SIST EN 9104-002:2016

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.URJUDPLFHUWLILFLUDQMDAerospace series - Quality management systems - Part 002: Requirements for Oversight of Aerospace Quality Management System Registration/Certification Programs49.020Letala in vesoljska vozila na splošnoAircraft and space vehicles in general03.120.10Vodenje in zagotavljanje kakovostiQuality management and quality assurance03.100.70Sistemi vodenjaManagement systemsICS:Ta slovenski standard je istoveten z:EN 9104-002:2016SIST EN 9104-002:2016en,fr,de01-september-2016SIST EN 9104-002:2016SLOVENSKI
STANDARDSIST EN 9104-002:20081DGRPHãþD

EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 9104-002
June
t r s x ICS
r uä s t rä s râ
v {ä r t r Supersedes EN
{ s r væ r r tã t r r zEnglish Version
Aerospace series æ Quality management systems æ Part
r r tã Requirements for Oversight of Aerospace Quality Série aérospatiale æ Systèmes de management de la qualité æ Partie
r r tã Exigences relatives à la supervision des processus de certification des Systèmes de Management de la qualité dans le domaine aérospatial
Luftæ und Raumfahrt æ Qualitätsmanagementsysteme æ von Zertifizierungsverfahren für Qualitätsmanagementsysteme der Luftæ und RaumfahrtThis European Standard was approved by CEN on
s y December
t r s wä
egulations which stipulate the conditions for giving this European Standard the status of a national standard without any alterationä Upætoædate lists and bibliographical references concerning such national standards may be obtained on application to the CENæCENELEC Management Centre or to any CEN memberä
translation under the responsibility of a CEN member into its own language and notified to the CENæCENELEC Management Centre has the same status as the official versionsä
CEN members are the national standards bodies of Austriaá Belgiumá Bulgariaá Croatiaá Cyprusá Czech Republicá Denmarká Estoniaá Finlandá Former Yugoslav Republic of Macedoniaá Franceá Germanyá Greeceá Hungaryá Icelandá Irelandá Italyá Latviaá Lithuaniaá Luxembourgá Maltaá Netherlandsá Norwayá Polandá Portugalá Romaniaá Slovakiaá Sloveniaá Spainá Swedená Switzerlandá Turkey andUnited Kingdomä
EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre:
Avenue Marnix 17,
B-1000 Brussels
t r s x CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Membersä Refä Noä EN
{ s r væ r r tã t r s x ESIST EN 9104-002:2016

Appendices Page Appendix A
EN 9104-002 FORMS . 28 Appendix B
ACRONYM LOG . 91 Appendix C
INDUSTRY CONTROLLED OTHER PARTY (ICOP) PROCESS MODEL . 93
Tables Page Table 1 — Oversight assessment frequency summary . 17 Table 2 — Complaint resolution escalation examples . 26
EN 9104-001 – Requirements for Aviation, Space, and Defence Quality Management System Certification Programs;
EN 9104-002 – Requirements for Oversight of Aerospace Quality Management System Registration/Certification Programs; and
EN 9104-003 – Requirements for Aerospace Auditor Competency and Training Courses. This document is written to define a robust shared oversight process to ensure conformance to established aviation, space, and defence industry EN 9100-series accreditation/certification requirements. The purpose of this revision is to align with the respective EN 9104-001 and EN 9104-003 standards and incorporate lessons learned from past oversight activities. SIST EN 9104-002:2016

use of joint team assessments;
use of qualified and approved IAQG member Other Party (OP) assessors;
use of common assessment tools; and • reporting of oversight results. This document addresses the following activities: a) Establishment of standard oversight processes in all three global sectors (i.e., Europe, Asia Pacific, and the Americas). The management of these global sector schemes is referred to as SMS. b) Oversight of SMS, Certification Body Management Committees (CBMCs), Accreditation Bodies (ABs), Certification Bodies (CBs), Auditor Authentication Bodies (AABs), Training Provider Approval Bodies (TPABs), and training classes. SIST EN 9104-002:2016

