Quality Management in the Automotive Industry Product Integrity Recommended actions for companies on product safety and conformity 1st edition, May 20

Size: px

Start display at page:

Download "Quality Management in the Automotive Industry Product Integrity Recommended actions for companies on product safety and conformity 1st edition, May 20"

Kevin Fisher
5 years ago
Views:

1 Quality Management in the Automotive Industry Product Integrity Recommended actions for companies on product safety and conformity 1st edition, May 2018 Online Download Document

2 Product Integrity Recommended actions for companies on product safety and conformity 1st edition, May 2018 Online Download Document Verband der Automobilindustrie e.v. (VDA)

4 Non-binding VDA recommendation The Verband der Automobilindustrie (Automotive Industry Association VDA) proposes that its members apply the following recommendations when establishing and maintaining QM systems. Exclusion of liability This VDA volume is a recommendation which is free for anyone to use. Anyone who implements it is responsible for ensuring that it is used correctly in each case. This VDA volume takes account of the latest state of the art at the time it is issued. The application of the VDA recommendations does not in any way relieve the user of their own responsibility for the use of the document. In this respect, everyone acts at their own risk. The VDA and those involved in drawing up the VDA recommendations decline all liability in any circumstances. Anyone using these VDA recommendations who identifies incorrect information or the possibility of incorrect arrangements is asked to advise the VDA without delay, so that any deficiencies can be eliminated. Copyright protection This publication is protected by copyright. Its use outside the strict limits of the copyright laws is prohibited without the permission of the VDA and is punishable by law. This applies in particular to copying, translation, storing on microfiche, and storing or processing in electronic systems. Translations This publication will also be issued in other languages. The current status must be requested from VDA QMC. 3

5 Preface to the first edition Product innovation frequently results in increasing product complexity, with simultaneous shorter development cycles. Combined with increasing customer expectations in terms of the function and safety of products, this raises particular challenges for all companies involved. Companies not only have to deal with new customers and their cultures, but also with changing customer expectations and the country-specific laws and requirements that apply to the products. Furthermore, the sensitivity and connectedness of product users and authorities, and public discussions on the issue of product integrity have increased significantly. In this context, the question arises as to which organization structures and processes must be established in a company and how a company should react if a product is classified as potentially non-conform or as potentially safety-critical due to discrepancies in one or multiple countries. The answer to this question is subject to a certain level of complexity that results, among other things, from the number of parties involved (authorities, product users, OEM, suppliers) and their various requirements. Reasonable safety expectations from customers, consumers, and uninvolved third parties (the general public ) need to be identified and taken into account. If products prove to be unsafe in the market, the company has an obligation to initiate the necessary measures to protect customers, consumers, or the general public. The resulting duty of care is the basis for appropriate handling of safety and conformity-related issues. 4

6 From these insights, companies can develop preventive measures with regard to internal processes, methods and tools, as well as the organization structure. This volume provides recommendations for implementation. The accompanying VDA training provides a more in-depth look at the content of this volume using real-world examples. Conformity with these recommendations does not absolve a company from consequences under product liability law. The requirements of this VDA volume have no relevance in terms of liability or warranty towards the relevant user with regard to the scope of liability and warranty. The objective of this volume is to create a better understanding of product safety and product conformity - combined under the term product integrity for the purposes of this volume. The volume contains references to other VDA volumes that support and detail these specific duties of care. 5

7 6

8 Content 1 Introduction 1.1 Instructions for use 11 2 Organization of product integrity Requirements for delegation of product integrity duties Qualification requirements Product integrity over the product lifecycle Determination of product integrity focus areas in the company Handling of PI requirements during the product lifecycle Requirements phase Development phase Production phase Usage phase Product monitoring Market monitoring Recommended actions for product discrepancies Implementation of a recall management system in the company Communication and documentation of product discrepancies Information flow within the supply chain Corrective measures Circumstance analysis Risk evaluation Risk evaluation in the supply chain Example method for RAPEX Resolutions concerning further action Examples Example process for an SME Example case 5 Examples of tools and methods Sensitization of the organization to product integrity Continuous monitoring of product integrity PSB organization or PSR duties at a glance

9 Configuration management Communication guidelines Lessons learned Special features Glossary

10 1 Introduction Every company in the supply chain has an obligation to guarantee the safety and conformity of its products. This means that the legal regulations for product integrity applicable in the relevant countries and regions have to be met, and also that reasonable safety expectations from the general public have to be satisfied. For products that are identified as unsafe in the market or whose conformity with legal requirements is not adequate, the economic agent has an obligation to initiate the necessary measures. The term product integrity is used in this volume to refer to this obligation to ensure product safety and product conformity (Figure 1). Figure 1: Definition of product integrity The recommendations in this volume are intended to systematically prevent or reduce product integrity related risks and discrepancies in products in their development, manufacture, and use, until the end of their intended usage. In addition to the required activities, it addresses the responsibilities for product integrity throughout the supply chain. 9

