On July 21, 2021, IATF revised Sanctioned Interpretations to IATF 16949:2016 standard, including:
- revision to SI No. 10, effective August 2021,
- revision to SI No. 3, effective Nov 2021, and
- issuance of SI No. 21-21, effective Nov 2021.
They constitute revisions to associated clauses in IATF 16949:2016 standard. The associated clauses after this and former revisions are as below in Italic. The changes as compared to the clauses in original standard (Ver 2016) are highlighted in blue.
No. 10 _ 184.108.40.206.2. External laboratory
External/commercial/independent laboratory facilities used for inspection, test, or calibration services by the organization shall have a defined laboratory scope that includes the capability to perform the required inspection, test, or calibration, and either:
— the laboratory shall be accredited to ISO/IEC 17025 or its national equivalent (e.g., CNAS-CL01 in China) by an accreditation body (Signatory) of the ILAC MRA (International Laboratory Accreditation Forum Mutual Recognition Arrangement – www.ilac.org) and include the relevant inspection, test, or calibration service in the scope of the accreditation (certificate); the certificate of calibration or test report shall include the mark of a national accreditation body; or
— where a non-accredited laboratory is utilized (e.g. for example, but not limited to: for specialist or integrated equipment, or for parameters with no international traceable standard reference, or original equipment manufacturers), the organization is responsible to ensure that there is evidence that the laboratory has been evaluated and meets the requirements of Section 220.127.116.11.1 of IATF 16949.
Note: integrated self-calibration of measurement equipment, including use of proprietary software, does not meet the requirements of calibration.
No. 3 _ 18.104.22.168 Contingency plans
The organization shall:
a) – b) …
c) prepare contingency plans for continuity of supply in the event of any of the following, but not limited to: key equipment failures (also see Section 22.214.171.124.1); interruption from externally provided products, processes, and services; recurring natural disasters; fire; pandemics; utility interruptions; cyber-attacks on information technology systems; labour shortages; or infrastructure disruptions;
e) periodically test the contingency plans for effectiveness (e.g. simulations, as appropriate);
for cybersecurity: testing may include a simulation of a cyber-attack, regular monitoring for specific threats, identification of dependencies and prioritization of vulnerabilities. The testing is appropriate to the risk of associated customer disruption;
Note: cybersecurity testing may be managed internally by the organization or subcontracted as appropriate;
h) include in contingency plans the development and implementation of appropriate employee training and awareness.
No. 21 _ 126.96.36.199 Risk Analysis
The organization shall include in its risk analysis, at a minimum:
a) lessons learned from product recalls, product audits, field returns and repairs, complaints, scrap, and rework,
b) cyber-attack threats to information technology systems.
No. 22 _ 7.2.1 Competence – supplemental
The organization shall establish and maintain a documented process(es) for identifying training needs including awareness (see Section 7.3.1) and achieving competence of all personnel performing activities affecting conformity to product and process requirements. Personnel performing specific assigned tasks shall be qualified, as required, with particular attention to the satisfaction of customer requirements.
To reduce or eliminate risks to the organization, the training and awareness shall also include information about prevention relevant for the organization’s working environments and employees’ responsibilities, such as recognizing the symptoms of pending equipment failure and/or attempted cyber-attacks.
在2021年7月21日，國際汽車工作組 (IATF) 修訂了 IATF 16949:2016 標準的第10項認可解釋 (2021年8月生效) 和第3項認可解釋 (2021年11月生效)，并发布了第21和第22項認可解釋（2021年11月生效）。主要是澄清了：
這些認可解釋構成對 IATF 16949:2016 標準中相關條款的修訂，並在生效後作為審核依據。
About DQS / 關於DQS
DQS is the 1st Certification Body approved by IATF for ISO/TS 16949 certification service, which is replaced by IATF 16949 certification at present.
Meanwhile, DQS Academy provides professional IATF 16949:2016 Internal Auditor and Core Tools Training Courses and Online Skill Test for Internal Auditors.
The copyright of description approach in this news is reserved by DQS HK. Any republication with or without modification shall indicate the source.