Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015

quality management system requirements for automobile and parts production of relevant
service organizations

International Automotive Working Group

1st Edition
October 1, 2016
1| Page of 49
 Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
0.2 Quality management principles
This International Standard is based on the quality management principles described in the ISO 9000 standard.
Descriptions include a statement of each principle, a reason why the principle is important to the organization,
some examples of the benefits associated with the principle, and examples of typical actions to improve the
organization's performance by applying the principle.

The principles of quality management are:

- customer focus;
- leadership;
- people's participation;
- process-based approach;
- improvement;
- evidence-based decision making;
- Relationship management.

approach 0.3 Process

0.3.1 general
This International Standard promotes the adoption of a process-based approach when developing, implementing
and improving the effectiveness of a quality management system, to improve customer satisfaction by meeting
customer requirements. Specific requirements that are considered essential for the adoption of a process-based
approach are included in 4.4 .

Understanding and managing interrelated processes as a system contributes to the effectiveness and efficiency of
the organization in achieving the expected results. This approach allows the organization to control the
interrelationships and interdependencies between system processes, so that the overall performance of the
organization can be improved.

The process approach involves the definition and systematic management of processes and their interactions, in
order to achieve the expected result in accordance with the quality policy and strategic direction of the
organization. Management of the processes and the system as a whole can be achieved using the PDCA cycle (see
0.3.2) with an overall focus on risk-based thinking (see 0.3.3), aimed at taking advantage of opportunities and
avoiding outcomes. not wanted.

The application of the process approach in a quality management system allows:

a) understanding and consistency in meeting requirements;

b) examining processes in terms of added value;
c) achieving effective process performance;
d) improvement of processes based on the evaluation of data and information.

Figure 1 gives a schematic representation of any process and shows the interaction of its elements. The supervisory
and measurement control points, which are necessary for control, are specific to each process and may vary
depending on the related risks.

1st Edition
October 1, 2016
3| Page of 49
 Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015

ISO 9001:2015(E)
T Starting point I End point

Possible controls and

check points to monitor
and measure performance

figure 1 - Schematic representation of the elements of a single production process

0.3.2 Plan-Do-Check-Act cycle
The PDCA cycle can be applied to all processes and to the quality management system as who

Figure2 illustrates how Californian Clauses 4 to 10 are grouped in relation to the PDCA cycle.
NOThe numbers in parentheses refer to the clauses of this International Standard.
figure 2 - Representation of the structure of this standard in the PDCA cycle

1st Edition
October 1, 2016
4| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
The PHVA cycle can be briefly described as follows:
- Plan : Establish the objectives of the system and its processes and the resources necessary to achieve results in
accordance with customer requirements and organizational policies, and identify risks and management
opportunities;
- Do : Put into practice what was planned;
- Check : Monitor and (where applicable) measure processes and resulting products and services against policies,
objectives, requirements and planned activities, and report results;
- Act : Take actions to improve performance, as necessary.

0.3.3 risk-based thinking

Risk-based thinking (see A.4 clause ) is essential to achieving an effective quality management system.
The concept of risk-based thinking has been implicit in previous editions of this International Standard, including,
for example, carrying out preventive actions to eliminate potential nonconformities, analyzing any nonconformities
that occur, and taking action. to prevent recurrence that is appropriate for the purposes of the nonconformity.

To meet the requirements of this international standard, an organization needs to plan and execute actions to
address risks and opportunities. Addressing risks and opportunities establishes a foundation for increasing the
effectiveness of the quality management system, achieving better results and preventing negative effects.

Opportunities may arise as a consequence of a favorable situation to achieve a desired result, for example, a set of
circumstances that allow the organization to attract customers, develop new products and services, reduce waste or
improve productivity. Actions to address opportunities may also include consideration of the associated risks. Risk
is the effect of uncertainty and any such uncertainty can have positive or negative effects. A positive deviation
resulting from a risk may provide an opportunity, but not all the positive effects of risks result in opportunities.

0.4 Relationship with other management system standards

This standard applies the framework developed by ISO to improve alignment between its
International standards for management systems (see A.1 clause ).

This International Standard allows an organization to use the process approach, together with the
PDCA cycle and risk-based thinking, align or integrate your quality management system with the requirements of
other management system standards.

This International Standard refers to ISO 9000 and ISO 9004 as follows:

- ISO 9000 quality management systems – Fundamentals and vocabulary provides essential background for the
understanding and application of this appropriate international standard;

- ISO 9004 Managing for the sustained success of an organization – A quality management approach provides
guidance for organizations that choose to progress beyond the requirements of this International Standard.

Annex B provides details of other international quality management systems and quality management standards
that have been developed by ISO/TC 176.

This International Standard does not include specific requirements for other management systems, such as
environmental management, occupational health and safety management, or financial management.

sector-specific quality management system standards based on the requirements of this International

The Standard has been developed for a number of sectors. Some of these standards specify additional quality
management system requirements, while others are limited to providing guidance on the application of this
international standard within the particular sector.

1st Edition
October 1, 2016
5| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
quality management systems - Requirements

1 reach
This International Standard specifies the requirements for a quality management system, when an organization:
a) You need to demonstrate your ability to consistently provide products and services that satisfy customer and
applicable legal and regulatory requirements, and
b) aims to increase customer satisfaction through effective system implementation, including processes for system
improvement and ensuring compliance with customers and applicable legal and regulatory requirements.

All requirements of this International Standard are generic and are intended to be applicable to any organization,
regardless of its type or size, or the products and services it offers.

NOTE 1 In this International Standard, the terms “products” or “service” only apply to products and services intended for, or
requested by, a customer.

NOTE 2 Legal and regulatory requirements may be expressed as legal requirements.

2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are essential for its
application. For dated references, only the cited edition applies. For undated references, the latest edition of the
reference document (including any modifications) applies. ISO 9000: 2015, quality management systems -
Fundamentals and vocabulary

3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO 9000:2015 apply.

4 Organization context
4.1 Understanding the organization and its context
ISO 9001:2015 requirements.
The organization must determine the external and internal issues that are relevant to its purpose and its strategic
direction and that affect its ability to achieve the outcome(s) intended for its quality management system.
The organization must control and review information on these external and internal issues.
NOTE 1 Problems may include positive and negative factors or conditions for consideration.
NOTE 2 Understanding the external context can be facilitated by taking into account problems arising from legal, technological,
competitive, market, cultural, social and economic environments, whether international, national, regional or local.
NOTE 3 Understanding the internal context can be facilitated by considering issues related to values, culture,
knowledge and organizational performance.

4.2 Understanding the needs and expectations of interested parties

ISO 9001:2015 requirements.
Due to its effect or potential effect on the organization's ability to consistently provide products and
services that comply with the client's applicable legal and regulatory requirements and, the organization will
determine:
a) the interested parties that are relevant to the quality management system;
b) the requirements of these interested parties that are relevant to the quality management system.
The organization must control and review information about these interested parties and their
relevant requirements.

4.3 Determine the scope of the quality management system

ISO 9001:2015 requirements.
1st Edition
October 1, 2016
6| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
The organization must determine the limits and applicability of the quality management system to establish its
scope.
When determining this scope, the organization must consider:
a) the external and internal problems referred to in 4.1 ;
b) the requirements of relevant interested parties provided for in 4.2 ;
c) the organization's products and services.
The organization shall apply all requirements of this International Standard if they are applicable within the given
scope of its quality management system.
The scope of the organization's quality management system must be available and maintained as documented
information. The scope shall indicate the types of products and services covered, and provide justification for any
requirements of this International Standard that the organization determines are not applicable to the scope of its
quality management system.
Conformity with this standard may be charged only if the requirements deemed not to be applicable do not affect
the organization's ability or responsibility to ensure conformity of its product.
products and services and improving customer satisfaction.
d) 3.1 Determine the scope of the quality management system - supplemental
Support functions, whether on-site or remote (for example, design centers, corporate headquarters and distribution
centers), are included in the scope of the Quality Management System (QMS).
The only exception permitted for this Automotive Standard QMS relates to the product design and development
requirements within ISO 9001, Section 8.3. The exclusion will be justified and is maintained as documented
information (see ISO 9001, Section 7.5).
Authorized exclusions do not include process design manufacturing.

e) 3.2 customer specific requirements

Specific customer requirements shall be evaluated and included in the scope of the organization's quality
management system.

4.4 quality management system and its processes

4.4.1
ISO 9001:2015 requirements
4.4.2 The organization shall establish, implement, maintain and continually improve a quality management
system, including the necessary processes and their interactions, in accordance with the requirements of this
International Standard.
The organization must determine the processes necessary for the quality management system and its application
throughout the organization, and must:
a) determine the required inputs and expected results from these processes;
b) determine the sequence and interaction of these processes;
c) determine and apply the criteria and methods (including monitoring, measurements and related performance
indicators) necessary to ensure the effective operation and control of these processes;
d) determine the resources necessary for these processes and guarantee their availability;
e) assign responsibilities and authorities for these processes;
f) against risks and opportunities, defined in accordance with the requirements of 6.1 ;
g) evaluate these processes and implement the necessary changes to ensure that these processes achieve the
intended results;
h) improve processes and the quality management system.

4.4.1.1 Compliance of products and processes

The organization must ensure the conformity of all products and processes, including service parts and those that are
outsourced, to all applicable customer, legal, and regulatory requirements (see Section 8.4.2.2).

1st Edition
October 1, 2016
7| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
4.4.1.2 Product safety
The organization shall have documented processes for product management related to security products and manufacturing
processes, which shall include but not be limited to the following, if applicable:
a) identification by the organization of legal and regulatory product safety requirements;
b) notification to the client of the requirements in point a);
c) special authorizations for design FMEA;
d) identification of characteristics related to product safety;
e) identification and controls of characteristics related to product safety and at the point of manufacturing;
f) special approval of control plans and process FMEAs;
g) reaction plans (see Section 9.1.1.1);
h) Defined responsibilities, definition of escalation process and information flow, including senior management,
and customer notification;
i) training identified by the organization or client for personnel involved in security-related products and
associated manufacturing processes;
j) Product or process changes will be approved prior to implementation, including evaluation of the potential
effects on product safety of process and product changes (see ISO 9001, Section 8.3.6);
k) transfer of requirements regarding product safety throughout the supply chain, including customer-designated
sources (see Section 8.4.3.1);
l) traceability of products per manufactured batch (at a minimum) throughout the supply chain (see Section
8.5.2.1);
m) Lessons learned for introducing new products.

NOTE: Special approval is an additional approval from the role (usually the client) that is responsible for approving
documents with security-related content.

4.4.3
ISO 9001:2015 requirements.
4.4.4 To the extent necessary, the organization shall:
a) maintain documented information to support the operation of your processes;
b) retain documented information to have confidence that processes are carried out as planned.

5 Leadership

5.1 Leadershipand commitment

5.1.1 General
ISO 9001:2015 requirements.
5.1.2 general
Senior management must demonstrate its leadership and commitment to the quality management system by:
a) take responsibility for the effectiveness of the quality management system;
b) ensuring that the quality and quality policy objectives for the quality management system are established and
are compatible with the context and strategic direction of the organization;
c) ensure the integration of quality management system requirements into the organization's business processes;
d) promoting the use of the process-based approach and risk-based thinking;
e) ensure that the resources necessary for the quality management system are available;
f) communicate the importance of effective quality management and adapting to the requirements of the quality
management system;
g) ensure that the quality management system achieves its intended results;
h) that couples, directs and supports people to contribute to the effectiveness of the quality management system;
i) promoting improvement;
j) Supporting other relevant management functions to demonstrate their leadership as it applies to their areas of
responsibility.

1st Edition
October 1, 2016
8| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
NOTE The reference to “business” in this standard may be interpreted broadly to refer to those activities that are fundamental
to the purposes of the organization's existence, whether the organization is public, private, for-profit or not-for-profit. .

5.1.1.1 Corporate responsability

The organization must define and implement corporate responsibility policies, including at a minimum an anti-bribery
policy, an employee code of conduct, and an ethics escalation policy (“whistleblowing policy”).

5.1.1.2 the effectiveness and efficiency of the process

Top management should review product realization processes and supporting processes to evaluate and improve their
effectiveness and efficiency. The results of the process review activities will be included as input for management review
(see Section 9.3.2.1.).

