download counterfeit

65
Presented by Dr. Catherine L. Martin, DBA July 14, 2015 7/20/2015 1

Upload: lamhuong

Post on 04-Jan-2017

242 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Download Counterfeit

Presented by Dr. Catherine L. Martin, DBA

July 14, 2015

7/20/2015 1

Page 2: Download Counterfeit

Introductions – Tell us ……. Your Name

Your Business Area

The Function You Reside in

Your Experience with performing Internal Audits or Supplier Assessments

Your Experience in Counterfeit Parts

The Big Question, if any, on your mind

7/20/2015 2

Page 3: Download Counterfeit

Becoming a Counterfeit Parts Auditor

7/20/2015 3

Understanding

Knowledge

Skill

Training

Performing

Audits with a

Counterfeit SME .

Through Repetition -

Performing Many

Audits

The Learning Model – application of knowledge builds understanding,

repetitive application builds skill – you must apply the training to learn.

Page 4: Download Counterfeit

Introduction The problem of counterfeit goods is not new.

Counterfeit parts can pose significant risk to consumer and/or patient safety.

What if you purchased a critical device and the core component used was detected as counterfeit part?

As time goes by, there is an increase in number of counterfeit parts and as a result, organizations must be prepared to have proper methods in place for detection assessment and audits to avoid accepting counterfeit parts.

7/20/2015 4

Page 5: Download Counterfeit

Purpose Introduction into legislative, regulatory and industry

standards activity addressing counterfeit risks.

Brief Overview of counterfeit avoidance detection

and prevention processes.

Audit approach and method for counterfeit detection

and avoidance.

Information to assist in the development or

enhancement of counterfeit detection and avoidance

assessment and audit programs.

7/20/2015 5

Page 6: Download Counterfeit

Learning Outcomes

Define legislative, regulatory and industry standards

activity addressing counterfeit risks.

Define, describe, and interpret the basic elements of

counterfeit detection and avoidance audits.

Apply and create an audit program for counterfeit

detection and avoidance.

7/20/2015 6

Page 7: Download Counterfeit

Terms & DefinitionsSAE AS5553

ELECTRICAL, ELECTRONIC, AND ELECTROMECHANICAL (EEE) PART: Electrical, electronic, and electromechanical parts are components designed and built to perform specific functions, and are not subject to disassembly without destruction or impairment of design use. Examples of electrical parts include resistors, capacitors, inductors, transformers, and connectors. Electronic parts include active devices, such as monolithic microcircuits, hybrid microcircuits, diodes, and transistors. Electromechanical parts are devices that have electrical inputs with mechanical outputs, or mechanical inputs with electrical outputs, or combinations of each. Examples of electromechanical parts are motors, synchros, servos, and some relays

DFARS 252.246-7007

“Electronic part” means an integrated circuit, a discrete electronic component (including, but not limited to, a transistor, capacitor, resistor, or diode), or a circuit assembly (section 818(f)(2) of Pub. L. 112-81). The term “electronic part” includes any embedded software or firmware.

7/20/2015 7

Page 8: Download Counterfeit

Counterfeit Definition(s) SAE AS5553

3.1 Suspect Part

A part in which there is an indication that it may have been misrepresented by the supplier or manufacturer and may meet

the definition of fraudulent part or counterfeit part provided below.

3.2 Fraudulent Part

Any suspect part misrepresented to the Customer as meeting the Customer’s requirements.

3.3 Counterfeit Part

A fraudulent part that has been confirmed to be a copy, imitation, or substitute that has been represented, identified, or marked as genuine, and/or altered by a source without legal right with intent to mislead, deceive, or defraud.

NOTE: The following diagram (Figure 2) depicts the aboveinterrelationship between Suspect, Fraudulent and CounterfeitParts. A Suspect Part may be determined to be, fraudulent or counterfeit through further evaluation and testing. All counterfeit parts are fraudulent, but not all fraudulent partsare counterfeit.

