1. I am working in creating something called “SAFETY PLAN”. This will allow me to make evidence of points below, which is not easy. In our two companies, it will be a challenge to proof we are facing this. I need some ideas:
a. Operational risk management
b. Product safety
c. Prevention of counterfeit parts
Having this in one document is certainly an acceptable way to address the requirements. Remember that the operational risk management is intended to track the risks that are present in your operations, and can include such risks as scheduling due to short delivery times, critical processes for the project, etc. This is very often taken to a project level when the company is project based.
As for product safety and prevention of counterfeit parts, it is helpful to look at the notes for each, as it may just be that these do not really apply to you. If you assess the safety hazards of your product and find there are none, then this is all you need to do. Likewise, if you train people on counterfeit awareness and only buy fr om original equipment manufacturers or their designated distributors then this may be all you need to do to address the risk of counterfeits. Make sure you match your controls for these against the actual risk of your product.
2. I cannot see much real difference between 8.1 and 8.1.1. any advice?
Clause 8.1 (operational planning and control) is about the controls you have in place for your processes to provide products and services. This could include acceptance criteria, process controls (such as control charts), or anything else you use to control your processes. On the other hand, Clause 8.1.1 (operational risk management) talks about having a risk management process in place for all risks associated with providing products and services. In companies that are project-based, this often talks about having a project risk register where you track the risks for finishing the project such as a tight timeline due to the short delivery date, or other risks that are not necessarily day-to-day in operations.
3. Why clause 18.104.22.168 says “verification” if there is FIA in the middle. This should be validation, right? Clause 22.214.171.124 is verification as long as it is design.
The use of the word verification in clause 126.96.36.199 is confusing because it does not talk about verification of the design, clause 188.8.131.52 is about Production Process Verification. You are correct that FAI would be a validation activity for the product, but it is used here as a verification activity for the processes to show that all processes can create a product that meets the design needs. As you have pointed out clause 184.108.40.206 is in the design section of the standard and applies to the design.
For a bit more understanding of the AS9100 Rev D clauses, check out the whitepaper, Clause-by-clause explanation of AS9100 Rev D, https://info.advisera.com/9100academy/free-download/clause-by-clause-explanation-of-as9100-rev-d
I have a question "an organization is AS9100 Rev D certified but organization has no production since one year from any customer then how can compliance of QMS can be interpreted? How internal audits be conducted? How KPI be translated ? What standard say that if an organization have no customer since long time then how QMS compliance be evaluated?
While AS9100 does not dictate how the QMS will be assessed and does not dictate how long customer production processes need to be functioning, it might b possible to assess if the processes are in place without this (although this is not easy nor preferable). It is also worth noting that AS9100 does not talk about KPIs either. In ISO 19011, the standard which gives guidance on how to audit ISO management systems, these guidelines identify three methods of collecting audit evidence; observation, interview, and review of records. So, it could be possible to verify through interviews and observation that the processes are in place and functioning even if the records do not exist because no customer production has taken place.
I am not suggesting this is preferable, nor will it be easily done, but it could be possible. As for certification auditors, I also do not know what their opinion would be on auditing a system that is not currently in use to meet customer requirements, so you would have to ask your certification body directly. The question I would ask is why are you maintaining a QMS that you are not using? If the company does not produce products for aerospace, then why are you certifying to AS9100?
You can read more on how ISO 19011 works in the article: