Guidelines For Failure Mode and Effects Analysis FMEA For Automotive Aerospace and General Manufacturing Industries 1st Edition Dyadem Press

Full download ebook at ebookgate.
com
Guidelines for Failure Mode and Effects

Analysis FMEA for Automotive Aerospace and
General Manufacturing Industries 1st Edition
Dyadem Press
https://ebookgate.com/product/guidelines-for-
failure-mode-and-effects-analysis-fmea-for-
automotive-aerospace-and-general-manufacturing-
industries-1st-edition-dyadem-press/
Download more ebook from https://ebookgate.com

More products digital (pdf, epub, mobi) instant
download maybe you interests ...
High Performance Coatings for Automotive and Aerospace

Industries 1st Edition Abdel Salam Hamdy Makhlouf
https://ebookgate.com/product/high-performance-coatings-for-
automotive-and-aerospace-industries-1st-edition-abdel-salam-
hamdy-makhlouf/
Labor Relations in the Aviation and Aerospace

Industries 1st Edition Robert W. Kaps
https://ebookgate.com/product/labor-relations-in-the-aviation-
and-aerospace-industries-1st-edition-robert-w-kaps/
Guidelines for Enabling Conditions and Conditional

Modifiers in Layer of Protection Analysis 1st Edition
Ccps
https://ebookgate.com/product/guidelines-for-enabling-conditions-
and-conditional-modifiers-in-layer-of-protection-analysis-1st-
edition-ccps/
Stop Motion Craft Skills for Model Animation Second

Edition Focal Press Visual Effects and Animation
Susannah Shaw
https://ebookgate.com/product/stop-motion-craft-skills-for-model-
animation-second-edition-focal-press-visual-effects-and-
animation-susannah-shaw/
ISTFA 2006 proceedings of the 32nd International
Symposium for Testing and Failure Analysis 1st Edition
Asm
https://ebookgate.com/product/istfa-2006-proceedings-of-the-32nd-
international-symposium-for-testing-and-failure-analysis-1st-
edition-asm/
Distributed Generation The Power Paradigm for the New

Millennium The CRC Press Series in Mechanical and
Aerospace Engineering 1st Edition Anne-Marie Borbely
https://ebookgate.com/product/distributed-generation-the-power-
paradigm-for-the-new-millennium-the-crc-press-series-in-
mechanical-and-aerospace-engineering-1st-edition-anne-marie-
borbely/
ISTFA 2009 proceedings from the 35th International

Symposium for Testing and Failure Analysis 1st Edition
Asm International
https://ebookgate.com/product/istfa-2009-proceedings-from-
the-35th-international-symposium-for-testing-and-failure-
analysis-1st-edition-asm-international/
Transfer Path Analysis Based on in Situ Measurements

for Automotive Applications 1st Edition Bernd Philippen
https://ebookgate.com/product/transfer-path-analysis-based-on-in-
situ-measurements-for-automotive-applications-1st-edition-bernd-
philippen/
Encyclopedia of Products Industries Manufacturing 1st

Edition Patricia J. Bungert
https://ebookgate.com/product/encyclopedia-of-products-
industries-manufacturing-1st-edition-patricia-j-bungert/
Guidelines for Failure Mode and
Effects Analysis for Automotive,
Aerospace and General
Manufacturing Industries
IMPORTANT! CAREFULLY READ THE FOLLOWING DISCLAIMER BEFORE
READING OR OTHERWISE USING THESE GUIDELINES. BY USING THESE
GUIDELINES, YOU, AS THE END USER, ACKNOWLEDGE THAT YOU HAVE
READ THIS DISCALIMER, UNDERSTAND AND ACCEPT ALL THE TERMS AND
CONDITIONS AND THAT YOU INTEND TO BE LEGALLY BOUND BY THEM. IF
YOU DO NOT AGREE WITH THE TERMS OF THIS DISCLAIMER, DO NOT READ
OR OTHERWISE USE THESE GUIDELINES AND RETURN IT WITH TO THE
PLACE OF PURCHASE WITHIN 15 DAYS OF DELIVERY FOR A FULL REFUND.
DISCLAIMER
The information and material here within has been prepared in part by Dyadem
Engineering Corporation (hitherto known as “DEC”) for the Dyadem Press (hitherto
known as “DP”) and CRC Press is intended, in good faith, to assist you with
identification of hazards and risk issues throughout a product’s life cycle as a part of the
quality system. It remains your responsibility to determine its application, specific
suitability and the manner in which such intended applications should be executed. It is
furthermore assumed that you or your appointed personnel or appointed representatives
shall be appropriately qualified for its interpretation and applicability. These guidelines
are solely to assist you in the methodologies and techniques here within presented and are
not to be relied upon or intended as a substitute for your own specific decision making
requirements, your own specific hazards and risk analyses requirements, including, but
not limited to, such techniques as, Failure Mode and Effects Analysis (FMEA), Design
FMEA, Process FMEA, Service FMEA, Application FMEA, Hardware FMEA, Software
FMEA, Failure Modes and Effects Criticality Analysis (FMECA), Hazard and
Operability Analysis (HAZOP), and Fault Tree Analysis, and so forth, or as a substitute
for professional advice associated with the aforementioned. These guidelines cannot and
do not replace a qualified engineering analysis, other professional analysis and advice in
the field of hazards identification, risk assessment, risk reduction, the management of
risk, Risk Management Planning (RMP), Advanced Quality Planning (AQP), Product
Quality Control Plans, Dynamic Control Plans, and so forth either in general or in part. It
is incumbent upon you to perform your own assessment and analysis and to obtain
professional advice. While every attempt has been made to present the material as
accurately as possible, it does not preclude the possibility of error, either factual,
typographical, contextual, interpretative, nor of you nor your personnel nor
representatives making interpretation(s) unintended by DEC, CRC Press or DP.
Furthermore, you are reminded that these guidelines are not intended to replace analyses
performed by qualified professional personnel. The entire risk as to the data or
information supplied, use, calculations, performance results and/or consequences of these
guidelines and risk analysis is with you. You assume full responsibility for compliance
with rules, regulations and statutes, and for environmental, quality control, quality
assurance liability, statutory or otherwise, risks, and risk assessments. You acknowledge
and understand that no regulatory body or association endorses or otherwise approves
these guidelines.
The examples presented as part of these guidelines do not contain information about
any specific known plant, process, company or individual. In addition, these guidelines
do not reflect the policies of any known specific company. The subject matter is
considered to be pertinent at the time of publication. However, it does not preclude the
possibility of partial or total invalidation that may result from later legislation,
methodologies, standards and so forth.
In particular, in relation to the subject matter contained within, you are reminded that
attempts to predict and guard against potential hazards can never be guaranteed, since
risk can never be totally eliminated, however diligent the efforts may be. Neither DEC,
DP nor Dyadem International Ltd. (hitherto known as “DIL”) shall be held liable for
special or consequential damages arising directly or indirectly from the use or misuse of
the information and material here within contained or referenced. In no event will DEC,
DP, CRC Press DIL, the distributors or agents be liable for any damages, howsoever
caused, including but not limited to, any lost profits or revenue, loss of market share, lost
savings, loss of use or lack of availability or corruption of facilities including without
limitation computer resources, information and stored data, indirect, special, incidental,
punitive, exemplary, aggravated, economic or consequential damages, adverse outcomes,
personal injury or death, contribution or indemnity, arising out of the use, or inability to
use these guidelines, or for claim by any other party, even if DEC, DP, CRC Press, DIL
or any of its lawful agents, distributors or employees have been advised of the possibility
of such damages or claim. In no case will DEC, DP, CRC Press, DIL distributors or
agents be liable in total, whether in contract, tort or otherwise and your exclusive remedy
shall be regardless of the number of claims, for no more than the amount paid by you for
these guidelines. Some jurisdictions do not allow the exclusion or limitation of implied
warranties or limitation of liability for incidental or consequential damages, so the above
limitation or exclusion may not apply to you. The foregoing paragraphs on warranty
disclaimer and limitations on liability shall survive any transfer of ownership or any form
of reallocation.
By using these guidelines you acknowledge and understand that any dispute that arises
shall be governed by and construed in accordance with the laws of Ontario and federal
laws of Canada applicable therein and shall be treated, in all respects, as an Ontario
contract. The Parties irrevocably submit to the non-exclusive jurisdiction of the courts of
Ontario. The Parties hereby expressly exclude the application of the United Nations
Convention on Contracts for the International Sale of Goods and the Sale of Goods Act
(Ontario) as amended, replaced or re-enacted from time to time.
COPYRIGHT: All applicable copyright laws governing United States, Canadian and
international copyright and intellectual property laws and treaties protect these
guidelines. You agree that these guidelines (except for any publicly available data
contained therein) are confidential to and rights to or embodied in this manual is owned
by the DP. DP retains all rights not expressly granted. Copyright © 2003 Dyadem Press
Guidelines for Failure Mode and Effects Analysis for Automotive, Aerospace and
General Manufacturing Industries
Copyright © 2003 by Dyadem Press
ISBN 0849319080
Co-Published and distributed by CRC Press
All rights reserved. No part of this book may be reproduced in any form or by any
means, electronic, mechanical, photocopying, recording, or otherwise, without the prior
written permission of the publisher.
For information, write to:
Dyadem Press, 9050 Yonge Street, Suite 401 Richmond Hill, Ontario Canada L4C
9S6
Phone: 905–882–5055 Fax: 905–882–5057
CRC PRESS
Boca Raton London New York Washington, D.C.
This edition published in the Taylor & Francis e-Library, 2005.
“To purchase your own copy of this or any of Taylor & Francis or
Routledge’s collection of thousands of eBooks please go to
http://www.ebookstore.tandf.co.uk/.”
Library of Congress Cataloging-in-Publication Data
Catalog record is available from the Library of Congress
This book contains information obtained from authentic and highly regarded sources. Reprinted
material is quoted with permission, and sources are indicated. A wide variety of references are
listed. Reasonable efforts have been made to publish reliable data and information, but the author
and the publisher cannot assume responsibility for the validity of all materials or for the
consequences of their use.
Neither this book nor any part may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying, microfilming, and recording, or by any
information storage or retrieval system, without prior permission in writing from the publisher.
The consent of CRC Press LLC does not extend to copying for general distribution, for promotion,
for creating new works, or for resale. Specific permission must be obtained in writing from CRC
Press LLC for such copying.
Direct all inquiries to CRC Press LLC 2000 N.W. Corporate Blvd., Boca Raton, Florida 33431.
Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and
are used only for identification and explanation, without intent to infringe.
Visit the CRC Press Web site at www.crcpress.com
© 2003 by CRC Press LLC
No claim to original U.S. Government works
ISBN 0-203-00968-1 Master e-book ISBN
International Standard Book Number 0-8493-1908-0 (Print Edition)