5.1.1.3 process owners

Top management should identify process owners who are responsible for managing the organization's processes and
related products. Process owners understand their functions and are competent to perform those functions (see ISO 9001,
Section 7.2).

5.1.2 Customer focus

ISO 9001:2015 requirements.
Senior management must demonstrate leadership and commitment to customer focus by ensuring that:
a) customer and applicable legal and regulatory requirements are determined, understood and consistently met;
b) risks and opportunities that may affect the conformity of products and services and the ability to improve
customer satisfaction are determined and addressed;
c) The focus remains on improving customer satisfaction.

5.2 Policy

5.2.1 Establishing the quality policy

ISO 9001:2015 requirements.
Senior management must establish, implement and maintain a quality policy that:
a) is appropriate to the purpose and context of the organization and supports its strategic direction;
b) provides a framework for setting quality objectives;
c) includes a commitment to satisfy applicable requirements;
d) includes a commitment to continuous improvement of the quality management system.

5.2.2 Communicate the quality policy

ISO 9001:2015 requirements
The quality policy must:
a) be available and maintained as documented information;
b) be communicated, understood and applied within the organization;
c) be available to relevant interested parties, as appropriate.

5.3 organizational roles, responsibilities and authorities

ISO 9001:2015 requirements.
Top management must ensure that responsibilities and authorities for relevant functions are assigned,
communicated and understood within the organization.
Senior management must assign responsibility and authority to:
a) ensure that the quality management system complies with the requirements of this international standard;
b) ensure that processes are delivering their intended products;

1st Edition
October 1, 2016
9| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
c) report on the performance of the quality management system and opportunities for improvement (see 10.1 ),
particularly at the beginning of management;
d) ensure the promotion of customer orientation throughout the organization;
e) ensure that the integrity of the quality management system is maintained when changes to the quality
management system are planned and implemented.

5.3.1 Of organization, functions, responsibilities and authorities - supplementary

Top management must assign personnel with the responsibility and authority to ensure that customer requirements are met.
These assignments will be documented. This includes but is not limited to the selection of special features, the
establishment of quality objectives and corresponding training, corrective and preventive actions, design and development,
capacity analysis, logistics information, customer scorecards, and customer portals.

5.3.2 Responsibility and authority for product requirements and corrective actions

Senior management must ensure that:

a) Personnel responsible for compliance with product requirements have the authority to stop shipping and stop
production to correct quality problems;

NOTE: Due to process design in some industries, it may not always be possible to stop production
immediately. In this case, the affected batch must be contained and shipment to the customer prevented.
b) Personnel with authority and responsibility for corrective action are informed without delay of products or
processes that do not conform to requirements to ensure that nonconforming products are not shipped to the
customer and that all potential nonconforming products are identified and contained;
c) Production operations on all shifts have personnel in charge of, or delegated responsibility for, ensuring
conformity with product requirements.

6 Planning

6.1 Actions to address risks and opportunities

6.1.1 and 6.1.2

ISO 9001:2015 requirements
6.1.2 When planning for the quality management system, the organization shall consider the issues referred to in
4.1 and the requirements indicated in 4.2 and determine the risks and opportunities that must be addressed to:
a) provide assurance that the quality management system can achieve its intended result(s);
b) enhance desirable effects;
c) prevent, or reduce, unwanted effects;
d) achieve an improvement.

6.1.3 The organization must plan:

a) actions to address these risks and opportunities;
b) the way of:
1) integrate and implement the actions in your quality management system processes (see 4.4 );
2) evaluate the effectiveness of these actions.

Actions taken to address risks and opportunities will be proportional to the potential impact on the conformity of
products and services.

NOTE 1 Options for addressing risks may include avoiding risks, taking risks in order to pursue an opportunity, eliminating the
source of risk, changing the probability or consequences, sharing the risk, or retaining the risk for informed decision.

1st Edition
October 1, 2016
10| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
NOTE 2 Opportunities may result in the adoption of new practices, launching new products, opening new markets, addressing
new customers, creating partnerships, using new technologies and other desirable and viable possibilities to address the needs
of your organization's clients or several.

6.1.2.1 Risk analysis

The organization should include in its risk analysis, at a minimum, lessons learned from product recalls, product audits,
field returns and repairs, complaints, scrap, and rework.

The organization will retain documented information as evidence of the results of the risk analysis.

6.1.2.2 Preventive action

The organization shall determine and implement action(s) to eliminate the causes of potential nonconformities to prevent
their occurrence. Preventive actions should be appropriate to the severity of the potential problems.

The organization must establish a process to reduce the impact of the negative effects of risks that includes the following:

a) determine potential nonconformities and their causes;

b) evaluate the need to act to prevent the occurrence of nonconformities;
c) Determine and implement the necessary actions
d) documented information on the measures taken;
e) review the effectiveness of the preventive measures adopted;
f) lessons learned that they use to prevent recurrence in similar processes (see ISO standard
9001, Section 7.1.6).

6.1.2.3 Contingency plans

The organization must:
a) identify and evaluate internal and external risks to manufacturing processes and essential infrastructure
equipment to maintain production performance and to ensure that customer requirements are met;
b) define contingency plans based on risk and impact for the client;
c) prepare contingency plans for continuity of supply in the event of any of the following: failures of key
equipment (also see Section 8.5.6.1.1); disruption of externally provided products, processes and services;
recurring natural disasters; fire; utility interruptions; labor shortage; or alterations to infrastructure;
d) include, as a complement to contingency plans, a notification process to the client and other interested parties
for the extent and duration of any situation that affects the client's operations;
e) periodically test contingency plans for effectiveness (e.g. simulations, as appropriate);
f) conduct contingency plan reviews (at least annually) using a multidisciplinary team including senior
management, and update as necessary;
g) document contingency plans and retain documented information describing any revision(s), including the
person(s) authorizing the change(s).

Contingency plans will include provisions to validate that the manufactured product continues to meet customer
specifications following the resumption of production following an emergency in which production was stopped and if
regular shutdown processes were not followed.

6.2 quality objectives and planning to achieve them

6.2.1 and 6.2.2

ISO 9001:2015 requirements.
6.2.2 The organization shall establish quality objectives at the relevant functions, levels and processes necessary
for the quality management system.

The quality objectives must:

a) be consistent with the quality policy;

1st Edition
October 1, 2016
11| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
b) be measurable;
c) take into account applicable requirements;
d) be relevant to the conformity of products and services and to the improvement of customer satisfaction;
e) be supervised;
f) be communicated;
g) updated as appropriate.

The organization must maintain documented information on quality objectives.

6.2.3 When planning how to achieve its quality objectives, the organization must determine: a) what will be done;
b) what resources are required;
c) that he will be responsible;
d) when it will be completed;
e) How will the results be evaluated?

6.2.2.1 quality objectives and planning to achieve them - supplemental

Top management must ensure that quality objectives to meet customer needs are defined, established and maintained for
relevant functions, processes and levels of the organization.

The results of the review of the organization in relation to interested parties and their relevant requirements will be
considered when the organization establishes its annual (at a minimum) quality objectives and related performance
objectives (internal and external).

6.3 Planning the changes

ISO 9001:2015 requirements.
When the organization determines the need for changes to the quality management system, the changes will be
carried out in a planned manner (see 4.4 ).
The organization must take into account:
a) the purpose of the changes and their possible consequences;
b) the integrity of the quality management system;
c) the availability of resources;
d) the assignment or reassignment of responsibilities and authorities.

7 Support

7.1 resources

7.1.1 General
ISO 9001:2015 requirements.
The organization must determine and provide the resources necessary for the establishment, implementation,
maintenance and continuous improvement of the quality management system.

The organization must take into account:

a) existing internal capabilities and resource limitations;
b) what needs to be obtained from external suppliers.

7.1.2 People
ISO 9001:2015 requirements.
The organization must determine and provide the people necessary for the effective application of its quality
management system and for the operation and control of its processes.

1st Edition
October 1, 2016
12| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
7.1.3 Infrastructure
ISO 9001:2015 requirements.
The organization must determine, provide and maintain the infrastructure necessary for the operation of its
processes and to achieve conformity of products and services.

NOTE infrastructure may include:

a) buildings and associated services;
b) the equipment, including hardware and software;
c) transportation resources;
d) the information and the comunication.
7.1.3.1 Plant, facilities, equipment and planning
The organization must use a multidisciplinary approach that includes risk identification and risk mitigation methods for the
development and improvement of plant, facility and equipment plans. When designing facility plans, the organization
must:
a) Optimize material flow, material handling, and value-added use of floor space including control of
nonconforming product, and
b) facilitate synchronous flow of materials, as applicable.

Methods must be developed and implemented to evaluate the feasibility of manufacturing new products or new operations.
Manufacturing feasibility assessments should include capacity planning. These methods will also be applicable for the
evaluation of proposed changes to existing operations.

The organization shall maintain the effectiveness of the process, including periodic reassessment in relation to risk, to
incorporate changes made during the approval process, maintenance of control plan (see Section 8.5.1.1), and verification
of set-up work. ups (see Section 8.5.1.3).

Manufacturing feasibility assessments and capacity planning assessment will be inputs for management review (see ISO
9001, Section 9.3).

NOTE 1: These requirements must include the application of lean manufacturing principles.
NOTE 2: These requirements should apply to on-site supplier activities, as applicable.

7.1.4 Environment for the operation of the processes

ISO 9001:2015 requirements.
The organization must determine, provide and maintain the environment necessary for the operation of its
processes and to achieve conformity of products and services.

NOTE A suitable environment can be a combination of human and physical factors, such as:

a) social (e.g. non-discriminatory, calm, non-confrontational);

b) psychological (e.g., reducing stress, preventing burnout, emotionally protective);
c) physical (e.g. temperature, heat, humidity, light, air flow, hygiene, noise).

These factors may differ substantially depending on the products and services provided.

NOTE: Where third-party certification to ISO 45001 (or equivalent) is recognized, it may be used to demonstrate the
organization's compliance with the personal safety aspects of this requirement.

7.1.4.1 Environment for the operation of processes - supplementary

The organization must maintain its facilities in a state of order, cleanliness and repair that is consistent with the needs of
the product and manufacturing process.

7.1.5 Monitoring and measurement of resources

1st Edition
October 1, 2016
13| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
7.1.5.1 General
ISO 9001:2015 requirements.
The organization shall determine and provide the resources necessary to ensure valid and reliable results when
monitoring or measurement is used to verify the conformity of products and services to needs.

The organization must ensure that the resources provided:

a) are suitable for the specific type of monitoring and measurement activities being carried out;
b) They are maintained to ensure their continued fitness for purpose.
The organization must retain appropriate and documented information as evidence of proficiency for the use of
monitoring and measurement resources.

analysis 7.1.5.1.1 Measurement systems

Statistical studies will be conducted to analyze the variation present in the results of each type of inspection, measurement,
and test equipment system identified in the control plan. The criteria of the analytical and acceptance methods used will
conform to those of the reference manuals in the analysis of measurement systems. Other analytical methods and
acceptance criteria may be used if approved by the client.

Records of the customer's acceptance of alternative methods will be retained along with the results of the analysis of the
alternative measurement systems (see Section 9.1.1.1).

NOTE: Prioritization of MSA studies should focus on critical or special product or process characteristics.

7.1.5.2 traceability of measurements

ISO 9001:2015 requirements.
Where traceability of measurements is a requirement, or is considered by the organization to be an essential part of
providing confidence in the validity of measurement results, measurement equipment shall be as follows:
standards a) be calibrated or verified, or both, at specified intervals, or before use, against measurements traceable
to national or international measurement standards; When such standards do not exist, the basis used for
calibration or verification is entered as documentation information;
b) identified for the purpose of determining its status;
c) Protect against adjustments, damage or deterioration that would invalidate the calibration status and
subsequent measurement results.

The organization shall determine whether the validity of previous measurement results has been adversely affected
when measurement equipment is found to be unfit for its intended purpose, and shall take appropriate action as
necessary.

NOTE: A number or other identifier traceable to the device calibration record meets the intent of the requirements of ISO
9001:2015.

7.1.5.2.1 Calibration/verification logs

The organization must have a documented process for managing calibration/verification records. Records of
calibration/verification activity for all gauges and measurement and test equipment (including employee-owned equipment
relevant to the measurement, customer-owned equipment, or on-site supplier-owned equipment ) required to provide
evidence of compliance with internal requirements, legislative and regulatory requirements, and customer-defined
requirements will be retained.