11 To aid readability, all roles outlined are described as functions and can be performed by people of any gender. 10

12 1.1 Instructions for use The senior management of a company has a fundamental responsibility for the product safety and conformity of products brought into circulation. Therefore, the recommended actions in this VDA volume are initially assigned to the senior management of the company. Responsibility extends over the entire product lifecycle and the entire supply chain. The depth of the supply chain must be documented in contractual arrangements. The term product 1 refers to any manufactured goods, including movable objects, parts of other movable objects, or immovable objects. This explicitly includes integrated software, software and services (e.g. e-call, sorting action, rework by third parties, development services). Duties that are necessary to ensure responsibility for product integrity can be assigned to a PSR (product safety representative). These duties can be delegated to one or more people or functions, at each company s discretion. For example, secondary product integrity duties (e.g. product conformity) can be delegated to existing departments and/or experts (e.g. regulatory, Conformity of Production (CoP) or homologation experts, Functional Safety Management or Quality Management). These people must be appointed in line with specific company guidelines. The purpose of this practical paper with its examples is to further strengthen the collaboration between the automotive manufacturers and 1 The meaning of the term product as set out in this volume has been agreed from the perspective of the consequences of any discrepancy in terms of safety and conformity. 11

13 their suppliers in the field of quality. In-depth practical examples for implementation, as well as detailed information on methods and tools, are provided in the accompanying VDA training and communicated using clear exercises. 12

14 2 Organization of product integrity The fundamental responsibility of senior management cannot be delegated, but duties designed to meet this responsibility can. Responsibility for particular duties can be delegated, provided that the competences (for decision-making and action) are verifiably defined (e.g. in writing), the relevant person is carefully chosen and their qualifications can be confirmed. This kind of delegation should take place explicitly, promptly and effectively. A company should identify people, qualify them and assign them the required authority to formulate and implement preventive and corrective measures. Senior management in the affected companies must guarantee that the contact person for the employees contact in the company is kept up to date. The contact(s) for product integrity issues must be appropriately designated and known in the company and at any relevant locations. Setting up an internal communication network - across relevant company locations - for product integrity issues is recommended for sharing early warnings and lessons learned. A communication network for product integrity issues is also required within the supply chain to ensure rapid exchange of information in the event that a product warning becomes necessary. In these cases, the relevant PSR in the supply chain is to be involved. The company s senior management is responsible for the fundamental suitability and appropriateness of the specifications, procedures, methods, and tools used in the company in relation to product integrity. Monitoring effectiveness of conformity with product integrity is the responsibility of the senior management in the supply chain. Internal auditing, product and process audits, definition and review of compliance guidelines can support in fulfilling this obligation. 13

15 2.1 Requirements for delegation of product integrity duties The following items must be ensured to achieve effective delegation: Careful selection of a suitable person for the duty to be delegated, based on their personality and technical expertise Description of the duties, authority and responsibilities of the delegate before delegation Verifiably adequate briefing (instruction) of the delegate in their duties In case of personnel changes, the role of the delegate must be reassigned by the delegator as quickly as possible. Until this reassignment, the delegator retains responsibility. Provision of appropriate conditions and resources for the delegate to perform the duties Monitoring effectiveness of the delegate by the delegator The need for delegation is based on the extent of the company s product integrity related activities and follows the principle of a delegation cascade. Derived from the individual terms, a delegation cascade refers to a transfer of duties, authorities, and responsibility to a third party, or to adjacent or subordinate hierarchy levels. As part of delegation, it must be ensured that duties are delegated to people whose position in the company, in terms of the corporate hierarchy, can be considered appropriate. When assessing appropriateness in terms of position in the company, two key criteria are the delegate s competence and the assigned decision making authority. This also limits the scope for sub-delegation. Sub-delegation to an appropriate level of responsibility is recommended. 14

16 Two examples of two-stage sub-delegation: Senior manager responsible for product delegates to development manager for a product group (first level), who in turn delegates to the development managers for individual products (second level). Plant manager responsible for product delegates to plant quality manager (first level), who in turn delegates to the quality manager for a production segment (second level). Appointment of PSRs supplements this sub-delegation by ensuring that: all employees are given a contact person to provide technical support on product integrity related issues. the role of the PSR is clearly communicated, along with the associated duties and authorities. Where necessary under applicable law, a formal legal adjustment of the contract of employment or appointment corresponding to the duties assigned may be required. The recommendations specified for internal delegation can also be applied to external delegation. Examples of external delegation: Performance of internal product and process audits by external companies: The senior management or an internal PSR from the commissioning company must conduct a review of effectiveness. Engaging a service provider to perform a sorting action in the customer s warehouse: Commissioning and monitoring are to be carried out with the appropriate duty of care, as is the case for internal commissioning. 15

17 2.2 Qualification requirements The company s senior management is responsible for the content and quality of the PSR qualifications. The qualification requirements and the necessary qualification level is determined by the delegation cascade throughout the product lifecycle. The example qualification requirements listed in the following table do not necessarily have to be satisfied by one person. However, to ensure product integrity these issues must be covered in the company. Table 1: Topics and content for PSR qualification Topic Compliance Product liability Product safety Product conformity Company-specific product knowledge Risk analysis and risk management 16 Content Obligation to comply with laws and directives, as well as the corporate culture shaped by voluntary codes Product knowledge related to the application-specific legal framework in terms of use and foreseeable misuse Basic knowledge of consumer protection legislation related to the application-specific legal framework Basic knowledge of the relevant product approval laws and conformity requirements in the application-specific legal framework Company-specific product safety related knowledge in terms of development and production of the relevant product (standards, lessons learned, checklists, etc.) Basic knowledge of prevention (FMEA, FTA, Hazard&Risk, DRBFM, etc.) Handling of special characteristics Statistical methods (Weibull, etc.) Evaluation of the hazard risk, e.g. RAPEX, ACC