7/20/2015 8

Page 9: Download Counterfeit

Counterfeit Definition(s) DFARS

252.246-7007“Counterfeit electronic part” means an unlawful or unauthorized reproduction, substitution, or alteration that has been knowingly mismarked, misidentified, or otherwise misrepresented to be an authentic, unmodified electronic part from the original manufacturer, or a source with the express written authority of the original manufacturer or current design activity, including an authorized aftermarket manufacturer. Unlawful or unauthorized substitution includes used electronic parts represented as new, or the false identification of grade, serial number, lot number, date code, or performance characteristics.

“Suspect counterfeit electronic part” means an electronic part for which credible evidence (including, but not limited to, visual inspection or testing) provides reasonable doubt that the electronic part is authentic.

7/20/2015 9

Page 10: Download Counterfeit

The Audit Challenge How do I perform an internal audit for Counterfeit

Parts in my company?

“There is so much information”

“Where do I start”

“How do I know I am auditing the right things”

“How does this topic fit into ISO9000/AS9100 or FDA”

7/20/2015 10

Page 11: Download Counterfeit

The Audit Challenge

The Information: Legislative, regulatory and

industry standards

See ASQLA April 2015 Presentation

7/20/2015 11

Page 12: Download Counterfeit

The Audit Challenge Where to Start

As with any Internal Audit (or external) there are

required elements for auditing.

Follow ASQ Certified Quality Auditor process

Follow Company internal audit process

Overview of Audit Process on next slides

7/20/2015 12

Page 13: Download Counterfeit

Audit Process Definitions

Process Responsibilities

Process

Responsibilities

Lead Auditor

Audit response and follow up

Guidelines for Conducting Audits

Initiating the Audit

Audit Preparation

Audit Notification

Audit Plan

Preparing Working Documents

Create Checklist

01/09

Page 14: Download Counterfeit

Audit Process Conducting Audit Activities

Opening Meeting

Opening meeting Presentation

Conduct Audit

Daily Debriefs

Closing Meeting

Conclusion of Audit

Verification and Validation (V&V)

01/09

Page 15: Download Counterfeit

DEFINITIONS

Audit - A systematic, independent, and documented process

for obtaining evidence and evaluating it objectively to

determine the extent to which audit criteria are fulfilled.

Auditee – An audited individual, organization, or function.

Audit Plan - Description of the activities and arrangements

for an audit including tentative date, time and place, names of

audit team members, scope, objective, and standards.

Auditor - The person (or persons) who conduct the audit.

Audit Schedule - A list of audits the Audits organization will or

has performed during the current year (or previous years as in

the case of archived schedules).

Audit Team - The auditors, observers, subject matter experts

and/or customers who participate in an audit.

Page 16: Download Counterfeit

DEFINITIONS (continued) Closing Meeting – A formal or informal meeting at which the

auditors review the audit results with the primary auditees and direct management or supervisors.

Concern – An issue to consider for continuous improvement.

Corrective Action –1.An action plan to correct problems that have already occurred.

2.Changes to processes, work instructions, workmanship practices, training, inspections, tests, procedures, specifications, drawings, tools, equipment, facilities, resources, or material that prevent, minimize, or eliminate nonconformance.

3.Design Changes to processes, work instructions, workmanship practices, training, inspection, tests, procedures, specifications, drawing, tools, equipment, facilities, resources, or material in order to prevent, minimize, or eliminate recurrence of nonconformance or adverse trends.

4.An action or activity implemented to prevent an issue from recurring by determining the root cause and implementing changes to prevent reoccurrence.

5.Specific Action taken to directly correct a particular failure.

Page 17: Download Counterfeit

DEFINITIONS (continued)

Corrective Action Request – A formal request for

corrective action.

Daily Debrief- Report of daily audit results. Information

should include: Progress of audit

Any changes/delays in schedule

Potential audit findings/observations

Outstanding items/actions required by auditee

Audit Management and Corrective Action Database.

Internal Audit - An audit by the company Audits

organization.

Lead Auditor - The person having primary responsibility

for all phases of the audit.

