Regulatory Open Forum

How we can rank some parts are critical and non critical?

I know, we need to use risk based approach as standard and regulations says.

Just take an example of nut and bolts or off shelves items.
As per my understanding, these items are critical as well like other parts let say frame of the chair
However, we are not doing inspection of these parts and thus ranked these parts suppliers as non critical.

We do inspection of such parts if we find issue during assembly of chairs.

Take an example of wheel chair which consist of almost 100 parts.
Do we need to go through every single part of wheelchair to decide which part/component is critical?

If that is case, we have thousands of parts for different models of chairs and it looks quite difficult.

Currently, i defined all parts which requires inspections are critical.
And in critical parts, some parts required stringent inspections and some doesn't based on the history of issues.
And sometimes we do inspection of off shelf items based on issues and thus my critical parts list always fluctuate. 

Experts, please give your opinion on this matter

Anon,

This is a "must do" exercise medical device manufacturers need to go through and there can be many different ways to do this.  It can be from having a couple check boxes on a component specification, an indicator in an ERP system, a separate list of "crucial components" or critical parts, to a risk-based listing of all the parts in a Bill of Materials (BoM).  There is not one right way to do this.  Though it should be done - must be done - because it is important in many other aspects like supplier controls, risk management, device testing, incoming inspection, etc.  Also as there are so many different medical devices and different components/parts may have different aspects in different devices, it is an individual company activity.  Though if you have many different models of a similar device, it might be better to have a central crucial/critical parts list - though again depends on many factors including the structure of the Quality Management System.

How we can rank some parts are critical and non critical?

I know, we need to use risk based approach as standard and regulations says.

Just take an example of nut and bolts or off shelves items.
As per my understanding, these items are critical as well like other parts let say frame of the chair
However, we are not doing inspection of these parts and thus ranked these parts suppliers as non critical.

We do inspection of such parts if we find issue during assembly of chairs.

Take an example of wheel chair which consist of almost 100 parts.
Do we need to go through every single part of wheelchair to decide which part/component is critical?

If that is case, we have thousands of parts for different models of chairs and it looks quite difficult.

Currently, i defined all parts which requires inspections are critical.
And in critical parts, some parts required stringent inspections and some doesn't based on the history of issues.
And sometimes we do inspection of off shelf items based on issues and thus my critical parts list always fluctuate. 

Experts, please give your opinion on this matter

How we can rank some parts are critical and non critical?

I know, we need to use risk based approach as standard and regulations says.

Just take an example of nut and bolts or off shelves items.
As per my understanding, these items are critical as well like other parts let say frame of the chair
However, we are not doing inspection of these parts and thus ranked these parts suppliers as non critical.

We do inspection of such parts if we find issue during assembly of chairs.

Take an example of wheel chair which consist of almost 100 parts.
Do we need to go through every single part of wheelchair to decide which part/component is critical?

If that is case, we have thousands of parts for different models of chairs and it looks quite difficult.

Currently, i defined all parts which requires inspections are critical.
And in critical parts, some parts required stringent inspections and some doesn't based on the history of issues.
And sometimes we do inspection of off shelf items based on issues and thus my critical parts list always fluctuate. 

Experts, please give your opinion on this matter

The first question is why do you want to do this. What is the problem for which this is a solution?

Start with GHTF/SG4N33R16:2007 which defines a critical supplier as, "a supplier delivering materials, components or services that may influence the safety or performance of the product".

In essence this means classifying each part as critical or not. The supplier of a critical part is a critical supplier. Don't make this classification a major task. The basic question is, "if this part came in nonconforming, you installed it, and shipped the product with the nonconforming part, would there be a performance or safety issue for the user. Each part should take between 15 and 30 seconds to classify. I suspect you will have a short list, probably no more than 25 parts.

Presumably, you will put some controls in place for the critical supplier. A common control is incoming inspection. (Some companies might use QMS audits, but that is not an effective control, so I recommend you don't use it.)

