, but it can all come down to purchasing. Absolutely. Thank you guys so much for being here. Appreciate it. Always enjoy you guys here. You guys make a fun team, especially with your, you know, your background before core. So that’s always fun to appreciate you guys being here.
Murphy: Appreciate it. Good conversation. Yeah. Thanks for inviting us.
Xavier: All right. You guys are more than welcome. And we’ll have you back on sometime again. We want to thank everyone who’s listened to our podcast today, and we hope it’s been informative for you. Now, if you’re looking for more information on how we can help you with ISO certification, cybersecurity, customized training, or even how we can help you with your suppliers, please email us at info at the core solution.com can also visit our website at www dot the core solution.com. If you haven’t already followed us on your favorite podcast platform or YouTube, please be sure to do so. That way you won’t miss the next Quality Hub podcast when it’s released next week. Have a great day.