Skip to main content

4.1 Governance and Operating Model

Supplier Quality Management (SQM) acts as the technical firewall separating external supply chain entropy from internal manufacturing stability. While Procurement optimizes for cost and logistics (Commercial), SQM must ruthlessly optimize for Risk and Capability (Technical). This chapter defines the operational architecture required to extend process control beyond the factory walls, treating external partners not as vendors, but as remote extensions of the internal production line.

Mission and Boundaries

The Supplier Quality Engineer (SQE) requires absolute separation of powers from Procurement to prevent the conflict of interest inherent in prioritizing "cheaper" over "compliant."

  • If the issue is Technical (Capability, Risk, Specification) -> SQE owns the decision.
    • Exercise veto power over new suppliers based on audit results.
    • Block or Quarantine suspect material immediately. This authority overrides production urgency to prevent catastrophic field failure.
    • Own the Supplier Corrective Action Request (SCAR) cycle from initiation to validation.
  • If the issue is Commercial (Price, Terms, Logistics) -> Procurement owns the decision.
    • Negotiate pricing, payment terms, and contracts.
    • Select the partner from the SQE-qualified list.
    • Expedite late deliveries.

Pro-Tip: Never allow "Commercial Leverage" to override a "Technical Veto." If a supplier is technically incapable, no price discount can compensate for the resulting line-down risk or recall cost.

Authority Matrix (RACI Logic)

Ambiguity during a quality spill is a failure mode. Adhere to the following decision logic to maintain velocity.

  • Scenario: New Supplier Qualification
    • SQE (Accountable): Validates technical capability.
    • Procurement (Consulted): Aligns commercial terms.
  • Scenario: Stop Ship / Quarantine Stock
    • SQE (Accountable): Executes the physical and digital block.
    • Operations (Informed): Adjusts production planning.
  • Scenario: Deviation Approval
    • Engineering (Accountable): Only design authority can waive a specification.
    • SQE (Consulted): Assesses risk of the deviation.
  • Scenario: Recovery Cost Negotiation
    • Procurement (Accountable): Recoups financial losses from the supplier.
    • SQE (Informed): Provides technical evidence of the failure.

The Operating Lifecycle

Treat the SQM lifecycle as a closed-loop control system, not a linear administrative path.

Phase 1: Qualification (Pre-PO)

  • Action: Execute Risk Assessment and On-Site Audit (VDA 6.3 / ISO 9001).
  • Logic:
    • If Audit Score ≥ Threshold -> Pass. Add to Qualified Vendor List (QVL).
    • If Audit Score < Threshold -> Fail. Assign "Do Not Use" status to prevent PO generation.

Phase 2: Incoming Control (Active)

  • Action: IQC inspects per the SQE-defined Sampling Plan.
  • Logic:
    • If Compliant -> Release to Stock.
    • If Non-Compliant -> Reject to MRB.

Phase 3: Escapes & Reaction (Reactive)

  • Action: Defect detected on Line or Field.
  • Logic: Initiate Containment (24h) and issue SCAR.

Phase 4: Resolution & Monitoring (Sustaining)

  • Action: Supplier submits CAPA.
  • Logic: Verify Permanent Corrective Action (PCA) and update Supplier Scorecard.

Interface with Internal Stakeholders

The SQE operates as the system architect for external quality.

  • Interface with IQC:
    • SQE (Legislator): Defines the inspection plan and limit samples.
    • IQC (Enforcement): Executes the plan.
    • Requirement: Provide clear, binary acceptance criteria. Ambiguous instructions lead to false rejects or escapes.
  • Interface with Production:
    • Requirement: If bad parts stop the line, SQE presence on the floor is required within 15 minutes to assess impact.
  • Interface with Program Management (PM):
    • Requirement: Define the "Risk Profile" for NPI. If a supplier is high-risk, mandate "Safe Launch" protocols (e.g., 100% source inspection).

The Supplier Risk Rating Model

Risk is a calculated score, not a feeling. Assign every active part/supplier combination a risk tier based on weighted technical inputs: Criticality (Safety/Function), Process Maturity (Auto vs Manual), Quality History (SCARs), and Complexity.

  • If Tier 1 (High Risk) -> Custom Mechanics, Safety Critical Parts, or New Suppliers (< 6 months).
  • If Tier 2 (Medium Risk) -> Standard Active Components (ICs), Connectors.
  • If Tier 3 (Low Risk) -> Standard Passives (Resistors, Capacitors), Hardware.

Control Levels (The Response)

Adjust "Inspection Intensity" at the receiving dock based on the Risk Tier.

Level 1: Tightened Inspection (High Risk)

  • Scope: New Suppliers (NPI), Probation (Grade C), or Critical Safety Items.
  • Mandate:
    • Sampling Plan: AQL 0.4 / Level II (High sample size).
    • Documentation: Full Certificate of Analysis (CoA) with actual measurement data.
    • Safe Launch: Measure 100% of Critical Dimensions (CDs) for the first 3 lots before moving to sampling.

Level 2: Normal Inspection (Medium Risk)

  • Scope: Established suppliers with stable performance (> 6 months w/o SCAR).
  • Mandate:
    • Sampling Plan: AQL 1.0 / Level II.
    • Checks: Verification of MPN, Date Code, Packaging, and basic dimensional check.

Level 3: Skip-Lot / Dock-to-Stock (Low Risk)

  • Scope: Preferred Suppliers (Grade A) providing commodities.
  • Mandate:
    • Sampling Plan: Inspect 1 out of every 5 lots.
    • Revocation: A single line-reject immediately revokes Dock-to-Stock status for 3 lots.

Dynamic Risk Adjustment

Performance drives the control level. The system must adapt dynamically.

  • Escalation (Tightening):
    • Trigger: A single field failure or Line Down incident.
    • Action: Move supplier immediately to Level 1 (Tightened).
    • Exit Criteria: Minimum 3 consecutive clean lots required to de-escalate.
  • De-Escalation (Relaxing):
    • Trigger: 10 consecutive lots accepted with zero defects.
    • Action: Move supplier to Level 3 (Dock-to-Stock) to optimize IQC labor.

Evidence & Records

Supplier Quality Requirements Index (The "Contract")

Do not rely on "Standard Industry Practice." Incorporate specific Standards by reference into every Purchase Order (PO). Acceptance of the PO constitutes legal acceptance of:

  1. The Drawing (2D/3D): The absolute truth (Dimensions, Material).
  2. The Specification: Performance requirements.
  3. The Quality Manual (SQM): Procedural rules.
  4. External Standards: IPC-A-610, ISO 9001.

Evidence Submission (The "Virtual Lock")

For Critical Tier 1 suppliers, demand evidence upfront.

  • The "Ship-to-Stock" Gate: Supplier must upload CoA and Measurement Report to the Portal before shipment leaves their dock.
  • Validation: System blocks the ASN (Advance Ship Notice) if evidence is missing or out-of-spec.

Audit Defense and Retrieval

Suppliers must retain records (Lot History Record, Traceability, Process Parameters) and retrieve them within 24 hours upon request.

  • If Standard: Retain 5 Years.
  • If Safety Critical / Automotive: Retain 15 Years.
  • If Medical: Retain Indefinite.

Pro-Tip: If a supplier cannot produce the "Reflow Profile" or "Batch Traceability" within 24 hours of a field failure, they are presumed liable due to lack of process control.

Final Checklist

Control Point

Requirement / Threshold

Non-Negotiable Rule

Authority

Technical Veto

SQE can block any shipment or supplier regardless of Commercial pressure.

New Suppliers

Audit Score

If Audit < Threshold, Supplier is Fail (Do Not Use).

High Risk Control

AQL 0.4 / Level II

Critical Safety Items or New Suppliers must face Tightened Inspection.

Safe Launch

100% Measurement

First 3 lots from new supplier require 100% check of Critical Dimensions.

Escalation

1 Failure = Level 1

Any Line Down/Field Failure triggers immediate return to Tightened Inspection.

Record Retention

24-Hour Retrieval

Failure to produce records within 24h implies liability.

Binding

PO Acceptance

PO must reference the SQM and Drawing as the primary truth.


Back to top