Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretations

The Rules for Achieving IATF Recognition, 3rd Edition, was published in 2008. The following Sanctioned Interpretations were determined and approved by the IATF. Unless otherwise indicated, Sanctioned Interpretations are applicable upon publication. Revised text is shown in blue. A Sanctioned Interpretation changes the interpretation of a rule or a requirement which itself then becomes the basis for a nonconformity. SI 1 issued February 2009, SI 2 issued May 2009, correction to SI 2 issued June 2009, SI 3 & SI 4 issued October 2009, SI 1 revised & SI 5 December 2009, SI 6, SI 7, SI 8 & SI 9 issued February 2010, SI 10 & 11 issued April 2010 Revised SI 9 & New SI 12 July 2010, New SI 13 Sep 2010, New SI 14 Dec 2010, New SI 15 April 2011, New SI 16 & SI 17 Dec 2011, new SI 18 April 2012 and new SI 19, SI 20 & SI 21October 2012 and new SI22 July 2013 Number
1.

Rules reference
Certification agreement with the client 3.1

Sanctioned Interpretation
New additional requirement Consultants to the organization cannot participate in the audit this was previously the Rules 2nd edition 4.1 requirements. By cannot participate in the audit shall be understood as cannot attend the audit. New requirement The new certification body shall complete all transfer activities (including a g above) and a transfer audit prior to the next scheduled surveillance audit with the previous certification body or the next scheduled recertification audit with the previous CB. When, during a transfer audit, instances of nonconformity are identified, the certification body shall
Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 1 of 11

2.

Transfer Audit 7.0

Number

Rules reference

Sanctioned Interpretation
follow the relevant requirements in the nonconformity management (see section 5.11). The certification decision shall be made based upon the relevant requirements in section 5.13 and the certification decision shall be made within a maximum of 120 calendar days from the last day of the transfer audit and prior to the expiration date of the existing valid certificate. This was previously The new certification body shall complete all transfer activities (including a g above) and a transfer audit including closure of any nonconformities and a certification decision prior to the next scheduled surveillance audit with the previous certification body or the expiration of the existing valid certificate. All references to ISO/TS 16949:2002 are superseded by ISO/TS 16949:2009, released on 15 June 2009. the total number of surveillance audit days in the first, second and third year (dependent on the agreed interval see table 5.1) of any three year audit cycle shall be equal to the number of initial audit days in the calculation illustrated in table 5.2 and shall be of equal duration. There shall be at least one surveillance audit per year, Change of requirement from The auditor shall be responsible to conduct a minimum of one (1) ISO/TS 16949:2002 audit per three month period within a minimum total of ten (10) audit days within any twelve (12) month period from the date of qualification.

3.

Various pages

4.

Audit Days Determination 5.2 m)

5.

Maintaining Certification 4.5

To Within each full calendar year, the auditor shall be responsible to conduct a) a minimum of one (1) ISO/TS 16949 audit per quarter b) a minimum total of ten (10) audit days per year

Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 2 of 11

Number

Rules reference

Sanctioned Interpretation

6.

IATF Contractual requirements 2.2

New paragraph beneath 2.2 f) The certification body shall cooperate with the relevant IATF Oversight office in performing activities in support of the IATF Certification Scheme. Current Rules 2.3 (3rd paragraph) Witness audits are conducted, at a site, witnessing an audit team from a certification body during an ISO/TS 16949:2002 audit to verify the certification bodys conformance with all requirements of ISO/TS 16949:2002, including the Rules, Rules Sanctioned Interpretations (SI), Rules Frequently Asked Questions (FAQs), CB Communiqu, any ISO/TS 16949:2002 sanctioned interpretations subsequently issued. Change to;

7.

IATF ongoing recognition requirements 2.3

Witness audits are conducted, at a site, witnessing an audit team from a certification body during an ISO/TS 16949:2002 audit to verify the certification bodys conformance with all requirements of ISO/TS 16949:2002, including the Rules, Rules Sanctioned Interpretations (SIs), Rules Frequently Asked Questions (FAQs), CB Communiqus, ISO/TS 16949:2002 sanctioned interpretations, the certification bodys key processes and operating procedures (see Rules 2.5). Current Rules 2.3 (5th paragraph) Office assessments shall review the certification bodys conformance with the Rules, Rules Sanctioned Interpretations (SI), Rules Frequently Asked Questions (FAQs), and CB Communiqu, subsequently issued. Change to; Office assessments shall review the certification bodys conformance with the Rules, Rules Sanctioned Interpretations (SIs), Rules Frequently Asked Questions (FAQs) and CB Communiqus,

Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 3 of 11

Number

Rules reference

Sanctioned Interpretation
the certification bodys key processes and operating procedures (see Rules 2.5).

