8.4.3、提供给外部供方的信息

组织应确保在与外部供方沟通之前所确定的要求是充分和适宜的。

组织应与外部供方沟通以下要求：

a）所提供的过程、产品和服务，包括相关技术数据的标识（如规范，图纸，过程要求，和工作指导书）；

b）对下列内容的批准：

1）产品和服务；

2）方法、过程和设备；

3）产品和服务的放行；

c）能力，包括所要求的人员资质；

d）外部供方与组织的接口；

e）组织对外部供方绩效的控制和监视；

f）组织或其顾客拟在外部供方现场实施的验证或确认活动；

g）设计和开发控制；

h）特殊要求，关键项目，包括关键特性 ；

g）试验，检验和验证（包括生产过程的验证）；

h）使用组织能接受的统计技术来进行产品验收和相关说明；

i）需要

—— 执行的质量管理体系；

—— 使用顾客指定或批准的外部供方，包括过程来源（如特殊过程）；

—— 向组织通报不合格的过程，产品或服务并获得处置批准；

—— 预防使用未经批准的、疑似未经批准的、仿冒的零件（见 8.1.4和 8.1.5）;

—— 通知组织关于过程/产品或服务的更改，包括他们的外部供方的更改、生产地点的更改，并获得组织的批准；

—— 向外部供方传递适用的要求，包括顾客要求；

—— 适用时，提供符合性证明（COC）、测试报告及授权放行证；提供试验件用于设计批准、检验/验证、调查或审核（例如生产方法，编号，储存条件）；

—— 需要保留的文件信息，包括保留期和处置要求。

j）在供应链的任何层次，组织及其顾客和监管机关可接触进入到任何适用的场所,和适用文件信息的权利。

k）保证人员意识到

—— 他们对产品和服务符合性的贡献；

—— 他们对产品安全的贡献；

—— 符合道德标准的行为的重要性。

8.4.3、Information for External Providers

The organization shall ensure the adequacy of requirements prior to their communication to the external provider. The organization shall communicate to external providers its requirements for:

a. the processes, products, and services to be provided including the identification of relevant technical data (e.g., specifications, drawings, process requirements, work instructions);

b. the approval of:

1.products and services;

2.methods, processes, and equipment;

3.the release of products and services;

c. competence, including any required qualification of persons;

d. the external providers’ interactions with the organization;

e. control and monitoring of the external providers’ performance to be applied by the organization;

f. verification or validation activities that the organization, or its customer, intends to perform at the external providers’ premises;

g. test, inspection, and verification;

h. the use of statistical techniques for product acceptance and related instructions for acceptance by the organization;

i. the need to:

—— implement a quality management system;

—— use customer-designated or approved external providers, including process sources (e.g., special processes);

—— notify the organization of nonconforming processes, products, or services and obtain approval for their disposition;

—— prevent the use of suspected unapproved, unapproved, and counterfeit parts (see 8.1.4 and 8.1.5);

—— notify the organization of changes to processes, products, or services, including changes of their external providers or location of manufacture;

—— flow down to external providers applicable requirements including customer requirements;

—— provide a certificate of conformity, test reports, or authorized release certificate, as applicable;

—— retain documented information, including retention periods and disposition requirements;

j. the right of access by the organization, their customer, and regulatory authorities to the applicable areas of facilities and to applicable documented information, at any level of the supply chain;

k. ensuring that persons are aware of:

—— their contribution to product or service conformity;

—— their contribution to product safety;

—— the importance of ethical behavior.