AMC2 21.A.139(d)(2)(ii) Production management system

CAA ORS9 Decision No. 40

VENDOR AND SUBCONTRACTOR ASSESSMENT, AUDIT, AND CONTROL — PRODUCTION ORGANISATION APPROVAL HOLDER THAT USES OTHER PARTIES SUPPLIER CERTIFICATION

(1) General

Other party supplier certification is a method whereby a supplier contracts an appropriately recognised or accredited party other party for the purpose of obtaining a certification from that other party. Certification indicates that the supplier has satisfactorily demonstrated that it meets the applicable standard on a continuing basis. Other party certification results in placing the supplier on the other party list of certified organisations, or in the supplier receiving a certificate identifying the requirements that have been met. Periodic follow-up evaluations are conducted by the other party to verify continued compliance with the requirements of the applicable standard.

The production organisation is required by 21point 21.A.139(d) to demonstrate that it has established and maintains a quality management element that enables the organisation to ensure that each item produced conforms to the applicable design data and is in a condition for safe operation. To discharge this responsibility, the quality management element should have, among other requirements, procedures to adequately carry out the assessment and surveillance of suppliers.

The assessment and surveillance of suppliers by the other party should be deemed to satisfy the requirements of point 21.A.139(d)(1)(ii) when the conditions of this AMC are satisfied. The assessment and surveillance of suppliers by other parties as part of supplier certification does not exempt the production organisation approval (POA) holder from its obligations under point 21.A.165. The supplier assessment and surveillance, corrective action and follow-up activity conducted at any of its supplier’s facilities may be performed by the other party.

The purpose of using another party cannot be to replace the assessment, audit and control of the POA holder. It is to allow an element (i.e. the assessment of the quality management element) to be delegated to another organisation under controlled conditions.

The use of suppliers that are certified by other parties in accordance with this AMC should be part of a production organisation quality management element.

(2) Intentionally left blank.

(3) Conditions and criteria for using supplier certification for the supplier assessment and surveillance

The POA holder should include the use of supplier certification for the supplier assessment and surveillance in the POA holder’s quality management element to demonstrate compliance with the applicable requirements of Part 21.
The procedures that are required for use of supplier certification for the supplier assessment and surveillance should be consistent with the other procedures of the POA holders’ quality management element.
The procedures of the POA holder that uses supplier certification for the supplier assessment and surveillance should include the following:
1. A listing of the other party that have certified or will certify suppliers and will conduct supplier assessment and surveillance or the scheme under which the accreditation of the other party is controlled. This listing should be maintained by the POA holder and made available to the CAA upon request.
2. A listing of the certified suppliers that are under surveillance by the other party and that are used by the POA holder. This listing should be maintained by the POA holder and made available to the CAA upon request.
3. The method used by the POA holder to evaluate and monitor the certification process of any other party certification body or other party certification scheme used. This applies not only to new suppliers, but also to any decision by the POA holder to rely on other party certification of current suppliers. The method should include the following as a minimum:
  1. verification that certification standards and checklists are acceptable and applied to the applicable scope;
  2. verification that the other party is appropriately qualified and has sufficient knowledge, experience and training to perform its allocated tasks;
  3. verification that the frequency with which the other party carries out surveillance of the suppliers is commensurate with the complexity of the product and with the surveillance frequency established by the POA holder’s suppliers control programme;
  4. verification that the surveillance of the suppliers is including on-site surveillance activities that are conducted on-site by the other party;
  5. verification that the surveillance report will be made available to the CAA upon request;
  6. verification that the other party continues to be recognised or accredited; and
  7. verification that the other party has access to the applicable proprietary data to the level of detail necessary to survey the suppliers’ functions.
  Where the POA holder uses the other party accredited by a signatory to the European cooperation for Accreditation (EA) Multilateral Agreement and works in accordance with an aviation standard (e.g. EN 9104 series of requirements) that describes the requirements for the other party certification, items (ii), (iv), and (v) should be deemed to be complied with.
4. A definition that states to what extent the other party will conduct supplier surveillance on behalf of the POA holder. If the other party partly replaces surveillance by the POA holder, the POA holder should identify the functions that will continue to be surveyed by the POA holder.
5. The procedures that ensure that the POA is aware of the loss of an existing certification.
6. The procedures that ensure that the POA holder is aware of any non-conformities and has access to detailed information on any non-conformities.
7. The procedures to evaluate the consequences of non-conformities and take appropriate actions.
The POA should make arrangements that allow the CAA to make investigations in accordance with point 21.A.8, to include other party activities.