By Angelo Scangas
A manufacturer’s ability to maintain high-quality products and regulatory compliance depends largely on its suppliers’ own quality-related activities. Supplier audits can be an important tool for manufacturing organizations to ensure their suppliers are consistently delivering high-quality parts, materials, components, or ingredients for their finished products.
Leveraged correctly, supplier audits can identify, address, and prevent problems in a supplier’s product quality or processes before the problems spread.
When to conduct a supplier audit
The audit process and timing varies depending on its purpose and who’s conducting it, but for life sciences manufacturers, there are generally three instances when a supplier audit is called for, no matter the company or industry:
- When you have a new supplier without enough performance information available. If your organization is working with a new supplier and there isn’t historical data to evaluate risk—in terms of quality, delivery, or service, all different aspects of supplier performance—that supplier would automatically fall into the high-risk category that should require a supplier audit.
- When an existing supplier isn’t performing well and you want to help it improve. This may be an existing partner supplier whose product quality isn’t what it should be. A supplier audit is an opportunity to identify areas where a supplier can improve, so an audit is applicable if your organization is willing to participate in helping the supplier improve its quality and performance.
- When a supplier is critical to supply chain reliability and the organization. Preventive audits are necessary if a supplier is critical to your organization—for example, the supplier is highly regulated and would be shut down by a failure of its regulatory system. Even if the critical supplier is performing well, the high risk and criticality of the supplier to your organization means you must continuously monitor its systems and processes.
If a critical supplier is exhibiting issues with product quality or delivery, my organization recommends conducting audits at six-month intervals and keeping in constant communication. If a critical supplier is performing well, we recommend an audit once a year.
What to assess during a supplier audit
A supplier audit plan should be risk-based and address three overarching areas:
Area No. 1: Business system aspects most important to your business and/or supply. Audits should look at the business systems that are affecting the performance shortfalls of the supplier and ensure action is being taken to address the gaps in the systems. The supplier should take into consideration the root cause issues you’ve identified through the corrective action system. Other matters to assess during an audit are:
- Whether there have been many product quality-related problems that result in you rejecting products that are not meeting specification
- The testing and inspection process and how the product is released for shipment, making sure that until those issues are resolved, there’s a robust product-release process that will not allow material to be shipped to you as a customer
- Whether there is enough management responsibility and support in the business to ensure resources are in place to conduct needed corrective actions
- Whether there are issues with delivery performance, capacity, utilization, maintenance programs, or the supplier management process; look for improvement opportunities relating to uptime and supplier performance
Area No. 2: Compliance where it is critical for business reliability. During a supplier audit, it is also important to assess compliance where it is critical for business reliability. For instance, has the supplier clearly identified the complete list of regulatory requirements that must be met? What are the supplier’s internal processes to ensure those regulatory requirements are being addressed, maintained, and improved on?
Critical audit activities include:
- Auditing the roles and responsibilities within the organization in terms of compliance with the regulatory requirements
- Ensuring there’s independence within the organization to resolve any compliance or regulatory issues quickly by senior management and leadership
- Ensuring there’s an effective, robust process in place to add or update the existing regulatory requirements
- Determining the day-to-day aspects of business to ensure that regulatory requirements are being met
International Organization for Standardization (ISO)-related standards incorporate requirements by which, if implemented properly, your organization can benefit greatly. But do not assume registration by ISO or other regulatory bodies always correlate to performance. Just because a supplier is registered to a certain ISO standard, it doesn’t mean the supplier’s performance will be satisfactory, even in product quality.
Area No. 3: Performance—but of what? During any supplier audit, always focus on process improvement and ensure processes are monitored and evaluated. Performance evaluation is tied to the risks within the organization.
For instance, if you are looking at performance in terms of regulatory compliance, you are looking for:
- Records readily available to ensure compliance documentation is in place
- Objective evidence that regulatory requirements are being met
- Personnel having the knowledge and experience surrounding regulatory resources
- Results of any type of audit programs the supplier has, whether they are performed internally or by the FDA
Although product quality and compliance are important in supplier performance, performance can also involve safety, cost, or environmental aspects. If you are looking for a supplier to have high reliability in providing a product or service, it must also have other things in place, such as financial stability.
To make sure you’re auditing the right suppliers, it’s important to map out the supply chain, especially for critical suppliers, and find where in the chain a supplier should be audited. When searching for weak points in the link, you may find that the source of the problem is an immediate supplier, or it may be a supplier’s supplier or another subcontractor further down the chain.
One of the most common failures in conducting a supplier audit is turning it into a paperwork exercise, listing all sorts of documentation and exercises in an audit report without solid recommendations for improvement. Every supplier audit should generate opportunities to improve. When conducting any kind of audit, supplier audits included, manufacturers must take a risk-based approach.
About the author
With degrees in manufacturing and chemical engineering, Angelo Scangas is president and CEO of Quality Support Group (QSG), an international consulting and training firm delivering organizational continuous improvement. Scangas has more than 35 years of experience in engineering, quality systems, operations, and process improvement (Lean Six Sigma) in the medical device, health care, and other industries. His background includes product development, design/process engineering, supply chain management, supplier quality, quality system design, and implementation and regulatory compliance.