Blog

Supplier Risk Management: Which Suppliers Should You Audit?

This blog presents a few thoughts on supplier risk management related to criteria in evaluating suppliers and determining which suppliers you should audit

There are two criteria that are the most popular for evaluation of suppliers:  1) percentage of lots accepted, and 2) percentage of on-time delivery. Both of these metrics have potential limitations. For example, what if a good supplier ships only two shipments this year and there is a problem with one shipment? The reverse is also possible. What if a poor supplier ships lots every week? Ten bad lots per year will result in an 80% quality rating.

On-time delivery has other issues, such as, does purchasing update the due date in the MRP system when they ask suppliers to push out the delivery date due to soft sales volume? If a supplier expedites an order in half the normal turnaround time in their “best effort” to meet your requested due date, should they receive a negative result for percentage on-time delivery if they are one week late?

The points above help identify limitations of supplier metrics. In the end, if you have a critical supplier—there is no substitute for auditing them. Unfortunately, auditing costs money. So which suppliers should you visit?

The “critical suppliers” is often the answer, but how do you decide who is critical? Well…benchmarking is a good idea. For example, a Notified Body (NB) must audit “critical suppliers” that do not have ISO 13485 certification. They define “critical” as subcontractors that perform high-risk processes, such as contract sterilization, subcontractors that perform contract packaging and suppliers that manufacture finished devices. Health Canada even provides some guidance on the definition of critical subcontractors, and how the NB shall determine which “subies” need to be audited.

Internally, your supply chain and quality assurance team have to develop a list of suppliers that will be audited. In general, I recommend that all “critical” suppliers be audited at least once every three years (equal to the certification cycle). However, your auditing schedule is a plan that should have “wiggle room.”

For example, if you weren’t planning to visit an existing supplier until next year or the following year, and suddenly there is a new quality issue with that supplier, you may want to add a “for cause” audit of their facility to your supplier audit schedule. You might want to add suppliers in close proximity to another supplier you were going to audit anyway in order to reduce travel costs.

Practically speaking, you might decide to audit your 10 worst suppliers each year. This might be determined by qualitative, cross-functional rankings, rankings for nonconforming materials, or by the number of supplier corrective action requests. There is no “right” or “wrong” way to determine which suppliers should be audited. However, the best companies have strong supplier quality programs to reduce scrap and the need to perform inspections.

Posted in: Supplier Quality Management

Leave a Comment (0) ↓

Leave a Comment

Time limit is exhausted. Please reload the CAPTCHA.

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers:

Simple Share Buttons
Simple Share Buttons