About Dyadem Engineering Corporation
Dyadem Engineering Corporation focuses on controlling the risks associated with major
hazards in the automotive, aerospace, process, medical device and general manufacturing
industries, delivering a wide spectrum of services in the fields of process design, risk
management, incident investigation and risk study facilitation.
We offer professional training services for Failure Mode and Effects Analysis, Process
Hazards Analysis, Job Safety Analysis and Ergonomics. Dyadem has also become a
respected publisher of engineering manuals. Our successful Guidelines series also
includes Guidelines for Failure Mode and Effects Analysis for Medical Devices and the
popular Guidelines for Process Hazards Analysis, Hazards Identification & Risk
Analysis.
Table of Contents
Glossary x
CHAPTER 1 Introduction 1
CHAPTER 2 General Manufacturing, Automotive and Aerospace Quality 4
System Standards
CHAPTER 3 Industry Specific Standards for Failure Mode & Effects 23
Analysis
CHAPTER 4 Risk Management Planning 30
CHAPTER 5 Risk Analysis Methodologies 33
CHAPTER 6 Overview of FMEA 37
CHAPTER 7 FMEA Procedures 41
CHAPTER 8 FMEA Team 52
CHAPTER 9 Common Tools Used with FMEA 54
CHAPTER Pitfalls with FMEA 59
10
CHAPTER Product Life Cycle & FMEA 61
11
CHAPTER Product/Design FMEA 67
12
CHAPTER Process FMEA 73
13
CHAPTER Machinery FMEA 79
14
CHAPTER Application FMEA 86
15
CHAPTER Service FMEA 92
16
CHAPTER Hardware and Software FMEA 99
17
CHAPTER Analysis of FMEA Results 102
18
CHAPTER Overview of Failure Mode, Effects and Criticality Analysis 104
19 (FMECA)
CHAPTER Post FMEA Study 111
20
CHAPTER FMEA in Advanced Quality Planning/Advanced Product 112
21 Quality Planning
CHAPTER Product Quality Control Plans and Dynamic Control Plans 118
22
References 129
Glossary
Acceptable Quality Level (AQL): For the purposes of sampling inspection, AQL is the
maximum percent defective that can be considered satisfactory as a process average.
Average Outgoing Quality Limit (AOQL): For a given sampling plan, it is the
maximum average quality of outgoing product after 100% screening of rejected lots.
Characteristics: Distinguishing features of a process or its output on which variables or
attributes data can be collected.
Control Plans: A description of the system for controlling parts and processes. It is
written by suppliers to address the important characteristics and engineering
requirements of the product.
Cpk (process capability per thousand): An index that considers both the process spread
and the proximity of the process spread to specifications limits.
Design Defect: An imperfection that causes a product to inadequately protect against
risks of injury, fail to perform intended functions safely, inadequately safeguard
against a specific danger, create unreasonably dangerous side effects, or fail to
minimize avoidable consequences in the event of an accident.
Design for Manufacturability (DFM)/Design for Assembly (DFA): A simultaneous
engineering process designed to optimize the relationship between design function,
manufacturability, and ease of assembly.
Design of Experiment (DOE): An experimental technique used to manipulate process
inputs in order to better understand their effects on process outputs.
Detection: The probability of the failure being detected before the impact of the effect is
realized.
Facilitator: An expert who ideally has no vested interest in the process under
investigation, but who has the knowledge and ability to guide the project leader and
the team through the various process improvement steps. The facilitator will work
with the client to identify the opportunity, develop a structure for the project, and
contract for the boundaries of the project and timing issues. He or she should be aware
of sources for information, expert advice and practical assistance.
Failure Mode: A symptom, condition or fashion in which hardware fails. A failure mode
might be identified as loss of function, premature function (function without demand),
an out-of-tolerance condition, or a simple physical characteristic such as a leak
observed during inspection.
Failure Modes and Effects Analysis (FMEA): A systematic, tabular method for
evaluating and documenting the causes and effects of known types of component
failures.
Failure Modes, Effects and Criticality Analysis (FMECA): A variation of FMEA that
includes a quantitative estimate of the significance of the consequences of a failure
mode.
Fault Tree: A logic model that graphically portrays the combinations of failures that can
lead to specific main failure or accident.
Hazard: Any situation with the potential for causing damage to life, property or the
environment.
Human Error: Any human action (or lack thereof) that exceeds some limit of
acceptability (i.e., an out-of-tolerance action) where the limits of human performance
are defined by the system. Human errors include actions by designers, operators or
managers that may contribute to or result in accidents.
Likelihood: A measure of the expected probability or frequency of an event’s
occurrence.
Manufacturing Defect: An imperfection that causes a product to fail to meet the
manufacturer’s own specifications. Manufacturing defects occur when the raw
materials or components used in making the product contain unacceptable flaws, or
there are assembly mistakes.
Original Equipment Manufacturer (OEM): Entity holding design rights to any
product. The OEM is not necessarily the manufacturer, designer or distributor of the
product.
Occurrence: The probability or frequency of the failure occurring.
Process Capability Index (CpK): A measure of both process dispersion and its
centering about the average.
Quality Function Deployment (QFD): A structured method in which customer
requirements are translated into appropriate technical requirements for each stage of
product, development and production.
Quality System: The organization, structure, responsibilities, procedures, processes and
resources for implementing quality management. It is a method of maintaining
consistent quality for producing products or providing services that consistently meet
or exceed the customer’s implied or stated needs.
Quantitative Risk Analysis: The systematic development of numerical estimates of the
expected frequency and/or consequence of potential accidents associated with a
facility or operation based on engineering evaluation and mathematical techniques.
Repeatability: Variation in measurements obtained with one gage when used several
times by one appraiser while measuring a characteristic on one part.
Reproducibility: Variation in the average of the measurements made by different
appraisers using the same gage when measuring a characteristic on one part.
Residual Risk: Risk remaining after protective measures have been taken.
Risk: A measure of the consequence of a hazard and the frequency with which it is likely
to occur.
Risk Analysis: Systematic use of available information to identify hazards and to
estimate the risk.
Risk Assessment: Overall process of risk analysis and risk evaluation.
Risk Evaluation: Judgment based on the risk analysis to determine whether the risk is
acceptable given the context and the current values of society.
Risk Management: The systematic application of management policies, procedures and
practices to the tasks of analyzing, assessing and controlling risk in order to protect
employees, the general public, the environment and company assets.
Safety: A judgment of the acceptability of risk. An activity is deemed as “safe” if its
risks are judged to be acceptable when compared with other common daily activities.
No activity is totally free from risk. Provided the activity is undertaken, risk can never
be totally eliminated. However, it can usually be reduced to acceptable levels with the
use of adequate safeguarding.
Statistical Process Control (SPC): Use of statistical techniques to analyze a process or
its output in order to take appropriate actions to achieve and maintain a state of
statistical control and to improve the capability of the process.
Value Engineering (VE): A planned, clean sheet approach to problem solving, focusing
on specific product design and process characteristics. Value engineering is employed
to maximize value prior to expenditures of facilities and tooling money.
CHAPTER 1
Introduction
Product quality planning and assessment are critical to assure that a product meets the
requirements of the customer and that it satisfies all safety and regulatory requirements.
One of the key elements to success is to manage and reduce risk effectively throughout
the product’s life cycle. This requires a delicate balance between risk, cost and
performance. Risk management provides the required decision framework centered on
understanding risks and evaluating their acceptability by weighting technical and
economic practicability against risk/benefits. It manages the residue risk, as risk cannot
be completely eliminated.
To reduce risk, it is essential to identify hazards, evaluate the associated potential
consequences and their likelihood, and then estimate the risk. A number of analysis
techniques, including top-down and bottom-up approaches, can be used. These
techniques include Failure Mode and Effects Analysis (FMEA), Hazard and Operability
Analysis (HAZOP) and Fault Tree Analysis (FTA).
These Guidelines focus on FMEA and its application throughout the product’s life
cycle. Other topics include regulatory requirements relating quality system analysis in the
automotive, aerospace and general manufacturing industries, risk management, Failure
Mode, Effects and Criticality Analysis (FMECA), Control Plans and Advanced Product
Quality Planning.
The following list describes the organization of the manual:
Chapter 2—Automotive, Aerospace and General Manufacturing Quality System

Standards
Quality system regulations and specifications associated with the automotive, aerospace
and general manufacturing industries are reviewed in this chapter for the purpose of
identifying the requirements for Failure Mode and Effects Analysis and Control Plans in
the Product Quality Cycle. The intent of this chapter is to provide the readers with a
general overview of the regulatory requirements related to the above-mentioned
industries in the United States and in Europe.
Chapter 3—Industry Specific Standards for Failure Mode and Effects Analysis
This chapter reviews the current industry-specific standards and technical specifications
that provide guidelines for performing FMEA.
Guidelines for failure mode and effects analysis 2
Chapter 4—Risk Management Planning

This chapter briefly describes the essence of risk management planning.
Chapter 5—Risk Analysis Methodologies

This chapter gives an overview of Hazard and Operability Analysis (HAZOP) and Fault
Tree Analysis (FTA), which are risk analysis techniques commonly used in the
automotive, aerospace and general manufacturing industries as alternatives to Failure
Mode and Effects Analysis.
Chapter 6—Overview of FMEA

This chapter is an introduction to Failure Mode and Effects Analysis (FMEA). It outlines
the objectives of FMEA, reasons and benefits of performing FMEA and the limitations of
the technique.
Chapter 7—FMEA Procedures

This chapter describes the basic terminology and process used in FMEA. In addition, the
procedures for setting up, conducting and following up FMEA are described.
Chapter 8—FMEA Team

This chapter describes the responsibilities of FMEA team members and the
facilitator/team leader.
Chapter 9—Common Tools Used with FMEA

This chapter gives an overview of tools commonly used with FMEA, including process
flowcharts, block diagrams and Pareto charts.
Chapter 10—Pitfalls with FMEA

This chapter describes some major pitfalls that can arise while conducting FMEA studies.
Chapter 11—Product Life Cycle & FMEA

This chapter outlines the application of FMEA at various stages in a product’s life cycle.
It also introduces the use of Control Plans as a tool to document the design and process
characteristics required for the manufacturing of an item/component or system.
Chapter 12—Product/Design FMEA

This chapter describes the objectives of Product/Design FMEA (D-FMEA),
recommended team members and recommended information to be included in the FMEA
worksheet. It also provides rating guidelines for severity, occurrence and detection.
Chapter 13—Process FMEA

This chapter describes the objectives of Process FMEA (P-FMEA), recommended team
members and recommended information to be included in the FMEA worksheet. It also
provides rating guidelines for severity, occurrence and detection.
Chapter 14—Machinery FMEA

Introduction 3
This chapter describes the objectives of Machinery FMEA (M-FMEA), recommended

team members and recommended information to be included in the FMEA worksheet. It
also provides rating guidelines for severity, occurrence and detection.
Chapter 15—Application FMEA

This chapter describes the objectives of Application FMEA (A-FMEA), recommended
team members and recommended information to be included in the FMEA worksheet. It
also provides rating guidelines for severity, occurrence and detection.
Chapter 16—Service FMEA

This chapter describes the objectives of Service FMEA (S-FMEA), recommended team
members and recommended information to be included in the FMEA worksheet. It also
provides rating guidelines for severity, occurrence and detection.
Chapter 17—Hardware and Software FMEA

This chapter provides an overview of Hardware and Software FMEA.
Chapter 18—Analysis of FMEA Results

This chapter provides a brief overview of Failure Mode Ratios, Failure Equivalence
Numbers and process variation indices.
Chapter 19—Overview of Failure Mode, Effects and Criticality Analysis (FMECA)

This chapter provides an overview of Failure Mode, Effects and Criticality Analysis
(FMECA), including the terminology and the worksheets used in the analysis for both
quantitative and qualitative approaches.
Chapter 20—Post FMEA Study

This chapter describes the required steps to be taken after the completion of the FMEA.
Chapter 21—FMEA in Advanced Quality Planning/Advanced Product Quality

Planning
This chapter provides a brief overview of Advanced Quality Planning (AQP) and
Advanced Product Quality Planning (APQP) and the use of FMEA in quality planning.
Chapter 22—Product Quality Control Plans and Dynamic Control Plans

This chapter provides an overview of Control Plans and Dynamic Control Plans and their
elements.
CHAPTER 2
General Manufacturing, Automotive and
Aerospace Quality System Standards
Quality system standards and specifications associated with the automotive, aerospace
and general manufacturing industries are reviewed in this chapter for the purpose of
identifying the requirements for Failure Mode and Effects Analysis and Control Plans in
the Product Quality Cycle. This chapter provides only a brief overview of each
document, and anyone who wants to fulfill the regulatory and industrial requirements
should obtain a copy of the respective documents from the International Organization for
Standardization (ISO), Society of Automotive Engineers (SAE) or other publishing
organizations in order to ensure that all documentation required for registration is
completed. As regulations and standards are periodically updated, it is the reader’s
responsibility to ensure the applicability of these documents.
General Manufacturing Industry
ISO 9000 Series

The ISO 9000 family of international quality management standards and guidelines has
earned a global reputation as the basis for establishing quality management systems. The
familiar three standards—ISO 9001, ISO 9002 and ISO 9003—have been integrated into
the new ISO 9001:2000. This new standard specifies requirements for a quality
management system for any organization that needs to demonstrate its ability to
consistently provide products that meet customer and applicable regulatory requirements
and aims to enhance customer satisfaction. The standard is used for
certification/registration and contractual purposes by organizations seeking recognition of
their quality management system.
The greatest value is obtained when the entire family of standards is used in an
integrated manner. In order to achieve a first level of performance, it is suggested that
ISO 9001:2000 be adopted, beginning with ISO 9000:2000. The practices described in
ISO 9004:2000 may then be implemented to make the quality management system
increasingly effective in achieving the business goals.
ISO 9001:2000 and ISO 9004:2000 have been formatted as a consistent pair of
standards to facilitate their use. Using the standards in this way will allow them to be
General manufacturing, automotive and aerospace quality system standards 5
related to other management systems (e.g. environmental) and many sector-specific

requirements (such as ISO/TS/16949 in the automotive industry), and it will help to gain
recognition through national awards programs.
The following table presents all the standards listed in the ISO 9000 series:
Table 2.1: List of standards in the ISO 9000
series
Standard Title Description
ISO 9000:2000, Quality management Establishes a starting point for understanding the
systems—Fundamentals and vocabulary standards and defines the fundamental terms and
definitions used in the ISO 9000 family so you
avoid misunderstandings in their use.
ISO 9001:2000, Quality management This is the requirement standard you use to assess
systems—Requirements your ability to meet customer and applicable
regulatory requirements and thereby address
customer satisfaction. It is now the only standard
in the ISO 9000 family against which third-party
certification can be carried.
ISO 9004:2000, Quality management This guideline standard provides guidance for
systems—Guidelines for performance continual improvement of your quality
improvements management system to benefit all parties through
sustained customer satisfaction.
ISO 19011, Guidelines on Quality and/or Provides you with guidelines for verifying the
Environmental Management Systems Auditing system’s ability to achieve defined quality
(currently under development) objectives. You can use this standard internally or
for auditing your suppliers.
ISO 10005:1995, Quality management Provides guidelines to assist in the preparation,
Guidelines for quality plans review, acceptance and revision of quality plans.
ISO 10006:1997, Quality management Guidelines to help you ensure the quality of both
Guidelines to quality in project management the project processes and the project products.
Standard Title Description

ISO 10007:1995, Quality management— Gives you guidelines to ensure that a complex
Guidelines for configuration management product continues to function when components
are changed individually.
ISO/DIS 10012, Quality assurance Give you guidelines on the main features of a
requirements for measuring equipment—Part calibration system to ensure that measurements are
1: Metrological confirmation system for made with the intended accuracy.
measuring equipment
ISO 10012–2:1997, Quality assurance for Provides supplementary guidance on the
measuring equipment—Part 2: Guidelines for application of statistical process control when this
control of measurement of processes is appropriate for achieving the objectives of Part
1.
ISO 10013:1995, Guidelines for developing Provides guidelines for the development and
quality manuals maintenance of quality manuals tailored to your

specific needs.
ISO/TR 10014:1998, Guidelines for managing Provides guidance on how to achieve economic
the economics of quality benefits from the application of quality
management.
ISO 10015:1999, Quality management Provides guidance on the development,
Guidelines for training implementation, maintenance and improvement of
strategies and systems for training that affects the
quality of products.
ISO/TS 16949:1999, Quality systems— Sector-specific guidance to the application of ISO
Automotive Suppliers—Particular 9001 in the automotive industry.
requirements for the Application of ISO
9001:1994
Automotive Industry
a. Quality System Requirements—QS 9000:1998

Quality System Requirements, QS-9000 was developed by the Chrysler/Ford/General
Motors Supplier Quality Requirements Task Force. This system was developed to
standardize the reporting formats, technical nomenclature and reference manuals. QS-
9000 is a harmonization of Chrysler’s Supplier Quality Assurance Manual, Ford’s Q-101
Quality System Standard and General Motors’ NAO targets for Excellence.
QS-9000 is structured according to ISO 9001:1994 Section 4 and includes automotive
specific requirements to the general ISO requirements for a supplier’s quality system.
QS-9000 applies to the following:
Internal and external supplier sites of—
a. Production materials;
b. Production or service parts;
c. Heat treating, painting, plating or other finishing services directly to OEM customers
subscribing to QS-9000.
Providers of—
a. Semiconductors in conjunction with the Semiconductor Supplement issued by
Chrysler, Ford and Delco Electronics;
b. Tooling and equipment in conjunction with the Tooling and Equipment (TE)
Supplement issued by the Big Three (Chrysler/Ford/General Motors).
Proof of conformance to QS-9000 is certification/registration by an accredited third party,
such as Underwriter’s Laboratories (UL) or the American Bureau of Shipping (ABS).
Companies that become registered under QS-9000 will be considered to have higher
standards and better-quality products.
QS-9000 has the following two sections:
Section 1: contains ISO-based Requirements (section 4 of ISO 9000:1994).
Section 2: contains customer-specific requirements (Ford, Chrysler, GM and OEM

specific requirements).
QS-9000 is sometimes seen as being identical to ISO 9000, but this is not true. Even
though each element of ISO 9000 is an element of QS-9000, QS-9000 adds clauses to the
majority of the ISO 9000 elements. For example, QS-9000 adds requirements for a
business plan, tracking customer satisfaction and bench marking to element 4.1 of ISO
9000, Management Responsibility. QS-9000 also uses sector-specific requirements.
The following requirements are not based on ISO 9000:
• Production part approval process;
• The requirements for gaining approval from the customer to run a new or altered part or
process;
• Continuous improvement;
• Automotive suppliers are required to have systems in place to ensure that organized,
measurable improvement activities take place for a variety for business aspects;
• Ensure sufficient manufacturing capabilities;
• Requirements for planning and effectiveness for equipment, facilities and processes;
• Requirements for mistake proofing and tooling management.
Section I—ISO 9000-based requirements include the following

elements as per ISO 9000:1994 section 4
4.1 Management Responsibility

• This element and its sub-elements require the company to define and document the
objectives for quality and its commitment to quality;
• A clear structure of responsibility and authority levels should be established to meet the
quality requirements;
• A management review should be conducted to ensure that the quality system
requirements are met continuously;
• The supplier should maintain a well-documented business plan, although this document
is not subject to third party audit;
• The supplier should document trends in quality, productivity, efficiency, effectiveness,
and cost of poor quality and periodically compare with those of competitors;
• A well-documented process should be maintained to determine customer satisfaction.
4.2 Quality System

• A quality system should be established and maintained to ensure the conformity of the
product to specified requirements. Quality planning is key to the establishment of a
good quality system. Preparation of quality plans, as per 4.2.3, include the following:
Identification and acquisition of controls, processes, equipment, fixtures, resources
and skills for the required quality;
Ensuring the capability of the design, the production process, installation, servicing,
inspection and test procedures;
Updating of quality control, inspection and testing techniques as required;

Identification of measurement requirements for the needed capability;
Identification of suitable verification at appropriate stages;
Clarification of standards of acceptability;
Identification and preparation of quality records.
• Advanced Product Quality Planning (APQP) should be established and implemented.
The APQP should include these elements:
Development/finalization of special characteristics (this could be identified from the
dimensional, material, appearance, performance product characteristic categories);
Feasibility reviews to ensure the capability of producing the proposed products;
Product Safety should be considered in the design control/process control policies;
Development and review of FMEAs:
▪ Process FMEA should consider all special characteristics. Methods for defect
prevention should be encouraged instead of defect detection;
▪ Establishment of actions to reduce the potential failure modes with high risk
priority numbers.
Mistake-proofing methods should be established;
Development/review of Control Plans:
▪ Control Plans should be developed at the system, subsystem and component or
material level;
▪ Control Plans should be established for the Prototype, Pre-launch and
Production phases of the product. The output of APQP is the Control Plan.
Control Plans are reviewed and updated when any of the following happens:
▪ Change in product;
▪ Change in process;
▪ Increased variance in the process (highly unstable);
▪ Processes become non-capable;
▪ Inspection, method, frequency, etc. is revised.
Product Part Approval should be established as required by the Product Part
Approval Process (PPAP) documentation released by the Automotive industry;
Efforts should be taken/established/defined for the continuous improvement of
product quality;
The following techniques could be used for the continuous improvement of the
product:
▪ Control charts;
▪ Design of experiments;
▪ Theory of constraints;
▪ Overall equipment effectiveness;
▪ Parts-per-million analysis;
▪ Value analysis;
▪ Benchmarking;
▪ Analysis of motion/ergonomics;
▪ Mistake proofing.
Documentation should be established to ensure the effectiveness of facilities,
equipment, tooling and process planning.
4.3 Contract Review

Procedures should be established and documented for the selection of suppliers, award of
contracts, etc.
4.4 Design Control

This element applies to suppliers who are responsible for the design of a new product or
who have the authority to change/modify an existing product design.
A plan for each design and development activity should be established.
Design Input requirements relating to the product, including applicable statutory and
regulatory requirements, should be identified and documented.
Design Output should be verified, validated and documented. As per the Design
Output—Supplemental—4.4.5.1 of this document, the supplier’s design output shall be
the result of a process that includes:
• Efforts to simplify, optimize, innovate, and reduce waste (e.g. QFD, DFM/DFA, VE,
DOE, Tolerance studies, response methodology, or appropriate alternatives);
• Utilization of geometric dimensioning and tolerancing, as applicable;
• Analysis of cost/performance/risk trade-offs;
• Use of feedback from testing, production and field;
• Use of design FMEAs.
Reviews of design results should be conducted and documented at appropriate stages.
Design changes should be documented and approved before implementation.
4.5 Document and Data Control

As per Document and Data Control Element 4.5.1, the Supplier shall establish and
maintain documented procedures to control all documents and data that relate to the
requirements of ISO 9000 including, to the extent applicable, documents of external
origin such as standards and customer drawings.
Examples of appropriate documents include:
▪ Engineering drawings;
▪ Engineering standards;
▪ Math (CAD) data;
▪ Inspection instructions;
▪ Test procedures;
▪ Work instructions;
▪ Operation sheets;
▪ Quality manual;
▪ Operational procedures;
▪ Quality assurance procedures;
▪ Material specifications.
Engineering Specifications—4.5.2.1 requires the supplier to establish a procedure to
assure timely review (e.g. business “days” not weeks or months), distribution and
implementation of all customer engineering standards/specifications and changes.
The supplier shall maintain a record of the date on which each change is implemented
in production. A change in the engineering specification should require updated
Production Part Approval Process (PPAP) documents i.e. FMEAs, Control Plans, etc.,
when these specifications are referenced on the design record.
4.6 Purchasing
The supplier should establish and maintain documented procedures to ensure that the
purchased product for ongoing production conforms to specified requirements, including
Government, Safety and Environmental regulations (4.6.1.1 & 4.6.1.2).
Requirements for the selection of contractors and subcontractors should be defined
and documented.
The supplier shall perform subcontractor quality system development with the goal of
subcontractor compliance to QS-9000 using Section I of QS-9000 as their fundamental
quality system requirement.
Required product identification information for the purchased products and the
verification methods should be defined and documented.
4.7 Control of Customer Supplied Product

Procedures for the control of verification, storage and maintenance of a customer
supplied product should be established and documented.
4.8 Product Identification and Traceability

Procedures should be established to identify the product from production, delivery,
installation and storage stages.
4.9 Process Control

Production, installation and servicing processes that would adversely affect the quality of
the product should be identified, planned and carried out under the following controlled
conditions:
▪ Stepwise documentation for production, installation and servicing and the impact of
these procedures on product quality;
▪ Use of suitable equipment and working environment;
▪ Identification and documentation of contingency plans in case of emergency;
▪ Compliance with reference, standards/codes and quality plans;
▪ Process parameters and product characteristics, especially defined special

characteristics, which would affect the product’s safety, compliance with government
regulations, fit, function, appearance or quality of subsequent operations should be
monitored;
▪ Routine for approval of processes and equipment;
▪ Documented criteria for workmanship;
▪ Documentation for suitable maintenance/preventive maintenance for equipment.
Each employee responsible for the operation and monitoring of the process should have
documented operator instructions. The instructions can be included in any of the
following documents:
▪ Process sheets;
▪ Inspection and laboratory test instructions;
▪ Test procedures;
▪ Standard operation sheets.
Process control should be maintained by ensuring process capability or performance as
approved via PPAP. When product data indicate a high degree of capability, the Control
Plan should be revised. Process changes should be documented and maintained.
4.10 Inspection and Testing

Procedures for inspection and testing activities to verify that the requirements for the
product are met should be established, documented and maintained.
Procedures should be established to ensure that the incoming product is inspected and
tested before it is used in the production. Procedures should be established as required by
the quality plan i.e. Control Plans and/or other documented procedures to inspect the
manufactured product, and the test results should be recorded and maintained.
4.11 Control of Inspection, Measuring and Test Equipment

Procedures should be established for the calibration, inspection and control of the test
equipment used to demonstrate the conformance of the product to the specified
requirements, and the records should be maintained. Appropriate Statistical Analysis
tools should be used to evaluate the variation in the measurement analysis.
4.12 Inspection and Test Status

Based on the inspection and test status, the conformance/nonconformance of the product
should be documented. This should be conducted as defined in the Quality Plan (Control
Plan) throughout production, installation and servicing of the product to ensure that
products that meet the conformance are released to the customer.
4.13 Control of Nonconforming Product

Procedures should be established and maintained for the identification, documentation,
evaluation, segregation and disposition of products that do not conform to specified
requirements.
4.14 Corrective and Preventive Action

Required procedures for corrective action implementation (as per 4.14.2):
▪ Effective handling of customer complaints and product nonconformities reports;
▪ Investigation and recording of the cause of nonconformitites;
▪ Required corrective action and the application of controls to eliminate the cause of
nonconformities.
Required procedures for preventive action implementation (as per 4.14.3):
▪ Appropriate sources of information (processes/operations that affect product quality,
concessions, audit results, quality records, service reports and customer complaints) to
detect, analyze and eliminate potential causes of nonconformities;
▪ Identification of problems requiring preventive action;
▪ Initiation of preventive action and application of controls. This is to ensure the
preventive action is effective;
▪ Information on actions taken is submitted for management review.
4.15 Handling, Storage, Packaging, Preservation and Delivery

Procedures should be established for the handling, storage, packaging, preservation and
delivery of products. These procedures should include:
▪ Methods of handling the product;
▪ Storage conditions;
▪ Packaging standards;
▪ Labeling systems;
▪ Delivery performance monitoring;
▪ Electronic communication and shipment notification system.
4.16 Control of Quality Records

Procedures should be established and documented for the identification, collection,
indexing, access, filing, storage, maintenance and disposition of quality records.
Quality performance records—i.e., control charts, inspection and test results—should
be retained for a minimum of one calendar year after the year in which they were created.
Records of internal quality system audits and management review should be retained
for a minimum of three years.
4.17 Internal Quality Audits

Procedures should be established for the implementation of quality audits to verify the
effectiveness of the quality system.
4.18 Training
Procedures should be established for conducting the training of all personnel. Training
records should be maintained and the effectiveness of the training program should be
reviewed periodically.
4.19 Servicing
When servicing of the product is a requirement, procedures should be established
defining the specifications for servicing and verifying that specified requirements are
met.
4.20 Statistical Techniques

Statistical tools should be identified during product quality planning and must be
included in the Control Plan.
Section II—Customer-Specific Requirements
Chrysler-Specific Requirements
• Production and part suppliers to Chrysler should be QS-9000 registered;
• Products should be developed based on Product Assurance Planning (PAP) method or
APQP and Control Plan;
• Significant characteristics should be identified and Special Characteristics should be
identified by the symbols specified by Chrysler;
• An annual layout inspection to ensure continuous conformance to all Chrysler
requirements should be conducted;
• Product Verification/Design Validation should be performed based on Chrysler’s
specification;
• Internal Quality Audits should be conducted at least once per year.
The Corrective Action Plan should include the following:
• Description of the nonconformance;
• Definition/root cause;
• Interim action and effective date;
• Permanent action and effective date;
• Verification;
• Control;
• Prevention;
• Approval of appearance masters, process approval, packaging, shipping and labeling

should be performed according to Chrysler specifications.
Ford-Specific Requirements
• Suppliers to Ford are not required to have third party registration, except for Ford
Australia’s unique suppliers, who should have third party registration;
• Control Item parts that have critical characteristics that may affect the safe operation of
the vehicle and/or compliance with government regulations are required to have
Control Plans and FMEAs approved by Ford’s design and quality engineers;
• All product characteristics are required to be measured annually to demonstrate
conformance to specified requirements;
• Setup verification is required for all critical and significant characteristics;
• Lot traceability and Material Analysis for heat-treated and non-heat-treated parts should
be included in the Control Plan for control items. And those who provide heat treating
should comply with Ford’s requirements (W-HTX, WSS-M99A3-A);
• Process changes and design changes for supplier-responsible designs require Ford’s
approval if specified in the design record;
• Corrective action should be taken if engineering specification does not confirm design
intent;
• Ford’s Quality Operating System methodology should be implemented;
• APQP guidelines should be used.
GM-Specific Requirements
QS-9000 applies to all contracted GM suppliers. GM suppliers should refer to the forms
noted in QS-9000 to address the requirements that are applicable to them.
Other OEM-Specific Requirements

Suppliers to Mack Trucks Inc., Navistar International Transportation Corp., PACCAR
Inc., Volvo Truck North America, Mitsubishi Motors—Australia and Toyota Australia
require QS-9000 registration and additional supplier quality requirements.
b. ISO/TS 16949:1999—Quality Systems—Automotive Suppliers—

Particular Requirements for the Application of ISO 9001:1994
TS 16949 is a new sector-specific automotive standard for the application of ISO
9001:1994. TS 16949 is a standard that has support from automotive groups from around
the world. The concept is to have a single standard that all automotive suppliers can
implement, and it is recognized in the U.S., Europe, Asia, Mexico, etc. Currently, a
company doing business in different parts of the world with different auto manufacturers
has to get certified to the local standard.
This technical specification is applicable to production and service part supplier and
subcontractor “sites” providing:
a. Parts or materials, or
b. Heat treating, painting, plating or other finishing services, or
c. Other customer-specified products.
The International Automotive Task Force (IATF) has been working with the ISO
community on updating ISO/TS 16949 to align it with ISO 9001:2000. The expectation is
that, sometime in 2002, the new ISO/TS 16949 will be released for use by automotive
suppliers around the world. How APQP, PPAP and the other AIAG reference manuals
will figure into the new ISO/TS 16949 is still not clear, although Ford has just announced
in its new Q1–2002 program that its suppliers must be registered to either QS-9000 or
ISO/TS 16949 and to ISO 14001 (Environmental management system—specification
with guidance for use)
c. QS 9000 vs. ISO/TS 16949

ISO/TS 16949 harmonizes the supplier quality requirements of the U.S. Big Three (QS-
9000, Third Edition) and French, German and Italian automakers. Of the European
requirements, perhaps the most familiar in the United States is the German VDA 6.1, to
which Volkswagen has required North American suppliers to its Mexican operations to
be registered. The goal was to create a single document and a single third-party
registration that the European automakers and the U.S. Big Three would accept.
Each company considering registration to ISO/TS 16949 should obtain the document
as quickly as possible, because a close reading of ISO/TS 16949 will be necessary to
determine the extent of needed revisions. However, the following element-by-element
summary explains the direction and extent of the changes.
4.1—Management responsibility:
• A number of additions to this element are clearly intended to focus suppliers’ attention
on continuous quality improvement;
• Suppliers must establish goals, objectives and measurements to develop their quality
policies;
• Continuous improvement in quality, service, cost and technology must be covered in the
quality policy;
• Quality-responsible personnel’s authority to stop production is no longer a “note” or
suggestion, as in QS-9000, but a requirement;
• All production shifts must be staffed with personnel responsible for quality;
• The management review requirement is expanded to include the “performance (of the
QMS) over time as an essential part of the continuous improvement process;”
• Evaluation of the cost of poor quality was a parenthetical note in QS-9000, but is a
specific requirement of ISO/TS 16949;
• Suppliers must develop a process for motivating employees to achieve quality
objectives and providing employees at all levels with “quality awareness;”
• Customer experience with the supplier’s product must be communicated in a timely
manner;
• Finally, the “due care for product safety” requirement from QS-9000 has been expanded
to minimize risks to employees, customers and the environment.
4.2—Quality system:
• The term “product realization” is introduced to cover the entire process of designing,
planning and delivering products that meet customer requirements;
• A requirement for a project manager and a project team is introduced;
• The modifying phrase “If a project management approach is used” suggests that this
approach is preferred, if not actually required. Continuing to expand the project
management concept, ISO/TS 16949 requires that a method be established for
measuring the product-realization process against appropriate mileposts, with
appropriate analysis and management review;
• The factors to be measured include quality, risks, costs and lead times. Process
capability studies must be conducted on all new processes;
• Results for the capability studies must be used to establish requirements for production
equipment where applicable. Inclusion of all special characteristics on Control Plans,
although always implicit, is now explicitly required;
• ISO/TS 16949 also has a requirement for procedures on developing and verifying the
product-realization process;
• Detailed procedural requirements for process design inputs and outputs have been
added, including a verification of the inputs vs. the outputs;
• The use of the “customer-recognized product approval process” (e.g., production part
approval process [PPAP]) is mandated rather than recommended as in QS-9000,
although General Motors has had a customer-specific requirement for subsupplier
PPAP for some time;
• Additionally, when the customer so requires, special verification methods for new
products must be implemented.
4.3—Contract review:
Suppliers must have a formal process for identifying cost elements and employ this
process in the preparation of price quotations for new products.
4.4—Design control:
• The requirement for skill qualifications of the supplier’s design team is now a “shall”
rather than a “should”;
• Suppliers must have access to research and development to support product innovation.
Analysis of competitive products is identified as one alternative source of input for the
design process;
• For design changes, the impact on the customer’s assembly operations is added to the
factors that the supplier must consider for each change.
4.5—Document and data control:

There are no significant changes in this section.
4.6—Purchasing:
Suppliers must encourage their subsuppliers to comply with ISO/TS 16949. However,
there’s no target date for compliance, nor is there an expectation of third-party
registration for subsuppliers.
4.7—Control of customer-supplied products:

4.8—Product identification and traceability:

4.9—Process control:
• The term “process monitoring and operator instructions” has been replaced with the
simpler “job instructions,” which “shall” rather than “should” be accessible at the job
station without disruption;
• These job instructions shall be derived from “appropriate sources,” including the
Control Plan and the entire product-realization process;
• Significant process events shall be noted on control charts.
4.10—Inspection and testing:

• The incoming material requirements now allow the customer to waive the required
control methods;
• Following the precedent of the Third Edition of QS-9000, requirements for internal
laboratories are further strengthened. These laboratories, which include precision
metrology and calibration as well as traditional laboratory functions, must now
comply with ISO/IEC 17025 (General requirement for the competence of testing &
calibration laboratories), although third-party accreditation to that document is not
required.
4.11—Control of inspection, measuring and test equipment:

Methods and criteria for measurement system analysis shall conform to customer
reference manuals (e.g., the Big Three Measurement Systems Analysis manual).
4.12—Inspection and test status:

4.13—Control of nonconforming product:

Progress on corrective action plans shall be regularly reviewed. A requirement has been
added for customer notification when nonconforming material has been shipped.
4.14—Corrective and preventive action:

4.15—Handling, storage, packaging, preservation and delivery:

• The controls implemented for nonconforming products must also be used for obsolete
products;
• If delivery will not happen according to schedule, the supplier must notify the carrier as
well as the customer of the anticipated delivery problem.
4.16—Control of quality records:

• The requirements for scheduling the supplier’s production process have been defined in
greater detail;
• There must be a scheduling process based on meeting the customers’ requirements,
such as just-in-time;
• The information technology must support access to production data at key production
checkpoints.
4.17—Internal quality auditing:

• Internal audits must be performed on all shifts and must include all activities affected by
ISO/TS 16949 and all relevant customer requirements. Specifically, the internal audit
must include an evaluation of the effectiveness of the product-realization and
production process;
• A product audit has been included in 4.17 that includes the “final product” audit
required in QS-9000 and expands it to include all specified requirements at
appropriate points in the production and delivery process;
• Internal auditors must meet customer-established criteria.
4.18—Training:
Additions include requirements for on-the-job training for new or modified jobs affecting
quality and for training on customer-specific requirements.
4.19—Servicing:
If the supplier provides post-sale servicing, the effectiveness of service centers’ special
equipment and personnel training must be re-evaluated.
4.20—Statistical techniques:
Appropriate statistical methods shall be determined during the planning process, and
these methods shall be understood throughout the organization.
The sheer number and broad implications of these additions clearly indicate that a
great deal of effort will be required to migrate from a QS-9000-based Quality
Management System (QMS) to one that can be registered to ISO/TS 16949. However,
there’s no need to drop everything for ISO/TS16949 now; it will exist as an alternative to
QS-9000 for a substantial period, perhaps 12 to 24 months. ISO/TS 16949 will be revised
to mesh with the new ISO 9001. At that time, the countdown will begin for the possible
replacement of QS-9000 with ISO/TS 16949. Nevertheless, automotive suppliers will
want to prepare for ISO/TS 16949 with greater urgency than this scenario might suggest:
Early evaluation of ISO/TS 16949 will allow suppliers to develop the most cost-effective
ways to meet these new and revised requirements.
d. VDA 6.1
VDA 6.1 is the German Quality Management System for the automotive industry.
Verband der Automobilindustrie e. V. (VDA) issued the 4th edition in December 1998
and it became mandatory for all German car manufacturers on April 1, 1999. Based on
ISO 9001:1994, it includes all elements of QS-9000, with an additional four requirements
specific to VDA 6.1 as follows:
• Element 06.3 Recognition of product risks—These are the risks of the product fulfilling
its own function and its effect on the whole assembly;
• Element Z1.5 Employee satisfaction—The perception of the employees of the company,
as well as the needs and expectations of the employees that will be met through the
company’s quality approach;
• Element 07.3 Quotation structure—A customer or market is offered products for
purchase or made available to own or to use;
• Element 12.4 Quality history—The system describes the quality history of customer
supplied product and gives an overview of the situation during a particular period.
The VDA standard is broken into two parts, with the first classed as management and the
second focusing on products and processes. Any company that goes through an audit
must achieve at least 90 percent correct on all questions to obtain registration.
Aerospace Industry
a. AS9000—Aerospace Basic Quality System

AS9000, Aerospace Basic Quality System, is the aerospace version of ISO 9000 and was
published in 1997. AS9000 contains ISO 9001 in its entirety with the addition of 27
clarifications or qualifiers and eight notes to the existing 20 elements of ISO 9001. A
consortium of aerospace prime contractors, operating as a subcommittee (Americas
Aerospace Quality Group, AAQG) under the Aerospace and Defense Division of the
American Society for Quality Control, developed the document. Companies that
contributed to the development of AS9000 include the following:
• AlliedSignal;
• Allison Engine Company;
• Boeing;
• General Electric Engines;
• Lockheed Martin;
• McDonnell Douglas;
• Northrop Grumman;
• Pratt & Whitney;
• Rockwell—Collins;
• Sikorsky Aircraft;
• Sundstrand.
Aerospace is significantly more safety and quality sensitive than most other industries.
Procurement Quality Assurance at prime contractors believes ISO alone is not sufficient
to define supplier quality system requirements. Primes currently require purchase order
adders for ISO 9000 registered suppliers with each prime having their own unique adders.
The Federal Aviation Administration (FAA) believes ISO alone is not adequate to meet
regulatory requirements and FAA expectations. FAA has indicated that it will accept
AS9000 under defined circumstances including:
• Primes maintain liability and responsibility;
• Primes must demonstrate oversight of all third-party audits;
• Criteria for acceptance of demonstrated compliance must be defined.
The Department of Defense (DOD) accepts ISO 9000, however, DOD expects more than
ISO 9000 at primes. The DOD has expectations of advanced quality systems from prime
contractors, and many DOD requirements (i.e., configuration management) are added by
other required specifications. In addition to contractual requirements, DOD primes have a
significant financial exposure with regard to supplier quality.
AS9000 represents a dramatic streamlining of current aerospace quality standards.
From the DOD through the FAA, to each prime contractor and subcontractor, there is a
multiplicity of unique requirements imposed on the aerospace suppliers, creating a huge
burden with little added value. AS9000 represents a significant step towards
standardizing and consolidating the aerospace quality processes.
b. AS9100—Quality Systems Aerospace—Model for Quality

Assurance in Design, Development, Production, Installation, and
Servicing
The Society of Automotive Engineers (SAE International) published AS9100 Quality
Systems—Aerospace—Model for Quality Assurance in Design, Development,
Production, Installation, and Servicing, in March 2000, the first international aerospace
quality systems standard. AS9100 is technically equivalent to the European version,
published by The European Association of Aerospace Industries (AECMA) as
prEN9100.
In North America, AS9100 replaces AS9000 as the registration standard for suppliers
to the aerospace industry. AS9000 will become obsolete when revisions to AS9100 based
on ISO 9001:2000 revisions are incorporated. The existing version of ISO 9100 and
AS9100 is expected to remain available for use until November 2003. This will allow
users to transition to the new version.
The ISO Aerospace Technical Committee 20, Working Group 11, in association with
the American Aerospace Quality Group (AAQG) in the U.S. and the European
Association of Aerospace Industries, AECMA in Europe, and other countries such as
Japan, China, Mexico and Brazil, developed the quality systems standard for use by
aerospace companies worldwide. AS9100 was developed using ISO9001, AS9000 and
EN9000–1, and it builds upon their requirements to produce a globally harmonized
standard that meets the requirements of aerospace companies worldwide. The first
standard available for use across the global aerospace community, AS9100, adds the
additional requirements necessary to address both civil and military aviation and
aerospace needs.
Based on industry need, major changes to the AS9000 document have been made to
accommodate the changes in the industry and worldwide focus on quality and safety.
Significant changes and/or additions have been made in the following areas:
configuration management; reliability, maintainability, and safety; process control;
purchasing; design verification and validation testing; first article inspection; corrective
action; inspection and test status; servicing, delivery, investigation, and control of
technical documentation and expansion of the internal audit requirement. With major
industry manufacturers on board, companies at all levels in the aerospace supply chain
will need this document to keep up with the worldwide changes in standardization and
stay competitive in the industry.
AS9100 is based on ISO 9001. AS9100 adds the additional requirements necessary to
address both civil and military aviation and aerospace needs. AS9100 provides additional
requirements to all but one of the 20 elements of ISO 9001. (The exception is element
4.7, Control of Customer Supplied Product.)
The major areas of emphasis that supplement the elements of ISO 9001 are:
• Key product/process characteristics;
• Design and development management planning;
• Customer and regulatory requirements;
• Verification and validation documentation and testing;
• Documentation and data changes;
• Supplier (the AS9100 organization) purchasing and subcontractor evaluation, data and
product verification;
• Product identification and traceability;
• Process control documentation and process changes;
• Qualification and control of special processes;
• First article inspection;
• Inclusion of all inspection, measuring and test equipment devices;
• Nonconforming material review authority and disposition;
• Flow down of corrective action to the appropriate subcontractor(s);
• Flow down of requirements from the Quality Manual to work instructions for use on
Internal Quality Audits;
• Where servicing is a requirement, the procedure(s) will address specifics on data,
technical documentation, repair schemes and controls;
• In the event statistical techniques are required, some specific areas and techniques
offered for consideration include the following:
Design verification;
Process control;
Inspection;
Quality management;
Failure Mode and Effects Analysis.
CHAPTER 3
Industry Specific Standards for Failure
Mode & Effects Analysis
Aerospace Industry
SAE.ARP5580—Recommended Failure Modes and Effects Analysis

