Revision A
National Aeronautics
And Space Administration
MEMORANDUM OF UNDERSTANDING
BETWEEN
NATIONAL AERONAUTICS AND SPACE ADMINISTRATION (NASA)
OFFICE OF SAFETY AND MISSION ASSURANCE (OSMA)
AND
PARTICIPATING NASA PRIME CONTRACTORS,
CALIFORNIA INSTITUTE OF TECHNOLOGY (CALTECH)/
JET PROPULSION LABORATORY (JPL), AND
THE JOHNS HOPKINS UNIVERSITY/APPLIED PHYSICS
LABORATORY (JHU-APL)
FOR OPERATION OF THE
NASA JOINT AUDIT PLANNING COMMITTEE
1
Revision A
REVISION HISTORY
Revision Paragraph Description
Letter
Number
MOU Created
A
1.a.(9)
Added a JAPC objective to provide continuous
improvement feedback to governmental and third
party quality organizations.
9.e
Deleted …calculating/posting supplier QLI and
performance metrics.
13.a
Added guidelines for identifying key suppliers to be
nominated for JAPC audits.
13.b
Supplier invitation letter modified to reflect further
benefits of the JAPC program, to define competitive
relationship, to indicate that audit results may be
shared with third party certification/accreditation
bodies, and to request that suppliers identify JAPC
member organizations with whom they compete.
13.c
13.d.(2)
13e
13e(3-6)
13e(9)
13e(11)
13f(2)
Date
1/1/07
9/9/08
Modified to require that suppliers declining JAPC
membership be notified by the lead JAPC organization
of their intention to perform a quality system audit, and
be provided a second invitation for the supplier to
become a JAPC supplier. Suppliers responding
affirmatively to the lead organization’s invitation are
consolidated onto a final JAPC supplier list.
Clarified criteria for identification of lead organization
on a voluntary basis.
Expanded to indicate audit team collaboration to arrive
at a final, agreed upon, audit date.
Removed previous paragraph13e – Identifying Joint
Audit Opportunities
Added lead organization responsibilities on team
make up and competency, and definition of
competitive relationship between member organization
and supplier.
Modified to reference different JAPC audit types (e.g.,
full QMS, limited scope QMS, process audit) and to
require limited scope QMS auditing for AS9100
certified suppliers unless quality data indicates that a
full scope audit is warranted.
Added criteria to use in determining size of audit
teams.
Changed to clarify coordination with supplier resident
government representatives.
Added instructions to ensure JAPC objectives are
communicated to the supplier during in-briefs.
2
Revision A
Revision
Letter
A
Paragraph
Number
13f(6)
Appendix A
Appendix B
Appendix C
Appendix D
REVISION HISTORY (CONTINUED)
Description
Modified to provide direction to communicate JAPC
neutral position on supplier approval, and to
reference the performance of follow-up
assessments to ensure effective corrective action.
Added the definition for Critical Process.
Added new Appendix B, High Risk Quality System
Elements.
Added additional Special Processes.
Added Non-Disclosure Agreement Form.
Removed Appendix D – Commodity Codes.
Removed Appendix E – Defect Codes.
Removed Appendix F – Quality Leading Indicators.
Date
9/9/08
3
Revision A
1.
PURPOSE
a.
b.
This Memorandum of Understanding (MOU) sets forth instructions for
operation of the NASA Joint Audit Planning Committee (JAPC). The
JAPC is a joint Government – Industry forum for the coordination and
conduct of supplier quality audits and management of resultant data.
JAPC objectives are:
(1)
Sharing of supplier quality audit data
(2)
Enhancing the capability to identify supplier risks and tailor quality
assurance actions
(3)
Reducing costs by combining auditing resources
(4)
Reporting Agency-wide quality metrics and trends
(5)
Standardizing supplier auditing practices
(6)
Sharing of best practices and lessons learned
(7)
Identifying and facilitating the resolution of common supplier quality
issues, problems, and risks
(8)
Eliminating duplicative audits and reducing supplier costs and work
interruptions related to customer audits
(9)
Providing continuous improvement feedback to third party, Industry
Controlled Other Party (ICOP), and Government programs which
serve to assess the conformance and/or effectiveness of supplier
quality management systems or quality system processes.
Examples include AS9100 Certification/Registration Bodies (CRB)
accredited in accordance with AS9014 and Nadcap special process
accreditation.
This MOU establishes requirements for:
(1)
Planning and scheduling audits
(2)
Conducting audits
(3)
Documenting and posting audit results
(4)
Reviewing/approving supplier responses
(5)
Closing audit findings
4
Revision A
(6)
2.
Analyzing and trending audit data
TITLE
Nonreimbursable Space Act agreement among members of the National
Aeronautics and Space Administration's (NASA) Joint Audit Planning Committee
(JAPC).
3.
AUTHORITY
This agreement is entered into pursuant to 42 U.S.C. 2473(c)(5) and (c)(6),
section 203(c) of the National Aeronautics and Space Act of 1958, as amended.