18 Topic Content Problem-solving methods Customer-specific (safety) requirements Management and storage of documents Preventive quality assurance Product safety prevention Product monitoring Market monitoring Product safety reporting obligations in the supply chain and, where necessary, to authorities Identification of product safety related discrepancies Management of safety related product discrepancies including case conclusion Guidelines for internal and external communication in case of product safety related cases Product traceability, verification, disposal, and handling of counterfeit products Lessons learned 8D, Ishikawa, Kepner Tregoe, 5Why, etc. Internal company checklists Basic knowledge of compilation and storage of development- and production-related documents Basic knowledge (APQP) Line walk, safety review, lessons learned, checklist management, etc. Field failure analysis Evaluation and lessons learned from product recall portals and public consumer feedback on own and competitor products Expert knowledge of reporting obligations related to the application-specific legal framework Internal company guidelines Internal company guidelines Internal company guidelines, legal requirements Basic knowledge Basic principles of utilizing positive or negative experiences for continuous improvement 17

19 The VDA recommends training on product integrity, which will provide participants with the knowledge to identify and implement the appropriate product integrity measures for their company. Based on this, a suitable, in-house training concept for qualification of multiple product safety representatives as part of an internal PSR network can be installed, provided comparable content is appropriately communicated, understood, and documented. Conformity with the content of this volume and completion of the corresponding training also satisfies key requirements of IATF regarding product safety and conformity. 18

3 Product integrity over the product lifecycle Companies are responsible for the integrity of their products over the entire product lifecycle, including the continuous risk management required.

20 3 Product integrity over the product lifecycle Companies are responsible for the integrity of their products over the entire product lifecycle, including the continuous risk management required. QMS standards, for example DIN EN ISO 9001 and IATF 16949, require companies to have a risk-based solution for defining processes and methods. This must be taken into account along with the relevant product requirements through the development phase (design), the production phase (manufacturing), and the usage phase. The usage phase covers the time from sale until the customary end of product life, including recycling. It explicitly includes required documented instructions and product and market monitoring (Figure 2). Figure 2: Product integrity over the product lifecycle Process and handling instructions for product integrity duties result from: Determination and assurance of legal product requirements and the reasonable safety expectations of the general public Product and market monitoring Response to product discrepancies 19

These three product integrity duties are key elements of the product lifecycle and must be included in the relevant corporate management system.

21 These three product integrity duties are key elements of the product lifecycle and must be included in the relevant corporate management system. In a specific company, product integrity related duties can be performed as part of continuous risk-based measures. A company can apply these measures as required to the phase model with testing and approval points (Figure 3) used for its products. Below, the VDA maturity level model is used as an example, which has milestones and testing points for particular phase sections. Figure 3: Example representation of the VDA maturity level model over the product lifecycle, ML=Maturity level Over the product lifecycle, depending on the activity or after certain events, PSRs are involved in decision-making processes to maintain product integrity, according to their authority. As a result of this involvement and based on defined requirements, referred to below as requirement lists, there are possible requests for action in the product lifecycle, which are aimed at achieving or improving product integrity (see Figure 7). To continuously improve product integrity, evaluating the implementation status of PI measures periodically using suitable key performance indicators is recommended. Companies must determine the requirements relevant for the integrity of their products by using a risk-based approach in line with legal or contractual requirements, ensure transparent documentation and archiving of these. 20

22 This determination is a risk assessment to be performed internally on the company s product range. Indicators of specific risks relevant for product integrity (corresponding to special requirements) could include: Table 2: Examples of indicators relevant for product integrity Increase in product integrity related complaints Number of product approvals with special conditions. Increase in recalls of competitor products. Development of new business fields (products, markets, customers, technologies, etc.). Exceptional product or project complexity. Recruitment of new employees with duties relevant for product integrity. Engagement of suppliers with integrity related products. Requirements for product marking for traceability purposes Special safety characteristics, special approval characteristics, special functional characteristics Relocation of duties, e.g. production relocation Change management Particular risks relevant to product integrity in terms of: Risk of death or injury Non-conformity with legal requirements 21

23 Example information sources are set out in Figure 4. Figure 4: Sources of information to determine indicators (examples) 22

24 3.1 Determination of product integrity focus areas in the company Because of their different product ranges,companies have different product integrity risks. The risks are selected based on assemblies, functional groups or specifically for individual products. Examples: As part of its integration function for components and systems, an OEM defines the PI relevance for individual assemblies or functional groups and derives requirements for them. The OEM analyzes individual areas (e.g. wiring, brake system, steering, etc.) from the end product, namely the entire vehicle. A supplier selects corresponding products from its product range. It is recommended that the company continuously monitor those parameters that contribute to product integrity (PI) using a risk-based method. In addition to product specifics, other factors can influence PI relevance. Examples of this: Automotive products with standard industry requirements and non-automotive products Comprehensive product range (semiconductor component range) Variance at production sites (location, climatic conditions) Diverse usage scenarios (machine components such as screws, bearings, rivets) Design and development process (change to legal regulations, design of safety factors) Selected areas of the product and process should be summarized in a PI selection list. With a large product range, use of a database simplifies monitoring of these products and their PI classification. For the products included in this selection, the requirement lists for 23