Also, you want to put other controls in place to detect the nonconforming supplier provided part. These controls typically include in process and final inspections and test. This method is called "defense in depth". The layers of protection (the tests and inspections) should prevent any "escapes", i.e., any nonconforming items from shipping. A process FMEA is a useful tool for this.

For incoming inspection, you probably use lot attribute sampling such as Z1.4 or c=0. The key is to select the AQL to determine the sampling plan. The AQL is the worst supplier process nonconformance rate that your process can tolerate. For example, with a good "defense in depth", then an AQL of 1.0 may work. Otherwise, consider a smaller AQL.

Whether you use Z1.4 or c=0 implement the switching rules. The sampling plans then dynamically adjust to the quality history.

As you mentioned, sometimes you might want to add a part to the incoming inspection list to help verify the supplier's corrective action was effective. In these cases use a small AQL and apply the Rule of Five – Five good lots in a row means you can drop the inspection. Alternately, you could just leave the inspection in place, allow the part to earn reduced inspection, and take it off the inspection list.

How we can rank some parts are critical and non critical?

I know, we need to use risk based approach as standard and regulations says.

Just take an example of nut and bolts or off shelves items.
As per my understanding, these items are critical as well like other parts let say frame of the chair
However, we are not doing inspection of these parts and thus ranked these parts suppliers as non critical.

We do inspection of such parts if we find issue during assembly of chairs.

Take an example of wheel chair which consist of almost 100 parts.
Do we need to go through every single part of wheelchair to decide which part/component is critical?

If that is case, we have thousands of parts for different models of chairs and it looks quite difficult.

Currently, i defined all parts which requires inspections are critical.
And in critical parts, some parts required stringent inspections and some doesn't based on the history of issues.
And sometimes we do inspection of off shelf items based on issues and thus my critical parts list always fluctuate. 

Experts, please give your opinion on this matter

Hello Dan, 

You nailed it. 
Very well explained and informative reply.

Appreciated - have a great weekend.

Original Message:
Sent: 19-Apr-2024 09:37
From: Dan O'Leary
Subject: Critical Parts/Components - Critical Suppliers

The first question is why do you want to do this. What is the problem for which this is a solution?

Start with GHTF/SG4N33R16:2007 which defines a critical supplier as, "a supplier delivering materials, components or services that may influence the safety or performance of the product".

In essence this means classifying each part as critical or not. The supplier of a critical part is a critical supplier. Don't make this classification a major task. The basic question is, "if this part came in nonconforming, you installed it, and shipped the product with the nonconforming part, would there be a performance or safety issue for the user. Each part should take between 15 and 30 seconds to classify. I suspect you will have a short list, probably no more than 25 parts.

Presumably, you will put some controls in place for the critical supplier. A common control is incoming inspection. (Some companies might use QMS audits, but that is not an effective control, so I recommend you don't use it.)

Also, you want to put other controls in place to detect the nonconforming supplier provided part. These controls typically include in process and final inspections and test. This method is called "defense in depth". The layers of protection (the tests and inspections) should prevent any "escapes", i.e., any nonconforming items from shipping. A process FMEA is a useful tool for this.

For incoming inspection, you probably use lot attribute sampling such as Z1.4 or c=0. The key is to select the AQL to determine the sampling plan. The AQL is the worst supplier process nonconformance rate that your process can tolerate. For example, with a good "defense in depth", then an AQL of 1.0 may work. Otherwise, consider a smaller AQL.

Whether you use Z1.4 or c=0 implement the switching rules. The sampling plans then dynamically adjust to the quality history.

As you mentioned, sometimes you might want to add a part to the incoming inspection list to help verify the supplier's corrective action was effective. In these cases use a small AQL and apply the Rule of Five – Five good lots in a row means you can drop the inspection. Alternately, you could just leave the inspection in place, allow the part to earn reduced inspection, and take it off the inspection list.