4.
5.
SCOPE/APPLICABILITY
a.
The terms of this MOU apply to NASA OSMA, participating NASA prime
contractors, CalTech JPL, and JHU-APL.
b.
This MOU applies to all NASA Programs and Projects.
c.
This MOU applies to joint audits only. Joint audits are defined as audits of
suppliers that are common to multiple JAPC members and who are
identified pursuant to section 13.a of this MOU.
d.
Joint audits apply to quality management system and special process
audits. Joint audits do not include program-specific product audits.
e.
Joint audits do not include audits of JAPC member organizations or NASA
prime contractors, including circumstances where a JAPC member
organization acts as a common supplier to other JAPC member
organizations.
f.
The sharing of supplier quality data applies to quality data generated
during the conduct of joint audits.
MEMBERSHIP
The JAPC is a voluntary organization comprised of representatives from NASA
Program/Project Offices, NASA Headquarters, NASA Centers, NASA prime
contractors, Defense Contract Management Agency (DCMA), Missile Defense
Agency (MDA), Cal Tech JPL, and JHU-APL.
The terms of this MOU do not apply to NASA Program/Project Offices, NASA
Centers, DCMA, or to MDA. Participation by these organizations is governed by
alternate agreements, understandings, and NASA direction.
5
Revision A
Membership may be voluntarily withdrawn at any time when requested by a
JAPC member, thereby terminating the terms of this MOU for the withdrawing
JAPC member organization. Continued membership is contingent upon abiding
by the requirements contained herein, as determined by the JAPC Chairman.
6.
REGULATORY GUIDANCE
This MOU implements general direction provided in Guidance on Federal
Conformity Assessment CFR, Part 287, which states that Federal agencies
should:
7.
a.
Coordinate its conformity assessment activities with those of other
appropriate Government agencies and with those of the private sector to
reduce unnecessary duplication (Sec 287.1(a)).
b.
Participate in efforts designed to improve coordination among
governmental and private sector conformity assessment activities (Sec
287.4(g)).
c.
Conduct joint supplier audits and share conformity assessment
information among agencies (Sec 287.4(h)).
d.
Use the results of private sector or other governmental conformity
assessment activities to schedule audits more effectively (allowing
agencies to reduce the number and extent of audits conducted at
companies which are performing in accordance with contract
specifications and which are under review by a third party or another
agency and to concentrate agency audit efforts on companies which have
shown problems in conforming to contract specifications) (Sec 287.4 (e)).
CONTRACTUAL EFFECTS
a.
The signing of this MOU and participation as a JAPC member
organization is voluntary. Abiding by the requirements contained herein,
although required for continued participation as a JAPC member, shall not
be construed as a performance requirement under NASA contracts. In the
event of an inconsistency between the terms and conditions of this MOU
and a JAPC member organization prime contract with NASA, the terms of
the NASA prime contract shall take precedence.
b.
Neither the signing of this MOU nor the participation as a JAPC member
organization shall be construed as changing the cost, scope, or schedule
requirements of NASA contracts.
6
Revision A
8.
c.
Neither the signing of this MOU nor participation as a JAPC member
organization shall be construed as altering the organization’s contractual
responsibility for delivery of conforming product.
d.
This MOU is not intended to preclude or constrain, in any way, individual
JAPC member organizations from performing non-joint supplier audits,
surveillance actions, or any other quality assurance actions considered
necessary to assure delivery of conforming product.
CONFIDENTIALITY
a.
JAPC member organizations: This MOU does not involve the sharing or
disclosing of JAPC member organization quality data. The posting and
sharing of quality data is limited to JAPC supplier data. The disclosure of
JAPC member organization data under the auspices of this MOU is
expressly prohibited.
b.
JAPC suppliers: JAPC audit data shall not be posted for review by other
JAPC member organizations until the supplier affirmatively states that the
data contained in the audit findings is factually accurate, and that the
findings do not contain trade secrets, confidential commercial or financial
data, or export controlled information.
JAPC member organizations shall appropriately protect supplier
information received under the auspices of this MOU, and shall not
disclose/release such information to any external party other than those
parties:
9.
(1)
Serving in a support capacity consistent with JAPC program
objectives;
(2)
Determined to have clear need of the supplier data in order to
perform their assigned JAPC/quality assurance support functions;
(3)
Who are not involved in the supply of hardware products; and
(4)
Who have entered into a relevant and binding nondisclosure
agreement with the JAPC member organization.
RESPONSIBILITIES
a.
Chairman – A designated NASA Headquarters, Office of Safety and
Mission Assurance, representative is the chairman. The chairman is
responsible for providing strategic direction, overseeing development and
accomplishment of JAPC objectives, ensuring effective management of
the JAPC, and arranging funding for JAPC administrative functions.
7
Revision A
10.
b.