25 evaluating product integrity (PI requirement lists) are created. These selected areas and the associated parameters, are transparently documented in line with the company s risk-based approach and continuously monitored in respect of product changes (derivatives, configurations, etc.) over the lifecycle, up to the end of the usage period. In the event of new findings/events, the PI requirements for these products are reviewed, assigned measures where necessary, and the result determined is documented (see Figure 5). Figure 5: Product lifecycle supplemented with emphasized product integrity measures The PSR is responsible for performance and documentation. The relevant specialist departments and their managers are involved. This task extends over the entire product lifecycle, from design/development through to the end of the usage period, including disposal. Depending on the PI relevance, different activities and requirements can 24

26 be assigned to the products (Figure 6). Figure 6: Determination and continuous updating of product integrity relevance 3.2 Handling of PI requirements during the product lifecycle Products or areas relevant for PI are monitored with reference to the current status of the product in its lifecycle. Monitoring means: Discussion of PI requirements at the beginning of the activity This is done by the PSR in conjunction with the specialist department/experts/project managers If necessary, the requirement list is updated based on new insights, for example from a line walk, risk assessment or other applicable procedures or methods designed to ensure product integrity 25

Presentation of results from the valid PI requirement list for approval after completion of the activity. Result: Requirement has been fully implemented or not fully implemented.

27 Presentation of results from the valid PI requirement list for approval after completion of the activity. Result: Requirement has been fully implemented or not fully implemented. If a requirement is not fully implemented, the PSR issues a request for action to the specialist department / experts / project manager. If these requirements are not feasible for a product approval in terms of product integrity, the company must make a decision with support from the internal or external experts that need to be involved. Figure 7: Checks on products relevant for PI using PI requirements Requirements phase Depending on the company structure and products, there may be very different methods of determining product integrity relevance down to the level of individual work steps. Meeting product integrity requirements for design and production approvals must be verifiable at the time when the product is brought into circulation. The risks caused by the product must not exceed the expected risks for the relevant maturity level (e.g. before prototype shipping ). The sender must indicate unidentifiable risks for the customer or anyone who will come into contact with the product in the supply chain. 26

28 During the requirements phase, the PSR supports the creation and interpretation of functional and requirement specifications using lessons learned. This ensures that insights relevant to PI are incorporated from an early stage Development phase Requirements and areas relevant for PI are incorporated into the development phase according to the PI risk evaluation results. If this results in new insights that indicate products used in a similar context are particularly relevant to safety, these should be added to the PI selection list and, if necessary, linked to requests for action to ensure product integrity. The PSR coordinates and reviews conformity with requirements consistently until completion of development. At the milestones in development, the requirements can be fully or not fully implemented. If requirements are not fully implemented, the PSR issues a request for action to the specialist department/experts/project manager. For product approval relating to product integrity, the company has to make a decision with the support of the experts who need to be involved Production phase The PI related requirements for the manufacturing process are incorporated into the production phase in the same way as the design requirements in the development phase. There may be additional PI related requirements in a specific production plant and corresponding measures are to be defined by the responsible PSR. Both the product safety and product conformity related requirements have to be met. Depending on the scope, these requirements can be dealt with by different people using separate requirement lists or, if the scope of the checks is small, by one designated person, for example the PSR. 27

29 Examples: PSR line walk for product safety evaluation CoP inspections as verification of conformity PI inspections for simultaneous assessment of product safety and product conformity The frequency of line walks and CoP inspections is defined and, where necessary, updated according to the maturity level. Additional product integrity questions that cannot be addressed through the PI requirements are to be clarified with the PSR during the PI inspections. If there are any discrepancies in the plant, the PSR issues a request for action, up to and including a request for product block. To prevent a product block, the company must make a decision with the support of the experts who need to be involved. Approvals of any discrepancies must be agreed within the supply chain Usage phase Obligations to ensure product integrity extend over the entire customary usage phase. The usage phase starts when the product is brought into circulation and ends at the end of its intended use or with scrapping or product recycling. During the usage phase, the PSR observes any insights from product and market monitoring and supports, coordinates or leads any necessary corrective measures. 28

30 3.2.5 Product monitoring Companies must guarantee product monitoring in the field. Product monitoring can essentially be divided into reactive and preventive components. Reactive product monitoring involves obtaining information on complaints about the product in the field, e.g. customer complaints, guarantee claims or inquiries from authorities. Preventive product monitoring could include, for example, targeted analysis of possible discrepancies in the manufacturing or safeguarding process, demand for spare parts or media research on comparable products. A possible product discrepancy may be found during product monitoring. Assessment of the discrepancy must take place in the course of the fault elimination process. If a possible safety issue or conformity discrepancy is present, this topic must be integrated into the product integrity process. Otherwise, the regular fault correction process applies. The scope of the obligations for product monitoring may differ for the parties involved in the supply chain. In particular, the production monitoring obligation for the OEM relates to the entire vehicle; for suppliers it generally only refers to the supplied product. The PSR is responsible for transparent selection of activities relevant for PI and for implementing the derived requirements in the affected product lifecycle phases and in terms of further use with PI requirements. Work can be documented on a company-specific basis. 29