The organization shall ensure that calibration/verification and recording activities will include the following details:
a) revisions following engineering changes that impact measurement systems;
b) any out of specification readings as received for calibration/verification;
c) an assessment of the risk that the intended use of the product caused by the condition would be out of
specification;

1st Edition
October 1, 2016
14| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
d) When a piece of measurement inspection and test equipment is found out of calibration or defective during its
planned verification or calibration or during its use, documented information on the validity of previous
measurement results obtained with this piece of measurement inspection and test equipment test will be
retained, including the date of the last calibration of the associated standard and the next due date in the
calibration report;
e) notification to the customer if the suspicious product or material has been shipped;
f) statements of conformity with specifications after calibration/verification;
g) verifying that the version of software used for the product and process control is as specified;
h) records of calibration and maintenance activities for all measurements (including employee-owned equipment,
customer-owned equipment, or on-site supplier-owned equipment);
i) verification of production-related software used for product and process control (including software installed
on employee-owned equipment, customer-owned equipment, or on-site supplier-owned equipment).

7.1.5.3 laboratory requirements

7.1.5.3.1 internal laboratory

An organization's internal laboratory facilities must have a defined scope that includes its ability to perform necessary
inspection, testing, or calibration services. This laboratory scope must be included in the quality management system
documentation. The laboratory must specify and apply, at a minimum, the requirements for:

a) adequacy of laboratory technical procedures;

b) competence of laboratory personnel;
c) product testing;
d) ability to perform these services correctly, traceable to the corresponding process standard (e.g., ASTM, EN,
etc.); When a national or international standard(s) is available, the organization must define and implement a
methodology to verify the capability of the measurement system;
e) the customer's requirements, if any;
f) review of related records.

NOTE: Third party ISO/IEC 17025 (or equivalent) accreditation may be used to demonstrate the organization's internal
laboratory conformity to this requirement.

7.1.5.3.2 outside laboratory

External/commercial/independent laboratory facilities used for inspection, testing or calibration services by the
organization must have a defined laboratory scope that includes the ability to perform the required inspection, test or
calibration, and either:
- The laboratory must be accredited with ISO/IEC 17025 or national equivalent and includes the

inspection, test or calibration service relevant to the scope of accreditation (certificate); The calibration certificate
or test report must include the mark of a national accreditation body; either

- there is evidence that the external laboratory is acceptable to the client.

NOTE: Such evidence may be demonstrated by client assessment, for example, or by client-approved second-party
assessment that the laboratory meets the purpose of ISO/IEC 17025 or national equivalent. The second-party evaluation
may be performed by the organization evaluating the laboratory using a method approved by the evaluation client.

Calibration services can be performed by the equipment manufacturer when a qualified laboratory is not available for a
particular piece of equipment. In such cases, the organization must ensure that the requirements listed in section 7.1.5.3.1
are met.

Use of calibration services, except by qualified personnel (or customer) accepted laboratories, may be subject to
government regulatory confirmation, if necessary.

1st Edition
October 1, 2016
15| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
7.1.6 knowledge of the organization
ISO 9001:2015 requirements.
The organization must determine the knowledge necessary to operate its processes and achieve conformity of
products and services.

This knowledge will be maintained and made available as necessary.

When addressing changing needs and trends, the organization must consider its current knowledge and determine
how to acquire or access any necessary additional knowledge and necessary updates.

NOTE 1 Organizational knowledge is organization-specific knowledge; Generally, experience is gained. It is the information that
is used and shared to achieve the organization's objectives.

NOTE 2 Organizational knowledge can be based on:

a) internal sources (e.g., intellectual property, knowledge derived from experience; lessons learned from failures and
successful projects; capturing and sharing undocumented knowledge and experiences; results of improvements in processes,
products and services);
b) external sources (e.g. standards; academics; conferences; ROM clients gathering knowledge fo external providers).

7.2 Competence
ISO 9001:2015 requirements.
The organization must:
a) determine the necessary competence of the person(s) doing the work under their control that affects the
performance and effectiveness of the quality management system;
b) ensure that such persons are competent on a basis of education, training or experience;
c) where appropriate, take actions to acquire the necessary competence, and evaluate the effectiveness of the
actions taken;
d) retain appropriate and documented information as evidence of competence.

NOTE Applicable actions may include, for example, offering training to mentoring, or reassigning people currently working; or
the hiring or hiring of competent people.

7.2.1 Competition - supplemental

The organization shall establish and maintain a documented process(es) for identifying training needs that include
awareness (see Section 7.3.1) and achieving competency for all personnel performing activities that affect compliance.
with product and process requirements. Personnel performing specific assigned tasks must be qualified, as required, with
special attention to meeting customer needs.

7.2.2 Competition - in the workplace

The organization must provide on-the-job training (which shall include customer training requirements) for personnel in
new or modified responsibilities that affect compliance with quality requirements, internal requirements, regulatory or
legal requirements. ; This will include contracted or agency staff. The level of detail required for on-the-job training should
be commensurate with the level of education the staff possess and the complexity of the task(s) required to carry out their
daily work. People whose work may affect quality must be informed about the consequences of nonconformity to customer
requirements.

7.2.3 internal auditor competencies

The organization must have a documented process(es) to verify that internal auditors are competent, taking into account
specific client requirements. For additional guidance on auditor competencies, refer to ISO 19011. The organization must
maintain a list of qualified internal auditors.

Management system quality auditors, manufacturing process auditors, and product auditors will all be able to demonstrate
the following minimum competencies:
a) understanding of the automotive process-based approach to auditing, including risk-based thinking;

1st Edition
October 1, 2016
16| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
b) understanding of applicable customer-specific requirements;
c) understanding of applicable ISO 9001 and IATF 16949 requirements related to the scope of the audit;
d) understanding of applicable basic tool requirements related to the scope of the audit; e) understanding how to
plan, direct, report and close audit findings.

Additionally, manufacturing process auditors must demonstrate technical understanding of the relevant manufacturing
process(es) to be audited, including process risk analysis (such as PFMEA) and control plan. Product auditors shall
demonstrate competency in understanding product requirements and using corresponding measurement and test equipment
to verify product conformity.

When training is provided to achieve competency, documented information will be retained to demonstrate the trainer's
competency with the above requirements.

Maintenance and improvement of the internal auditor's competence must be demonstrated by:
f) the execution of a minimum number of audits per year, as defined by the organization; and
g) maintain knowledge of relevant requirements based on internal changes (e.g., process technology, product
technology) and external changes (e.g., ISO 9001, IATF 16949, core tools, and customer specific
requirements).

7.2.4 second party competition auditor

The organization must demonstrate the competence of the auditors who carry out second-party audits. Second-party
auditors must meet specific client requirements for auditor qualification and demonstrate a minimum of the following core
competencies, including an understanding of:
a) the automotive process-based approach to auditing, including risk-based thinking;
b) customer and organization specific requirements;
c) applicable ISO 9001 and IATF 16949 requirements related to the scope of the audit;
d) applicable manufacturing process(es) to be audited, including PFMEA and control plan;
e) applicable core tool requirements related to the scope of the audit;
f) how to plan, direct, prepare audit reports, and close audit findings.

7.3 Awareness
ISO 9001:2015 requirements

The organization must ensure that people performing work under the control of the organization are aware of:
a) the quality policy;
b) the relevant quality objectives;
c) its contribution to the effectiveness of the quality management system, including the benefits of improved
performance;
d) the consequences of not meeting the requirements of the quality management system.

7.3.1 Awareness - supplemental

The organization shall maintain documented information that demonstrates that all employees are aware of their impact on
product quality and the importance of their activities to achieve, maintain and improve quality, including customer
requirements and the risks involved for the product. customer with the non-conforming product.

7.3.2 employee motivation and empowerment

The organization must maintain a documented process(es) to motivate employees to achieve quality objectives, to make
continuous improvements, and to create an environment that promotes innovation. The process will include the promotion
of quality and technological knowledge throughout the organization.

7.4 Communication
ISO 9001:2015 requirements
The organization shall determine internal and external communications relevant to the quality management
system, including:

1st Edition
October 1, 2016
17| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
a) in what will be communicated;
b) when to communicate;
c) with which to communicate;
d) the way of communicating;
e) that communicates.

7.5 documented information

7.5.1 General
ISO 9001:2015 requirements.
The organization's quality management system must include:
a) the information required by this international standard documented;
b) documented information determined by the organization as necessary for the effectiveness of the quality
management system.

NOTE The scope of information documented for a quality management system may differ from one organization to another due
to:

- the size of the organization and its type of activities, processes, products and services;
- the complexity of the processes and their interactions;
- the competence of people.

7.5.1.1 Documentation of the quality management system

The organization's quality management system must be documented and includes a quality manual, which can be a series
of documents (electronic or paper).

The format and structure of the quality manual is at the discretion of the organization and will depend on the organization's
size, culture, and complexity. If a series of documents is used, then a list will be retained of the documents that make up the
organization's quality manual.

The quality manual must include, at a minimum, the following:

a) the scope of the quality management system, including the details and justification for any exclusions;
b) documented processes established for the quality management system, or reference to them;
c) organizational processes and their sequence and interactions (inputs and outputs), including the type and
degree of control of any outsourced processes;
d) a document (i.e. matrix) that indicates where within the organization's quality management system its specific
customer requirements are addressed.

NOTE: A matrix of how the requirements of this Automotive QMS standard are addressed by organizational processes can
be used to assist with linking organizational processes and this Automotive QMS.

7.5.2 Create and update

ISO 9001:2015 requirements
When creating and updating documented information, the organization must ensure appropriate:

a) identification and description (for example, a title, date, author, or reference number);
b) format (e.g., language, software version, graphics) and media (e.g., paper, electronic);
1st Edition
October 1, 2016
18| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
c) the review and approval of suitability and adequacy.
7.5.3 Control of documented information

7.5.3.1 and 7.5.3.2

ISO 9001:2015 requirements.
7.5.3.1 Documented information required by the quality management system and by this International
Standard must be controlled to ensure:

a) is available and suitable for use, where and when needed;

b) that is adequately protected (for example, from loss of confidentiality, misuse or loss of integrity).

7.5.3.2 To control documented information, the organization must respond to the following activities, as
appropriate:

a) distribution, access, retrieval and use;

b) storage and preservation, including preservation of legibility;
c) change control (e.g. version control);
d) retention and disposition.

Documented information of external origin that the organization determines is necessary for the planning and
operation of the quality management system must be identified as appropriate and controlled. Documented
information retained as proof of compliance will be protected from unwanted alterations.

NOTE Access may involve a decision regarding authorization to view only the documented information, or permission and
authority to view and change the documented information.

7.5.3.2.1 Records Retention

The organization must define, document and implement a records retention policy. Control of records must comply with
legal, regulatory, organizational, and customer requirements.

Production part approvals, tooling records (including maintenance and ownership), process, product and design records,
purchase orders (if applicable), or contracts and clauses will be retained for the period of time the product is asset for
production and service needs, in addition to one calendar year, unless otherwise specified by the client or regulatory
agency.

NOTE: Documented production part approval information may include approved product, applicable test equipment
records, or approved test data.

7.5.3.2.2 Technical specifications

The organization shall have a documented process that describes the review, distribution and application of all customer
engineering standards/specifications and related revisions based on customer schedules, as necessary.

When an engineering standard/specification change results in a product design change, refer to the requirements in ISO
9001, Section 8.3.6. When an engineering standard/specification change results in a product realization process change,
refer to the requirements in Section 8.5.6.1. The organization must maintain a record of the date each change is
implemented in production. If applicable, updated documents must be included.

Review must be completed within 10 business days of receipt of notification of engineering standards/specifications
changes.

NOTE: A change to these standards/specifications may require an updated customer production parts approval record when
these specifications are referenced in the design record or if they affect the production parts approval process documents,
such as such as the control plan, risk analysis (such as FMEAs), etc.

1st Edition
October 1, 2016
19| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
8 Operation

8.1 operational planning and control

ISO 9001:2015 requirements.
The organization must plan, execute and control the processes (see 4.4 ) necessary to meet the requirements for the
supply of products and services, and to implement the actions determined in clause 6 , by:

a) determining requirements for products and services;

b) establishing criteria for:
1) the processes;
2) acceptance of products and services;

c) determining the resources necessary to achieve conformity with product and service requirements;
d) the application of process control in accordance with the criteria;
e) determine, maintain and retain documented information to the extent necessary:
1) have confidence that processes have been carried out as planned;
2) to demonstrate the conformity of products and services to your needs.