Deputy Chairman – The Deputy Chairman is responsible for providing
direct support to the Chairman in performance of his/her duties, including
representing the chairman in his/her absence.
c.
Manager – The Manager is responsible for organizing and administering
JAPC activities, including facilitation of meetings.
d.
Audit Coordinator – The Audit Coordinator is responsible for managing,
tracking, and posting JAPC member audit schedules and audit
accomplishment and for ensuring member awareness of joint audit
opportunities.
e.
Supplier Assessment System (SAS) Coordinator – The SAS
Coordinator is responsible for posting JAPC audit results, providing
access/links to available sources of supplier quality data.
f.
Members – Members are appointed by JAPC participating organizations
as their authorized representative for executing the terms of this MOU.
Members are responsible for ensuring organization adherence to the
terms of this MOU, including attendance at JAPC meetings and submittal
of quality data.
REFERENCES/RELATED READING
These References/Related Readings are provided as background and for
guidance purposes only. Compliance with these References/Related Readings
is not required for JAPC participation. The inclusion of these References/Related
Readings in this MOU should not be construed to add to or alter, in any manner,
the terms and conditions of a JAPC member organization prime contract with
NASA.
a.
Guidance on Federal Conformity Assessment CFR, Part 287.
b.
NPD 1210.2, NASA Surveys, Audits, and Reviews Policy.
c.
NPD 2190.1, NASA Export Control Program.
d.
NPD 8730.2, NASA Parts Policy.
e.
NPD 8730.5, NASA Quality Assurance Program Policy.
f.
NPR 8735.2, Management of Government Quality Assurance Functions
for NASA Contracts.
g.
AS7003, Nadcap Program Requirements.
8
Revision A
11.
12.
h.
AS9003, Inspection and Test Quality System.
i.
AS9014, Americas Aerospace Quality Group (AAQG) Requirements for
Aerospace Quality Management System Certification/Registrations
Programs.
j.
AS9100, Quality Management Systems, Aerospace Requirements.
k.
AS9101, Aerospace Standard, Quality Management Systems
Assessment.
l.
AS9131, Quality Systems Non-Conformance Documentation.
m.
ISO 9000, Quality Management Systems, Fundamentals and Vocabulary.
n.
ISO 19011, Guidelines on Quality and/or Environmental Management
Systems Auditing.
o.
Joint Audit Planning Committee Web Site,
https://secureworkgroups.grc.nasa.gov/japc
p.
Quality Leadership Forum Web Site,
https://secureworkgroups.grc.nasa.gov/qlf
q.
Supplier Assessment System Web Site, http://sas.nasa.gov
r.
NASA Recommended Practices for Survey/Audit &
Assessment/Evaluation Web Site, http://eis.jpl.nasa.gov/qa/sarp
(This web site will be updated in the near future)
s.
Commercial and Government Entity (CAGE) Code,
https://www.bpn.gov/bincs/begin_search.asp
MEETINGS
a.
Telecon – Telecon meetings will be held every other month, or more
frequently as deemed necessary.
b.
Face-to-Face – Face-to-face meetings will be held twice a year, normally
in conjunction with NASA’s Quality Leadership Forum.
DEFINITIONS & ACRONYMS
Definitions and acronyms of standard Quality terms appearing in this document
are listed in Appendix A and International Standard ISO 9000.
9
Revision A
13.
JOINT AUDIT REQUIREMENTS
a.
Identifying Prospective JAPC Suppliers
Each JAPC member shall submit in December for the following calendar
year a list of key suppliers that they propose for inclusion in the JAPC
program. Key suppliers are suppliers which an organization desires
additional/heightened assurance than that provided by the QMS
certification and/or Nadcap accreditation processes. Considerations for
identification of key suppliers include:
-
importance/criticality of product
complexity of product
maturity of supplier and/or product/process
quality performance history
special processes not accredited by Nadcap
Suppliers that are proposed by multiple members shall be incorporated
into a consolidated list of prospective JAPC suppliers.
New suppliers, or previously used suppliers that have been inactive and
become active after the December cut-off date, may be added to the
consolidated list of JAPC suppliers at any time.
b.
Developing JAPC Supplier List
NASA shall notify suppliers identified on the consolidated list that they
have been identified as a potential NASA JAPC supplier and request the
supplier’s written concurrence. Following is sample text for a notification/
concurrence letter.
“(Supplier name) has been identified as a candidate supplier for
NASA’s Joint Audit Planning Committee (JAPC) Program. The
JAPC is a joint Government – Industry forum for coordinating and
integrating supplier quality audits in accordance with United States
Code of Federal Regulations (CFR), Part 287, Guidance on Federal
Conformity Assessment. The purpose of such Government –
Industry coordination is to “reduce unnecessary duplication” (see
CFR Sec 287.1(a)); to “reduce the number and/or extent of audits
conducted at companies which are performing in accordance with
contract specifications” (see CFR Sec 287.4 (e)); and to
standardize auditing methodologies. A further goal is to reduce
supplier costs and work interruptions related to customer audits.