(FMEA) Practices for Non-Automobile Applications
This document provides guidance to perform Failure Mode and Effects Analysis for the
non-automotive industry, utilizing the information published in MIL-Std 1629A and SAE
recommended Practice J1739. It is intended for use by organizations whose product
development processes use FMEA as a tool for assessing the safety and reliability of
system elements. It provides an overview of the FMEA process with details on the
overall enhanced methodology. It also introduces the following types of FMEA:
• Functional FMEA
• Interface FMEA
• Detailed FMEA
Different Types of FMEAs in APR 5580
Functional FMEA
This type of Failure Mode and Effects Analysis is initiated during the conceptual or
preliminary design phase. Functional FMEA is performed on the conceptual design to
support the architectural definition and verify necessary design compensation and failure
recovery requirements derived by the Functional Requirements Analysis. Functional
FMEA can be performed on control systems, processes, software and complex devices
whose functionality is more readily understood than the details of their operation.
Functional FMEA focuses on the functions that an item, group of items or process
performs rather than on the characteristics of the specific implementation.
Interface FMEA
This type of FMEA is initiated during the preliminary or detailed design phase. Similar to
Functional FMEA, Interface FMEA is performed to verify compliance to design, safety
and regulatory requirements. Unlike Functional FMEA, Interface FMEA is the process of
determining and recording characteristics of failures in the interconnections between
interfacing system elements. Interface FMEA is done to evaluate interconnections
between hardware elements (i.e. wires, cables, fiber optic lines, etc.) and software
elements. While conducting an Interface FMEA, failure modes specific to the interfaces
are defined and their characteristics (effects and fault signatures) are determined.
Detailed FMEA
This type of analysis is initiated during the detailed design phase, but in some cases the
functional analysis may be updated during the detailed design phase rather than doing a
Detailed FMEA. Detailed FMEA is performed to verify that the design complies with
requirements for failures that can cause loss of end item functions, single point failures,
fault detection and fault isolation. In Hardware Detailed FMEA, the components
comprise the physical system design. In Software Detailed FMEA, the components are
from the source code. The characteristics of the failure of each and every component is
determined and documented in this process. The Detailed FMEA is initiated as the design
of each element matures and the detailed design schematics, part lists, and detailed
software design documents and source code become available.
FMEA Verification
This process is initiated during the design verification and validation phase. Verification
of FMEA ensures that adequate actions are taken to control, prevent and reduce the end
effects of the identified potential failure modes.
Documentation
This document suggests that the documentation set should include the following:
Description of the system or subsystem analyzed;
Worksheets for the types of FMEA conducted;
Summary of the analysis results.
FMEA Applications
Applications of FMEA can be categorized into Product Design Hardware and Software
FMEA, and Process Design FMEA. Functional, Interface and Detailed analysis could be
done for both product design hardware and software FMEA.
The following guidelines are provided in SAE ARP 5580.
Industry specific standards for failure mode & effects analysis 25
Product Design Hardware FMEA

Product design hardware FMEAs are applied to the physical design of the product, i.e.,
electrical, mechanical and hydraulic subsystems and the interfaces between those
subsystems.
Hardware Functional FMEA

Hardware Functional FMEA is first applied early in the design cycle after the major
system functional components and their interactions have been defined.
Typical functional failure modes pertain to a particular function not being performed
or being performed incorrectly. Failure effects associated with the different modes of
operation should be evaluated and recorded.
Hardware Functional FMEA is also used later in the design cycle for complex
subsystems or components, such as integrated circuits and control systems, whose
functionality is more readily described than the operation of individual components.
Hardware Interface FMEA

Hardware Interface FMEA is performed on the physical interfaces between major
functional system elements, i.e., LRUs (Line Replaceable Units), which include
mechanical linkages, hydraulic lines or electrical cabling.
Typical failure modes include low pressure in hydraulic lines, improper grounding of
an electric cable, etc.
Hardware Detailed FMEA

Hardware Detailed FMEA is the most common type of FMEA. This is done at the lowest
piece/part level of design and generally involves individual system components. Standard
lists of potential failure modes are available for many of the widely used components.
Product Design Software FMEA

Software includes programs, their related data elements, their execution as tasks that
implement various system functions and also includes program interfaces with hardware
and the interfaces between different programs or tasks.
Software Functional FMEA

Software Functional FMEA is applied to the Computer Software Configuration Item
(CSCI) during top-level software design.
Failure modes associated to the individual functions, which have been assigned to
Computer Software Components and to individual modules, are developed and applied to
the software design to determine the effect on the system performance and safety of
incorrect performance of the software element.
The primary outputs of the Software Functional FMEA are used to identify software
architectural changes to reduce failure exposure. They are also used to identify
requirements to ensure that incorrect software behavior can be detected and that
appropriate system corrective actions are instituted.
Software Interface FMEA

Software Interface FMEA is similar to a Functional FMEA for software but focuses on
the interfaces between disparate software and hardware elements. Failure modes specific
to the message and/or data type being passed are postulated and the system level effects
are identified.
Software Detailed FMEA

Software Detailed FMEA is generally done for systems that do not include robust
hardware protection of memory elements, processing results and data transfers. The
intent of the Detailed FMEA is to supplement the Functional and Interface FMEAs with a
detailed assessment of the response of the as-developed software to plausible faults and
failures. Both the Functional and Interface FMEAs will have to be updated at the time the
Software Detailed FMEA is performed to reflect the ultimate software architecture.
Process Design FMEA

Process FMEA evaluates the failure modes associated with the manufacturing and
assembly process deficiencies. Process FMEA assumes that the product as designed will
meet the design intent provided the product is manufactured properly. Process FMEAs
are conducted for new parts and processes, changed parts and processes, and new
applications and environments for product manufacturing and assembly.
SAE ARP 5580 also provides guidance on FMEA planning, functional requirement
analysis, FMEA task analysis (including failure analysis, failure ratios, process capability
indices and risk criteria), documentation and reporting requirements.
The following table from SAE ARP5580 summarizes the application of various types
of FMEA and related tasks during the design phase.
Table 3–1
FMEA Task Value/Use Timing Recommendations
Functional Defines the design Initiated during Should always be
Requirements requirements for fault conceptual performed.
Analysis compensation, mitigation design phase.
and monitoring
provisions.
Functional Supports functional Initiated during Should always be
Failure Mode assessment of system conceptual or performed.
and Effects architecture. Supports preliminary
Analysis early verification of the design phase.
conceptual baseline:
• Completeness of fault
compensation
requirements
• Requirements for FD/FI
provisions.
Identifies critical
functions for more
detailed analysis.
Interface Supports system level Initiated during Performed when analyzing a
Failure Mode assessment of down- preliminary or system or subsystem or
and Effects stream failure effects (e.g. detailed design when required by the
Analysis cascading faults). phase. system integrator.
Provides a system view to
the response of the FD/FI
provisions.
Provides an assessment of
the
FMEA Task Value/Use Timing Recommendations

overall system
architecture.
Hardware Provides a higher Initiated during Should be limited to safety
Detailed fidelity assessment for detailed design or mission critical functions
Failure Mode critical and safety phase. identified during the
and Effects related functions. Functional Failure Mode
Analysis Provides a detailed and Effects Analysis.
assessment of LRU and
SRU failure conditions.
Software Provides evaluation of Initiated in Should be limited to systems
Detailed single variable or detailed software without hardware protection
Failure Mode instruction failures in design phase. of memory, processing
and Effects software. results or data transfers.
Analysis
Latency Accounts for multiple Performed as Performed when there are
Assessment simultaneous failure part of each safety concerns.
modes. analysis type.
FMEA Verifies accuracy of Initiated in Done in conjunction with
Verification analysis results. verification and system verification testing,
Validates analysis validation phase. especially when the analyst
ground rules. is uncertain of the failure
consequences, or when
required by contract or there
is concern about ground
rules.
Automotive Industry
SAE.J1739—Potential Failure Mode and Effects Analysis in Design

(Design FMEA), Potential Failure Modes and Effects Analysis in
Manufacturing and Assembly Processes (Process FMEA), and
Potential Failure Mode and Effects Analysis for Machinery
(Machinery FMEA)
This document provides guidance in the application of Failure Mode and Effects
Analysis. It’s a recommended practice that gives the freedom to each team to use it in the
most effective way for a given situation.
The document states the following three basic cases for which FMEAs are generated,
each with a different scope:
Case Scope
New design, technology or process Focus on complete design, technology or
process
Modifications to existing design or process (assumes Focus on modification to design or
there is a FMEA for the existing design or process) process, possible interactions due to the
modification, and field history
Use of existing design or process in a new Focus on the impact of the new
environment, location or application (assumes there is environment or location on the existing
a FMEA for the existing design or process) design or process
Guidelines for the following three types of FMEAs are provided in this document:
• Design FMEA (D-FMEA)—Design FMEA evaluates the initial design for
manufacturing, assembly, service and recycling requirements, including functional
requirements and design alternatives. Design FMEA should be initiated before or at
design concept finalization and be continually updated as changes occur or additional
information is obtained throughout the phases of product development. Design FMEA
should be completed before the production drawings are released for tooling.
Suggested criteria for the evaluation of severity, occurrence and detection for D-
FMEA are provided in Tables 1, 2 and 3 of SAE J1739.
• Process FMEA (P-FMEA)—Process FMEA is utilized to accomplish the following:
• Identify the process functions and requirements;
• Identify potential product- and process-related failure modes;
• Assess the potential customer effects of the failures;
• Identify the potential manufacturing/assembly process causes and identify process
variables on which to focus controls for occurrence reduction or detection of the
failure conditions;
• Identify process variables on which to focus process controls;
• Develop a ranked list of potential failure modes, thus establishing a priority system
for preventive/corrective action considerations;
• Document the results of the manufacturing/assembly process.
Process FMEA should be initiated before or at the feasibility stage and prior to tooling
for production. It should take into account all manufacturing operations from individual
components to assemblies.
Suggested criteria for the evaluation of severity, occurrence and detection for P-
FMEA are provided in Tables 4, 5 and 6 of SAE J1739.
• Machinery FMEA (M-FMEA)—The Machinery FMEA supports the design process
in reducing the risk of failures by:
• Aiding in the objective evaluation of equipment functions, design requirements and
design alternatives;
• Increasing the probability that potential failure modes and their effects on the
machinery have been considered in the design and development process;
• Providing additional information to aid in the planning of thorough and efficient
design, validation and development programs;
• Developing a ranked list of potential failure modes ranked according to their effect
on the “customer,” thus establishing a priority system for design improvements,
development and validation testing analysis.
Machinery FMEA should be initiated during design concept development and should
be continually updated as changes occur or additional information is obtained throughout
the phases of machinery development. The analysis should be completed before
engineering release for construction. Suggested criteria for the evaluation of severity,
occurrence and detection for Machinery FMEA are provided in Tables 7, 8 and 9 of SAE
J1739.
CHAPTER 4
Risk Management Planning
Risk Management
The focus of risk management is to identify the hazards associated with functional units
and their accessories, estimate and evaluate the risks, control these risks and monitor the
effectiveness of the control.
The foundation of effective risk management is a clear commitment from corporate
management. There are three key commitments that must be made in order to build the
necessary infrastructure for a cost-effective risk management program:
• Organize and maintain the knowledge and information on the design, development and
manufacturing of the product and ensure this data is up-to-date and accurate. This
process is essential as the quality of the risk management program depends directly on
this information.
• Provide knowledgeable and competent personnel throughout the organization to
manage the risk management process and to participate in risk assessment and other
work activities.
• Create a system that not only documents and maintains risk management files, but also
records management’s response to these studies and enforces an audit system to
ensure that all approved risk reduction actions are implemented in a timely manner.
The risk management process in general includes the following elements:
• Risk Management Plan;
• Risk Assessment—covering both Risk Analysis and Risk Evaluation;
• Risk Control;
• Post-Production Information.
Risk Management Plan