The result of this planning must be appropriate for the operations of the organization.
The organization shall monitor planned changes and review the consequences of undesired changes, taking action
to mitigate adverse effects as necessary.

The organization must ensure that outsourced processes are controlled (see 8.4 ).

8.1.1 Operational planning and control - supplementary

When planning the realization of the product, the following topics will be included:
a) customer product requirements and technical specifications;
b) logistics requirements;
c) manufacturing feasibility;
d) project planning (see ISO 9001, Section 8.3.2);
e) criteria of acceptance.

The resources identified in ISO 9001, Section 8.1 c), refer to the required verification, validation, monitoring,
measurement, inspection, and testing activities specific to the product and the criteria for product acceptance.

8.1.2 confidentiality
The organization must ensure the confidentiality of the products and projects contracted by the client in the development
phase, including information related to the product.

8.2 Requirements for products and services

8.2.1
Communication with the customer
ISO 9001:2015 requirements.
Communication with clients should include:

a) provide information relating to products and services;

b) treatment of claims, contracts or orders, including changes;
c) obtain customer feedback on products and services, including customer complaints;
d) tampering with or controlling client property;
e) establish specific requirements for contingency actions, when relevant.

1st Edition
October 1, 2016
20| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
8.2.1.1 Communication with the client - supplementary
Written or verbal communication must be in the language agreed with the client. The organization must have the ability to
communicate necessary information, including data in a customer-specified programming language and format (e.g.,
computer-aided design data, electronic data interchange).

8.2.2
Determining requirements for products and services
ISO 9001:2015 requirements.
When determining requirements for products and services to be offered to customers, the organization must ensure
that:

a) Requirements for products and services are defined, including:

1) applicable legal and regulatory requirements;
2) those considered necessary by the organization;
b) The organization can satisfy claims for the products and services it offers.

c) 2.2.1 Determination of requirements for products and services - supplementary

These requirements shall include recycling, environmental impact, and characteristics identified as a result of the
organization's knowledge of production and manufacturing processes.

Compliance with ISO 9001, Section 8.2.2 a) 1), shall include, but not be limited to the following: all applicable public,
safety and environmental regulations related to the acquisition, storage, handling, recycling, the removal, or removal of
material.

8.2.3 Review of requirements for products and services

8.2.3.1
ISO 9001:2015 requirements.
8.2.3.1 The organization must ensure that it has the ability to meet the requirements for the products and
services offered to customers. The organization must carry out a review before committing to supply products and
services to a customer, including:
a) requirements specified by the customer, including requirements for delivery and post-delivery activities;
b) requirements not established by the customer, but necessary for the specified or intended use, when known;
c) requirements specified by the organization;
d) the legal and regulatory requirements applicable to the products and services;
e) the requirements of the contract or order that differ from those previously expressed.

The organization must ensure that contract or order requirements that differ from those previously defined are
resolved.

The customer's needs must be confirmed by the organization before acceptance, when the customer does not
provide a documented statement of its requirements.
NOTE In some situations, such as Internet sales, a formal review is impractical for each order. On the other hand the
Review may cover relevant product information, such as catalogs.

8.2.3.1.1 Review of requirements for products and services - supplemental

The organization shall retain documented evidence of a customer-authorized waiver of the requirements set forth in ISO
9001, Section 8.2.3.1, for formal review.

8.2.3.1.2 special features designated by customer

The organization must conform to the client's needs for the designation, approval documentation and control of special
features.

1st Edition
October 1, 2016
21| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
8.2.3.1.3 Manufacturing Feasibility Organization
The organization shall use a multidisciplinary approach to conduct an analysis to determine whether it is feasible that the
organization's manufacturing processes are capable of consistently producing product that meets all engineering and
capability requirements specified by the customer. The organization must carry out this feasibility analysis for the
manufacture of any product or technology new to the organization and for any manufacturing process or product design
changed.

Additionally, the organization must validate through production runs, benchmarking studies, or other appropriate methods,
its ability to make the product to specifications at the required speed.

8.2.3.2
ISO 9001:2015 requirements.
8.2.3.2 The organization will retain documented information, as appropriate:
a) in the results of the review;
b) any new requirements for products and services.

8.2.4 Changes in requirements for products and services

ISO 9001:2015 requirements
8.2.3.2 The organization will retain documented information, as appropriate:
a) in the results of the review;
b) any new requirements for products and services.

8.3 Design and development of products and services

8.3.1 General
ISO 9001:2015 requirements.
The organization must establish, implement and maintain a design and development process that is adequate to
ensure the subsequent delivery of products and services.

8.3.1.1 Design and development of products and services - supplementary

The requirements of ISO 9001, Section 8.3.1, will apply to product and manufacturing design and development processes
and will focus on error prevention rather than detection.

The organization must document the design and development process.

8.3.2 Development design and planning

ISO 9001:2015 requirements.
In determining the stages and controls for design and development, the organization must consider:
a) the nature, duration and complexity of design and development activities;
b) the required procedural steps, including design and development of applicable comments;
c) the necessary design and development and validation verification activities;
d) the responsibilities and authorities involved in the design and development process;
e) the internal and external resources needed for the design and development of products and services;
f) the need to control the interfaces between the people involved in the design and development process;
g) the need for customer and user participation in the design and development process;
h) the requirements for subsequent supply of products and services;
i) the level of control intended for the design and development process by customers and other relevant
stakeholders;
j) the documented information necessary to demonstrate that the development requirements have been met.

1st Edition
October 1, 2016
22| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
8.3.2.1 Development design and planning - supplemental
The organization must ensure that the design and development planning includes all affected stakeholders within the
organization and, where applicable, its supply chain. Examples of areas for using such a multidisciplinary approach include
but are not limited to the following:
a) project management (e.g. APQP or VDA-RGA);
b) of product manufacturing process and design activities (e.g. DFM and DFA), such as examining the use of
alternative designs and manufacturing processes;
c) design risk analysis (FMEA) product development and review, including measures to reduce potential risks;

d) Development and review of manufacturing process risk analyzes (e.g., FMEAs, process flows, control plans,
and standard work instructions).
NOTE: A multidisciplinary approach typically includes organization design, manufacturing, engineering, quality,
production, purchasing, suppliers, maintenance, and other appropriate functions.
8.3.2.2 product design skills
The organization shall ensure that personnel responsible for product design are competent to achieve the design
requirements and are experts in applicable product design tools and techniques. Applicable tools and techniques will be
identified by the organization.
NOTE: An example of product design capabilities is the application of digitized mathematical-based data.
8.3.2.3 Development of embedded software products
The organization must use a quality assurance process for its products with integrated software developed internally. A
software development evaluation methodology is used to evaluate the organization's software development process. Using
prioritization based on risk and potential impact to the customer, the organization should retain documented information
from a self-assessment of software development capability.
The organization must include software development within the scope of its internal audit program (see Section 9.2.2.1).
8.3.3 Design and development of inputs
ISO 9001:2015 requirements.
The organization shall determine the essential requirements for the specific types of products and services to be
designed and developed. The organization must take into account:
a) functional and performance requirements;
b) information derived from previous similar design and development activities;
c) legal and regulatory requirements;
d) the standards or codes of practice that the organization is committed to putting into practice;
e) the possible consequences of a failure due to the nature of the products and services.
Entries must be suitable for the purposes of design and development, complete and accurate.
Divergent design and development inputs must be resolved.
The organization will maintain documented information on design and development inputs.

8.3.3.1 input for product design

The organization shall identify, document, and review product design input requirements as a result of the contract review.
Product design input requirements include but are not limited to the following:
a) product specifications including, but not limited to, special features (see Section 8.3.3.3);
b) boundary and interface requirements;
c) identification, traceability, and packaging;
d) consideration of design alternatives;
e) risk assessment with input requirements and the organization's ability to mitigate/manage risks, including from
feasibility analysis;
f) objectives for compliance with requirements, including preservation, reliability, durability, maintainability,
health, safety, environment, development time and cost;
g) applicable legal and regulatory requirements of the country identified in the destination customer, if any;
h) embedded software requirements.

1st Edition
October 1, 2016
23| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
The organization must have a process to deploy information obtained from previous design projects, competitive product
analysis (benchmarking), feedback, internal supplier input, field data and other sources relevant to current and future
projects. similar nature.
NOTE: One approach to considering design alternatives is the use of compensation curves.
8.3.3.2 Manufacturing process input for design
The organization shall identify, document and review the input requirements of the manufacturing process design,
including but not limited to the following:

a) Design output product data including special features;

b) productivity, process capacity, time and cost objectives;
c) manufacturing of technological alternatives;
d) the client's needs, if applicable,
e) the experience of previous developments;
f) New Materials;
g) product handling and ergonomic requirements; and
h) design for manufacturing and design for assembly.

Manufacturing process design involves the use of error detection methods to a degree appropriate to the magnitude of the
problem(s) and commensurate with the risks encountered.

8.3.3.3 Special features

The organization must use a multidisciplinary approach to establish, document and implement its process(es) to identify
special characteristics, including those determined by the client and the risk analysis performed by the organization, and
will include the following:
a) documentation of all special features on drawings (as required), risk analysis (such as FMEA), control plans,
and standard work/operator instructions; Special features are identified with specific markings and cascaded
through each of these documents;
b) development of control and monitoring strategies for the special characteristics of products and production
processes;
c) approvals specified by the client, when necessary;
d) compliance with the definitions specified by the customer and the organization's symbols or equivalent
symbols or notations, as defined in a symbol conversion table. The symbol conversion table will be presented
to the client, if necessary.

8.3.4 Design and development of controls

ISO 9001:2015 requirements
The organization shall apply controls to the design and development process to ensure that:
a) the results pursued are defined;
b) Examinations are carried out to evaluate the ability of design and development results to meet requirements;
c) verification activities are carried out to ensure that the design and development results meet the input
requirements;
d) Validation activities are carried out to ensure that the resulting products and services meet the requirements
for the specified application or intended use;
e) any necessary actions to be taken on problems identified during reviews, or verification and validation
activities;
f) Documented information from these activities is preserved.
NOTE Design and development reviews, verification and validation have different purposes. They can be carried out separately
or in any combination, which is appropriate for the organization's products and services.

8.3.4.1 Surveillance
Measurements made at specific stages during the design and development of products and processes will be defined,
analyzed and reported with summary of the results as an input to management review (see Section 9.3.2.1).

1st Edition
October 1, 2016
24| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
When required by the client, measurements of product and process development activity will be communicated to the
client at stages specified, or agreed upon, by the client.

NOTE: Where appropriate, these measurements may include quality risks, costs, lead times, critical paths and other
measurements.

8.3.4.2 Validation design and development

Design and development validation will be carried out in accordance with customer requirements, including any applicable
industry and government regulatory agency issued standards. The moment of validation of the design and development will
be determined in alignment with the time specified by the client, as the case may be.

When entering into a contractual agreement with the customer, this should include the evaluation of the interaction of the
organization's products, including embedded software, within the end customer's product system.

8.3.4.3 prototype program

When required by the client, the organization must have a prototype program and control plan. The organization should
use, whenever possible, the same suppliers, tools, and manufacturing processes as used in production.

All performance testing activities will be tracked for timely completion and compliance with requirements.

When services are outsourced, the organization must include the type and degree of control in the scope of its quality
management system to ensure that the outsourced services conform to requirements (see ISO 9001, Section 8.4).

8.3.4.4 product approval process

The organization must establish, implement and maintain a product manufacturing and approval process in accordance
with the requirements defined by the customer(s).

The organization must approve externally provided products and services per ISO 9001, Section 8.4.3, prior to submission
of its approval parts to the customer.

The organization must obtain approval of the described product before shipment, if required by the customer. Records of
said approval will be kept.

NOTE: Product approval must occur after verification of the manufacturing process.

8.3.5 From design and development

ISO 9001:2015 requirements
The organization must ensure that the results of design and development:

a) meet entry requirements;

b) are suitable for subsequent processes for the supply of products and services;
c) include or reference control and measurement requirements, as appropriate, and acceptance criteria;
d) specify the characteristics of the products and services that are essential for the intended purpose and their safe
and adequate supply.