31 3.2.6 Market monitoring As part of market monitoring, changed consumer expectations or habits are monitored, along with changes in the behavior of competitors. For example, changes in consumer habits or new technologies can lead to a change in the safety perception of consumers or the general public. Failure of a function that represents no direct hazard to the user can be viewed as an unacceptable hazard due to causal links. Significant improvements in product safety brought about by implementing new insights in the market can raise the state of the art for competitors. Consumer expectations to benefit from this improvement can lead to a new, reasonable safety expectation (example: functional quality of active/passive safety systems). Market monitoring depends on the feasibility of traceability and monitoring in the market and may not be possible for all products. Once again, the PSR is responsible for transparent selection of activities relevant for PI and for implementing the derived requirements in the affected product lifecycle phases, and in terms of further use in documentation of PI requirements. 30

32 4 Recommended actions for product discrepancies Implementation of a recall management system in the company If the safety or conformity of a product is not ensured, suitable measures must be taken. Involving the PSR in this is recommended. For example, this can include an obligation to report to the authorities, a product warning, rework or a recall of the product. The aim is to protect the product user or third parties against possible harm caused by the product or its usage or to ensure conformity with legal requirements. For larger companies, it is currently advisable to set up an internal recall management system. Generally external suppliers can also perform sub-tasks, e.g. legal advice, field data analysis, sorting activities, rework, modifications, etc. 4.2 Communication and documentation of product discrepancies If a potential discrepancy that is relevant to product integrity has been identified by a party in the supply chain, the relevant parties involved, both external and internal, must be informed about it. To this end, a previously defined, reporting process should be used in order to ensure that the necessary reports are made consistently. If possible, the interfaces in the supply chain should be defined in advance and the responsible contact persons in the company should be announced, in order to ensure smooth communication. Every report should be neutral, purely fact-based, that is without subjective evaluation of the effects. Relevant documentation is part of the reporting process between the affected companies. Where available at this time, it should include the following content: Day - the discrepancy was identified 31

33 Affected product Type of discrepancy Risk evaluation Reporter Number of parts identified with the product discrepancy Determination of the production volume potentially affected The report must be made immediately when the product discrepancy is identified, using the process defined in the company. If necessary, open issues must be submitted promptly afterwards or updated. It must be possible to refer to relevant information during each process step. Structured, consistent and appropriate documentation of the processes is necessary for this purpose. Furthermore, all information relevant for the decision should be documented in a comparable manner. In doing so, it must be ensured that objective traceability of the process is ensured. 32

4.3 Information flow within the supply chain Implementation of PI measures is in the interests of the manufacturer, in order to ensure that only safe and legally conforming products are being used in

34 4.3 Information flow within the supply chain Implementation of PI measures is in the interests of the manufacturer, in order to ensure that only safe and legally conforming products are being used in the field. These PI measures include the company organization, which must have clearly defined processes, duties, authorities and competences to ensure product integrity. This approach not only relates to the company itself, but also to the interfaces to process partners in the supply chain. Figure 8: Schematic example of a reporting procedure If possible discrepancies regarding safety or conformity are identified in the course of product monitoring, this information must be promptly passed on to the affected interface partnersin the supply chain for further risk analysis. In the event of a discrepancy that has to be reported, it is generally advisable for the OEM to submit the report to the authorities and, if necessary, to the product users or dealers. The reason for this is that the consequence of possible discrepancies in terms of a risk evaluation on a component can only be evaluated in the overall vehicle system. If thesupplier has its own reporting obligations, it must, if necessary, also report individually to the authorities. However, this should be done with the involvement of the affected OEMs. Furthermore, supplying or trading companies that also have direct contact with end consumers (e.g. through direct marketing in the spare parts market), must fulfill their obligations in the same way as an OEM. 33

35 Figure 9: Example reporting process from the German- Chinese product safety working group as part of the collaboration between BMWi and AQSIQ from

36 Table 3: Explanation of the example reporting process in Figure 9. Step Authority OEM Supplier Remark 1 R R Possible process triggered by: Tests or validation Analysis of field complaints Information from press or social media 2 R / S R / S Initial analysis can take place as follows: Overall vehicle system (OEM) Sub-system (OEM or supplier) 3 R / S R / S Verification of the potential product safety or conformity discrepancy during initial analysis. 4 I R If the supplier supplies the same or similar parts to more than one OEM, the initial analysis must be carried out for each OEM. The analysis result may vary due to the influence of the discrepancy on the various systems. 5 R S All relevant information is documented and the process is finished. 6 R S The OEM carries out a risk assessment for the verified discrepancy. This assessment is carried out at the overall vehicle level. The suppliers support on individual subsystems where necessary. 7 R S Safety or conformity related product discrepancies are identified based on the risk assessment. 8 R (I) If a potential risk cannot be ruled out, the OEM must report it to the authorities and, if affected, to its suppliers. 9 R If the supplier and OEM s joint assessment does not lead to the OEM reporting to the authorities, the supplier must check its own obligation to report to the authorities. 10 R The supplier checks whether the incident associated with its product leads to safety or conformity related product discrepancies or unacceptable risks with regard to people or property. 11 I I R If safety or conformity related product discrepancies are present, the supplier reports to the authorities and informs the OEM. 12 R R S Recall measures are taken in accordance with instructions from authorities. R Responsible, S Support, I Information 35

