8.4 Control of External Providers

As stated in section 8.4, “control of externally provided, processes, products and services” means that organizations are responsible for their suppliers. This includes purchasing and receiving, communicating necessary information in regard to purchase order and verifying the products and services received match what was purchased. External control includes anything necessary to ensure that products and/or services provided conform to requirements.

Examples of controls to place on suppliers:

• Incoming inspection
• Supplier audits
• First Article Inspection Reports (FAIRs)
• Supplier performance metrics (scorecard)
• Site visits

Your organization must also evaluate supplier performance and define the criteria for selecting suppliers. This information needs to be documented as well as any activities resulting from your evaluations. For example, if 99% on-time-delivery is a criteria for supplier selection and one of your suppliers is performing at 80% then you would need to take action to address this such as selecting a new supplier or issuing a supplier corrective action to improve on-time-delivery. Other criteria for supplier selection can include requirements for price, ISO certification, or results of a supplier audit.

Our “Controlling of External Providers” procedure included with our All-in-One Certification Package contains all the forms needed to meet these requirements.