[Note: Identification as a JAPC supplier does not preclude or
constrain JAPC member organizations from performing non-JAPC
10
Revision A
audits that they consider necessary to ensure delivery of
conforming product, nor does it provide suppliers guarantees
concerning a reduction in the number or extent of audits.]
JAPC suppliers are integrated into a “One-NASA” auditing program
where suppliers are audited by a designated JAPC member lead
organization, rather than being audited separately by multiple JAPC
member organizations. Member organizations include NASA
Headquarters, NASA Centers, other Governmental organizations,
and NASA prime contractors. JAPC audit teams may include
representatives from multiple JAPC member organizations.
Attached is a list of member organizations. The following JAPC
member organizations have stated their intention to perform a
quality system audit of your facility during the upcoming calendar
year: ________________.
JAPC audits are limited-in-scope quality management system
audits which focus on critical/high risk quality system elements, and
may include a review of special manufacturing processes. JAPC
audits are performed by leading experts able to provide insight to
enhance the effectiveness and conformance of a supplier’s quality
program.
Supplier audit results are released to JAPC member organizations
upon validation from the supplier that the data contained in the
audit findings is factually accurate and that the findings do not
contain trade secrets, confidential commercial or financial data, or
export controlled information. Audit results are withheld from JAPC
member organizations with whom the supplier routinely or
specifically competes for the same or similar work, whether such
work is awarded by a governmental organization or in commercial
trade (note: this access limitation does not apply to JAPC member
organizations that have a current open contract with the audited
supplier where such contract includes an access provision for the
conduct of quality assurance surveillance activities).
Audit results may also be released as continuous improvement
feedback to applicable quality management system and/or special
process certification/accreditation bodies.
Supplier audit results are protected to prevent access by non-JAPC
member organizations and JAPC member organizations are
prohibited from disclosing JAPC supplier information in accordance
with requirements contained within a formal NASA JAPC
Memorandum of Understanding.
11
Revision A
Audit results are used by member organizations for the purpose of
instituting quality assurance measures (e.g., receipt inspection) that
are tailored to the supplier’s quality history.
(Supplier name) is requested to provide written concurrence within
30 days concerning their desire to participate in the JAPC program
as explained above. (Supplier name) is further requested to
identify, where applicable, competitive JAPC member organizations
as described above.
Suppliers responding affirmatively to the notification/concurrence letter
shall be consolidated onto an initial JAPC supplier list. Suppliers declining
JAPC membership (or failing to respond) shall be notified by the lead
JAPC organization (see paragraph 13.c below) of their intention to perform
a quality system audit, and shall be provided a second invitation for the
supplier to become a JAPC supplier. Suppliers responding affirmatively to
the lead organization’s invitation shall be consolidated onto a final JAPC
supplier list.
c.
Identifying Lead Organization
A lead organization shall be identified for each JAPC supplier.
Identification shall be on a volunteer basis and as agreed upon by the
committee. Considerations for identification of the lead organization
include the volume, cost, and nature of procurement activity, geographic
proximity, and special JAPC member desires/considerations.
d.
Scheduling Audits
(1)
Lead organizations shall identify the quality system and special
processes that apply to their designated supplier’s manufacturing
operations by coordinating information with participating team
members. Special processes are identified in Appendix C.
(2)
Lead organizations shall propose audit months or dates for the
upcoming calendar year. The final date selected will be as agreed
upon by the lead organization and supporting member
organizations. The consolidated JAPC audit schedule shall be
made available in December of each year and shall include, as a
minimum: supplier name, street address, city, state, CAGE code,
audit type, program (i.e., applicable NASA contract number),
standard(s)/requirements/processes being audited and anticipated
timeframe.
(3)
The periodicity of on-site audits shall be once every three years, at
a minimum. More frequent audits or limited scope audits shall be
12
Revision A
conducted as deemed warranted by the JAPC lead organization
based on poor quality indicators (e.g., product nonconformities
identified during receipt inspection) or in order to validate the
effectiveness of supplier corrective actions. More frequent audits or
targeted/limited scope audits may also be chartered by the JAPC
chairman and performed under the auspices of NASA’s Contract
Assurance Services (NCAS) program.
For suppliers that become inactive, joint auditing shall be
discontinued. Auditing shall resume upon resumption of JAPC
member organization procurement activity.
(4)
e.
Updates to the annual audit listing shall be provided to the JAPC
Audit Coordinator on a monthly basis. The Audit Coordinator will
compile and post an up-to-date comprehensive audit listing.
Planning Audits
(1)
The lead organization shall assign a lead auditor. Lead auditors
shall meet the qualification requirements identified in Appendix D.
(2)
The lead organization shall contact the supplier and arrange for a
mutually acceptable audit date. The lead organization will notify the
JAPC Audit Coordinator of the audit date, who will then post the
audit date on the JAPC web site.
