AS9100D Webinar

Join Paul in a live webinar as he describes AS9100D, the changes from the previous revision AS9100C and what it takes to implement AS9100D in your organization. Aerospace business tends to be long term contracts, higher margins and consistent demand. AS9100D is a great way to diversify your small business product mix and strengthen your existing quality system.

According to the 2015 Aerospace Manufacturing Attractiveness Rankings Utah ranks 4th in all states for future growth in Aerospace and the rate of growth in Aerospace supply chain requirements is accelerating. If you want your company to be part of this growth you must be registered to the AS9100D (or upgrade from the AS9100C revision) quality system standard.

The current revision of the aerospace sector specific standard AS9100D is a “best practice” that has been developed by industry feedback to assure product quality through prevention. The standard has the flexibility to be structured differently for small organizations and large organizations, is focused on increasing customer value and is integrated with the best practice improvement philosophies like lean and 6-sigma.

To register, email info@mep.utah.edu

About Paul:

Paul Harbath is an industry expert with over 30 years of hands on experience in implementing quality management systems and helping small companies understand/implement Lean/6-Sigma. Paul has worked with both large and small organizations and has a demonstrated ability to connect with the value adding employees by simplifying complex technical issues. Paul’s company “Operational Excellence Services” specializes in small manufacturing companies.

 

Why is OOT important in measurement traceability?

The concept of traceability of measuring equipment to an international standard to assure confidence of measurement results has been part of quality systems since the original Mil-Q-9858 in the 1950’s. Most organizations refer to this as “calibration”. The concept is to make sure all the equipment you use to measure your product related standards must be traceable to NIST to assure that all organizations measure using the same reference standards. Obviously it is important that when we measure an inch you get the same result as your customer.

Clause 7.1.5.2 in AS9100D describes the requirement:

There are many other requirements like a register, recall method and the organization shall determine the validity of previous measurements when the equipment is found unfit for its intended use. The last item is the focus of this tip.

It is very common to find equipment “As Found: OOT” when performing the comparison to a standard for measurement traceability (commonly referred to as calibration). “As Found: OOT” means that when the equipment was compared to a standard it was found out of tolerance (OOT). When this happens the AS9100D standard has a very specific requirement:

Here’s what the “As Found: OOT” looks like on a certification (this particular certificate is from Western States Calibration in Salt Lake City):

One of the most common findings in an AS9100D audit is not meeting the requirement to take action based on the “As Found” condition. Be sure that your system requires you to take action when equipment is found out of tolerance or when equipment is taken out of service. The action is usually to create an internal corrective action.

In the corrective action you must determine if the previous measurements are valid since the equipment was found out of tolerance.

When you take equipment out of service be sure to measure it against a standard using a valid process to determine the “As Found Condition”. If it is found OOT you must take the same action you take when the equipment is “As Found OOT” when being measured against a standard (commonly called calibration).

Risk based thinking and your quality system, part 3

By Paul Harbath, Quality Management Consultant

In AS9100D “Risk Based Thinking” is considered a basic principle of an effective quality system. In the part 1 and part 2, we discussed how to identify potential risks and how to quantify the risks in your quality management system. In this final tip for risk based thinking we will discuss how to mitigate and control unacceptable risk.

To meet the “Risk Based Thinking” requirement your quality system must retain documented evidence that the following happens regularly:

  • Identify potential risks in your quality management system
  • Analyze and evaluate the risks
  • Mitigate, control and monitor unacceptable risk

Last week we talked about using the FMEA process to quantify risk. The RPN (Risk Priority Number) represents the level of risk. If the RPN number is larger than 100 we need to consider taking action. The actual RPN number for action is up to you but usually 100 is a good starting point.

In the visual above the RPN numbers for how scheduling affects on-time delivery is above our acceptable risk level therefore we need to consider taking action.

First we might evaluate the current state of our scheduling system then create a plan to make changes. After implementing the plan we check the performance to see if it has improved. If it has we put controls in place to assure our new process stays in place. If not we repeat the process until our scheduling system no longer causes late orders.

It is important that you retain the documented information in your system to show evidence that action was considered for high risk items. I usually recommend that this risk evaluation process be part of your regular management review.

Risk analysis can seem complicated at first. Take the time to learn the process it is one of the most valuable processes in your business management toolkit.

Paul Harbath is an industry expert with over 30 years of hands on experience in helping small manufacturers understand/implement quality management systems and lean/6-Sigma. Paul has a demonstrated ability to connect with the value adding employees by simplifying complex technical issues. Connect with him on LinkedIn.

Risk based thinking and your quality system, part 2

By Paul Harbath, Quality Management Consultant

In AS9100D “Risk Based Thinking” is considered a basic principle of an effective quality system. Last week we discussed how to identify potential risks in your quality management system.

To meet the “Risk Based Thinking” requirement your quality system must retain documented evidence that the following happens regularly:

  • Identify potential risks in your quality management system
  • Analyze and evaluate the risks
  • Mitigate, control and monitor unacceptable risk

This week we will discuss how to “analyze and evaluate” the potential risks you have identified.

There are two broad types of risk assessment/evaluation:

  • Qualitative risk analysis
  • Quantitative risk analysis

Qualitative risk analysis is the process of prioritizing risks for further analysis by assessing the probability of occurrence and potential impact of each risk. There are simple diagrams like probability/impact matrix, balanced scorecard, expected value and others that can be used to determine the qualitative risk.