The organization will retain documented information on the results of the design and development.

e) 3.5.1 Of the design and supplementary development -

The product design output will be expressed in terms that can be verified and validated against the product design input
requirements. Product design outcomes shall include, but are not limited to, the following, as applicable:

1st Edition
October 1, 2016
25| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
a) design risk analysis (FMEA);
b) reliability study results;
c) special product features;
d) design results from error detection products, such as DFSS, DFMA, and TLC;
e) product definition including 3D models, technical data packages, product manufacturing information, and
geometric dimensioning and tolerances (GD&T);
f) 2D drawings, product manufacturing information, and geometric dimensioning and tolerances (GD&T);
g) product design review results;
h) diagnostic guides service and repair instructions and ease of maintenance;
i) service parts requirements;
j) Packaging requirements for shipping.
NOTE: Interim design results should include any engineering issues that are resolved through an exchange process.
f) 3.5.2 Design production manufacturing process
The organization shall document the production of manufacturing process design in a manner that allows verification
against manufacturing process design inputs. The organization shall verify the outputs against the input requirements of the
manufacturing process design. The results of the design manufacturing process shall include, but are not limited to, the
following:
a) specifications and drawings;
b) special characteristics for product and manufacturing process;
c) identification of process input variables that impact characteristics;
d) tools and equipment for production and control, including equipment and process(es) capability studies;
e) manufacturing/design process flowcharts, including linking product, process, and tooling;
f) capacity analysis;
g) FMEA manufacturing process;
h) maintenance plans and instructions;
i) control plan (see Annex A);
j) of work and standard work instructions;
k) Criteria for approval of acceptance of the process;
l) data quality, reliability, maintainability, and measurability;
m) results of error-proof identification and verification, as appropriate;
n) methods for rapid detection, feedback and correction of product/manufacturing process non-conformities.
8.3.6 Design and development changes
ISO 9001:2015 requirements.
The organization shall identify, review and control changes made during, or after, the design and development of
products and services, to the extent necessary to ensure that there is no adverse impact on conformity with
requirements.
The organization will keep documented information in:
a) design and development changes;
b) the results of the reviews;
c) authorization of changes;
d) the measures adopted to prevent adverse impacts.
e) 3.6.1 Design changes and supplemental development -
The organization must evaluate all design changes subsequent to initial approval of the product, including those proposed
by the organization or its suppliers, for potential impact on fit, form, function, performance and/or durability. These
changes must be validated against customer requirements and approved internally, prior to production deployment.
If required by the customer, the organization must obtain documented approval, or a documented waiver, from the
customer prior to production deployment.
For products with embedded software, the organization must document the revision level of the software and hardware as
part of the change log.

1st Edition
October 1, 2016
26| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
8.4 Control of externally provided processes, products and services

8.4.1 General
ISO 9001:2015 requirements.
The organization must ensure that externally provided processes, products and services meet requirements.

The organization must determine the controls to apply to externally provided processes, products and services
when:

a) products and services from external suppliers are intended for incorporation into the organization's own
products and services;
b) products and services are provided directly to customer(s) by third-party providers on behalf of the
organization;
c) A process, or part of a process, is provided by an external provider as a result of a decision by the organization.

The organization must determine and apply criteria for the evaluation, selection, monitoring of results, and re-
evaluation of external suppliers, based on their ability to provide processes or products and services in accordance
with requirements. The organization must retain documented information on these activities and the necessary
actions derived from the evaluations.

8.4.1.1 General - supplementary

The organization shall include all products and services that affect customer requirements, such as sub-assembly,
sequencing, sorting, rework, and calibration services in the scope of its definition of externally provided products,
processes, and services.

8.4.1.2 supplier selection process

The organization must have a documented supplier selection process. The selection process will include:
a) a risk assessment of the selected supplier to product conformity and the organization's uninterrupted supply of
products to its customers;
b) relevant quality and delivery performance;
c) an evaluation of the supplier's quality management system;
d) multidisciplinary decision making; and
e) an assessment of software development capabilities, if applicable.

Other supplier selection criteria to consider include the following:

- automotive business volume (absolute and as a percentage of global activity);
- financial stability;
- purchase products, materials, or service complexity;
- required technology (product or process);
- adequacy of available resources (e.g. people, infrastructure);
- Capacity building and development (including project management);
- manufacturing capacity;
- change management process;
- business continuity planning (e.g., disaster preparedness, contingency planning);
- logistics process;
- customer service.

8.4.1.3 Customer-Directed Sources (also known as “Buy-Directed”)

When specified by the customer, the organization must purchase products, materials or services from sources directed by
the customer.

All requirements in Section 8.4 (except the requirements in IATF 16.949, Section 8.4.1.2) are applicable to the
organization's control of customer-directed sources unless specific arrangements are otherwise defined by the contract

1st Edition
October 1, 2016
27| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
between the organization. and the client.

8.4.2 Type and scope of control

ISO 9001:2015 requirements.
The organization must ensure that externally provided processes, products and services do not negatively affect the
organization's ability to consistently deliver products and services that fit its customers.

The organization must:

a) ensure that externally provided processes remain under the control of your quality management system;
b) define both the controls that you will apply to an external supplier and those that you propose to apply to the
resulting output;
c) take into consideration:
1) the potential impact of externally provided processes, products and services on the organization's ability
to consistently comply with customer and applicable legal and regulatory requirements;
2) the effectiveness of the controls applied by the third-party provider;
d) Determine verification, or other activities, necessary to ensure that externally provided processes, products and
services meet requirements.

8.4.2.1 Type and scope of control - supplementary

The organization must have a documented process to identify outsourced processes and to select the type and scope of
controls that are used to verify the conformity of externally supplied products, processes and services to the customer's
internal (organizational) and external requirements.
The process should include criteria and actions to escalate or reduce the types and scope of controls and development
activities based on supplier performance and risk assessment of the products, materials or services.

8.4.2.2 legal and regulatory requirements

The organization must document its process to ensure that it purchased products, processes and services in accordance with
the current legal and regulatory requirements applicable in the country of receipt, the country of shipment, and the country
identified in the destination customer, if provided.
If the customer defines special controls for certain products with legal and regulatory requirements, the organization must
ensure that they are implemented and maintained as defined, including by suppliers.

8.4.2.3 developing supplier quality management system

The organization shall require its suppliers of automotive products and services to develop, implement and improve an ISO
9001 certified quality management system, unless authorized by the customer [for example, point a) below], with the final
objective of obtaining certification of this SGC Automotive standard. Unless otherwise specified by the customer, the
following sequence must be applied to achieve this requirement:
a) compliance with the ISO 9001 standard through second-party audits;

b) ISO 9001 certification through third-party audits; Unless otherwise specified by the customer, the
organization's suppliers must demonstrate compliance with ISO 9001 by maintaining a third-party certification
issued by a certification body that bears the accreditation mark of an International Accreditation Agreement.
Multilateral Forum Recognition) recognized member IAF MLA and where the main scope of the accreditation
body includes the certification of the management system to the ISO / IEC 17021 standard;
c) ISO 9001 certification with compliance with other customer-defined QMS requirements (e.g. Minimum
Automotive Quality Management System Requirements for Sub-Tier Suppliers [MAMQMSR] or equivalent)
through second-party audits ;
d) certification of the ISO 9001 standard with compliance with ETI 16949 through second-party audits;
e) 16949 certification through third-party audits (valid third-party IATF 16949 supplier certification by an ETI-
recognized certification body).

1st Edition
October 1, 2016
28| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
8.4.2.3.1 software related to the automotive product or automotive products with the
embedded software
The organization shall require its supplier of software related to automotive products, or automotive products with
embedded software, to implement and maintain a software quality assurance process for its products.
A software development evaluation methodology is used to evaluate the vendor's software development process. Using
prioritization based on risk and potential impact to the customer, the organization will require the vendor to retain
documented information from a self-assessment of software development capability.
8.4.2.4 supplier monitoring
The organization must have a documented process and criteria for evaluating supplier performance in order to ensure
conformity of externally provided products, processes and services to the needs of internal and external customers.
At a minimum, the following supplier performance indicators will be controlled:
a) delivered the conformity of the product to the needs;
b) customer interruptions at the receiving center, including yard holding and vessel stopping;
c) delivery schedule performance;
d) number of high-quality loading occurrences.
If provided by the customer, the organization must also include the following, as appropriate, in its monitoring of supplier
performance:
e) special customer status notifications related to quality or delivery issues;
f) warranty dealer returns, field actions, and remember.
8.4.2.4.1 second party audits
The organization should include a second-party audit process in its approach to supplier management. Second-party audits
can be used to:
a) supplier risk assessment;
b) supplier monitoring;
c) QMS development provider;
d) product audits;
e) process audits.

Based on a risk analysis, including product safety/regulatory requirements, supplier performance, and QMS certification
level, at a minimum, the organization shall document criteria to determine the need, type, frequency and the scope of
second-party audits.

The organization will retain records of second-party audit reports.

If the scope of the second-party audit is to evaluate the supplier's quality management system, then the approach will be
consistent with the automotive process-based approach.
NOTE: Guidance can be found in the ETI and ISO 19011 Auditor Guide.
8.4.2.5 Supplier development
The organization shall determine the priority, type, scope, and timing of supplier development actions required for its
active supplier. Determination will be entries include but are not limited to the following:
a) performance issues identified through supplier monitoring (see Section 8.4.2.4);
b) second party audit results (see Section 8.4.2.4.1);
c) the status of the third-party quality certification management system;
d) risk analysis.

The organization must implement the necessary actions to resolve open (unsatisfactory) performance problems and take
advantage of opportunities for continuous improvement.

8.4.3 Information for external suppliers

ISO 9001:2015 requirements.

1st Edition
October 1, 2016
29| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
The organization must ensure the appropriateness of the requirements before communicating them to the external
supplier.

The organization will communicate to external suppliers for its requirements:

a) the processes, products and services to be provided;
b) the approval of:
1) products and services;
2) methods, processes and equipment;
3) the release of products and services;
c) competence, including any qualifications required of individuals;
d) the interactions of external suppliers with the organization;
e) control and monitoring of the performance of external suppliers to be applied by the organization;
f) The verification or validation activities that the organization, or its client, wants to carry out at the facilities of
external suppliers.

g) 4.3.1 Information for external suppliers - supplementary

The organization must transmit all applicable legal and regulatory requirements and special product and process
characteristics to its suppliers and require suppliers to cascade all applicable requirements to the end of the supply chain to
the point of manufacturing.

8.5 Production and service provision

8.5.1 Control of production and service

ISO 9001:2015 requirements.
The organization must implement production and service delivery under controlled conditions.

Controlled conditions should include, as appropriate:

a) the availability of documented information that defines:
1) the characteristics of the products to be produced, the services to be provided, or the activities to be
carried out;
2) the results to be achieved;
b) the availability and use of appropriate monitoring and measurement resources;
c) the execution of monitoring and measurement activities at appropriate stages to verify that the criteria for
control of processes or outputs, and acceptance criteria for products and services, have been met;
d) the use of appropriate infrastructure and environment for the operation of the processes;
e) the designation of competent persons, including any required qualifications;

f) the periodic validation and revalidation of the ability to achieve the intended results of the processes for the
production and provision of services, where the resulting output cannot be verified by subsequent monitoring or
measurement;
g) the application of measures to prevent human errors;
h) the release, delivery and post-delivery application.
NOTE: Adequate infrastructure includes appropriate manufacturing equipment required to ensure product compliance.
Resource tracking and measurement include the supervision and measurement equipment required to ensure effective
control of appropriate manufacturing processes.

8.5.1.1 Control plan

The organization shall develop control plans (in accordance with Annex A) at the system, subsystem, component, and/or
material level for the relevant manufacturing site and all products supplied, including those for material production
processes. in bulk, as well as parts. Family control plans are acceptable for bulk material and similar parts using a common
manufacturing process.

The organization must have a control plan for pre-release and production that shows linkage and incorporates information
from the design risk analysis (if provided by the client), process flow diagram, and analysis outputs. of manufacturing

1st Edition
October 1, 2016
30| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
process risks (such as FMEA).

