The timing of the supplier’s formal audit may vary, based on your knowledge of the vendor. You may choose to perform an audit sooner if a significant investment is required. You can perform an audit yourself, or hire a third-party global sourcing solution company to do this task for you.
An audit, by definition, is a comparison of actual performance with a predefined standard. Examples may include ISO 9001 registration audits, TS16949 audits, or any number of audits in which the performance of an organization matches the performance required by some recognized standard. In this case, you are auditing against what you perceive as accepted and recognized business practices.
Essential elements of an audit you must do before searching for products:
Quality management system:
Regardless of whether your candidate company is registered as ISO 9001, you must have a quality management system. How formal should it be? That depends on the size of the company and the complexity of the product you are obtaining. At a minimum, there should be a person responsible for quality, who can speak with some authority about how the company controls quality. A written manual is preferred, and do not hesitate to ask to see it.
Does your candidate provider purchase raw materials or components from another source? If so, they should have a process to qualify the suppliers and ensure that the communication is clear about the quality, composition, etc., of the product purchased. Ask to see a couple of purchase orders. Is it clear what is being bought?
Non-conforming product procedure:
Look for the red containers! Ask your candidate provider what happens if a piece is found to be non-compliant. I have discovered that many providers neglect this essential function. Non-conforming parts must be completely segregated from the normal production flow. Often this is done by placing the non-conformities in a red container, moving to a designated area of nonconformity, or attaching a label not conforming to the part itself. Whatever the method, make sure your provider has one and use it!
Other advanced techniques & procedures:
For those of you who are not intimately familiar with ISO 9001 or other quality management systems, it is worth mentioning some of the other procedures you may encounter during an audit. It is required that a company registered with ISO 9001 have these, and it is a good idea, but many low-tech and low-cost companies cannot do it.
The validation of the process:
This is a preferred way to maintain the quality of the product. In short, any process that is used to produce your pieces is verified in the establishment to ensure that they are able to produce your product according to your specifications. Ask to see the results. A suitable study will compare your design requirements with the capacity of the process. You should be able to see how wide the margin is, that is, how much space there is between the limits of your design and the limits of the process.
Corrective Action / Preventive Action (CAPA):
This is a formal process by which incidents or recurring errors can be sent for further study. The intention is to determine the “root cause” of a problem, correct it and then put controls in place so as to prevent it from happening again. Of course, this can be done informally, but it is best done systematically through a documented system. You should ask if your potential provider has such a system and, if they do, ask to see examples of some open and closed CAPAs.
Do you really have to audit all these things? Remember, you are not conducting a supplier audit services for any regulatory or legal purpose that requires a periodic audit. You are looking to identify areas that may pose a risk to the quality of your product. Do an audit as deep as you need to be comfortable with the performance of your potential vendor, and nothing more.