Page 18: Download Counterfeit

DEFINITIONS (continued) Major Nonconformance - Non-fulfillment of specified

requirement(s) having an adverse affect on the quality system or resulting in a total systemic breakdown. A Major Nonconformance includes:

Several nonconformities exist that taken together conclude that one or more requirements of the Quality Management System are not implemented.

The safety of personnel or end users is compromised.

The reliability and/or integrity of product/services are affected resulting in nonconforming product/services.

Any ethical issue that warrants immediate action.

Significant Minor Nonconformance - A condition, which the Audit Team deems to be of a significant nature, warrants management’s attention and could result in a Major Nonconformity if not corrected.

01/09

Page 19: Download Counterfeit

DEFINITIONS (continued) Minor Nonconformance – Non-fulfillment of a specified

requirement having a minimal affect/impact on the Quality Management System and/or product/service quality. A Minor Nonconformance is a nonconformance category in which occasional, isolated lapses are noted or where the nonconformance has minimal impact on the delivered product or service.

Nonconformance - Violation of requirements. Example: legal, regulatory, ethical, safety, contract provisions or company requirements.

Objective Evidence - Data that verifies or supports the audit. Auditors may obtain it through observation, measurement, test, or other means without the influence of prejudice, emotion, or bias. Example: quality records, performance of activities, system outcomes, or verifiable verbal statements.

Observation - A point of concern or a positive notation relating to an area, process or product/service not identified as a nonconformance.

Opening Meeting - A formal or informal meeting with auditees and direct management/supervisors before starting an audit. The opening meeting may include the schedule, scope and audit approach.

Page 20: Download Counterfeit

DEFINITIONS (continued) Pencils Down-Final opportunity for auditees, direct

management or supervisors to meet with auditor to retract potential findings and assign findings to appropriate personnel.

Quality Management System (QMS) – An interconnected system of coordinated processes and documentation that ensure the quality of products and services. The QMS continually measures and improves its effectiveness and complies with AS9100, ISO 9001:2008.

Verification – Confirmation, through the provision of objective evidence, that the requirements for a specific intended use or application have been fulfilled.

Validation- Confirmation, through the provision of objective evidence, that specified requirements have been fulfilled and that corrective action implementation has been effective.

Page 21: Download Counterfeit

Process/Responsibilities

Auditors in the Audits organization plan and conduct

internal quality audits to determine whether the Quality

Management System conforms to the requirements of

ISO 9001:2008, AS9100, Quality Management System

Manual, Policies/Procedures, and Management

System directives.

The internal audit methodology incorporates a three-

step process consisting of pre-planning, auditing,

and reporting. The audit process includes

interviewing employees, witnessing audited processes

and activities, and examining documents, records, and

procedures.

Page 22: Download Counterfeit

Process/Responsibilities

The Audits organization develops and maintains an

audit schedule that evaluates compliance to all

ISO/AS9100 clauses that are within scope of the

Organization. The audit schedule identifies each

planned audit area and the applicable ISO/AS9100

clauses that compliance is accessed to.

The following factors are considered when developing

the audit schedule.

a. results of previous audits

b. customer requirements, requests, and or concerns

c. management requirements, concerns, and priorities

Page 23: Download Counterfeit

Process/Responsibilities

The Audit organization assigns each planned audit to

a qualified Lead Auditor.

A Lead Auditor may assemble an audit team that

includes additional personnel to serve as subject

matter experts or liaisons during the audit. Members of

the audit team may not report directly to the audited

organization, function, or area.

Accountability

The Audits organization is accountable to

Management for conducting Quality Management

System (QMS) compliance audits to maintain

ISO/AS9100 certification.

Page 24: Download Counterfeit

Process/Responsibilities Lead Auditor responsibilities

The Lead Auditor plans and coordinates the audit.

Update Audit Schedule.

Conduct an opening meeting, informal or formal, daily debriefs and a closing

meeting, informal or formal, with auditees and area management

a. If an opening meeting is not conducted, brief area management/supervisors on the

audit scope and objectives.

b. If a closing meeting is not conducted, brief area management/supervisors on the

audit results.

