I reached out to our 3rd party certification body auditor and she stated she would have to investigate further, with a cost.
#Defect process code
He did say he is not looking for revision control of the codes, but a "type" of record of the defect and process code with the minimums I described above. I am at my wits with this auditor about this finding! Because the codes are not controlled, the defect codes could be in error or not traceable to a previous incident. He disagrees and says we must have traceability back to the codes and the NCR report shall support the closed-loop process of planning a correction and evaluating its effectiveness. I disagree as the codes are specific to the NCR incident report and we have the means to know what happen at that point in time and can trend for systemic issues. He said this was necessary as we have elected to use the code as the means to address nonconforming product and therefore, these codes must be controlled. When he asked specifics of when the code(s) were implemented, we could not provide him this information and this included end-of-life (EOL) for the codes. We recently had a Air Force audit and the QAS generated a finding stating, "NCR defect codes and process codes are not controlled." He advised us because we manufacturer/assemble critical safety items and have serialization requirements, the codes must be controlled, at a minimum, "start date, reason code was generated, control changes to the code(s), end-of-life for the codes to include reason." During the audit, we provided him a procedure with the codes listed. We have a Boeing contract for Air Force product.
0 kommentar(er)