8.

IATF certification body recognition requirements 2.1 Nonconformity management 5.11 & Surveillance Audit 6.8 Audit Team 5.6

A certification body shall be able to demonstrate that it has evaluated the risks arising from its certification activities and that it has adequate arrangements (e.g. insurance or financial reserves) to cover liabilities arising from its operations in each of its fields of activities and the geographic areas in which it operates. A certification body shall be compliant with the regulations of each country in which it operates. All references to ninety (90) days shall be understood to mean ninety (90) calendar days

9.

10.

The audit team shall be composed of IATF qualified auditors (and technical experts, as necessary) with a valid certificate to conduct audits in the name of the certification body as recorded in the IATF database. The auditors, between them, shall have relevant sector specific experience for all commodity codes which apply to the scope of certification at the site. Change of requirement from The new certification body shall conduct the transfer audit, which is equivalent in audit days to a recertification audit (see table 5.2). To

11.

Transfer Audit 7.0

A transfer audit is the equivalent of a recertification audit. The audit days of the transfer audit are equivalent to a recertification audit (see table 5.2). The audit planning and conduct of the transfer audit shall comply with all requirements defined in section 6.9.

Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 4 of 11

Number

Rules reference
Change of requirement from

Sanctioned Interpretation

The certification body shall appoint at least one auditor from the initial audit team to participate in all surveillance audits of the three (3) year audit cycle. For each subsequent recertification and surveillance audit cycle different auditors shall be used. The certification body shall request prior approval from the relevant IATF Oversight Office if these requirements cannot be met. To The certification body shall appoint at least one auditor from the initial audit team to participate in all surveillance audits of the three (3) year audit cycle. For each subsequent recertification and surveillance audit cycle different auditors shall be used. The certification body shall request prior approval from the relevant IATF Oversight Office if these requirements cannot be met. The certification body may appoint one auditor from the current audit cycle to participate as a member of the audit team at the subsequent recertification audit to ensure an effective transition to a new audit team.

12.

Establishing the audit team 5.6

Change of requirement from The certification body shall nominate as internal witness auditors individuals having demonstrated technical competence (as listed in section 4.4.c) to their relevant IATF Oversight office for approval. Note: Technical competence should be demonstrated by taking the examination within the IATF Certification Body auditor development process Internal Witness Auditor Qualification 4.6 To The certification body shall nominate active ISO/TS 16949 auditors (knowledgeable in the CBs internal processes) to their relevant IATF Oversight office for approval as internal witness auditors.

13

Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 5 of 11

Number

Rules reference
Change of requirement from

Sanctioned Interpretation
The de-recognition of an IATF certification body shall be initiated upon:
a) b) c) d)

violation of any provision of the contract with IATF, violation of these Rules, loss of ISO/IEC 17021:2006 accreditation to perform ISO 9001:2000 certification, of any of the offices included in the list required in section 2.2, failure to conduct a minimum of twenty-five (25) ISO/TS 16949:2002 site audits (initial, surveillance or recertification) in the first twelve (12) months following the recognition date and per calendar year thereafter, inadequate performance as identified by the relevant IATF Oversight office, lack of IATF database accuracy, integrity and timeliness, failure to ensure the integrity of the auditor development process (see section 4.5).

e) f)

14

Loss of IATF certification body recognition 2.4

g)

De-recognition of an IATF certification body results in cancellation of the IATF contract. To The de-recognition of an IATF Certification Body shall be initiated when any of the following occurs; a) violation of any provision of the contract with IATF, b) the absence of, or the failure to implement, maintain or comply with the automotive scheme requirements and based upon objective evidence available at the time of an Office Assessment or Witness Audit that constitutes a risk to the integrity of the certification scheme, c) loss of ISO/IEC 17021 accreditation to perform ISO 9001 certification of any of the offices include in the list required in section 2.2 d) failure to conduct a minimum of twenty-five (25) ISO/TS 16949 site audits (initial, surveillance or recertification) in the first twelve (12) months following the recognition date and per calendar year thereafter, e) inadequate performance as identified by the relevant IATF Oversight Office,
Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 6 of 11

Number

Rules reference

Sanctioned Interpretation
f) lack of IATF database accuracy, integrity and timeliness, g) failure to ensure the integrity of the auditor development process (see section 4.5) h) failure to submit root cause analysis, correction (if necessary), systemic corrective action and evidence of implementation to the relevant IATF Oversight Office within a maximum of 90 calendar days from the issue date of the final report. Change of requirement from
Prior to the start of a transfer audit, the following conditions shall be met: h) the new certification body shall ensure the audit team members, if subcontracted, have not previously audited the client.