Discuss audit results with auditees and management/supervisors. Obtain

acknowledgement on nonconformances. Document each nonconformance

in applicable corrective action system. a. Notify appropriate area management of any Major nonconformances affecting

safety, work environment, hardware and/or deliverable.

b. The Auditor creates a Corrective Action Request through appropriate closed- loop

system for each nonconformance in accordance with Work Instruction for

Corrective Action Processing.

Page 25: Download Counterfeit

Process/Responsibilities

Audit response and follow up

The assignee of the Corrective Action Request (CAR)

processes the corrective action in accordance with Work

Instruction for Corrective Action Processing.

Upon completion of the corrective action, the auditor

verifies implementation and validates effectiveness of the

corrective actions.

The auditor attaches objective evidence of verification

that the corrective action was implement to the CAR

record

The auditor attaches objective evidence of validation that

the corrective action adequately addressed the problem

and will prevent further recurrence.

Page 26: Download Counterfeit

Guidelines for Conducting Audits

Initiating the Audit Initiating the Audit

Audit Preparation

a. 30 days prior (when possible), refer to Annual Audit Schedule. The

Audit Schedule identifies the Lead Auditor and defines the audit.

b. Create an Audit and add References to contain all aspects of the

upcoming audit

Audit Notification

a. Notify the auditees of the upcoming audit via email. Obtain agreement

on date/time of audit. Attach notification to audit record.

b. For larger audits e.g. program audits, customer audits etc., a pre-

planning meeting should be conducted to clarify objective, scope,

audit date/time, criteria, and interfaces e.g., auditees, points of

contacts (POCs), escorts, subject matter experts (SMEs).

Page 27: Download Counterfeit

Guidelines for Conducting Audits

Audit Plan Audit Plan

a. Complete the Scope section or the Audit Plan based on

concurrence received from the audit notification/pre-planning

meeting.

b. Complete the Audit Schedule.

c. Send an email with the audit number and Audit Plan. Attach the

Audit Schedule. Distribute to auditees, management and

POCs/SMEs as required prior to audit start date. If any

revisions are required to plan or schedule after the initial

distribution, redistribute to auditees, management and POCs as

required.

Page 28: Download Counterfeit

Guidelines for Conducting Audits

Working Documents Preparation

Preparing Working Documents

Create checklists

a. Reference the document number, title, and revision date in

checklist header.

b. Checklists need to cover any audit follow-up actions.

c. Identify the applicable ISO/AS9100 provision.

d. Reference source documents (Policies, procedures) and

paragraph for each audit question.

e. Distribute checklists to auditee.

01/09

Page 29: Download Counterfeit

Guidelines for Conducting Audits

Opening Meeting Planning

Conducting Audit Activities

Opening meeting planning

a. Schedule opening meetings and invite auditees and

stakeholders. Attach agenda as applicable.

b. Prepare opening meeting presentation.

Page 30: Download Counterfeit

Guidelines for Conducting Audits

Opening Meeting Presentation

Opening meeting presentations should include the following as applicable:

a. Introductions

b. Scope of audit – scope should include reviewing the effectiveness of corrective actions taken as a result of prior assessment concerns.

c. Objective of audit – objective should include the purpose, reason or goal for the audit.

d. Audit schedule – include daily debriefs as applicable.

e. Coordination with escorts representing the organization undergoing audit to define roles and responsibilities.

g. Define “pencils down” deadline for providing objective evidence in response to potential non-conformances.

h. Corrective action process – after the closing meeting, corrective actions for non-conformances identified during the audit will be created in Corrective Action System.

i. Questions

01/09

Page 31: Download Counterfeit

Guidelines for Conducting Audits

Conduct Opening Meeting and route attendance sheet to attendees.

a. Scan the Opening Meeting presentation and attendance sheets; save in the audit folder structure.