37 This reporting process can also be transferred to the n-tier supplier in a similar form. Correspondingly, it reports to its respective higher-level suppliers at all times. The figures and procedures described in this chapter relate to the status at the date of publication of this volume. The manufacturer must always independently keep themselves informed of the current country-specific reporting obligations and times. 36

4.4 Corrective measures In addition to the general requirements of IATF 16949 (International Automotive Task Force), the rest of chapter four describes the specific requirements for product safety

38 4.4 Corrective measures In addition to the general requirements of IATF (International Automotive Task Force), the rest of chapter four describes the specific requirements for product safety and conformity in the automotive supply chain in the event of product discrepancies. Figure 10: Process chart 4.5 Analyse facts of the case Once circumstances concerning a product discrepancy have been reported by a company organization or by third parties, they must be analyzed, prepared, and documented for the subsequent steps in the process sequence. The resulting facts regarding the situation forms the basis for the subsequent evaluation of the circumstances, for deriving alternative actions and the resulting decision made by the decision-makers or in the decision-making committee. The facts analysis includes all the findings from the analysis process carried out by the divisions involved. The contents of the facts analysis should follow a defined standard in order to ensure that all relevant information is reproduced as completely as possible. With this in mind, documentation should also be in a standard format. 37

39 The following points provide a guideline as to what contents should be covered in the facts analysis. Reported discrepancy or complaint What discrepancy/complaint has been identified? Cause What can the discrepancy/complaint be ascribed to? What results are there with regard to analyses (component, system, system environment)? Effect What effect does the complaint/discrepancy have during product use? Likelihood of occurrence and risk evaluation Determination Determinationof the affected components or vehicles must be carried out (production batch, production periods, etc.)? Amount affected How many components or vehicles are affected? Country distribution To which countries were the affected components or vehicles supplied? Measures 38

40 Which measures have been (immediate measures) or will be (long-term solutions) adopted to enable current series production to be carried out with no product discrepancy? What opportunities are there for correcting the components or vehicles that have been manufactured and/or delivered? Is part correction in the supply chain (e.g. spare parts in aftermarket, parts in plants) necessary? The process cycle should take place in a period of time and to a level of detail that is appropriate for the situation. 4.6 Risk evaluation Risk evaluation is a fundamental component of the product integrity process. The three key elements of a risk evaluation are: Severity Likelihood of occurrence Controllability of effect by affected parties Risk evaluation in the supply chain A risk evaluation must be carried out by the parties involved in the supply chain with regard to their products. The vehicle manufacturer carries out the final inspection of the overall vehicle system. Each of the parties involved in the supply chain must individually determine which criteria should be used for the risk evaluation in their own area of responsibility. The legal regulations in the affected countries must be taken into account. 39

41 4.6.2 Example method for RAPEX The guidelines for management of the community system for rapid information exchange Rapid Exchange of Information System (RAPEX) were defined in the European Commission s resolution of 16/12/2009 (reference number K (2009) 9843). The description of a guideline for risk evaluation on consumer products is an integral component of the resolution. This guideline applies to risk evaluation of issues in the automotive industry and is summarized in the following section. The RAPEX risk evaluation has a relatively simple structure (see Figure 11). First of all, a product s consumer group is defined and a risk group is derived from this. A potential injury scenario is now created using the consumer and risk groups defined. Both the injury s possible level of severity and its likelihood of occurrence is then identified. The groups are defined using RAPEX help tables. A RAPEX table also shows the resulting risk. The help tables can be found on the German Federal Institute for Occupational Safety and Health (Bundesanstalt für Arbeitsschutz und Arbeitsmedizin - BAuA) site. 40

42 Figure 11: Schematic flow chart for a RAPEX risk evaluation 41

43 4.7 Resolutions concerning further action Decisions are made in the decision-making committee based on the analysis of the specific issue. The range of options for decisions depends on the role that the relevant company takes in the course of its business activities. Examples of this are: Supplier for an OEM, supplier with direct business (aftermarket sales), OEM, vehicle customizers. The legal obligations of the relevant company must be considered here. Possible common groups of measures are described in the following section for the OEM and supplier roles, depending on the aforementioned risk evaluation. The list makes no claim to completeness. Supplier for an OEM OEM No measures required Introduction of an appropriate internal corrective measure Reporting of the circumstances to the affected OEMs in order to agree further actions Report to the authorities No measures required Introduction of an appropriate internal corrective measure Quality improvement measure (customer service measure without customer notification, during next service visit) Quality improvement measure (customer service measure with customer notification) Recall with customer notification and information sent to the relevant authority Report to the authorities 42

44 4.8 Examples Example case for a Small Medium Enterprise (SME) This section presents a case study for the overall organization for dealing with PI related product discrepancies, including the notification assessment. The company s management has decided to delegate the decision-making process with regard to potential product discrepancies to a committee. The delegation has been defined and established in a company guideline. The decision-making committee is made up of the following functions: o Quality o Production o Product Safety o Product conformity o Product development o Sales o Customer services o Law The chair is decided and in this example, is the quality manager. Proxy rules for all participants are defined. To this end, the job description for the employees affected has been expanded accordingly. The employees are provided with the resources, capacities and authority required to perform their duties. 43

