What to assess during a supplier audit?

A supplier audit plan should be risk-based and address three overarching areas:

Area No. 1: Business system aspects most important to your business and/or supply.

Audits should look at the business systems that are affecting the performance shortfalls of the supplier and ensure action is being taken to address the gaps in the systems. The supplier should take into consideration the root cause issues you've identified through the corrective action system.

Other matters to assess during an audit are:

Whether there have been many product quality-related problems that result in you rejecting products that are not meeting specification

The testing and inspection process and how the product is released for shipment, making sure that until those issues are resolved, there’s a robust product-release process that will not allow material to be shipped to you as a customer

Whether there is enough management responsibility and support in the business to ensure resources are in place to conduct needed corrective actions

Whether there are issues with delivery performance, capacity, utilization, maintenance programs, or the supplier management process; look for improvement opportunities relating to uptime and supplier performance.

Area No. 2: Compliance where it is critical for business reliability.

During a supplier audit, it is also important to assess compliance where it is critical for business reliability. For instance, has the supplier clearly identified the complete list of regulatory requirements that must be met? What are the supplier's internal processes to ensure those regulatory requirements are being addressed, maintained, and improved on?

Critical audit activities include:

Auditing the roles and responsibilities within the organization in terms of compliance with the regulatory requirements

Ensuring theres independence within the organization to resolve any compliance or regulatory issues quickly by senior management and leadership

Ensuring there's an effective, robust process in place to add or update the existing regulatory requirements

Determining the day-to-day aspects of business to ensure that regulatory requirements are being met

International Organization for Standardization (ISO)-related standards incorporate requirements by which, if implemented properly, your organization can benefit greatly. But do not assume registration by ISO or other regulatory bodies always correlate to performance. Just because a supplier is registered to a certain ISO standard, it doesn’t mean the supplier's performance will be satisfactory, even in product quality.

Area No. 3: Performance—but of what?

During any supplier audit, always focus on process improvement and ensure processes are monitored and evaluated. Performance evaluation is tied to the risks within the organization.

For instance, if you are looking at performance in terms of regulatory compliance, you are looking for:

Records readily available to ensure compliance documentation is in place.

Objective evidence that regulatory requirements are being met.

Personnel having the knowledge and experience surrounding regulatory resources.

Results of any type of audit programs the supplier has, whether they are performed internally or by the FDA.

Although product quality and compliance are important in supplier performance, performance can also involve safety, cost, or environmental aspects. If you are looking for a supplier to have high reliability in providing a product or service, it must also have other things in place, such as financial stability.