Conduct audit

a. Use checklists and immediately report any safety or product risk violations to management.

b. Complete checklists

– Daily debriefs

a. Daily debriefs will be communicated to auditees and documented. Debriefs should include the following as applicable:

1. Progress of audit

2. Any changes/delays in schedule

3. Potential audit findings/observations

4. Outstanding items/actions required by auditee

Page 32: Download Counterfeit

Guidelines for Conducting Audits

Closing Meeting

a. Schedule closing meeting via email and invite auditees and stakeholders. Attach agenda as applicable.

b. Prepare closing meeting presentation.

c. Closing Meeting presentation should include the following as applicable:

1. Scope of audit

2. Objective of audit

3. Summary of audit results:

• Identify type of non-conformance(s) and quantity for each category, for example:

I. Major Non-conformance

II. Significant Minor Non-conformance

III. Minor Nonconformance

IV. Observation

V. Provide detail slides of each non-conformance identifying the corresponding requirement.

Page 33: Download Counterfeit

Guidelines for Conducting Audits

c. Closing Meeting presentation should include the following as

applicable:

4. Strengths

5. Opportunities for improvement

6. Corrective action process- if audit resulted in non-conformances,

discuss requirements of a Corrective Action Plan (CAP) e.g. root

cause, corrective action, preventive action and CAP

implementation. Non-conformances are documented on the

checklists and corrective action requests are created in the closed

loop corrective action system. Discuss due date for CAP and

obtain agreement on responsible person to provide CAP. Discuss

the Verification & Validation (V&V) process.

7. Audit frequency recommendation

8. Thank auditees and SMEs

9. Questions

d. Conduct Closing Meeting and route attendance sheet to auditees.

Page 34: Download Counterfeit

Guidelines for Conducting Audits – Conclusion of audit

a. Complete checklist

b. Attach any checklist objective evidence into the Checklist.

c. Create Corrective Action

d. Ensure all audit records are in order prior to the next steps, which is Audit Closure.

e. Attached approved audit results

f. Sign Audit Results

g. Complete Review/Closure Hours.

h. Print and Save Audit Summary report

i. Distribute Audit Summary Report.

j. Sign to Close Audit Record

Page 35: Download Counterfeit

Guidelines for Conducting Verification

and Validation (V&V) Verification &Validation Sources

Verification and Validation assignments come from two sources:

a. Internal audit

1. Corrective actions created as a result of an audit that the

auditor had responsibility for, or

2. The Verification and Validation Activity is assigned to

another auditor, who is independent of that audit.

b. External audit

1. Corrective actions which resulted from an external audit,

where the Verification and Validation Activity is assigned to

an auditor.

Page 36: Download Counterfeit

Guidelines for Conducting Verification

and Validation (V&V) Corrective Action Record

The “Corrective Action Details” section contains all of the known

information about the selected action, its status, any other records it

refers to and much more. As part of the Verification and Validation

process, this section needs to be carefully read and understood.

a. The “Problem Description” should have been clear and concise.

I. Is: Describe the current anomalous condition.

II. Should be: Describe what the corrective condition should

be citing requirement reference.

b. The “Containment Actions” section should have notes about the

actions taken immediately to stop a safety hazard or stop a

problem from propagating.

c. The “Root Cause Summary” section should have notes about the

analysis conducted to identify the cause of the problem identified in

the Problem Description.

Page 37: Download Counterfeit

Guidelines for Conducting Verification

and Validation (V&V)– The “Corrective Action Details” section contains all of the known

information about the selected action, its stage, any other records it

refers to and much more. As part of the Verification and Validation

process, this section needs to be carefully read and understood.

d. The “Corrective Action Plan” section should document the process,

results and estimated completion date.

e. The “Response Approval” section allows the CA Requestor to

review and approve the Containment Actions, the Root Cause

Summary and Corrective Action Plan. If Containment, Root Cause,

or Corrective Action Plan is not effective, the response will be

rejected.

f. The “Closure” section documents the “Verification / Validation

Activity” that confirms the Corrective Action Plan has been

completed and that the problem was eliminated. The Approver

“Closes” the Corrective Action Record.

