Integration of ISO 26262 & IATF 16949: A Strategic Alliance

Welcome to the third and final part of the blog series ‘Integration of IATF 16949 & ISO 26262’. In this final part of the blog I will continue to examine, in this case the similarities regarding change & document management in the two standards.

QM processes in ISO 26262

There are a lot of companies who are applying functional safety only at the system, hardware and software design stages, but as already mentioned in my last blog there are also QM processes mentioned at part 2 ,8 and 7 of ISO 26262. Part 2, section 5 defines the requirements for a quality management system with standards such as IATF 16949 in conjunction with ISO 9001 or equivalent.

Part 8 of ISO 26262 (Supporting processes) refers to the quality management system several times. Issues such as distributed processes, supplier selection criteria are required in addition to the confirmation of the supplier ’s capability due to functional safety, an evaluation of the supplier‘ s quality management system and previous performance and quality of the supplier (comparable to the supplier selection process described in chapter 8.4 in the IATF 16969). According part to 8, the configuration management process throughout the safety life cycle, shall comply with the respective requirements of a quality management system standard.

Change Management

Change management is also handled in ISO 26262, the majority of which can be satisfied, working accordance with the IATF standard. Planning, initiating, requests, request analysis, request evaluation, implementation and documentation of changes are well described in part 8 of ISO 26262. Clause ‘Verification’ talks about verification planning and execution, also related to changes. References to the IATF 16949 can also be found in the above-mentioned clause, the following example shows: ‘the test equipment used for the verification of the product, which shall be controlled in accordance with the applied quality management system’.

Document Management

Another important topic in ISO 26262 is the document management. According to Part 8, documentation management is a well-established practice within the automotive industry and can be applied in accordance with a quality management system (e.g. IATF 16949). Duplication of information within a document, and between documents, should be avoided to aid maintainability. Here, the correct integration of ISO 26262 with the existing QMS like IATF 16949 is very important.

If we take a look on part 7 of ISO 26262, one of the objectives is “to develop and maintain a production process for safety-related elements or items that are intended to be installed in road vehicles”. This objective can be achieved by an organization’s compliance to IATF 16949. To fulfil the functional safety requirements, the compliance with safety-related special characteristics of products during their production is needed. These characteristics have to be identified during the development phases and integrated into document management. Examples of such safety-related special characteristics are specific process parameters (e.g. temperature range for reflow oven at soldering process of a printed circuit board) material characteristics, production tolerances etc. and have to be implemented into the production control plan.

The risk of an incorrect approach

For integration of ISO 26262 & IATF 16949 a definition of clear strategy is necessary. A “piece meal approach” which causes inefficiency and redundant work of different people or teams, should be avoided. An integrated approach that satisfy requirements of IATF and ISO 26262 is indispensable. Workflows should be integrated with IATF and ISO 26262 processes (APQP process, safety plan e.g. in one program). All sub-elements should be linked:  voice of the customer, DFMA with DVP&R & process flows, control plan, shop-floor manuals, process inspection sheets etc. Connection between design to shop floor documents is very important (e.g. via control plan).

At the very end of my blog series I want to point out some mistakes or wrong approaches which have occurred with integration of QMS like IATF 16949 in the past, and which still come up very often today during integration of ISO 26262 processes. Organisations built up quality departments such that they are solely responsible for quality. In the course of time organisations change their mindset and recognise that everybody in an organization is responsible for the quality. The same mistakes are often made in companies when building up functional safety teams who are given the responsibility for functional safety, but the key players in each functional safety project are the development engineers. In general, establishing multidisciplinary teams is a good approach here, as functional safety should not be a responsibility for only one business division.

I hope, I could bring you closer to this topic and give you some helpful tips how to integrate ISO 26262 & IATF 16949. If you still have some issues and need support during integration, Lorit Consultancy GmbH is looking forward to support you on your way! Feel free to contact us.

By Dijaz Maric, Quality Management & Reliability Engineering Consultant