(3)
The lead organization is responsible for audit team make-up. Audit
teams are made up of persons internal to the lead organization and
persons from other JAPC member organizations that desire to
participate. Non-lead organizations desiring to participate on an
audit shall notify the lead auditor within thirty days of the scheduled
audit date. The lead organization may, at their discretion, restrict
participation to prevent the audit team size from placing an undue
burden on the supplier.
(4)
The lead organization shall assure that audit team members
possess required qualifications and competencies to provide full
and effective coverage of all attributes to be audited. Auditor
qualifications are identified in Appendix D.
(5)
JAPC member organizations shall not audit suppliers with whom
they routinely or specifically compete for the same or similar work,
whether such work is awarded by a governmental organization or in
commercial trade. The lead organization is responsible for
assuring that the supplier responded to the request for information
regarding their competitive relationship with JAPC member
13
Revision A
organizations and that prospective participating organizations were
not identified by the supplier as a competitor.
(6)
JAPC audits may be full quality system or special process audits, or
may be limited-in-scope audits that focus on specific high risk
requirements. High risk requirements are requirements that may
result in unacceptable consequences if not complied with, and/or
requirements which have an unsatisfactory history of compliance
based on industry trends or supplier performance history.
Appendix B provides a list of minimum quality system elements to
be included on JAPC audits. Limited-in-scope QMS audits shall be
conducted for suppliers that have been certified by AS9100
Certification/ Registration Bodies (CRB) accredited in accordance
with AS9014 unless supplier quality data indicates that full-scope
auditing is warranted.
(7)
The lead auditor shall develop a draft audit plan/checklist that
includes, as a minimum, the applicable requirements contained
within the applicable/invoked quality system standard (e.g.,
AS9100, AS9003, ISO 9001), and/or the special process attributes
for applicable special processes identified in Appendix C).
(8)
The audit plan may also include, as requested by JAPC member
organizations, special attributes related to other invoked quality
standards (e.g., ISO 10012, AS9103, ISO 10007), program-specific
requirements, or poor quality indicators.
(9)
The duration of JAPC audits and the size of JAPC audit teams shall
be commensurate with the number of audit attributes, the size of
the company, the range and complexity of supplier products, and
the scope of supplier work operations.
(10)
Participating joint auditors shall review the audit plan and provide
feedback to the lead organization at least two weeks prior to the
scheduled audit date.
(11)
Where applicable, the lead auditor shall contact and coordinate the
upcoming audit with resident offices/personnel (e.g., DCMA, NASA,
MDA, prime contractor) to obtain relevant information. Resident
personnel shall not serve as audit team members, however, are
encouraged to observe the audit proceedings at their discretion.
(12)
The lead auditor shall coordinate administrative information with the
supplier, for example:
(a)
Schedule
14
Revision A
f.
(b)
Supplier data necessary to perform the audit
(c)
Agenda
(d)
Audit entrance brief and exit meeting location
(e)
Supplier points of contact
Conducting Audits
(1)
The audit team shall conduct the audit per the plan developed by
the lead auditor in accordance with paragraphs 13.f (4), (5), and (6)
above.
(2)
During audit in-briefs, the goals and objectives of the JAPC
program, including the benefits of participating as a JAPC supplier,
shall be communicated to the supplier.
(3)
The auditors’ code of conduct shall be as specified in Appendix C.
(4)
Facility safety risks or violations observed during conduct of the
audit shall be immediately brought to the attention of supplier
management.
(5)
The supplier shall be notified of potential findings during daily exit
conferences. Findings impacting safety of personnel or
acceptability of delivered hardware shall immediately be
communicated to supplier management, customer management,
and NASA program management, as applicable.
(6)
During audit out-briefs, it shall be explained that:
(a)
The JAPC does not provide an approval status of the
supplier’s QMS or otherwise make decisions/
recommendations related to the disposition or shipment of
supplier product.
(b)
Based on the results of the audit, individual JAPC member
organizations may at their discretion take further contracting
or quality assurance actions that they consider necessary to
assure delivery of conforming product.
(c)
The JAPC may perform follow-up audits or other on-site
surveillance activities to assure effective accomplishment of
corrective actions.
15
Revision A
g.
Documentation of Audit Findings
(1)
The audit team shall use the audit forms from the lead auditor.
JAPC organizations are encouraged to use AS9131 data fields and
descriptions, as applicable.
(2)
Nonconformance findings shall be categorized as major or minor
based on criteria defined in Appendix A. Nonconformance findings
shall provide objective/factual statements that cite specific
contractual requirements and describe conditions observed that do
not conform to the cited requirement.
(3)
The lead auditor may submit audit findings categorized as
observations or commendations per Appendix A.
(4)
Whenever possible, auditors shall submit their findings the same
day that the investigation of the finding is completed. Findings shall
not be written subsequent to audit completion except in
circumstances where additional research of requirements is
required. Suppliers shall be notified of such circumstances and
provided details concerning the potential additional findings.
(5)
Audit team members shall validate with supplier personnel that the
information provided in the written audit findings is factually
accurate, and that the findings do not contain sensitive information
(i.e., trade secrets, confidential commercial or financial data, or
export controlled information)..
(6)
The lead auditor, with input from the audit team, shall review and
approve findings prior to incorporation into the final report.
(7)
The supplier shall be provided all written findings at the final exit
conference, including response due dates.
(8)
Upon completion of the audit, the lead auditor shall request supplier
management to sign a statement which provides concurrence that
the findings do not contain trade secrets, confidential commercial or
financial data, or export controlled information. Appendix E
provides the text for this statement. Circumstances where the
supplier does not concur with signing such a statement and which
cannot be resolved by the JAPC lead organization shall be referred
to the JAPC Chairman in order to reach a mutually satisfactory
resolution. If resolution cannot be reached, the lead JAPC member
organization is under no obligations per this MOU to release
information pertaining to the supplier audit finding(s) in question.
16
Revision A
(9)
h.
Supplier Responses and Review/Closure of Audit Findings
(1)
i.
The lead auditor is responsible for issuing the audit report and
providing the report to the JAPC Audit Coordinator and SAS
Coordinator within 15 calendar days of audit completion.
For nonconformance findings, suppliers shall be requested to
respond with the following information:
(a)
Corrective actions taken to replace, repair, or disposition all
nonconforming items.
(b)
The root cause(s) of the noncompliance.
(c)
The full scope/population of nonconforming items based on
the root cause(s).
(d)
Long term corrective actions taken/planned to address the
cause(s) and prevent recurrence of the nonconformance.
(e)
The timeline for completion of corrective actions.
(2)
The supplier shall be requested to respond with initial corrective
actions within 30 days and provide updates every 60 days
thereafter, unless otherwise specified within the lead organization’s
procurement contract.
(3)
The lead auditor is responsible for reviewing and accepting audit
responses (with input from audit team members, as necessary) and
tracking audit findings until closure.
(4)
JAPC members shall provide updates to the JAPC Audit Coordinator
every 60 days until notification of audit closure.
Posting Audit Results and Tracking Audits
(1)
Lead organizations shall submit audit reports to the JAPC Audit
Coordinator and SAS Coordinator within 15 calendar days of audit
completion.
(2)
The JAPC Audit Coordinator is responsible for providing overall
tracking of JAPC audits, including audit scheduling, conduct,
resolution, and closure. Scheduling and tracking information shall
be posted on the JAPC web site,
https://secureworkgroups.grc.nasa.gov/japc .
17
Revision A
(3)
14.
15.
The SAS Coordinator shall post JAPC audit reports on the SAS
website and make the reports available to JAPC member
organizations.
METRICS
a.
The JAPC Manager and SAS Coordinator are jointly responsible for
analyzing accumulated supplier quality data and for identifying/reporting
deficiency trends and problem areas.
b.
The JAPC Manager is responsible for monitoring, trending, and
periodically reporting achievement of JAPC objectives.
c.
The SAS Coordinator shall include on the SAS website links to other
sources of supplier quality data such as DCMA QLI, NAVSEA PDREP,
OASIS, Nadcap, GIDEP, ERAI and other federal agency databases.
FINANCIAL OBLIGATIONS
There will be no transfer of funds or other financial obligations in connection with
this agreement. As available, each party will fund its own participation in carrying
out the operations of the JAPC on a best effort, non interference basis.
16.
TERM OF AGREEMENT
This agreement becomes effective upon March 7, 2008, and shall remain in
effect for a period of five years after the effective date.
17.
RIGHT TO TERMINATE
Membership may be voluntarily withdrawn at any time upon submittal of a written
request to the JAPC Chairman, thereby terminating the terms of this MOU for the
withdrawing JAPC member organization.
The JAPC Chairman may disestablish the JAPC at any time, thereby terminating
the terms of this agreement for all parties.
18.
DISPUTES
The JAPC Chairman and applicable JAPC member(s) will attempt to resolve all
issues arising from the implementation of this agreement. If they are unable to
come to agreement on any issue, then the dispute will be referred to the NASA
Director for Safety and Assurance Requirements for joint resolution. If the
parties are unable to resolve the dispute, NASA’s Deputy Chief, Office of Safety
18
Revision A
and Mission Assurance, will issue a written decision which shall be a final
Agency decision for all purposes including judicial review.
19.
MODIFICATIONS
Any modification to this agreement shall be executed, in writing, and signed by
an authorized representative of each party. Any modification that creates an
additional commitment of NASA resources must be signed by the original NASA
signatory authority or successor, or a higher level NASA official possessing
original or delegated authority to make such a commitment.
20.
APPLICABLE LAW
U.S. Federal law governs this agreement for all purposes, including, but not
limited to, determining the validity of the agreement, the meaning of its
provisions, and the rights, obligations, and remedies of the parties.
21.
ANTI-DEFICIENCY ACT
All activities under or pursuant to this agreement are subject to the availability of
appropriated funds, and no provision shall be interpreted to require obligation of
or provision of funds in violation of the Anti-Deficiency Act, 31 U.S.C. 1341.
19
Revision A
20
Revision A
21
Revision A
23.
REVISION APPROVALS
Revision A:
22
Revision A
APPENDIX A
DEFINITIONS

Audit – Systematic, independent, and documented process for obtaining quality
evidence and evaluating it objectively to determine the extent to which requirements
are satisfied.
o Quality Management System – Management system to direct and control an
organization with regard to quality (ISO 9000:2000(E)).
o Special Process – A production process used in the establishment or assurance
of the product’s design configuration where the process has a significant
performance effect on the hardware (e.g., altering of chemical/mechanical
properties), assures conformance with essential design characteristics (e.g., nondestructive testing), and/or where the resulting product’s design conformance
cannot be readily or economically assured by inspection.
o Critical Process – Any process that if performed incorrectly or in violation of
prescribed requirements, could result in hardware failure that results in loss of
human life or serious injury/illness to the flight crew, ground crew, or general
public, or results in loss of mission, or loss of a significant mission resource
(valued at greater than $1M).
o Joint Audit – A supplier audit conducted by one or more JAPC member
organizations on behalf of multiple JAPC member organizations (note: the word
“joint” relates to the term “on behalf of,” not to the potential participation of
multiple JAPC member organizations during conduct of the audit).

Audit Finding – Results of the evaluation of the collected audit evidence against
audit criteria (ISO 9000:2000(E), 3.9.5).
o Nonconformity – The non-fulfillment of a requirement (ISO 9000:2000(E),
3.6.2).

Major Nonconformity – The absence of or total systemic breakdown of a
quality management system element specified in the applicable standard or
any nonconformances where the effect is judged to be detrimental to the
integrity of the product, processes, or service (SAE AIR5359, Rev. B), 3.12).

Minor Nonconformity – A single system failure or lapse in conformance with
a procedure relating to the applicable standard (SAE AIR5359, Rev. B), 3.13).
o Observation – An opportunity for improved quality system practices or
preventive actions (ISO 19011-2004).
o Commendation – A positive acknowledgement of quality system strength(s).
23
Revision A

Competence – Demonstrated personal attributes and demonstrated ability to apply
knowledge and skills (ISO 19011:2002, 3.14).

Corrective Action (C/A) – Action to eliminate the cause of a detected
nonconformity or other undesirable situation. Note 1: There can be more than one
cause per nonconformity. Note 2: Corrective action is taken to prevent recurrence
whereas preventive action is taken to prevent occurrence. Note 3: There is a
distinction between correction and corrective action (ISO 9000:2000(E)).
o Immediate Corrective Action – Immediate remedial actions taken concerning
the disposition of nonconforming product.

JAPC Supplier – A supplier providing product directly to a JAPC Member
Organization who has been nominated by a JAPC member organization and who
has agreed to be audited under the auspices of the JAPC program. JAPC member
organizations are excluded from this definition.

Objective Evidence – Data supporting the existence or verity of something. Note:
Objective evidence may be obtained through observation, measurement, test, or
other means (ISO 9000:2000(E)).

Preventive Action (P/A) – Action to eliminate the cause of potential nonconformity
or other undesirable potential situation. Note 1: There can be more than one cause
for a potential nonconformity. Note 2: Preventive action is taken to prevent
occurrence whereas corrective action is taken to prevent recurrence (ISO
9000:2000(E)).

Prime Contractors – Organizations under NASA contract direction that provide
completely integrated platforms (i.e., aircraft, spacecraft, etc.) or completely
integrated major systems to platforms.

Quality Leading Indicator (QLI) – A tool used to assess and identify a contractor’s
past quality performance and indicates risk.

Root Cause – A fundamental deficiency that results in a nonconformance and must
be corrected to prevent recurrence of the same or similar nonconformance (ISBN 087389-374-3, The Quality Audit Handbook, 1997 ASQC).

Scope – The total population of nonconforming items as determined by the root
cause(s) of the nonconformance.