ISO 9000:2005, Quality management systems — Fundamentals and vocabulary ISO/IEC 17000:2004, Conformity assessment — Vocabulary and general principles ISO/IEC 17011:2004, Conformity assessment — General requirements for accreditation bodies accrediting conformity assessment bodies
1) As developed under the auspice of the IAQG and published by various standards bodies [e.g., AeroSpace and Defence Industries Association – Standardization (ASD-STAN), SAE International, European Committee for Standardization (CEN), Japanese Standards Association (JSA)/Society of Japanese Aerospace Companies (SJAC), Brazilian Association for Technical Norms (ABNT)]. SIST EN 9104-002:2016

ISO 19011:2011, Guidelines for auditing management systems IAF ID 4:2012, IAF Informative Document — Market Surveillance Visits to Certified Organizations IAF MD 1:2007, IAF Mandatory Document for the Certification of Multiple Sites Based on Sampling IAF MD 2:2007, IAF Mandatory Document for the Transfer of Accredited Certification of Management Systems IAF MD 3:2008, IAF Mandatory Document for Advanced Surveillance and Recertification Procedures IAF MD 4:2008, IAF Mandatory Document for the Use of Computer Assisted Auditing Techniques (“CAAT”) for Accredited Certification of Management Systems IAF MD 5:2009, IAF Mandatory Document for Duration of QMS and EMS Audits IAF MD 10:2013, IAF Mandatory Document for Assessment of Certification Body Management of Competence in Accordance with ISO/IEC 17021:2011 IAF MD 11:2013, IAF Mandatory Document for the Application of ISO/IEC 17021 for Audits of Integrated Management Systems 3 Terms and definitions Definitions for general terms can be found in ISO 9000, ISO/IEC 17000, ISO 19011, EN 9104-001, and the IAQG International Dictionary (located on the IAQG website). An acronym log for this document is presented in Appendix B. For the purpose of this standard, the following definitions apply: 3.1 aerospace the business of design, manufacture, maintenance, distribution, or support of aviation, space, and defence vehicles or engines, accessories, or component parts; and all ancillary and allied businesses, including vehicle maintenance and parts distribution operations 3.2 appeal request by the provider of the object of conformity assessment to the conformity assessment body or AB for reconsideration by that body of a decision it has made relating to that object (see ISO/IEC 17000). An appeal can be lodged by any entity within the ICOP scheme. 3.3 assessment a systematic process to assess the competence of an AB or a conformity assessment body (e.g., AB, CB, AAB, TPAB), based on the assessment criteria (see ISO/IEC 17011) 3.4 audit a systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled SIST EN 9104-002:2016

EN 9104-series standards (i.e., EN 9104-001, EN 9104-002, EN 9104-003);
AQMS standards (i.e., EN 9100, EN 9110, EN 9120);
EN 9101; SIST EN 9104-002:2016

ISO/IEC 17011;
ISO/IEC 17021;
IAF mandatory documents (i.e., IAF MD 1, IAF MD 2, IAF MD 3, IAF MD 4, IAF MD 5, IAF MD 10, IAF MD 11); and
applicable IAQG sector SMS documents or procedures that apply. 5.3 Confidentiality and conflicts of interest 5.3.1 All IAQG OPMT, SMS, CBMC members, and OP assessors shall complete the appropriate declaration form (see Forms A and B) for confidentiality and conflicts of interest, prior to membership or assignment. The SMS shall retain copies of all completed forms. 5.3.2 These forms shall be provided to any assessed organization (e.g., AB, CB, AAB, TPAB, certified organization), upon request. 5.3.3 Auditors, that have an employment relationship with a CB, can be neither OP assessors nor voting members of any IAQG OPMT, SMS, or CBMC committees. 5.3.4 Certain data in the form of audit reports, nonconformities, checklists, or other company specific information, generated by the application of this standard, shall be handled as confidential (commonly referred to as proprietary or sensitive) between the parties generating, collecting, or using the data (see EN 9104-001 [section 19]). 5.3.5 OP assessors shall not disclose the assessed organization’s performance data with the assessed organization’s clients without written permission (e.g., AB performance to CB or CB performance to certified organization). 5.3.6 Conflicts of interest that shall prevent participation as an OP assessor in an oversight assessment activity shall include: a) Employment or engagement by a CB in any role, including participation in a CB’s committee for safeguarding impartiality, for any oversight activity. b) Employment or engagement by an AB in any role, including participation in an AB’s committee for safeguarding impartiality, for any AB oversight activity. c) Employment or engagement by an AB (i.e., technical advisor), during an industry shared oversight assessment. d) Employment or engagement in any role by an AAB, where the oversight activity is scheduled for an AAB, TPAB, or witnessing an auditor authenticated by the associated AAB. e) Auditor authentication or certification by an AAB, where the oversight activity is scheduled for the AAB that has authenticated or certificated the assigned OP assessor. f) Employment or engagement in any role by a TPAB, where the oversight activity is scheduled for a TPAB, TP, or AAB. g) Employment or engagement in any role by a TP, where the oversight activity is scheduled for a TPAB or TP. h) A contractual relationship between the OP assessor’s company and the assessed CB organization, where the OP assessor is directly involved in the relationship (e.g., direct interface with CB sales and SIST EN 9104-002:2016