Page 38: Download Counterfeit

Guidelines for Conducting Verification

and Validation (V&V) Conducting Verification

– It is required that each action stated in the corrective action plan has

been carried out and that objective evidence be submitted as proof by

the Responsible Assignee that the action has been effectively

resolved.

a. Enter the “Date Verified.”

b. Enter the “Verification / Validation Activity” – document all

activities completed to verify the corrective action plan

implementation; title this entry “Verification.”

c. Evidence should have been clearly identified and attached.

1. Such evidence includes updated procedures,

corrected/updated sections of the department’s documents

associated with a stated nonconformity, copies of completed

records, training attendance sheets, etc.

Page 39: Download Counterfeit

Guidelines for Conducting Verification

and Validation (V&V) Conducting Validation

– The preventive action taken should have eliminated the cause(s) of the nonconformities. In order to prevent their occurrence, corrective action implementation must be effective.

a. To validate that the cause(s) of potential nonconformities have been eliminated, review the requirement identified in the Problem Description that resulted in the nonconformity(s).

a.Pull a new sample and assess the condition. Attach the sampled records as evidence to “References.”

b. Evidence should have been clearly identified and attached .a.Such evidence includes updated procedures, corrected/updated

sections of the department’s documents associated with a stated nonconformity, copies of completed records, training attendance sheets, etc.

b.Attach a validation summary sheet, detailing the dates and details of the verification process. (Note this may be combine with verification summary sheet.)

c. Enter the “Verification / Validation Activity” – document all activities completed to validate the effectiveness of the action taken; title this entry “Validation.”

Page 40: Download Counterfeit

Guidelines for Conducting Verification

and Validation (V&V) Corrective Action Record Closure

– If you are not the assigned Approver, notify the CA Requestor that

the “Verification / Validation Activity” has been completed and is

ready to be closed.

– If you are the Approver, “Close” the record.

Page 41: Download Counterfeit

The Audit Challenge “How do I know I am auditing the right things”

7/20/2015 41

Page 42: Download Counterfeit

The Right Audit Plan Audit Plan

Scope: Internal Audit of Supply Chain Management in which activities will be evaluated for compliance to “Organization’s Counterfeit Parts Risk Mitigation and Prevention Process”, ISO/AS9100C and AS5553A .

Sample processes with be chosen in an attempt to determine adequacy and compliance to the requirements of the documented system.

Criteria/Document Review: Company “Counterfeit Products Risk Mitigation and Prevention”. Doc.

No. XXX

AS5553 Rev A “ Fraudulent/Counterfeit Electronics Parts: Avoidance, Detection, Mitigation and Disposition”, 2013

AS9100C “Quality Management Systems-Requirements for Aviation, Space and Defense Organizations”, 2009

Page 43: Download Counterfeit

The Right Working Documents

Internal Audit Checklist

“Counterfeit Products Risk Mitigation and Prevention ”

Checklist

Audit Schedule

Resources

01/09

Page 44: Download Counterfeit

Checklist Template

7/20/2015 44

AS9100

Provision

AS5553

Provision

Procedure

#, Rev and

Date

Requirement

Para #Requirements Questions

Complian

t Yes, No,

N/A

Category Comments

Look For:

Look For:

Look For:

Look For:

Look For:

Look For:

Look For:

Look For:

Internal Audit Checklist Template

Title:

Auditor(s):

Date(s) of Audit:

Audit Area and Location:

Auditee(s):

Prepared by:

Page 45: Download Counterfeit

How the Checklist Works

The Checklist references the applicable

requirements as detailed in AS5553 and internal

Policy/Procedures.

The Checklist provides the appropriate question to

ask.

There is a response box for the auditor to record

answers and details.

Provides guidance for what information and/or

documentation to ask the Auditee to either provide or

review with you (Look For).