24
Revision A
APPENDIX B
HIGH RISK QUALITY SYSTEM ELEMENTS
QUALITY MANAGEMENT SYSTEM
Control of outsourced processes
Configuration Management
4.1
4.3 / 7.5.3
PRODUCT REALIZATION
Identification and Inspection of Key Characteristics
Supplier Quality Management (Purchasing)
Process control
- Documentation of processes
- Control of key characteristics
- In process verification points
- Criteria for workmanship
Validation, Monitoring, and Measurement of Special Processes
Identification of Monitoring/Measurement Status
Traceability of Product to Records of Objective Quality Evidence
Preservation of Product / Work Environment
- Electrostatic Discharge
- Foreign Object Debris/Damage
- Cleanliness
7.3.3.9/ 7.5.1/ 8.1
7.4
7.5.1
7.5.2 / 8.2.3
7.5.3
7.5.3
7.5.5 / 6.4
7.5.1.i
MEASUREMENT, ANALYSIS AND IMPROVEMENT
Internal Audit
Monitoring, Measurement, and Control of Key Characteristics
Control of Nonconforming Product
Corrective Action
8.2.2
8.2.4
8.3
8.5.2
25
Revision A
APPENDIX C
SPECIAL PROCESSES
Bonding/Sealing Processes
Fuel Sealing
Pressure Sealing
Structural Bonding
Weather Sealing
Chemical Processes
Chemical Conversion**
Cleaning**
Clean Room
Etching**
Milling**
Plating**
Surface Treatment**
Stripping**
Mechanical Processes (Metals)
Annealing**
Brazing**
Casting
Forging
Handling, Packaging, & Transportation
Heat Treating**
Mechanical Joint Make-up
(e.g.,Torque)
Lifting & Hoisting
Rigging
Shot Peening**
Soldering
Thermal Processes
Welding**
Mechanical Processes (Plastics)
Annealing
Chemical Processing and Inspection Casting
Composite Manufacturing
Foaming
Solar Panel Fab
Foreign Object Debris (FOD) Control
Laminating
Electrical/Electronic Processes
Molding
Conformal Coating
Connector Potting/Molding
Material Testing**
Electrostatic Discharge (ESD)
Chemical Composition
Flexible Circuit Fabrication
Mechanical Properties
Handling, Packaging, & Transportation
Lead Forming
Nondestructive Testing
Printed Wiring Board Fabrication
Acoustic Emission
Soldering/Tinning
Alternating Current Field Measurement
Wire Stripping
Inspection System
Eddy Current
Finishing Processes
Laminography
Brushing
Liquid Penetrant
Curing
Magnetic Particle
Dipping
N-Ray (Radiography? NADCAP?)
Dry Film Lube
Radiography
Finishes and Coatings **
Support Testing
Spraying
Thermography
**Nadcap Accreditation available
Ultrasonic
26
Revision A
APPENDIX D
AUDITOR CODE OF CONDUCT
AND QUALIFICATIONS
1.
Confidence and reliance in the audit process depends on the competence of
those conducting the audit. This competence is based on positive personal
attributes reflecting NASA’s core value of integrity; knowledge and skills gained
through education and work experience; and the ability to apply knowledge and
skills to the auditing process.
2.
Personal Attributes for Auditors
3.
a.
Ethical (fair, truthful, sincere, honest, and discreet)
b.
Open-minded (willing to consider alternative points of view)
c.
Diplomatic (tactful in dealing with people)
d.
Observant (actively aware of surroundings and activities)
e.
Perceptive (instinctively aware and able to understand situations)
f.
Decisive (reaches timely conclusions based on logical reasoning)
g.
Self reliant (functions independently while interacting with others)
Auditor Qualifications
a.
JAPC member organizations are responsible for ensuring that auditors
and lead auditors possess proper knowledge, skills, and experience, as
applicable, in the following areas:
(1)
Auditing concepts, practices, and code of conduct.
(2)
Quality management terminology and principles, and their
application.
(3)
Quality management tools and their application (Statistical Process
Control, Flowcharts, Process Maps, etc.).
(4)
Subject matter expertise related to the processes, products,
practices, and quality management system being audited and the
technological context in which the audit is being conducted.
27
Revision A
Subject matter expertise may be attained by education, training,
and/or experience.
b.
Quality management system auditors and lead auditors shall be trained
and formally qualified by their respective JAPC member organization in
accordance with prescribed and documented qualification requirements.
Qualification shall include demonstrated competencies related to the
criteria identified in 3.a above. Successful completion of RABQSA
recognized and/or ASQ provided training courses may be used to
demonstrate knowledge of quality management system auditing
concepts/practices, ISO 9001 auditor/lead auditor requirements, and/or
AS9100 auditor/lead auditor requirements, as applicable.
28
Revision A
APPENDIX E
NASA Joint Audit Planning Committee
Non-Disclosure of Controlled and Sensitive Information
In accordance with NASA Joint Audit Planning Committee (JAPC) Memorandum of
Understanding (MOU) confidentiality requirements, JAPC audit data shall not be disclosed to
non-JAPC member organizations, and disclosure to JAPC member organizations shall not
contain trade secrets, confidential commercial or financial data, or export controlled information.
(Supplier Name) is hereby requested to concur by signature below that audit report ________,
with an audit completion date of _________, does not contain trade secrets, confidential
commercial or financial data, or export controlled information.
Supplier Name: _________________________________________________________
Supplier Management Representative: ______________________
Date: ____________
Lead JAPC Member Organization: __________________________
Lead Auditor: ______________________________
Date: ____________________
29