documenting the application, review, disposition, and communication processes via an OPMT approved operating procedure;
communicating CSOC expectations to all ICOP approved ABs and CBs;
providing timely disposition of all complex structure review requests to the CB applicant and respective AB; and
maintaining metrics on CSOC performance and communicate lessons learned. 6.5 Sector management structure or certification body management committee 6.5.1 An SMS may be supported by a CBMC. A CBMC shall meet the requirements defined by the SMS and the applicable SMS requirements of this standard. NOTE A CBMC is a committee established by a NAIA to manage the application of a national or geographic implementation of the ICOP scheme based on the EN 9104-series standards (e.g., Austria, France, Germany, Italy, Spain, Switzerland, United Kingdom). 6.5.2 The SMS is responsible for managing EN 9104-series standards application in their respective global sector (i.e., Asia Pacific, Americas, and Europe). These responsibilities include the following: a) conducting oversight of CBMCs, ABs, CBs, AABs, and TPABs in accordance with this standard and the EN 9104-001 standard, and the witness of training courses, when deemed necessary; b) complaint resolution or elevation to the IAQG OPMT, in accordance with complaint resolution process defined in Section 9; SIST EN 9104-002:2016

OASIS X N/A Every two years a The minimum frequency may be adjusted based on the output from an IAQG OPMT SMS approved risk-based oversight process (e.g., increased witness audits or reduced annual office assessments). At a minimum, each CB shall have at least one annual office or witness oversight assessment.
7.2 Sector management structure risk-based oversight 7.2.1 An SMS or CBMC may choose to utilize a risk-based approach to shared oversight. This approach can be used to effectively utilize OP assessor resources, and determine the assessments to be conducted and the frequency of shared oversight. 7.2.2 This approach applies to SMS or CBMC shared oversight activities only; ABs may utilize this process to increase shared oversight levels. 7.2.3 If a risk-based approach is implemented by an SMS or CBMC, it may be applied to any entity subject to shared oversight. When an SMS or CBMC chooses to apply risk-based shared oversight, it shall be applied equally (e.g., all CBs in the sector). 7.2.4 If the SMS or CBMC decides to utilize a risk-based approach for shared oversight, the SMS shall develop and maintain a documented procedure, which defines the risk-based shared oversight process. The risk-based shared oversight process shall include, at a minimum, the following elements:
number of nonconformities (major/minor) issued to the entity by the SMS, CBMC, and respective AB;
number of complaints;
suspension activity;
OASIS metrics;
OASIS feedback;
number of accreditations, certificates, or approvals issued by the entity; and
auditor competency metrics. SIST EN 9104-002:2016

oversight requirements defined in this standard and the EN 9104-001 standard;
stakeholder recommendations;
complaints and past performance;
data analysis, if applicable; and
documented risk management process, if applicable. 7.3.4 The Oversight Chair has the responsibility to obtain translator support and request funding, when deemed necessary. Request for funding of translator services shall be submitted to the IAQG OPMT for approval, in advance of the assessment. 7.4 Shared oversight scheduling 7.4.1 All shared oversight assessments shall be scheduled with all affected parties, prior to conduct. Once the schedule has been established, any schedule changes shall be coordinated with all affected parties. NOTE Whenever possible, OP assessors should team with ABs to conduct joint team assessments. SIST EN 9104-002:2016
...