15

Transfer Audit 7.0

To: Prior to the start of a transfer audit, the following conditions shall be met: h) the new certification body shall ensure the audit team members have not previously audited the client. Previously audited means an audit team member has not participated on the audit team for at least one (1) full 3 year audit cycle.

Introduction of additional requirement, 6.7 Information for granting initial certification, 6.10 Information for granting recertification & 7.0 Transfer audit
The Certification Body shall upload the clients ISO/TS 16949 certificate within twenty (20) calendar days of entering the certification information in the IATF Database. The format of the uploaded certificate shall meet the following requirements: In English as a minimum Include all appendices to the certificate (only one file can be uploaded) Saved as colour grey scale only Submit as a .pdf file (all other types will be rejected) The file shall be no larger than 2 MB (including all appendices)

16

Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 7 of 11

Number

Rules reference

Sanctioned Interpretation
Introduction of additional requirement to now include,
The certification Body shall enter the audit data in the IATF database within twenty (20) calendar days from the date of the closing meeting The audit data shall now include the number of major and minor nonconformities including the relevant ISO/TS clauses Note: If the nonconformity consists of multiple affected ISO/TS clauses and/or references to Customer Specific Requirements the certification body is required to only enter the main clause of the nonconformity e.g. major nonconformity 8.4.1 and 8.5.2. Only enter the major against 8.4.1

17

6.6 Stage 2 audit, 6.8 Surveillance audit, 6.9 Recertification audit & 7.0 Transfer audit

Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 8 of 11

Change of requirement from: c) the existing certificate shall be valid, with all existing nonconformities considered to be 100% resolved, d) the client cannot be in any IATF OEM special status condition, or have their current ISO/TS16949:2009 certification in suspension, cancelled or withdrawn status, e) the client shall provide the new certification body with the previous audit report and all findings issued by the existing certification body for the site and any remote support functions, f) the new certification body shall perform a review of the provided audit report and all findings, g) the new certification body shall perform a basic document review and a review of key indicators of quality management system performance, h) the new certification body should ensure the audit team members, if subcontracted, have not previously audited the client. Previously audited means an audit team member has not participated on the audit team for at least one (1) full 3 year audit cycle. (refer to SI 15) 18 Transfer Audit 7.0
To:

c) the existing certificate shall be a valid, with all existing nonconformities considered to be 100% resolved, d) the new certification body shall not transfer a client in any IATF OEM special status condition until after the existing certification body has conducted at least one onsite audit to verify the effective implementation of the identified corrective actions, e) the client cannot have their current ISO/TS16949:2009 certification in suspension, cancelled or withdrawn status, If the certificate was suspended within the previous twelve (12) months and the suspension was initiated due to 8.1. a), b), or c), the new certification body shall not transfer the client until after the existing certification body has conducted at least one onsite audit to verify the effective implementation of the identified corrective actions, f) the client shall provide the new certification body with the previous audit report including evidence that all findings issued by the existing certification body for the site and any remote support functions are closed,
Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 9 of 11

g) the new certification body shall perform a review of the provided audit report and all findings, h) the new certification body shall perform a basic document review and a review of key indicators of quality management system performance, i) the new certification body should ensure the audit team members, if subcontracted, have not previously audited the client. Previously audited means an audit team member has not participated on the audit team for at least one (1) full 3 year audit cycle,

Introduction of additional requirement to now include, j) the new certification body shall contact their relevant Oversight office to verify the following information: the client did not transfer from another IATF recognized certification body within previous three (3) year period, the date of the last initial or recertification audit, the status of the ISO/TS 16949:2009 certificate for past twelve (12) months, the audit team members for the new certification body have not participated on the audit team with the previous certification body for at least one (1) full 3 year audit cycle. Introduction of additional requirement; The certification body management review process shall include the status and results of certification decisions. Introduction of additional requirement; l) to conduct a management review at a frequency that will ensure the effectiveness of the certification decision process The current requirement is withdrawn

19

Certification decision 5.12 Operating system requirements 2.5 Audit days determination

20 21

Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 10 of 11

5.2 h)

Previous headcount reductions approved by Oversight in line with Rules 5.2.h are valid only for current certification period. No extensions to the original approved conditions will be granted. New requirement

22

Establishing the audit team 5.6

For the initial certification audit (stage 1 and stage 2), the certification body shall appoint an audit team who has not previously audited the client in the past three (3) year period for ISO/TS 16949 with the current certification body or a previous certification body.

Rules for Achieving IATF Recognition 3rd Edition Sanctioned Interpretation; Page 11 of 11