45 The company guideline specifies that the decisions in the committee must be unanimous. If an agreement is not reached, the decision is escalated to the company management. The committee can only take a decision if all competences are represented. This is determined by the chair at the beginning of each meeting. The decision-making committee meets as required. All documents required for this process are defined as standardized forms and are stored centrally. Storage of data, with regard to protection against tampering and access rights, is managed internally. The agenda topics are discussed and decided based on a presentation that presents the specific issue in full. Each meeting must be documented with minutes. The minutes are filed centrally by the chair of the committee. The internal reporting process is defined and is an element of the quality management system andall participating employees are aware of it.. The external reporting process is defined for the supply chain and communication is standardized. The employees are continuously sensitized to the issue of product integrity in the course of annual training Case study A case study can be used to present the risk evaluation process and the reporting path. In the course of its business activities, a supplier provides the same liquid container to two different OEMs, referred to here as OEM A and OEM B. 44

46 OEM A receives leaky liquid containers in the course of its regular field monitoring and passes them to the supplier for detailed analysis. In the course of its analysis, the supplier identifies that a different starting material (granulate) has been used to manufacture the component. The supplier verifies the results of its detailed analysis with its subcontractors. The supplier compiles the following information in agreement with the subcontractors: o Which starting material was wrongly used? o Why was it used (cause)? o Which production period is affected? o Has the fault already been corrected? o If yes, using which measure? If no, which measure will correct the fault and when will it be implemented? o Who in the supply chain is still affected? o If yes, how does the correction take place and whose responsibility is it? If no, when was the first OK delivery and how will the correction be carried out? The supplier evaluates the effect of the incorrect starting material being used on the component. The results show that the temperature resistance of the incorrectly manufactured components is only provided up to a lower value. This has an effect on the strength of the component during vehicle operation. As a result, these components do not correspond to the originally defined specification. A potential safety issue cannot be ruled out in the case of a premature failure. The supplier informs both OEMs about the circumstances to allow evaluation of the component discrepancy in the relevant vehicle system environment. 45

47 In the course of its fault consequence analysis, OEM A determines that potential danger could result from vehicle operation. In its analysis, OEM B comes to the conclusion that no safety hazard could occur. Its component is in a different, noncritical installation situation in comparison with OEM A. OEM B incorporates the circumstances into its regular fault elimination process. In the case of OEM A, the circumstance process is presented to the decision-making committee with all available information. The decision-making committee decides further action. In the example case, OEM A prepares the steps for a safety recall and sends the information to the relevant authorities. The entire supply chain is informed about the respective circumstances and the associated result. The whole process is communicated, documented and archived in accordance with the internal company guidelines. Both OEM A and OEM B continue their field monitoring as part of the regular fault elimination process. When doing this, OEM A also includes the effectiveness check on the measure implemented (safety recall). A supplier with direct business takes on the role of an OEM in its obligations for the direct business. If a measure is defined resulting from the decision-making process, it must be implemented in the affected markets in a period of time appropriate for the circumstances. However, business activity does not stop when the measures are implemented. Product monitoring must continue to be carried out in the field in line with the regular fault elimination process, in order to assure that the success of the measure implemented is monitored. 46

5 Examples of tools and methods 5.1 Sensitization of the organization to product integrity The overarching company goal must be to ensure product safety and conformity for all sales markets.

Employees must be sensitized at regular intervals in how to correctly deal with issues potentially relevant to product integrity and the possible consequences of improper action.

48 5 Examples of tools and methods 5.1 Sensitization of the organization to product integrity The overarching company goal must be to ensure product safety and conformity for all sales markets. In doing so, it is necessary to regularly check that the established company guideline is up-to-date and, if necessary, to modify it. Employees must be sensitized at regular intervals in how to correctly deal with issues potentially relevant to product integrity and the possible consequences of improper action. Figure 12 shows examples of issues. Figure 12: Examples of elements and factors influencing product integrity 5.2 Continuous monitoring of product integrity Product integrity must be monitored over the entire product lifecycle. For example, the measures adopted by the company can be evaluated using PI key performance indicators. 47

49 PI key performance indicators should be selected by the relevant company according to its needs and used to manage product integrity within the company. PI key performance indicators relevant for the company could be: Number of employees in an organizational unit who are trained on PI issues Product related (e.g. number of faults identified during development phase as part of PI checks) Process related (e.g. number of discrepancies identified during line walks) Project related (e.g. number of discrepancy approvals relevant for PI after SOP) Key performance indicator from product monitoring (e.g. number of field complaints per product relevant for PI) After evaluation and monitoring of the company-specific key performance indicators, product integrity management should be optimized, for example by adding to the requirement lists. To improve the key performance indicators, the company can use applicable established methods: Product related risks can be managed using methods such as FMEA, FTA, DRBFM, etc. Process related risks can also be controlled with support from FMEA, for example, but also using special characteristics, process capabilities, machine capabilities, or Poka Yoke. Examples of these and other methods are outlined in more detail in the VDA PSR training. 48

50 5.3 PSB organization or PSR duties at a glance Support in product, assembly, or functional group selection from a PI perspective Ensuring conformity with laws and regulations using appropriate processes Creating PI requirements and adapting them for specific products Monitoring the product development process utilizing the PI requirements Supporting product approval Supporting production: o o Performing line checks according to PI requirements Performing/initiating Conformity of Production spot checks Initiating measures in case of discrepancies In the event of discrepancies in delivered products, defining escalation process in advance, including response plans and responsibilities Deriving lessons learned Determining and supporting PI knowledge and training requirements at the location. 49

