How to define roles and responsibilities within an IATF 16949-based QMS

Implementing a Quality Management System (QMS) based on IATF 16949 is a joint effort – not only of the top management, but of all employees involved in the process. Any organization that has a QMS certified to IATF 16949 should be aware of the importance of allocation of employee roles and responsibilities to achieve the planned results of the system. This is one of the key elements that will have great effect on the success or failure of your QMS, and the amount of other work required to correct any non-conformities that are subsequently found.

What is the role of the top management?

As in any other management system standard, the effectiveness of the system relies heavily on the engagement of the top management. Clause 5.1.1 defines general requirements for top management to demonstrate their leadership, and these requirements are mostly derived from ISO 9001:2015, but there are additional requirements specific to IATF 16949:

  • The top management must primarily take accountability for the effectiveness of the QMS and understand that its success or failure depends on them.
  • Defining the Quality Policy and objectives is a task that cannot be fulfilled without engagement of the top management, as both the policy and the objectives must be aligned with the context and strategic direction of the organization. For more information, see: How to Write a Quality Policy Compliant with IATF 16949 and How to Write IATF 16949 Quality Objectives.
  • The QMS must be integrated with the business processes of the organization, and this is also a responsibility of the top management.
  • The provision of resources for QMS operation is also part of the top management responsibilities, as without the appropriate resources, the QMS cannot work.
  • Promoting the use of the process approach and risk-based thinking, along with communicating the importance of the effectiveness of the QMS and compliance with the requirements.
  • Engaging, directing, and supporting personnel to contribute to the effectiveness of the QMS, and supporting other management roles to demonstrate leadership in their areas of responsibility.
  • Defining the corporate responsibility policy, which needs to include an anti-bribery policy, the employees’ code of conduct, and an ethics escalation policy (whistle-blowing policy).
  • Identifying process owners who will be in charge of managing the processes and related outputs.
  • Conducting management reviews in order to assess the condition and performance of the QMS and define necessary actions for improvement.

Other roles within the QMS

In addition to the roles and responsibilities that the top management must take within the QMS, clause 5.3 defines other roles and responsibilities that the top management must assign to the mid-management and other employees within the organization:

  • Conformity of the QMS to the requirements of the standard – one or more persons in the organization needs to be responsible for the overall conformity to the standard.
  • Process effectiveness – the top management must assign responsibilities to ensure that the processes are delivering the intended outcomes; this is in close relation with the requirement to assign process owners.
  • Reporting on QMS performance – some person within the organization must be in charge of reporting to the top management on the performance of the QMS and opportunities for improvement.
  • Ensuring the QMS integrity during maintenance and changes in the system – this person will have to be responsible for ensuring that compliance with the standard and other requirements is preserved during maintenance or changes made to the QMS.
  • Compliance with customer requirements – considering the importance of the customer requirements in an IATF 16949-based QMS, it is no wonder that the standard requires the top management to assign responsibility for ensuring and documenting customer requirements.
  • Stopping the production and shipment in case of nonconformity – the top management must assign authority to relevant people to stop the production or prevent shipment of nonconforming products to the customers.
  • Responsibility for corrective actions – the persons with this authority must be informed about any nonconformity regarding products or processes, so they can prevent shipment of nonconforming or potentially nonconforming products to the customers.
  • Conformity to product requirements – the top management must ensure that all processes and shifts include adequate personnel who are in charge of the product’s conformity to the requirements.

Assigning the roles and responsibilities makes the QMS effective

The actual documentation of responsibilities within your QMS is as important as the planning and decisions that go into the process. Though there is no specific mention of “documented information” in terms of roles and responsibilities, the standard says that the organization should maintain documented information “determined as being necessary for QMS effectiveness.” Great care must be taken to ensure that, when delivered to an employee, roles and responsibilities are clearly defined, clearly measurable, have a clear definition of time periods relevant to the activities, and are aligned to the capabilities of the employee. When roles and responsibilities are documented so specifically, clear review and action periods can be set. The organization can then readily identify how much progress is being made, maintaining clarity in terms of the responsibility for delivery of activity important to the QMS. Ensure that your roles and responsibilities are correctly allocated, defined, and documented, and the business of ensuring continual improvement for your QMS will become much more achievable.

Use this free IATF 16949:2016 Implementation Diagram to learn the steps that require defining particular QMS roles.

Advisera Strahinja Stojanovic
Strahinja Stojanovic

Strahinja Stojanovic is certified as a lead auditor for the ISO 13485, ISO 9001, ISO 14001, and OHSAS 18001 standards by RABQSA. He participated in the implementation of these standards in more than 100 SMEs, through the creation of documentation and performing in-house training for maintaining management systems, internal audits, and management reviews.