The organization shall, if required by the customer, provide measurement and compliance data collected during the
execution of pre-release or production control plans. The organization must include in the control plan:
a) controls used to control the manufacturing process, including verification of work assemblies;
b) -off first/last part of the validation, as the case may be;
c) monitoring methods of control exercised over special characteristics (see Annex A) defined by the client and
the organization;
d) the information required by the client, if any;
e) specified reaction plan (see Annex A); When a non-conforming product is detected, the process becomes
unstable or statistically incapable.

The organization should review and update control plans as necessary for any of the following:
f) the organization determines that it has sold nonconforming products to the customer;
g) when any change occurs that affects product, manufacturing process, measurement, logistics, sources of
supply, production volume changes, or risk analysis (FMEA) (see Annex A);
h) following a customer complaint and the implementation of associated corrective measures, if applicable;
i) at a frequency established on the basis of a risk analysis.

If required by the customer, the organization must obtain customer approval after review or revision of the control plan.

8.5.1.2 standardized work - operator instructions and visual standards

The organization must ensure that the standard working documents are:
a) communicated and understood by the employees who are responsible for performing the work;
b) readable;
c) presented in the language(s) understood by the staff responsible for following them;
d) accessible for use in the designated work area(s).

Standardized work documents also include rules for operator safety.

8.5.1.3 Employment verification set-ups

The organization must:
a) Verify job set-ups when performed, such as an initial run of a job, a material change, or job change that
requires a new set-up;
b) maintain documented information for commissioning personnel;

c) use statistical verification methods, where appropriate;

d) perform part-last-off/first-off validation, as applicable; where the appropriate, first-off parts must be preserved
for comparison with the last-off parts; where the appropriate last-off parts must be preserved for comparison
with the first-off parts in subsequent executions;
e) Retain records of process approval and products following start-up and first-party shutdown/last-off
validations.

8.5.1.4 Verification after stop

The organization must define and implement the actions necessary to ensure compliance with product requirements after a
period of planned or unplanned production stoppage.

8.5.1.5 total productive maintenance

The organization must develop, implement and maintain a documented total productive maintenance system.

At a minimum, the system will include the following:

a) identification of process equipment necessary to produce products conforming to the required volume;
b) availability of spare parts for the equipment identified in part a);
c) provision of resources for machine, equipment and facility maintenance;
d) packaging and preservation of equipment, tools, and calibration;
1st Edition
October 1, 2016
31| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
e) applicable customer specific requirements;
f) documented maintenance objectives, for example: OEE (Overall Equipment Effectiveness), MTBF (mean time
between failures), and mean time to repair (mean time to repair), and preventive maintenance compliance
metrics. Performance of maintenance objectives shall form input for management review (see ISO 9001,
section 9.3);
g) Periodic review of objectives and maintenance plan and a documented action plan to address corrective actions
where objectives are not achieved;
h) use of preventive maintenance methods;
i) use of predictive maintenance methods, as applicable;
j) Periodic revision.

8.5.1.6 Management of Production and Manufacturing Tooling, Testing, Tooling and Inspection Equipment The
organization shall provide resources for tool and gauge design, manufacturing, and verification activities for production
materials and services and for bulk materials , according to the case.

The organization shall establish and implement a system for the management of production tools, whether owned by the
organization or the customer, including:
a) maintenance and repair of facilities and personnel;
b) storage and retrieval;
c) prepare;
d) tool change programs for perishable tools;
e) design modification documentation instrument, including level of product engineering change;
f) modification of the tool and revision of the documentation;
g) tool identification, such as serial or asset number; the state, such as production, repair or disposal; property;
and the location.

The organization shall verify that customer-owned tolls, manufacturing equipment, and test/inspection equipment are
permanently marked in a visible location so that the ownership and application of each item can be determined.

The organization must implement a system of tracking these activities if any work is outsourced.

8.5.1.7 production scheduling

The organization shall ensure that production is scheduled in order to satisfy customer orders/demands such as Just-In-
Time (JIT) and is supported by an information system that allows access to production information in the key stages of the
process and is end driven.

The organization shall include relevant information during production schedule planning, for example, customer orders,
supplying delivery performance, shared load capacity (multi-part station), operating time, delivery time, inventory level ,
preventive maintenance and calibration.

8.5.2 Identification and traceability

ISO 9001:2015 requirements.
The organization must use appropriate means to identify outputs when necessary to ensure conformity of products
and services.
The organization shall identify the status of outputs with respect to monitoring and measurement requirements
throughout production and service.
The organization shall control the unique identification of outputs where traceability is a requirement, and shall
retain the documented information necessary to enable traceability.
NOTE: Inspection and testing status is not indicated by product location in the production flow unless inherently obvious,
such as material transfer in an automated production process. Alternatives are permitted if the situation is clearly identified,
documented, and achieves the designated purpose.

1st Edition
October 1, 2016
32| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
8.5.2.1 Identification and traceability - supplementary
The purpose of traceability is to support clear start identification and stop points for product received by the customer or in
the field that may contain quality and/or safety-related nonconformities. Therefore, the organization must implement
identification and traceability processes as described below.

The organization must conduct an analysis of internal, customer, and regulatory traceability requirements for all
automotive products, including developing and documenting traceability plans, based on risk levels or severity of injury.
insufficiency of employees, clients and consumers. These plans must define the corresponding traceability systems,
processes and methods of product, process, and manufacturing location that:
a) allow the organization to identify non-compliant and/or suspicious product;
b) allow the organization to segregate non-compliant and/or suspicious product;
c) ensure the ability to satisfy customer and/or regulatory response time requirements;
d) ensure that documented information is retained in the medium (electronic, paper, archival) that allows the
organization to meet response time requirements;
e) ensure serialized identification of individual products, if specified by customer or regulatory standards;
f) Ensure identification and traceability requirements extend to externally provided products with
safety/regulatory features.

8.5.3 Goods belonging to clients or external suppliers

ISO 9001:2015 requirements.
The organization must take care of assets belonging to customers or external suppliers while they are under the
control of the organization or are being used by the organization.

The organization must identify, verify, protect and safeguard the property provided and customers of external
suppliers or for use or incorporation in products and services.

When the property of a client or external supplier is lost, damaged or otherwise deemed unsuitable for use, the
organization must inform the client or external supplier and retain documented information about what has
occurred.

NOTE A property of the customer or external supplier may include materials, components, tools and equipment, premises,
intellectual property and personal data.

8.5.4 Preservation
ISO 9001:2015 requirements.
The organization shall preserve outputs during production and service provision, to the extent necessary to ensure
conformity with requirements.

NOTE Preservation may include identification, handling, contamination control, packaging, storage, transmission or
transportation, and protection.

8.5.4.1 Preservation - supplemental

Preservation should include identification, handling, contamination control, packaging, storage, transmission or
transportation, and protection.

Preservation will apply to materials and components from external and/or internal suppliers from receipt through
processing, including transportation and until delivery to/acceptance by the customer.

In order to detect spoilage, the organization must evaluate at appropriate planned intervals the condition of product in the
warehouse, the storage location/type of container, and the storage environment.

The organization should use an inventory management system to optimize inventory turnover over time and ensure stock
rotation, such as “first in, first out” (FIFO).

The organization shall ensure that obsolete product is controlled in a manner similar to that of non-conforming products.

1st Edition
October 1, 2016
33| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
Organizations must comply with the preservation, packaging, transportation, and labeling requirements established by their
customers.

8.5.5 activities after delivery

ISO 9001:2015 requirements.
The organization must comply with the requirements for post-delivery activities associated with the products and
services.

When determining the scope of post-delivery activities required, the organization should consider:

a) legal and regulatory requirements;

b) the potential unintended consequences associated with its products and services;
c) the nature, use and intended life cycle of its products and services;
d) customer requirements;
e) customer feedback.

NOTE Post-delivery activities may include warranty actions, contractual obligations such as maintenance services, and
supplementary services such as recycling or disposal.

8.5.5.1 Service information feedback

The organization shall ensure that a process has been established for the communication of information on service issues to
material handling, manufacturing, logistics, engineering, and design activities, implemented and maintained.

NOTE 1: The intent of the addition of “service concerns” to this subclause is to ensure that the
organization is aware of nonconforming product(s) and material(s) that may be identified at the customer location or in the
field.

NOTE 2: “Service Concerns” should include the field failure test analysis results (see
Section 10.2.6) if applicable.

8.5.5.2 service contract with customer

When there is a service agreement with the client, the organization must:
a) verify that relevant service centers comply with applicable requirements;
b) verify the effectiveness of special purpose tools or measuring equipment;
c) Ensure that all service personnel are trained in applicable requirements.

8.5.6 Change control

ISO 9001:2015 requirements.
The organization shall review and control changes in production or service arrangements to the extent necessary to
ensure continued conformity with requirements.

The organization will retain documented information that describes the results of the review of the changes, the
person(s) authorizing the change, and any necessary actions resulting from the review.

8.5.6.1 Change control - supplementary

The organization must have a documented process to monitor and react to changes that impact the product making. The
effects of any changes, including changes caused by the organization, the customer, or any supplier, will be evaluated.
The organization must:
a) define verification and validation activities to ensure compliance with customer requirements;
b) validate changes before implementation;
c) document evidence of related risk analysis;
d) maintain verification and validation records.

Changes, including those made to suppliers, must require a production trial period for verification of changes (such as

1st Edition
October 1, 2016
34| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
changes to design phase, manufacturing location, or manufacturing process) to validate the impact of any changes on the
fabrication process.

When required by the client, the organization must:

e) will notify the customer of any planned product implementation changes following approval of the most recent
product;
f) obtain documented approval, prior to implementation of the change;
g) complete additional verification or identification requirements, such as running production testing and re-
validating the product.

8.5.6.1.1 temporary change of process controls

The organization shall identify, document, and maintain a list of process controls, including inspection, measurement,
testing, and error-proofing devices, which includes the primary process control and approved backup or alternative
methods.

The organization shall document the process that manages the use of alternative control methods. The organization shall
include in this process, based on risk analysis (such as FMEA), severity and internal approvals to be obtained prior to
production implementation of the alternative control method.

Before shipping product that was inspected or tested using the alternative method, if necessary, the organization must
obtain approval from the customer(s). The organization shall maintain and periodically review a list of approved alternative
process control methods that are referenced in the control plan.

Standard work instructions will be available for each alternative process control method. The organization should review
the operation of alternative process controls on a minimum daily basis to verify the application of the working standard
with the goal of returning to the standard process as defined in the control plan as soon as possible. Example methods
include but are not limited to the following:
a) daily quality focused audits (e.g., layered process audits, as appropriate);
b) daily leadership meetings.

Reboot verification is documented for a defined period based on severity and confirmation that all device features or error
checking process are effectively reinstated.

The organization must implement traceability of all product produced while alternative process control devices or
processes are being used (for example, verification and retention of first piece and last piece of each shift).

8.6 Launch of products and services

ISO 9001:2015 requirements.
The organization must implement what is planned, at the appropriate stages, to verify that the product and service
requirements have been met.

The release of products and services to the customer will not proceed until the planned arrangements have been
satisfactorily fulfilled, unless approved by a relevant authority and, where applicable, by the customer.

The organization will retain documented information on the release of products and services. Documented
information must include:

8.6.1 proof of compliance with acceptance criteria;

8.6.2 traceability to the person(s) authorizing the release.

8.6.1 Product and service launch - supplemental

The organization shall ensure that the arrangements to verify that product and service requirements have been met are
covered by the control plan and are documented as specified in the control plan (see Annex A).

The organization must ensure that the measures planned for the initial release of products and services cover product or
1st Edition
October 1, 2016
35| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
service approval.

The organization shall ensure that approval of the product or service is carried out after changes following initial release, in
accordance with ISO 9001, Section 8.5.6.

8.6.2 design inspection and functional testing

A design inspection and functional verification to applicable performance and customer engineering materials standards
will be performed for each product as specified in the control plans. The results must be available for client review.

NOTE 1: Layout inspection is the complete measurement of all dimensions of the product shown on the
design record(s).
NOTE 2: The design inspection frequency is determined by the customer.

8.6.3 appearance items

For parts organizations designated by the customer as manufacturing “appearance items,” the organization will provide the
following:
a) appropriate resources, including lighting, for evaluation;
b) galvanic for color, grain, luster, metallic sheen, texture, image clarity (DOI), and haptic technology, as appropriate;
c) maintenance and control of appearance standards and evaluation equipment;
d) verifying that personnel performing appearance assessments are competent and qualified to do so.