7/20/2015 45

Page 46: Download Counterfeit

Audit Resources

AS5553 Rev A “ Fraudulent/Counterfeit

Electronics Parts: Avoidance, Detection,

Mitigation and Disposition”, 2013

TOR-2014-02200 “Counterfeit Parts

Prevention Strategies Guide”

Contractor Counterfeit Electronic Part

Detection And Avoidance System DFAR

252.246-70077/20/2015 46

Page 47: Download Counterfeit

AS5553 Rev A

7/20/2015 47

Page 48: Download Counterfeit

Application

7/20/2015 48

Page 49: Download Counterfeit

Risk Chart

7/20/2015 49

Page 50: Download Counterfeit

Supplier Assessment Pyramid

7/20/2015 50

Page 51: Download Counterfeit

Risk Mitigation

7/20/2015 51

Page 52: Download Counterfeit

Testing

7/20/2015 52

Page 53: Download Counterfeit

TOR-2014-02200

7/20/2015 53

Page 54: Download Counterfeit

Detailed Checklist Example

7/20/2015 54

AS9100

Provision AS5553 Provision

Procedure #,

Rev and

Date

Requirement

Para #Requirements Questions

Compliant

Yes, No,

N/A

Category Comments

4.2.3 Control of

Documents

4.1

Fraudulent/Counterfeit

EEE Parts Control Plan

XXX xx Does the organization have a

controlled documented counterfeit

avoidance policy?

Look For: Approved and Controlled Policy and Procedure

for counterfeit product risk mitigation and detection.

7.5.3

Identification and

Traceability

4.1

Fraudulent/Counterfeit

EEE Parts Control Plan

XXX xx Does the documented counterfeit

avoidance plan detail it processes

used for risk mitigation, disposition,

and reporting of suspect or

confirmed fraudulent/counterfeit

parts and or assembles containing

such parts?

Look For: Purpose, Applicability, Definitions,

Responsibilities, Procedure for risk mitigation, disposition,

and reporting in the Approved and Controlled Policy.

7.1.2 Risk

Management

4.1

Fraudulent/Counterfeit

EEE Parts Control Plan

XXX xx Does the organization have a

documented counterfeit risk

mitigation process, that also

includes non-electronic materials?

Look For: Inclusion of non-electronic Mechanical Items

(fasteners, gaskets, molded items, sealing items, nuts, bolts,

machined items, castings, forgings, extrusions, etc) in the

documented Policy.

6.2.2

Competence,

Awareness,

Training

4.1.1 Personnel

Training

XXX xx Is there training of relevant

personnel, including management

of programs, projects,

procurement, quality assurance,

inspection, receiving,

manufacturing, and engineering

that is appropriate to their function

in awareness, avoidance,

detection, mitigation, and

disposition of suspect/ fraudulent

counterfeit parts?

Look For: .Training requirements, training materials, and

records of who is trained. Employees for counterfeit product

risk mitigation and detection training include: Program

Manager, Quality Engineers, Engineering, Purchasing,

Supplier Quality and Inspection.

6.2.2

Competence,

Awareness,

Training

4.1.1 Personnel

Training

XXX xx Is the frequency of employee

training defined and new

employees are trained in a timely

fashion?

Look For: Training Matrix for each function.

7.5.1 Control of

Production and

Service

4.1.2 Parts Availability XXX xx How is availability of authentic,

originally designed and/or qualified

parts throughout the product's life

cycle?

Look For: Lifetime or bridge buy, System redesign,

Alternate/multiple sources, Substitutions, Planning for

adequate procurement lead times.

7.5.1 Control of

Production and

Service

4.1.2 Parts Availability XXX xx How is obsolescence addressed

across the life cycle of the

program?

Look For: Obsolescence Management Plan, Diminishing

Manufacturing Sources and Material Shortages (DMSMS)

management plan.

Internal Audit Checklist Template

Title: Counterfeit Parts Risk Mitigation and Prevention

Auditor(s): Catherine Martin, Lead Auditor

Date(s) of Audit:

Audit Area and Location: Supply Chain Management

Auditee(s):

Prepared by: Catherine Martin

Page 55: Download Counterfeit

Published Checklists

TOR-2014-02200 “Counterfeit Parts Prevention

Strategies Guide”

Appendix G – 64 questions

7/20/2015 55

Page 56: Download Counterfeit

Audit Schedule

Date Time Location Description Auditee(s)

6/25/15 09:00-9:30

AM

Opening Meeting:

Counterfeit Parts Risk Mitigation

6/25/159:30 AM -

3:30 PMAudit Interviews

6/28/15 2-3 PMClosing Meeting:

Counterfeit Parts Risk Mitigation

Page 57: Download Counterfeit

The Audit Challenge

“How does this topic fit into ISO9000/AS9100”

7/20/2015 57

Page 58: Download Counterfeit

ISO Standards

The requirements of AS5553A are intended to

supplement the requirements of a higher quality

standard (e.g. AS9100), and other quality

management system documents.