Management must clearly define the objectives and scope of the project, which are
dependent on a number of factors:
• The part of the product/process/system on which the project focuses;
• The phase of the product’s life cycle in which the project takes place;
• The amount of information available.
Risk management planning 31
Responsibility and resources should be allocated to ensure that no responsibility is

omitted.
Decisions concerning risk acceptability may be based on operational, technical,
financial, legal, social, humanitarian or other criteria. The decisions can be justified by
doing the following:
• Using product-specific standards. If standards are properly implemented and the
product is tested, an acceptable level of risk should result.
• Comparing with levels of risk evident from other similar products/systems on the
market, which should consider similarities and differences in:
○ Functionality/intended use;
○ Hazards;
○ Risk;
○ Safety features;
○ Historical data;
• Following appropriate guidance documents.
Risk Assessment (Risk Analysis & Risk Evaluation)

Risk analysis addresses three specific questions:
• What can go wrong?
• How likely is it?
• What are the impacts?
In order to answer the above questions, it is essential to understand the intended use or
purpose of the product, including any foreseeable misuse, and to identify the product
characteristics that could impact on safety.
The next step is to identify hazards associated with the product and determine the
related causes and consequences, and ultimately estimate the risk.
Some potential hazards (if applicable) that should be evaluated include these factors:
• Toxicity, flammability and reactivity of raw materials and wastes;
• Sensitivity to environmental factors such as temperature and humidity;
• Mechanical or electronic hazards;
• Human factors associated with the operator-equipment interface.
The risk analysis is not restricted to only the design of the product but should also be
done for the manufacturing process (e.g. assembly process, packaging) and the process of
delivering the product to its intended location. For products that involve materials that are
sensitive to the environment (e.g., heat, humidity, cold or light), storage and
transportation methods need to be reviewed. If problems are identified, appropriate
changes should be made in packaging or warnings on storage or packaging containers.
The software used in the functioning of a product to control or monitor systems also
needs to be reviewed. The consequences of software errors can be unpredictable,
particularly those that involve data corruption or false alarms. In such cases, the product
should have a means of detecting software errors or the consequences. For example,
consider installing separate redundant alarms or interlocks on critical aspects of the

system/product.
Depending on the complexity of the system/product, one or a combination of risk
analysis techniques can be used to identify hazards. Some common techniques include
Failure Mode and Effects Analysis (FMEA), Hazard and Operability Analysis (HAZOP)
and Fault Tree Analysis (FTA). The FMEA methodology and its application throughout
the entire life cycle of the system/product are addressed later in this manual. The other
two techniques are described in the next chapter.
Once the risk estimation for all hazards is completed, the acceptability of risk is
determined based on the company’s risk-acceptability criteria (based on what was
established in the risk management plan) and, if it is too high, the risk needs to be
mitigated.
Risk Control
Risk reduction should focus on reducing the hazard severity, the probability of
occurrence, or both. The following are examples of risk control:
• Inherent safety by design;
• Use of consensus standards;
• Protective design measures (e.g. incorporating alarms and interlocks into the design to
mitigate risks that cannot be eliminated);
• Protective manufacturing measures, with improved process or test capabilities;
• Safety information (labeling, instructions for use, training, etc.).
The technical and economic practicality of implementing the options should be evaluated.
Once the risk reduction decisions are made, the associated risk reduction actions should
be implemented and monitored throughout the product’s life cycle.
Post-Production Information
Throughout the product’s lifetime, new information

obtained during postmarketing vigilance regarding a new
hazard or risk must be assessed and recorded in the risk
management file. Hence, risk analysis and management is
an ongoing process throughout a product’s lifetime and it
is the continuous responsibility of the manufacturer to
ensure the product/system safety.
Risk management should start at the early design stage to establish the highest level of
inherent safety. This can significantly offset the cost of implementing risk-mitigating
measures.
CHAPTER 5
Risk Analysis Methodologies
This chapter gives an overview of Hazard and Operability Analysis (HAZOP) and Fault
Tree Analysis (FTA), which are risk analysis techniques commonly used in the industry
as alternatives to Failure Mode and Effects Analysis (FMEA).
Hazard and Operability Analysis (HAZOP)
This technique was originally developed for use in the chemical process industry for
identifying hazards and operability problems.
HAZOP is a highly structured bottom-up methodology. It uses the combination of
design parameter and guide word to help identify deviation from design intent. The
following are examples of guide words and design parameters:
Guide Words
• More or High or Higher or Greater (words that imply an excess), when compared to
the design intent;
• No, None, Less or Low or Lower or Reduced (words that imply insufficiency), when
compared to the design intent;
• Part of or Not all of or Partially (words that imply incompleteness), when compared
to the design intent.
Design Parameters
Applicable parameters typically include:
• Pressure;
• Temperature;
• Flow;
• Composition;
• Level;
• Reaction Rate;
• Viscosity;
• pH.
Applicable operations typically include:

• Filling;
• Transferring;
• Purging;
• Emptying;
• Draining;
• Venting;
• Maintenance;
• Start-up;
• Shut-down.
Deviations
For example:
■ When Property=Parameter:
High + Flow = High Flow
Low + Pressure = Low Pressure
More + Reaction = Greater Reactivity
■ When Property=Operation:
No + Transfer = No Transfer
Less + Empty = Residue Remaining
■ When Property=Material:
No + Steam = No Steam
More + Diluent = More Diluent
Fault Tree Analysis (FTA)
Fault Tree Analysis is a top-down methodology. The analysis starts with the undesired
consequence or top event and identifies the various combinations of faulty and normal
possible events occurring in the system. This procedure deduces the root cause(s) of the
top event. The events and logical relationships between events are represented
graphically in a tree structure using both logic and event symbols, as shown in Tables 5–1
and 5–2, respectively. An example of a fault tree is shown in Figure 5–1.
FTA can be used to identify multiple failure conditions where two or more events
must occur for the top-level event to occur. If estimates of failure rates are available for
individual events, the probability of the top event can be predicted.
Risk analysis methodologies 35
Table 5–1: Logic Gate Symbols

Gate Symbol Gate Name Causal Relation
AND Output event occurs if all input events occur simultaneously
OR Output event occurs if any one of the input events occurs
Table 5–2: Event Symbols

Event Symbol Event Name Meaning
CIRCLE Basic event with sufficient data
DIAMOND Undeveloped event
RECTANGLE Event represented by a gate
TRIANGLE Transfer symbol

Figure 5–1: Fault Tree Analysis

Example
CHAPTER 6
Overview of FMEA
This chapter is an introduction to Failure Mode and Effects Analysis (FMEA). It outlines
the objectives of FMEA, reasons and benefits of performing FMEA and the limitations of
the technique.
Overview
The need for continuous improvement of product quality, reliability and safety arises
from product recalls (see Table 6–1), government regulatory requirements, agency
recommendations, legal implications and above all a company’s desire to improve its
market position and customer satisfaction. These issues require product manufacturers to
perform risk analyses that identify and minimize part/system failures throughout the
product’s life cycle.
The FMEA methodology is one of the risk analysis techniques recommended by
international standards. It is a systematic process to identify potential failures to fulfill the
intended function, to identify possible failure causes so the causes can be eliminated, and
to locate the failure impacts so the impacts can be reduced. The process of FMEA has
three main focuses:
▪ The recognition and evaluation of potential failures and their effects;
▪ The identification and prioritization of actions that could eliminate the potential failures,
reduce their chances of occurring or reduce their risks;
▪ The documentation of these identification, evaluation and corrective activities so that
product quality improves over time.
FMEA is primarily adapted for material and equipment failures, but in a broad sense,
human error, performance and software errors can also be included.
By applying the FMEA methodology during the various phases of a product’s life
cycle, the methodology provides a systematic and disciplined strategy for examining all
the ways in which a product can fail. The results of FMEA in turn affect the product
design, process development, sourcing and suppliers’ quality, downstream (referring to
downstream of a process or user of the product) application, and field service.
The following are some of the benefits of conducting a FMEA study:
▪ Ensures that the potential failures and their effects on the system have been identified
and evaluated, consequently helping to identify errors and define corrective actions;
▪ Provides a means for reviewing product and process design;
▪ Helps to identify critical characteristics of the products and processes;
Another random document with
no related content on Scribd:
peitti puolet hänen ruumiistaan, valtuustonjäsen, rauhantuomari ja
ties mitä.
Ja vihdoin Gonchon, rahvaan Mirabeau, joka Pitoun mielestä oli

vieläkin rumempi kuin ylimystön Mirabeau ja joka katosi rymäkän
mukana, niinkuin satunäytelmässä häviää tullakseen myöhemmin
taas esille entistä hirveämpänä, väkivaltaisempana ja
myrkyllisempänä, pahahenki, jota ei toistaiseksi tarvita näyttämöllä.
Siinä joukossa, joka oli kerääntynyt Bastiljin raunioille kuin

toiselle Aventinus-kukkulalle, liikuskeli myöskin muuan nuori, laiha,
kalpea, silotukkainen, säihkykatseinen mies, yksinäisenä kuin
kotka, jonka hän, ketään tuntematta ja kaikille tuntemattomana,
myöhemmin valitsi vertauskuvakseen.
Se mies oli tykistöluutnantti Bonaparte, joka oli sattumalta