------------------------------
Dan O'Leary CQA, CQE
Swanzey NH
United States

Original Message:
Sent: 17-Apr-2024 19:30
From: Anonymous Member
Subject: Critical Parts/Components - Critical Suppliers

This message was posted by a user wishing to remain anonymous

How we can rank some parts are critical and non critical?

I know, we need to use risk based approach as standard and regulations says.

Just take an example of nut and bolts or off shelves items.
As per my understanding, these items are critical as well like other parts let say frame of the chair
However, we are not doing inspection of these parts and thus ranked these parts suppliers as non critical.

We do inspection of such parts if we find issue during assembly of chairs.

Take an example of wheel chair which consist of almost 100 parts.
Do we need to go through every single part of wheelchair to decide which part/component is critical?

If that is case, we have thousands of parts for different models of chairs and it looks quite difficult.

Currently, i defined all parts which requires inspections are critical.
And in critical parts, some parts required stringent inspections and some doesn't based on the history of issues.
And sometimes we do inspection of off shelf items based on issues and thus my critical parts list always fluctuate. 

Experts, please give your opinion on this matter

The GHTF/SG4N33R16:2007 definition for "critical supplier" has been obsoleted and has since proven untenable.  Moreover, the term is primarily for the benefit of audit organizations rather than manufacturers, thereby exacerbating the untenability. Manufacturers should instead be employing the latest GHTF/IMDRF approach (or similar) rather than misusing the outdated and retired definition.  I explain further below.

As Anon's lamentations show, even suppliers of simple nuts and bolts would need to be categorized as critical suppliers based on the aforesaid obsolete definition. This is problematic because the "critical supplier" concept is a tool used by registrars and notified bodies to calibrate their audit scope and depth, not because a regulation or standard requires a manufacturer to create such an untenable category. Specifically, registrars and notified bodies use the "critical supplier" concept to decide on whether to expand or deepen their audits regarding the manufacturers' suppliers. I recommend against tempting and distracting them like that, as it can unnecessarily complicate audits and can result in more audit findings. It can also bog down or stupefy the manufacturer's purchasing/supplier controls mechanisms.

Global harmonization efforts by the IMDRF and MDSAP are nowadays taking a more sensible approach to the "critical supplier" concept, though still sometimes creating the illusion that manufacturers must categorize suppliers as critical or non-critical. For example, the IMDRF mentions a "manufacturer's critical suppliers of products and services as defined by the manufacturer risk management program" (IMDRF/MDSAP WG/N3FINAL:2013). Thankfully, MDSAP has clarified and elaborated on this by defining it to include, but not be limited to:

• those entities that supply the organization with finished devices, i.e., a device, or accessory to any device, that is suitable for use or capable of functioning, whether or not it is packaged, labeled, or sterilized,
• suppliers of products, including services, that impact design outputs that are essential for the proper functioning of the device [this is the link to the risk management program]; and
• suppliers of products and services that require process validation.

But again, remember that these IMDRF/MDSAP "critical supplier" assertions are, as has always been, primarily for the context of serving the needs of the audit body's assessments, not because the manufacturer must categorize its suppliers that way.

Yet if a manufacturer insists on having a category called "critical suppliers", then I would consider something more along the lines of the aforesaid MDSAP definition rather than the old untenable GHTF definition.  That way we can avoid the inflammatory categorization of simple things like nuts and bolts and their suppliers as items that "influence the safety and performance of the device".  While it is true that nuts and bolts certainly can and do influence the safety and performance of the device, there is no need to trigger the audit body with the label "critical supplier" regarding such nuts and bolts.

Instead, manufacturers remain free to categorize suppliers in whatever risk-based way makes the most sense to each scenario.