7/20/2015 58

Page 59: Download Counterfeit

AS9100 Clauses Affected by this Audit

Audit Area AS9100C Clause

Control of Documents 4.2.3

Control of Records 4.2.4

Risk Management 7.1.2

Customer-Related Processes 7.2

Determination of Requirements Related to the

Product

7.2.1

Review of Requirements Related to the Product 7.2.2

Customer Communication 7.2.3

Purchasing 7.4

Purchasing Process 7.4.1

Purchasing Information 7.4.2

Verification of Purchased Product 7.4.3

Identification and Traceability 7.5.3

Preservation of Product 7.5.5

Control of Nonconforming Product 8.3

Analysis of Data 8.4

Page 60: Download Counterfeit

AS5553A Clauses for this Audit

Audit Area AS5553A Clause

Purpose and Application 1.0 Scope

SAE, ISO, ANSI, US Government, Commercial,

Related

2.0 Applicable Documents

Suspect Part, Fraudulent Part, Counterfeit Part,

etc

3.0 Terms and Conditions

Documented and Controlled Counterfeit Plan 4.1 Counterfeit Control Plan

Training requirements, materials and records 4.1.1 Personnel Training

Authentic Parts and Parts Obsolescence 4.1.2 Parts Availability

Assessment criteria, sources of supply, OCMs,

authorized suppliers, risk mitigation

4.1.3 Purchasing Process

Supply Chain Traceability to the OCM, Flow

down of AS5553A, disclosure of authorized

source

4.1.4 Purchasing Information

Detection of counterfeit parts prior to formal part

acceptance, return inspection to validate

authenticity

4.1.5 Verification of Purchased/Returned Part(s)

Detection, verification, and control of in-process

and ins-service suspect or confirmed counterfeit

parts

4.1.6 In-Process Investigation

Determine if failure is due to counterfeit part 4.1.7 Failure Analysis

Page 61: Download Counterfeit

AS5553A Clauses for this Audit

Audit Area AS5553A Clause

Control excess and nonconforming parts to

prevent from entering the supply chain as

counterfeit parts. Quarantine counterfeit parts

4.1.8 Material Control

All occurrences of suspect or confirmed

counterfeit parts are reported to internal,

customers, government, industry, and

authorities

4.1.9 Reporting

Process for resolving nonconformance’s related

to suspect counterfeit parts that have been

used in product delivered to the customer

4.1.10 Post Delivery Support

Design, Proposal, and Program Planning Appendix A, A1

Obsolescence Management Appendix A, A2

Procurement Approach Appendix B

Supply Chain Traceability Appendix C

Contract Requirements - General Appendix D

Fraudulent/Counterfeit Part Detection Appendix E

Page 62: Download Counterfeit

AS5553A

See AS5553A Standard

7/20/2015 62

Page 63: Download Counterfeit

Wrap Up and Next Steps

Review the Requirements

Develop your Policy

Develop Training

Create Audit Schedule

7/20/2015 63

Page 64: Download Counterfeit

The Audit Challenge How do I perform an internal audit for Counterfeit

Parts in my company?

“There is so much information”

Answer: I know where to go to find the information

“Where do I start”

Answer: Start with an Audit Plan

“How do I know I am auditing the right things”

Answer: Create a checklist to AS5553A and/or Internal Policy

“How does this topic fit into ISO9000/AS9100 or FDA”

Answer: It supplements ISO9000/AS9100

7/20/2015 64

Page 65: Download Counterfeit

Resources

7/20/2015 65