8.6.4 Verification and acceptance of conformity of externally provided products and services
The organization must have a process to ensure the quality of externally provided processes, products and services that use
one or more of the following methods:
a) receipt and evaluation of statistical data provided by the supplier for the organization;
b) receiving inspection and/or testing, such as performance-based sampling;
c) second-party or third-party evaluations or audits of supplier sites when combined with records of acceptable
delivered product conformance to requirements;
d) Evaluation by a designated laboratory;
e) another method agreed with the client.

8.6.5 legal and regulatory compliance

Prior to the release of externally supplied products into its production flow, the organization must confirm and be able to
provide evidence that the externally supplied processes, products and services comply with the latest legal, regulatory and
other requirements applicable in the countries in which they are manufactured and in the countries identified in the
destination customer, if provided.

8.6.6 Criteria of acceptance

The acceptance criteria will be defined by the organization and, where appropriate, approved or required by the client. For
attribute data sampling, the acceptance level will be zero defects (see Section 9.1.1.1).

8.7 Control of non-compliant outputs

8.7.1
ISO 9001:2015 requirements.
8.7.1 The organization must ensure that products that do not conform to its requirements are identified and
controlled to prevent their unintentional use or delivery.

The organization must take appropriate actions depending on the nature of the nonconformity and its effect on the
conformity of products and services. This will also apply to non-conforming products and services detected after
delivery of the products, during or after the provision of services.

The organization must deal with non-conforming products in one or more of the following ways:

1st Edition
October 1, 2016
36| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
a) the correction;
b) the segregation, containment, return or suspension of the supply of products and services;
c) To inform the client;
d) obtain authorization for acceptance under concession.
Compliance with requirements will be verified when non-compliant outputs are corrected.

8.7.1.1 the client's authorization for the concession

The organization must obtain a customer concession or deviation permit prior to further processing whenever the product
or manufacturing process is different from that which is currently approved.

The organization must obtain customer authorization prior to further processing for “as is” use and rework provisions of
nonconforming product. If subcomponents are reused in the manufacturing process, the sub-component reuse will be
clearly communicated to the customer in the allowance or deviation permit.

The organization must maintain a record of the expiration date or the quantity authorized under the concession regime. The
organization must also ensure compliance with the original or replacement specifications and requirements when the
authorization expires. The material sent under concession must be duly identified on each transport container (this also
applies to purchased products). The organization must approve any requests from suppliers before presenting them to the
customer.

8.7.1.2 Control of non-conforming product - process specified by the customer

The organization must comply with applicable customer-specified controls for the non-conforming product(s).

8.7.1.3 Control of reworked product

The organization must ensure that product not identified with the status or suspect is classified and controlled as non-
conforming product. The organization must ensure that all appropriate manufacturing personnel receive training for the
containment of suspect and non-conforming products.

8.7.1.4 Control of reworked product

The organization should use risk analysis (such as FMEA) methodology to assess risks in the rework process prior to the
decision to rework the product. If required by the customer, the organization must obtain customer approval before
beginning product resumption.

The organization shall have a documented process for confirmation of resumption in accordance with the control plan or
other relevant documented information to verify compliance with the original specifications.

Instructions for disassembly or rework, including re-inspection and traceability requirements, shall be accessible and used
by appropriate personnel.

The organization will maintain documented information on the disposition of reworked product including the quantity,
destination, date of disposition, and applicable traceability information.

8.7.1.5 Control of the repaired product

The organization must use risk analysis (such as FMEA) methodology to assess risks in the repair process prior to a
decision to repair the product. The organization must obtain customer approval before beginning product repair.

The organization shall have a documented process for confirmation of repair in accordance with the control plan or other
relevant documented information.

Instructions for disassembly or repair, including re-inspection and traceability requirements, shall be accessible and used
by appropriate personnel.

The organization must obtain a documented customer authorization for the grant for the product to be repaired.

The organization will maintain documented information on the disposition of repaired product including quantity,
1st Edition
October 1, 2016
37| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
destination, date of disposition, and applicable traceability information.

8.7.1.6 Customer notification

The organization must immediately notify the customer(s) in the event that non-conforming product has been shipped.
Initial communication was followed with detailed documentation of the event.

8.7.1.7 Disposal of non-conforming product

The organization must have a documented process for the disposal of nonconforming products not subject to modification
or repair. For product that does not meet the requirements, the organization must verify that the product to be scrapped
becomes unusable before disposal.

The organization must not divert non-compliant products for service or any other use without the customer's prior consent.

8.7.2
ISO 9001:2015 requirements.
8.7.2 The organization must retain documented information that:
a) describes the nonconformity;
b) describes the actions taken;
c) describes any concessions obtained;
d) The decision authority identifies the action with respect to the nonconformity.

9 Assessment of performance

9.1 monitoring, measurement, analysisand evaluation

9.1.1 General
ISO 9001:2015 requirements.
9.1.1 general
The organization must determine:
a) what needs to be monitored and measured;
b) the methods for monitoring, measurement, analysis and evaluation necessary to ensure valid results;
c) when monitoring and measurement will take place;
d) when the monitoring and measurement results were analyzed and evaluated.
The organization must evaluate the performance and effectiveness of the quality management system.
The organization must retain adequate and documented information as evidence of results.

9.1.1.1 Monitoring and measurement of manufacturing processes

The organization shall conduct process studies on all new manufacturing (including assembly or sequencing) processes to
verify process capability and to provide additional input for process control, including those for special characteristics.

NOTE: For some manufacturing processes, it may not be possible to demonstrate product compliance through process
capability. For those processes, alternative methods such as batching to specifications may be used.

The organization must maintain manufacturing process capability or performance results as specified by the customer's part
approval process requirements. The organization shall verify that the process flow diagram, PFMEA, and control plan are
implemented, including adherence to the following:
a) measurement techniques;
b) sampling plans;
c) criteria of acceptance;
d) records of actual measurement values and/or test results for variable data;
e) reaction plans and escalation process when acceptance criteria are not met.

Significant process events, such as tool change or machine repair, will be recorded and retained as documented

1st Edition
October 1, 2016
38| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
information.

The organization must initiate a reaction plan indicated in the control plan and evaluated for impact on compliance with
specifications for characteristics that are either not statistically capable or are unstable.

These reaction plans will include product containment and 100 percent inspection, as appropriate. A corrective action plan
shall be developed and implemented by the organization indicating specific actions, timelines and assigned responsibilities
to ensure that the process becomes stable and statistically capable. Plans will be reviewed and approved with the client,
when necessary.

The organization must maintain records of the effective dates of changes to the process.

9.1.1.2 Identification of statistical tools

The organization must determine the appropriate use of statistical tools. The organization shall verify that appropriate
statistical instruments are included as part of the advanced product quality planning (or equivalent) process and are
included in the design risk analysis (such as DFMEA) (where applicable), risk analysis process risk (such as PFMEA), and
the control plan.

9.1.1.3 The application of statistical concepts

Statistical concepts, such as variation, control (stability), process capacity, and over-fitting consequences, will be
understood and used by employees involved in the collection, analysis, and management of statistical data.

9.1.2 Customer satisfaction

ISO 9001:2015 requirements.
The organization must monitor customers' perceptions of the degree to which their needs and expectations have
been met. The organization must determine the procedures for obtaining, monitoring and reviewing this
information.

NOTE: Examples of monitoring customer perceptions may include customer surveys, customer feedback on products and
services delivered, customer meetings, market share analysis, kudos, warranties and merchant reports.

9.1.2.1 Customer satisfaction - supplemental

Customer satisfaction with the organization should be monitored through continuous evaluation of internal and external
performance indicators to ensure compliance with product and process specifications and other customer needs.

Performance indicators are based on objective evidence and include but are not limited to the following:
a) provided quality performance of parts;
b) customer interruptions;
c) field returns, remember, and the guarantee (if applicable);
d) delivery schedule performance (including premium cargo incidents);
e) Customer notifications related to quality or delivery issues, including special status.

The organization shall monitor the performance of manufacturing processes to demonstrate compliance with customer
requirements for product quality and process efficiency. Monitoring will include review of customer performance data,
including online customer portals and customer dashboards, where provided.

9.1.3 Analysis and evaluation

ISO 9001:2015 requirements.
The organization analyzes and evaluates data and information that arises from appropriate monitoring and
1st Edition
October 1, 2016
39| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
measurement.

The analysis results will be used to evaluate:

a) the conformity of products and services;

b) the degree of customer satisfaction;
c) the performance and effectiveness of the quality management system;
d) whether planning has been implemented effectively;
e) the effectiveness of measures taken to address risks and opportunities;
f) the performance of external suppliers;
g) the need for improvements in the quality management system.

Note Methods for data analysis may include statistical techniques.

9.1.3.1 prioritization
Trends in quality and performance of operations will be compared with progress toward objectives and lead to action to
support prioritization of actions to improve customer satisfaction.

9.2 Internal audit

9.2.1 And 9.2.2

ISO 9001:2015 requirements.
9.2.1 The organization shall conduct internal audits at planned intervals to provide information on whether the
quality management system:
a) fits:
1) the organization's own requirements for its quality management system;
2) the requirements of this international standard;
b) are applied and maintained effectively.

9.2.2 The organization must:

a) plan, establish, implement and maintain an audit program(s), including frequency, methods, responsibilities,
planning and reporting requirements, which will take into account the importance of the processes involved,
changes that affect the organization and the results of previous audits;
b) define the audit criteria and the scope of each audit;
c) selecting auditors and conducting audits to ensure the objectivity and impartiality of the audit process;
d) ensure that the results of audits are reported to the relevant administration;
e) have adequate correction and corrective actions without undue delay;
f) maintain documented information as evidence of the execution of the audit program and the results of the audit.

NOTE See ISO 19011 for guidance.

g) 2.2.1 Audi internal t program

The organization must have a documented internal audit process. The process should include the development and
implementation of an internal audit program that covers the entire quality management system, including quality
management system audits, manufacturing process audits, and product audits.

The audit program shall be prioritized based on risk, internal and external performance trends, and criticality of the
process(es).

When the organization is responsible for software development, the organization should include assessments of software
development capability in its internal audit program.

The frequency of audits should be reviewed and, where appropriate, adjusted based on the occurrence of process changes,

1st Edition
October 1, 2016
40| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
internal and external nonconformities, and/or customer complaints. The effectiveness of the audit program will be
reviewed as part of the management review.

h) 2.2.2 quality management system audit

The organization shall audit all quality management system processes for each three-year calendar period, according to an
annual schedule, using the process-based approach to verify compliance with this QMS Automotive Standard. Integrated
with these audits, the organization shall sample customer-specific quality management system requirements for effective
implementation.

i) 2.2.3 manufacturing process audit

The organization must audit all manufacturing processes throughout each three-calendar-year period to determine their
effectiveness and efficiency using specific customer-required approaches to process audits. When not defined by the client,
the organization must determine the method to use.

Within each individual audit plan, each manufacturing process will be audited on all shifts where it is produced, including
appropriate sampling of shift delivery.

The manufacturing process audit should include an audit of the effective application of the process risk analysis (such as
PFMEA), control plan, and associated documents.

j) 2.2.4 audit product

The organization shall audit products using customer-specific required approaches in the appropriate states of production
and delivery to verify conformance to specified requirements. When not defined by the client, the organization must define
the approach to be used.

9.3 Management review

9.3.1 General
ISO 9001:2015 requirements.
9.3.1 general
Top management should review the organization's quality management system, at planned intervals, to ensure its
continued suitability, adequacy, effectiveness and alignment with the organization's strategic direction.

9.3.1.1 Management Review - Supplemental

Management review will take place at least annually. The frequency of management review(s) will increase based on the
risk to meeting customer requirements as a result of internal or external changes affecting the quality management system
and related performance issues.

9.3.2
examine management data
ISO 9001:2015 requirements.
The management review should be planned and carried out taking into account:

a) the status of actions from previous management reviews;

b) changes in external and internal issues that are relevant to the quality management system;
c) information on the performance and effectiveness of the quality management system, including trends in:
1) customer satisfaction and feedback from relevant stakeholders;
2) the extent to which quality objectives have been met;
3) process performance and conformity of products and services;
4) nonconformities and corrective actions;

5) monitoring and measurement results;

6) audit results;
7) the performance of external suppliers;

1st Edition
October 1, 2016
41| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
d) the adequacy of resources;
e) the effectiveness of the measures taken to address risks and opportunities (see 6.1 );
f) improvement opportunities.