Quantitative risk analysis is the process of numerically analyzing the effect of potential risks. Even though there are other methods to create the numerical value of quantitative risk the primary tool is FMEA.

Failure Mode Effects Analysis (FMEA) is a tool that uses the 3 categories to create a numerical value for the potential risk.

The three categories are:

  • Severity – If the risk were to happen how severe would it be for you or your stakeholders?
  • Occurrence – How often does your team think the risk could potentially happen?
  • Detection – How confident are you in your systems ability to “detect and control” the risk if it were to occur?

Each of these three categories are rated using a value from 1-10. The ratings are defined in tables like the one below.

After rating each of the three categories the values are multiplied together to get an RPN (Risk Priority Number) that represents the significance of the risk. In the example below two of the potential risks of not meeting our customers’ on-time delivery expectations are above the acceptable RPN value.

The calculated RPN value represents the numerical value of the significance of the risk. You will define an RPN value that requires mitigation of the risk. In the case above we have defined an RPN value greater than 100 requires evaluation of action to reduce the risk.

The process above can seem complicated but after you have done it once you will find the process relatively easy.

There are many great references on risk management. One of my favorites is the “Risk Management – Memory Jogger”. These references can help you create a formal method for meeting the “Risk Based Thinking” requirements of AS9100D.

In part 3 of AS9100D tips on risk based thinking we will discuss how to mitigate, control and monitor unacceptable risk.

Paul Harbath is an industry expert with over 30 years of hands on experience in helping small manufacturers understand/implement quality management systems and lean/6-Sigma. Paul has a demonstrated ability to connect with the value adding employees by simplifying complex technical issues. Connect with him on LinkedIn.

Risk based thinking and your quality system, part 1

By Paul Harbath, Quality Management Consultant

In a AS9100D “Risk Based Thinking” is considered a basic principle of an effective quality system. The concept of “preventive action” has been eliminated in AS9100D and replaced with “Risk Based Thinking”.

To meet this requirement your quality system must have evidence that the following happens regularly:

  • Identify potential risks in your quality management system
  • Analyze and evaluate the risks
  • Mitigate, control and monitor unacceptable risk

First let’s talk about ways to identify potential risks. Standard SWOT analysis, cause and effect diagram, affinity diagram or other brainstorming processes are all effective methods to identify potential risks. The key to identification is to consider your customers’ expectations and the potential risk of not meeting these requirements.

Let’s use a cause and effect diagram as an example. In the box on the right of the cause and effect diagram the effect is written. In our case the effect would be: “Not meeting our customer expectations”. Here’s an example of what the diagram might look like.

Remember that risk identification should include the key people in the organization. The leadership and possibly some of the key shop members should be part of the brainstorming. Also be sure that this evaluation is “retained as documented evidence” of your quality system. In most cases I would recommend that you make it part of your regular AS9100D management review.

There are many great references on risk management. One of my favorites is the “Risk Management – Memory Jogger”. These references can help you create a formal method for meeting the “Risk Based Thinking” requirements of AS9100D.

Paul Harbath is an industry expert with over 30 years of hands on experience in helping small manufacturers understand/implement quality management systems and lean/6-Sigma. Paul has a demonstrated ability to connect with the value adding employees by simplifying complex technical issues. Connect with him on LinkedIn.

Weekly tip: How many internal audits do I need to do?

By Paul Harbath, Quality Management Consultant

Internal auditing has been a fundamental part of quality system standards since Mil-Std-9858 in the 1950’s. Along with corrective action and management review internal auditing creates what I refer to as: “The Big Three”. If you do the “Big Three” well your quality system will be very robust. “The Big Three” are so important that every time your registrar comes in to audit (even on surveillance audits which is a partial audit of your system) they will audit “The Big Three”.

In clause “9.2.1 Internal Audit” of AS9100D the requirements are you must have an audit program and it must be planned which usually means a schedule of some kind. It is also required that you qualify your auditors and assure their  independence when performing internal audits.

Now the question: “How many internal audits do I need to do?”.

The AS9100D standard requires that you conduct internal audits at planned intervals. The frequency must be defined in your audit schedule. Other than those requirements it is up to you how often and what areas you audit.

My recommendation would be to perform a full set of internal audits annually. You can do those audits all with-in one month or an audit a month to spread the time required over the year. Just be done with the audits prior to completing your annual management review.

You must define the scope and I would suggest that you audit all the requirements of your quality system. Remember an audit is a “sample only” so auditing the entire system does not mean you have to audit every shall in the AS9100D standard. But you must just select a few “shalls” from all the “shalls” (requirements) in the standard. I have found that a simple audit schedule in Excel that defines the AS9100D clauses being considered for each audit works fine. Here is an example of what that might look like:

Audit Sched Example

The number of audits and title of the audits is up to you. I would suggest that the audit names represent your companies functions. For example an audit name may be “Receiving/Incoming Inspection”. In other words you can create the schedule to make sense for you organization.

Just be sure that your schedule shows that you cover all the requirements in your system with your internal audits. The requirements include AS9100D along with any other standards that you may be required to meet. Also don’t forget that your audit program must include auditing your own internal procedures.

Paul Harbath is an industry expert with over 30 years of hands on experience in helping small manufacturers understand/implement quality management systems and lean/6-Sigma. Paul has a demonstrated ability to connect with the value adding employees by simplifying complex technical issues. Connect with him on LinkedIn.