51 5.4 Configuration management Generally speaking, comprehensive configuration management means managing, dealing with and documenting changes in complex systems - over the entire product lifecycle. This includes continuous management and monitoring of adaptations, corrections, and enhancements. The relevant system and all its components should always be in a clearly defined condition, which can be traced back to its origins. Configuration management is therefore fundamental for a systematic and fully transparent product history. Even very minor changes to the process or product can have far-reaching consequences. Examples of proper configuration management could include: Version management (e.g. new revision in case of design changes) Change management (e.g. transparency on when the products underwent a change) Build and release management (e.g. transparency of software adaptations) Process changes/adaptations (e.g. documentation of materials and operating equipment used) As part of continuous PI management in product development, the factors influencing the evaluation (see Table 2) must be taken into account with the involvement of the PSR. If issues affecting product integrity are raised in the context of configuration management, the relevant PSR should be consulted. Documenting and archiving any evidence created in line with the company-specific guidelines is recommended. 50

52 5.5 Communication guidelines Communication must take into account the company s internal communication guidelines. Country-specific regulations, technical conditions, and locally applicable laws must be taken into account in specific cases (see Figure 9). Issues relevant for product integrity are to be directed to the responsible PSR. If no direct PSR is appointed, the information should go to the managing director of the company. Defining the communication partners (internal and external) is recommended. Requirements for communication: objective, precise, free of emotions, idiomatic phrases, lack of respect, or slang clear and unambiguous authoritative a representation of facts and free of personal evaluations The PSR s duties include sensitization regarding the content and means of expressing circumstances relevant for product integrity. It must be possible to refer to relevant information throughout the product lifecycle. Structured, consistent and appropriate documentation of the processes is necessary for this purpose. Furthermore, all information relevant for the decision should be documented in a comparable manner. In doing so, it must be ensured that objective traceability of the process is ensured. Evidence of the entire product safety process,from identification of a product discrepancy through to its elimination must be documented. The recommended specifications for documenting evidence are described in the VDA volume Documented information and storage. 51

53 5.6 Lessons learned The product integrity related lessons learned process must be managed by the PSR or the PSR organization throughout the product lifecycle as part of their duty of care. The resulting insights are to be passed on to the relevant responsible departments for implementation. The general principles of the lessons learned process are set out in the detail in the VDA volume on Lessons Learned. One example method for a product integrity related lessons learned process is the utilization of PI requirements using a company-specific procedure. Figure 13: Lessons learned process (Source: VDA volume - Lessons learned) 5.7 Special characteristics Critical and significant product and process characteristics can be used for a risk evaluation. Handling of these features should be clearly regulated internally and the affected people must be fully aware of this. Special characteristics are characteristics that require increased care and are not covered by other processes (see VDA volume Special characters, chapter 2). 52

54 6 Glossary Compliance Conformity of Production (CoP) Adherence to laws and directives, but also to voluntary codes in companies Conformity of production with the legal requirements Product liability Liability of a manufacturer for its product Product integrity (PI) Product safety Product conformity Product safety representative (PSR) Quality management system (QMS) Obligation to adhere to product safety and product conformity laws Reasonable safety expectation of the general public Satisfying legal verifications and safety related specifications and standards Person who is nominated and competent in regard to product integrity Measures for planning, managing and monitoring the quality of the operational service process or the process result 53

55 State of the art Generally recognized technical rules are the totality of scientific, technical, and trade experience, that is broadly known and has proven correct and usable. It represents the absolute minimum level for a product. Falling below this limit means that the product is classed as faulty and unsafe. State of science and technology 54 PI management PI measures PI selection list PI requirements PI relevance determination The latest scientific and technical knowledge is a collective term for the latest generally recognized expertise that is available in the scientific and technical fields at the time of bringing a product into circulation. It refers to the knowledge that is objectively accessible. Any patented specialist knowledge or secret knowledge held by other market agents is not relevant. It represents the highest feasible safety level. Management of issues relevant for product integrity Activities relevant for product integrity List of products flagged as being relevant to PI Tasks relevant to product integrity based on company-specific indicators for PI related risks. Based on the company-specific indicators for PI risks (see Fig. 6 sources cited)

56 Line walk Checking conformity of PI related requirements in production PI key performance indicators Bringing into circulation Deviation approval Can be defined on a companyspecific basis to manage PI Bringing into circulation describes the transfer of power of disposal as part of a surrender for payment or not for payment to legal or natural persons not bound by instructions. A product can be brought into circulation at any time in its product lifecycle (e.g. it applies to samples/prototypes, series products, traded products, significantly modified products, used products A deviation approval is permission for a deviation by the owner of the risk based on a risk assessment 55

57 Quality Management in the Automotive Industry The current version of published VDA volumes regarding quality management in the automotive industry (QAI) can be found at You can also place orders directly on this homepage. Reference: Verband der Automobilindustrie e.v. (VDA) Qualitäts Management Center (QMC) Behrenstraße 35, Berlin, Germany Phone +49 (0) , Fax +49 (0) Internet: 56

58 57