There are four parts of supply-chain management:
Auditing supports all four of these in some way or another.
This forms the basis of the audit. One of the fundamental rules of auditing is to measure and evaluate against requirements. While requirements come from multiple sources in an internal and registration audit, for supplier audits these requirements always come from the contract. (Contracts come in a number of different forms, such as purchase orders, letter agreements, etc.) Three things need to be considered when writing a supplier contract:
Of course, all these requirements (technical, accept, and management) must be spelled out in the contract or purchase order. To keep these contract instruments reasonably small, we often call out other documents by reference or attachment. A good auditor will use the contract and all four of these levels of documents to prepare detailed checklist questions for a particular supplier. We can always get our hands on the external codes, specifications, and standards. We also need to get a copy of the supplier's site-specific quality, safety, and environmental manuals. Virtual (PDF) files will do. While we cannot generally access the site procedures and build prints, at least we know what to ask for when we arrive. Many of the checklist questions will be reused, and some are unique to a specific supplier. All of this becomes the basis of the supplier audit.
Technically, an audit may only occur after a contract is placed. Otherwise, there are no requirements, just speculation. But, we can use audit principles for pre-award surveys. It is quite foolish to require a site survey for all suppliers before awarding a contract. Potential critical suppliers need lots of background research. This might include an on-site survey but it doesn't have to be performed by your firm's auditors. Often, this also includes production parts approval or test lots. Potential important suppliers might need an engineering review and history of good service to others. Often, if a possible supplier is registered to one of the ISO 9001-based management system standards, they get a few bonus points on selection rankings. Potential general suppliers can get by with catalog or web site descriptions. For all three of these categories of potential suppliers (critical, important, and general), auditors probably will be involved in the selection activities but they do not have to be involved.
Often, supplier quality engineers and others will be asked to review draft contracts to assure that quality, environmental, safety, and security considerations are included. Remember, these will become the basis for any subsequent audits. If we wish to audit our suppliers, we must have the authority to do so. Authority may be as simple as a "rights of access" clause in the general terms and conditions printed on the back of the P.O. For critical suppliers, we should place this authority in one of the numbered clauses in the front side. All of this is contracts law. In the USA, we have the Uniform Commercial Code, used by 49 of 50 states for business matters. Because most auditors are not versed in contracts law, it is important to have all audit communications - notification, results, and corrective action requests - go through the purchasing agent.
Most codes and standards, very wisely, do not require audits of suppliers. Auditing is but one of the many methods used to monitor supplier performance. Going from the easiest (and cheapest) to the hardest (and most expensive), we have:
Because certificates of conformance/compliance (Yes, there is a difference) are generally worthless, it is good to have the on-site audit check out one or two, to see that they are telling the truth. Auditors should also examine the supplier's inspection program (incoming, in-process and final) to make sure it is sound and dependable. It is not uncommon for an audit to be combined with a technical visit, so that overall strengths and weaknesses can be examined alongside specific problems.
Unlike internal audits, which are often mandatory, supplier auditing is an option. While it is possible and allowable to have a supply chain management program without including supplier audits, strong and profitable firms will always implement a program of auditing for their critical and important suppliers. There is truth to the adage that says, "You are what you eat." Strong enterprises require strong suppliers. Auditing can build a stronger and more robust supply chain.
Dennis Arter is an independent consultant and trainer. He instructs large and small firms in the fields of quality auditing and quality systems. Dennis has served clients in the fields of government, manufacturing, chemicals, energy, food, research, aerospace, finance, medical devices, pharmaceuticals, and health care. He has been auditing since 1975.
Dennis Arter has presented his course on quality auditing to over 9,000 people since 1980. He is the author of the classic text Quality Audits for Improved Performance, an ASQ Quality Press best-selling publication. Dennis is an ASQ Fellow, former Board member, and active in the Customer-Supplier Division.
Arter has a degree in biochemistry from the University of Illinois and is a licensed mechanical engineer. He was on the team that developed the ASQ Certified Quality Auditor program and holds a CQA charter certificate. He has traveled extensively throughout North America, as well as the United Kingdom, Ireland, Saudi Arabia, Bahrain, People's Republic of China, South Africa, and Croatia. He resides in eastern Washington State with his wife of 40 years. He may be reached at firstname.lastname@example.org, (509)783-0377, via homepage at auditguy.net, by blog at auditguy.blogspot.com, or through Twitter at auditguy.