For example, rather than such a qualitative approach that will inevitably conflict with actual risk, I instead (per the GHTF, ISO, and MDSAP) employ a risk-ranking/scoring system the output of which grades the risk level for each supplier/commodity combination. Then we can sensibly customize the type and extent of control based on the risk. And when a registrar or notified body asks to see my "critical supplier" list, my answer is, "We don't categorize our suppliers as critical or non-critical. Instead, we follow the GHTF approach and assign the type and extent of controls based on the risk of each supplier/commodity combination."  But to help and cooperate with the auditor's programming, I generally ask the audit body to tell me how it defines "critical supplier".  Then I assist them in identifying suppliers that fit that profile.  This helps avoid building the manufacturer's operation to fit the auditors' needs, and instead keeps the manufacturer's operation tailored to its own needs.

------------------------------
Kevin Randall, ASQ CQA, RAC (Europe, U.S., Canada)
Principal Consultant
Ridgway, CO
United States
© Copyright by ComplianceAcuity, Inc. All rights reserved.

Original Message:
Sent: 19-Apr-2024 11:37
From: Anonymous Member
Subject: Critical Parts/Components - Critical Suppliers

This message was posted by a user wishing to remain anonymous

Hello Dan, 

You nailed it. 
Very well explained and informative reply.

Appreciated - have a great weekend.

Original Message:
Sent: 19-Apr-2024 09:37
From: Dan O'Leary
Subject: Critical Parts/Components - Critical Suppliers

The first question is why do you want to do this. What is the problem for which this is a solution?

Start with GHTF/SG4N33R16:2007 which defines a critical supplier as, "a supplier delivering materials, components or services that may influence the safety or performance of the product".

In essence this means classifying each part as critical or not. The supplier of a critical part is a critical supplier. Don't make this classification a major task. The basic question is, "if this part came in nonconforming, you installed it, and shipped the product with the nonconforming part, would there be a performance or safety issue for the user. Each part should take between 15 and 30 seconds to classify. I suspect you will have a short list, probably no more than 25 parts.

Presumably, you will put some controls in place for the critical supplier. A common control is incoming inspection. (Some companies might use QMS audits, but that is not an effective control, so I recommend you don't use it.)

Also, you want to put other controls in place to detect the nonconforming supplier provided part. These controls typically include in process and final inspections and test. This method is called "defense in depth". The layers of protection (the tests and inspections) should prevent any "escapes", i.e., any nonconforming items from shipping. A process FMEA is a useful tool for this.

For incoming inspection, you probably use lot attribute sampling such as Z1.4 or c=0. The key is to select the AQL to determine the sampling plan. The AQL is the worst supplier process nonconformance rate that your process can tolerate. For example, with a good "defense in depth", then an AQL of 1.0 may work. Otherwise, consider a smaller AQL.

Whether you use Z1.4 or c=0 implement the switching rules. The sampling plans then dynamically adjust to the quality history.

As you mentioned, sometimes you might want to add a part to the incoming inspection list to help verify the supplier's corrective action was effective. In these cases use a small AQL and apply the Rule of Five – Five good lots in a row means you can drop the inspection. Alternately, you could just leave the inspection in place, allow the part to earn reduced inspection, and take it off the inspection list.

------------------------------
Dan O'Leary CQA, CQE
Swanzey NH
United States

Original Message:
Sent: 17-Apr-2024 19:30
From: Anonymous Member
Subject: Critical Parts/Components - Critical Suppliers

This message was posted by a user wishing to remain anonymous

How we can rank some parts are critical and non critical?

I know, we need to use risk based approach as standard and regulations says.

Just take an example of nut and bolts or off shelves items.
As per my understanding, these items are critical as well like other parts let say frame of the chair
However, we are not doing inspection of these parts and thus ranked these parts suppliers as non critical.

We do inspection of such parts if we find issue during assembly of chairs.

Take an example of wheel chair which consist of almost 100 parts.
Do we need to go through every single part of wheelchair to decide which part/component is critical?

If that is case, we have thousands of parts for different models of chairs and it looks quite difficult.

Currently, i defined all parts which requires inspections are critical.
And in critical parts, some parts required stringent inspections and some doesn't based on the history of issues.
And sometimes we do inspection of off shelf items based on issues and thus my critical parts list always fluctuate. 

Experts, please give your opinion on this matter