对采购和供应链过程的审核

日期：2007年7月2日I SO 9001审核实践组指南

对采购和供应链过程的审核

1. 介绍

许多组织在建立管理体系时，会采用他们认为符合ISO 9001:2000条款7.4的方式，通过系统对产品采购和采购产品的查验进行控制。相似的，审核员可能认为，只要通过检查批准过的供应商名录是否保持最新，企业是否只从批准过的供应商那里采购，以及是否进行了确保满足规定的采购要求的必要活动，就足以确认。

当在许多情况下，上述做法可能不足以保证采购的产品在各方面都满足最初的规范。这种情况下，对更多有关采购管理的过程和供应链进行检查是更可取的。

2. 审核采购过程

审核采购管理过程时，应当注意：

•采购是在产品设计和开发中规范编制完成之时开始的；

•相关部门之间，就确保潜在的供应商能够按照所要求的成本提供满足设计规范的产品进行了讨论；

•组织应当在与供应商进行沟通前，确保所规定的采购要求是正确的；

•采购要求当中已经包括了法律法规要求；

•企业已经评价了部件产品相关风险的程度和为确保它符合设计规范而需要进行的控制。

对上述几点的确认方式的几点实际建议：

•确认采购订单中的规范与所设计的规范（或从顾客那里得到的规范）是一样的；

•确定组织在设计过程中，或在订单下达前，是否与潜在供应商就关键部件的设计规范进行了协商；

•在向供应商确认最终的规范/订单前，规范是否经过了某种形式的批准？

•采购订单中是否包含或引用了法律或法规要求？

3. 审核供应链

在许多情况下，审核员在审核供应商的选择和评价是，只是简单地检查组织批准过的供应商名录以及组织是否定期审查了这份名录。这种做法在很多情况下并不能充分保证组织对其供应链中所有供应商都进行了有效的控制。需要考虑的问题有：

•企业在选择关键部件产品的供应商时，是否只考虑他们能否以便宜的价格供货，还是要考虑他们持续地提供符合规范的产品的能力？

•在批准供应商时，是否仅根据他们有没有通过公认的质量标准认证，或者是否对他们的认证范围进行了审查？

注：在一些情况下，企业对有意向的供应商进行第二方审核，以建立清晰的沟通渠道、明确产品规范和交货要求等，对企业来说可能是一种有利的做法。

•企业起先因质量问题拒绝产品，在供方降价后又接受该产品的频次？

•企业在接受先前被拒绝的产品时给出了多少让步？

4. 结论

通常，一个有经验的审核员根据常识，自然会去检查组织的采购过程和供应链，但在有些情况下，产品和部件的性质可能表明有必要做进一步的调查。每个产品和所有每次审核面对的情况都是独特的。

Date: 2 July 2007 ISO 9001 Auditing Practices Group

Guidance on:

Auditing the Procurement and Supply Chain Processes

1. Introduction

When developing a management system, many organizations will have put in place systems to control the purchasing of products and the verification of purchased products in a way in which they consider satisfies the requirements of Clause 7.4 of ISO 9001:2000. Similarly, Auditors may consider it sufficient to confirm compliance by checking that an approved supplier list is up-to-date, that orders have been placed only with approved suppliers and activities necessary for ensuring that meeting specified purchase requirements have been carried out.

In many instances, however, that may not be sufficient to ensure that purchased products simply meet original specifications in all respects. In such instances, it would be preferable to review the wider processes for procurement management and the supply chain.

2. Auditing the Procurement Process

In auditing the process for the management of procurement, the following should be considered:-

•Procurement starts during the design and development of a product when a specification is prepared;

•Inter-departmental discussions take place to ensure that potential suppliers can provide a product that meets the design specification at the required cost;

•The organization should ensure that the specified purchase requirements are correct prior to their communication to the supplier;

•Statutory & regulatory requirements have been included in the purchase requirements; and,

•The degree of risk associated with a component product and the controls required to ensure that it meets the design specification have been assessed.

Practical suggestions of ways in which to confirm that the above points have been considered are:-

•Confirm that the specification quoted in a purchase order is the same as the specification contained in the design (or the specification received from the customer);

•Identify whether or not there were discussions between the organization and potential suppliers regarding the design specification of critical components during the design process or prior to an order being placed;

•Was there some form of “approval” of the specification before the final specification/order was confirmed to the supplier?