9.3.2.1 examine supplemental management data -

Entry for review will include:
a. cost of poor quality (cost of internal and external non-conformity);
b. measures of process effectiveness;
c. process efficiency measures;
d. product conformity;
e. Manufacturing feasibility assessments performed for changes to existing operations and for new facilities
or new products (see Section 7.1.3.1);
f. customer satisfaction (see ISO 9001, Section 9.1.2);
g. examination of results against maintenance objectives;
h. warranty performance (if applicable);
i. review of client dashboards (if applicable);
j. identification of potential field failures identified through risk analysis (such as FMEA);
k. Actual field failures and their impact on safety or the environment.

9.3.3 management review outputs

ISO 9001:2015 requirements.
Management review outputs should include decisions and actions related to:

a) improvement opportunities;
b) any need for changes to the quality management system;
c) resource needs.

The organization will retain documented information as evidence of the results of management reviews.

9.3.3.1 management review outputs - supplementary

Senior management must document and implement an action plan when customer performance objectives are not met.

10 Improvement

10.1 General
See ISO 9001:2015 Requirements.

The organization must determine and select improvement opportunities and implement necessary actions to meet
customer requirements and improve customer satisfaction.

These should include:

a) improving products and services to meet needs, as well as to address future needs and expectations;
b) correct, prevent or reduce unwanted effects;
c) improve the performance and effectiveness of the quality management system.

NOTE: Examples of improvement may include correction, corrective action, continuous improvement, advancement change,
innovation and reorganization.

10.2 Non-conformity and corrective actions

10.2.1 and 10.2.2

ISO 9001:2015 requirements.
10.2.1 When a nonconformity occurs, including any resulting from complaints, the organization must:

1st Edition
October 1, 2016
42| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
a) react to non-conformity and, where appropriate:
1) take measures to control and correct it;
2) deal with the consequences;
b) Evaluate the need to take measures to eliminate the cause(s) of the nonconformity, so that it does not occur
again or occur elsewhere, by:
1) review and analysis of non-conformity;
2) determine the causes of non-conformity;
3) determine whether similar nonconformities exist, or could potentially occur;
c) implement any necessary action;
d) examine the effectiveness of any corrective action taken;
e) update certain risks and opportunities during planning, if necessary;
f) make changes to the quality management system, if necessary.

Corrective actions must be appropriate to the effects of the nonconformities found.

10.2.2 The organization will retain documented information as evidence of:

a) the nature of the nonconformities and any subsequent action taken;

b) the results of any corrective action.

10.2.3 Problem solving

The organization must have a documented process(es) for problem resolution, including:
a. defined approaches to different types and dimensions of problems (e.g., new product development, current
manufacturing problems, field failures, audit findings);
b. containment, interim actions, and related activities necessary to control non-conforming outputs (see ISO 9001,
Section 8.7);
c. root cause analysis, methodology used, analysis and results;
d. implementation of systemic corrective actions, including consideration of the impact on similar processes and
products;
e. verification of the effectiveness of the corrective actions implemented;
f. reviewing and, if necessary, updating appropriate documented information (e.g., PFMEA, control plan).

When the customer has specific prescribed processes, tools, or systems for problem resolution, the organization must use
those processes, tools, or systems unless approved by the customer.

10.2.4 Test for error

The organization must have a documented process to determine the use of appropriate error testing methodologies. Details
of the method used will be documented in the process risk analysis (such as PFMEA) and test frequencies will be
documented in the control plan.

The process shall include testing of error detection devices for insufficiency or simulated failure. Records must be kept.
Challenge parts, when used, must be identified, controlled, verified, and calibrated where feasible. Failsafe device failures
must have a reaction plan.

10.2.5 warranty management systems

When the organization is required to provide warranty for its product(s), the organization must implement a warranty
management process. The organization must include in the process a method for analyzing part of assurance, including
NTF (no problems found). When specified by the customer, the organization must implement the required warranty
management process.

1st Edition
October 1, 2016
43| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
10.2.6 customer complaints and field testing analysis of insufficiency
The organization shall conduct analysis of customer complaints and field failures, including returned parts, and initiate
problem resolution and corrective actions to prevent recurrence.

Where requested by the customer, this should include analysis of the interaction of the organization's embedded software
product within the end customer's product system.

The organization must communicate the results of the tests/analysis to the customer and also within the organization.

10.3 Continuous improvement

ISO 9001:2015 requirements.
The organization must continually improve the suitability, adequacy and effectiveness of the quality management
system.

The organization must take into account the results of the analysis and evaluation, and the management review
outputs, to determine if there are needs or opportunities that can be addressed as part of continuous improvement.

10.3.1 Continuous improvement - supplementary

The organization must have a documented process for continuous improvement. The organization must include the
following in this process:
a) identification of the methodology used, objectives, measurement, effectiveness, and documented information;
b) a manufacturing process improvement action plan with emphasis on reducing process variation and waste;
c) risk analysis (such as FMEA).

NOTE: Continuous improvement is implemented once manufacturing processes are statistically capable and when product
characteristics are predictable and meet stable or customer requirements.

Annex A
(informative)

Clarification of the new structure, terminology and concepts

Structure A.1 and terminology

The clause structure (i.e. clause sequence) and some of the terms of this edition of this International Standard,
compared to the previous edition (ISO 9001:2008), have been changed to improve alignment with other standards.
management systems.

There is no requirement in this standard for its structure and terminology to be applied to the documented
information of an organization's quality management system.

The clause structure is intended to provide a coherent presentation of needs, rather than a template for
documenting an organization's policies, objectives and processes. The structure and content of the information
documented in relation to a quality management system can often be more relevant to its users if it relates to both
the processes operated by the organization and information maintained for other purposes.

There is no requirement for terms used by an organization to be superseded by terms used in this
International Standard to specify the requirements of the quality management system. Organizations may choose to
use terms that correspond to their operations (for example, using “records,” “documentation,” or “protocols”
instead of “documented information,” or “provider,” “partner,” or “seller.” instead of “external supplier”).
Table A.1 shows the main differences in terminology between this edition of this International Standard and the

1st Edition
October 1, 2016
44| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
previous edition.

Table A.1 - The main differences in terminology between the ISO 9001 standard: 2008 and ISO 9001:
2015
ESO 9001: ESO 9001:
Products Products and services
Exclusions used norteot
(Semi Noele A.5 for clarification of applicability)
Management representative
used norteot
(Sresponsibilities and authorities are
imilarasigned but no requirement for a
Documentation, quality manuals, procedures Document information
documented coughs, records
Woambiente rk Environment for the operation of the processes
Lunitoring and measuring equipment Lunitoring and measurement resources
Buy product Externally provides products and services
supplier external l supplier
Products and services A.2
ISO 9001:2008 used the term “product” to include all power classes. This edition of this International
Norma uses “products and services”. “Products and services” include all kinds of power (hardware, services,
software and processed materials).

The specific inclusion of “services” is intended to highlight the differences between products and services in the
application of some requirements. The characteristic of services is that at least part of the output is done at the
interface with the client. This means, for example, that compliance with requirements may not necessarily be
confirmed before service delivery.
In most cases, products and services are used together. Most outputs that organizations provide to customers, or
are supplied to them by external suppliers, include both products and services. For example, a tangible or intangible
product may have some associated service or a service may have some associated tangible or intangible product.

A.3 Understanding the needs and expectations of interested parties

Subclause 4.2 specifies the requirements for the organization to determine the interested parties that are relevant
to the quality management system and the interested party requirements.
However, 4.2 does not imply the extension of the quality management system requirements beyond the scope of
this International Standard. As indicated in the scope, this International Standard is applicable when an
organization needs to demonstrate its ability to consistently provide products and services that satisfy customer
and applicable legal and regulatory requirements, and aims to improve customer satisfaction.

There is no requirement in this standard for the organization to consider interested parties where it has been
decided that those parties are not relevant to its quality management system. It is for the organization to decide
whether a particular requirement from a relevant stakeholder is relevant to its quality management system.

risk-based thinking A.4

The concept of risk-based thinking has been implicit in previous editions of this International Standard, for
example, through requirements for planning, review and improvement. This standard specifies requirements for
the organization to understand its context (see 4.1 ) and determine risks as a basis for planning (see 6.1 ). This

1st Edition
October 1, 2016
45| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
represents the application of risk-based thinking to the planning and implementation of quality management
system processes (see 4.4 ) and will assist in determining the scope of documented information.

One of the main purposes of a quality management system is to act as a preventive tool. Consequently, this
International Standard does not have a separate clause or section on preventive action. The concept of preventive
action is expressed through the use of risk-based thinking in the formulation of quality management system
requirements.

The risk-based thinking applied in this standard has allowed some reduction of regulatory requirements and their
replacement with performance-based requirements. There is greater flexibility than in ISO 9001:2008 in the
requirements for processes, documented information and organizational responsibilities.

Although 6.1 specifies that the organization must plan actions to address risks, there is no requirement for formal
methods for risk management or a risk management process.

documented. Organizations may decide whether or not to develop a broader risk management methodology than
that required by this International Standard, for example, through the application of other guidance and standards.

Not all processes in a quality management system represent the same level of risk in terms of the organization's
ability to meet its objectives, and the effects of uncertainty are not the same for all organizations. As required by
6.1 , the organization is responsible for its application of risk-based thinking and the actions needed to address
risks, including whether or not to maintain documented information as evidence of its risk determination.

Applicability A.5
This International Standard does not refer to “exclusions” in relation to the applicability of its requirements to the
organization's quality management system. However, an organization may review the applicability of the
requirements due to the size or complexity of the organization, the management model it adopts, the range of the
organization's activities, and the nature of the risks and opportunities it encounters.

Requirements for applicability are addressed in 4.3 , which defines the conditions under which an organization may
decide that a requirement cannot be applied to any of the processes within the scope of its quality management
system. The organization can only decide that a requirement is not applicable if its decision will not result in failure
to achieve conformity of products and services.

Documented information A.6

As part of alignment with other management system standards, a common clause on “documented information” has
been adopted without significant change or addition (see 7.5 ). Where appropriate, text elsewhere in this
International Standard has been aligned with its requirements. Accordingly, “documented information” is used for
all documentation requirements.
The ISO 9001:2008 standard uses specific terminology such as “document” or “documented procedures”, “Quality
Manual” or “quality plan”, this edition of this standard defines the requirements for “maintaining documented
information”.

ISO 9001:2008 used the term “records” to refer to documents necessary to provide evidence
Under the requirements, this is now expressed as a requirement to “retain documented information.” The
organization is responsible for determining what documented information needs to be retained, the period of time
for which it is to be retained, and the means to be used for its retention.
The requirement to “maintain” documented information does not exclude the possibility that the organization may
also need to “maintain” the same documented information for a particular purpose, for example, to retain previous
versions of it.

When this standard refers to “information” rather than “documented information” (for example, in
4.1: “The organization must control and review information on these external and internal matters”), there is no
1st Edition
October 1, 2016
46| Page of 49
Automotive Quality Management ETI 16949:2016 standard system includes ISO9001:2015
requirement that this information must be documented. In such situations, the organization may decide whether it
is necessary or appropriate to keep the information documented.

Organizational knowledge A.7

In 7.1.6 , this standard refers to the need to determine and manage the knowledge maintained by the organization,
to guarantee the functioning of its processes and that it can achieve conformity of products and services.
Requirements on organizational knowledge were introduced for the purpose of: a) safeguarding the organization
from loss of knowledge, e.g.
- through staff rotation;

- inability to capture and share information;

b) encourage the organization of acquiring knowledge, e.g.
- learning from experience;
- tutorships;
- comparative evaluation.

A.8 Control of externally provided processes, products and services

All forms of externally provided processes, products and services are addressed in 8.4 . For example, if
through:
a) purchasing from a supplier;
b) an agreement with an associated company;
c) outsourcing processes to an external provider.
Outsourcing always has the essential characteristic of a service, since it will have at least one activity necessarily
performed at the interface between the provider and the organization.
The controls required for external sourcing can vary widely depending on the nature of the processes,
products and services. The organization can apply risk-based thinking to determine the type and extent
of the appropriate controls of certain external suppliers and externally provided processes, products
and services.

1st Edition
October 1, 2016
47| Page of 49