Quality cannot be inspected or tested into products and services. Rather, the quality of a product or service is established during design…achieved through the proper control of the manufacture of that product or the performance of the service.  This is especially true of software and software related components, such as microprocessors and microcircuits. Quality must be designed and built into components through the application of proper quality systems. A Quality Management System approach should include several critical steps:

  • Determining the processes and responsibilities necessary to attain the quality objectives
  • Establishing methods to measure the effectiveness and efficiency of each process
  • Determining means of preventing non conformities and eliminating their causes

The receiving activities for a business are important and require careful consideration. Each manufacturer should establish and maintain procedures for acceptance of incoming product. These procedures include inspection, testing, or verification of conformance to specified requirements. Acceptance or rejection should be documented.  The range of acceptance activities can be varied and can even include the following:

  • Observation of production at source
  • Inspection at source
  • Certificate review – conformance or analysis
  • Independent confirmation of certificate data
  • Data review from process monitoring

Quality management is about setting quality objectives and specifying necessary operational processes and related resources to fulfill the quality objectives. It begins with stating the specification – any requirement with which a product, process, service or any other activity must conform.  Specifications can include activities such as process specification or test specification or they can be related to the actual product (e.g. product specification, performance specification and drawing). Planning around the supplier controls is a key consideration and some key questions must be addressed including, what will be acquired what the products or service must provide. You must develop a risk profile to understand the inherent safety and business risks and understand how best to mitigate those risks.  If possible, capture the historical performance of the supplier.

Be sure to communicate three specifications to suppliers:


Technical RequirementsQuality RequirementsBusiness Requirements
  • Must be linked to the design control process
  • Supplier evaluation should start once the technical requirements are stable
  • Critical to quality (CTQ) specifications
  • Essential outputs must be identified during the design process
  • Needs to be established and communicated to the supplier
  • Technical risk analysis should be performance by a cross-functional team
  • Actions needed to mitigate high risk areas need to be implemented
  • Quality assurance procedures, standards and other requirements necessary to ensure that the product or service is adequate for its intended use
  • Define which processes require validation including the rework approach and product assessment
  • Define the change notification process where the supplier should provide timely information on any changes to the qualified process
  • Non-disclosure / confidentiality
  • Price
  • Performance
  • Business continuity /disaster recovery
  • Logistical requirements