Pariisissa lomallaan ja josta, kuten muistettaneen, Cagliostro oli
lausunut Gilbertille eriskummaisen ennustuksen jakobiini-kerhossa.
Kuka kuohutti ja kiihoitti tätä joukkoa? Muuan rohjoruumiinen

mies, jonka tukka oli kuin leijonanharja ja jonka ääni möyrysi kuin
ukonjyly, mies, jonka Santerre kotiin palatessaan tapasi
odottelemassa — Danton!
Juuri tällä hetkellä tuo hirveä vallankumousmies — hänet

tunnettiin toistaiseksi vain siitä hälinästä, jonka hän oli saanut
aikaan Théâtre-Françaisissa Chénierin Kaarlo IX:tä esitettäessä, ja
siitä hirveästä kaunopuheisuudesta, jota hän kehitteli kordelierien
kerhon puhujakorokkeelta — varsinaisesti astui valtiolliselle
näyttämölle, jolla hän sitten levitti jättiläiskätensä.
Mistä oli lähtöisin tuon miehen mahti, joka koitui niin
kohtalokkaaksi kuninkuudelle? Kuningattaren taholta.
Pitkävihainen itävallatar ei halunnut Lafayettea Pariisin

pormestariksi. Hän suosi Pétionia, matkatoveria Varennesin
pakoretkeltä; pormestariksi päästyään tämä mies ensi töikseen
aloitti taistelun kuninkaan kanssa määräämällä Tuileriein palatsin
vartioitavaksi.
Pétionilla oli kaksi ystävää, jotka hän toi mukanaan

kaupungintaloon:
Manuel oikealla ja Danton vasemmalla puolellaan.
Manuel oli valittu kommuunin prokuraattoriksi ja Danton hänen

apulaisekseen.
Vergniaud lausui puhujalavalta Tuilerieitä osoittaen:
»Tuosta synkeästä palatsista on kauhu monesti lähtenyt

yksinvallan nimessä; palatkoon se sinne nyt lain nimessä!»
No niin, hetki oli koittanut muuttaa tuon girondelaispuhujan

kaunis ja hirveä vertauskuva teoksi ja toimeksi. Kauhu oli
manattava esille Saint-Antoinen esikaupungista ja työnnettävä
hillittömänä, korvaa särkevien huutojen ja nyrkkiin puristuneitten
kourien kannattelemana Katarina di Medicien palatsiin.
Kuka paremmin kuin se peloittava vallankumouksen taikuri, jonka

nimi oli Danton, voisi loihtia sen esille?
Dantonilla oli leveät hartiat, valtava koura, atleetin rinta, jossa

sykki voimakas sydän. Danton oli vallankumouksien kumahteleva
isorumpu. Siihen isketyn lyönnin hän vyörytti heti mahtavana
värähdyksenä rahvaan sekaan, joka humaltui sen pauhusta. Danton
oli yhtäältä kosketuksessa kansan kanssa Hébertin välityksellä,
toisaalta Orleansin herttuan välityksellä suhteissa valtaistuimeen.
Seisten kadunkulmissa hoilaavien kamasaksojen ja valtaistuimen
juurella liikkuvan kuninkaallisen prinssin välissä Dantonilla oli
edessään täydellinen näppäimistö, jonka kaikki koskettimet liittyivät
yhteiskunnalliseen säikeeseen.
Silmätkäämme sitä asteikkoa. Siinä on kaksi oktaavia, ja kaikki

kielet
sointuvat Dantonin mahtavaan, ääneen.
Hébert, Legendre, Gonchon, Rossignol, Momoro, Brune,

Huguenin,
Rotondo, Santerre, Fabre-d'Eglantine, Camille Desmoulins, Dugazon,
Lazouski, Sillery, Genlis, Orleansin herttua.
Ja huomatkaa tarkoin, että olemme esittäneet tässä vain näkyvät

rajamerkit. Kuka voi sanoa, kuinka matalalle ja korkealle tämä mahti
voi sivuuttaa rajat, joita silmämme ei näe?'
Kuinka tahansa, tämä mahti se lietsoi Saint-Antoinen

esikaupungin
liikkeelle.
Jo kesäkuun 16 päivänä muuan Dantonin mies, puolalainen

Lazouski,
kommuunin jäsen, pani asian alulle.
Hän ilmoitti kommuunin neuvostolle, että Saint-Antoinen ja Saint-

Marceaun esikaupungit aikoivat kesäkuun 20 päivänä esittää
kansalliskokoukselle ja kuninkaalle anomuksen sen johdosta, että
kuningas oli kieltäytynyt vahvistamasta pappeja koskevaa asetusta,
ja istuttaa Feuillants-pengermälle vapaudenpuun muistoksi
Pallohuoneen istunnosta kesäkuun 20 päivältä 1789.
Neuvosto epäsi valtuuden.
»Se tehdään ilman valtuutta», kuiskasi Danton Lazouskin korvaan.
Ja Lazouski toisti ääneen:
»Se tehdään ilman valtuutta!»
Kesäkuun 20 päivällä piti olla kaksinainen merkitys: näkyvä ja

salainen.
Edellinen olisi veruke: kuninkaalle esitettäisiin anomus ja

vapaudenpuu istutettaisiin.
Jälkimäinen, josta tiesivät vain harvat valitut, tarkoitti seuraavaa:

Ranska olisi pelastettava Lafayetten ja feuillanttien käsistä ja
parantumattomalle kuninkaalle, tuolle vanhan järjestelmän
kuninkaalle, oli huomautettava, että on sellaisia poliittisia myrskyjä,
joihin yksinvaltias voi hukkua valtaistuimineen, kruunuineen ja
omaisineen, niinkuin valtameren kurimukseen laiva uppoo
miehistöineen päivineen.
Kuten sanottu, Danton odotteli Santerrea tämän kotona

myymäläkamarissa. Edellisenä päivänä hän ohi lähettänyt
Legendren mukana viestin, että Santerren tulisi seuraavana päivänä
panna alulle kansannousu Saint-Antoinen esikaupungissa.
Aamupäivällä oli Billot tullut tämän isänmaallisen oluenpanijan

luo, tehnyt tunnusmerkin ja ilmoittanut, että valiokunta oli
määrännyt hänet koko päiväksi Santerren seuraan.
Niinpä Billot, joka tekeytyi vain Santerren ajutantiksi, tiesi

enemmän kuin Santerre itse.
Danton tuli sopimaan Santerren kanssa tapaamisesta seuraavana

yönä
Charentonissa pienessä talossa, joka oli rakennettu Marnen oikealle
rannalle joen yli menevän sillan päähän.
Siellä he tapasivat toisensa, nämä arvoituksellisten ja

tuntemattomien vaiheitten miehet, jommoisia alati näkee
johtamassa kapinavyöryn kulkua.
Kaikki saapuivat paikalle täsmällisesti.
Näiden miesten intohimot olivat erilaisia. Millaisista lähteistä ne

hersyivät? Siitä asiasta voisi kirjoittaa synkän historian. Eräät
työskentelivät vapaudenrakkaudesta, monet, kuten Billot,
kostaakseen kärsimänsä vääryydet, enemmistö kostonhalusta,
kurjuuden ja huonojen vaistojen yllyttämänä.
Rakennuksen toisessa kerroksessa oli lukittu huone, johon vain

johtajilla oli oikeus päästä. He lähtivät sieltä eväinään tarkat,
huolitellut, ratkaisevat toimintaohjeet, ikäänkuin pyhätöstä, missä
joku tuntematon jumala jakeli tuomioitaan.
Suunnaton Pariisin-kartta oli levitetty pöydälle.
Dantonin sormi osoitti lähteet ja paikat, missä sivujoet yhtyisivät,

ja virtojen kulkusuunnan, niiden ihmisvirtojen kulun, jotka paria
päivää myöhemmin hukuttaisivat Pariisin tulvaan.
Bastiljin tori, johon Saint-Antoinen esikaupunki, Arsenaali-korttelin
ja Saint-Marceaun kadut johtavat, oli määrätty kokoontumispaikaksi.
Verukkeena oli kansalliskokous, päämääränä Tuileriein palatsi.
Bulevardi oli se leveä ja varma uoma, jossa tämä kuohuva vuo

virtaisi.
Kullekin määrättiin asema, ja kun kaikki olivat luvanneet saapua

määräpaikalleen, hajaannuttiin.
Yleiseksi tunnussanaksi hyväksyttiin: »Palatsin tuho!»
Mutta miten kaikki järjestettäisiin? Sitä ei tiedetty vielä.
Kesäkuun 19 päivän kuluessa joukkoja kertyi Bastiljin aukiolle,

Arsenaalin tienoille ja Saint-Antoinen esikaupunkiin.
Äkkiä tämän joukon keskelle ilmestyi rohkea ja peloittava

amatsooni, punaisiin puettu, vyössä pistooli ja kupeella sapeli, joka
myöhemmin, kahdeksantoista haavaa viillettyään, lopulta työntyi
Suleaun sydämeen.
Tämä amatsooni oli Théroigne de Méricourt, Liègen kaunotar.
Olemme nähneet hänet Versaillesin tiellä lokakuun 5 päivänä.

Mitä hän oli puuhannut sen jälkeen?
Liègessâ oli puhjennut kapina. Théroigne tahtoi auttaa

synnyinseutuaan. Leopoldin kätyrit vangitsivat hänet matkalla, ja
puolitoista vuotta hän oli istunut Itävallan vankiloissa.
Oliko hän karannut? Oliko hänet vapautettu? Oliko hän sahannut

poikki rautaristikot? Oliko hän lahjonut vartijan? Kaikki se on yhtä
hämärää kuin hänen elämänsä alku, hirveää kuten sen loppukin.
Kuinka tahansa, hän oli palannut. Hän oli nähtävissä. Rikkaitten

rakastajattaresta oli tullut rahvaan ilotyttö. Ylimystö oli antanut
hänelle kullan, jolla hän osti terävät säilät ja hienotakeiset pistoolit
iskeäkseen niillä vihollisiinsa.
Rahvas tunsi hänet ja tervehti häntä raikuvin huudoin.
Kaunis Théroigne tuli hyvään aikaan, sopivaan asuun puettuna,

seuraavan päivän veriseen juhlaan.
Saman päivän illalla kuningatar näki hänen ratsastavan

Feuillants-pengermällä. Kaunotar kiiti Bastiljin aukiolta
Champs-Elyséesille, rahvaan kokouksesta isänmaalliseen juhlaan.
Tuileriein ullakkokerroksesta, jonne kuningatar huudot

kuullessaan oli noussut, hän näki katetut pöydät. Viini virtasi
vuolaana, isänmaalliset laulut kajahtelivat, ja aina kun kohotettiin
malja kansalliskokoukselle, Girondelle ja vapaudelle, vieraat puivat
nyrkkiä Tuilerieille.
Näyttelijä Dugazon lauloi kuninkaasta ja kuningattaresta

sepitettyjä renkutuksia, ja palatsiin saakka kuningas ja kuningatar
voivat kuulla suosionosoitukset, jotka seurasivat jokaista
kertosäettä.
Keitä olivat nämä pöytävieraat?
Marseillesta eilen saapuneita liittolaisia, jotka Barbaroux oli tuonut.
Kesäkuun 18:ntena pääsi alkuun Pariisissa elokuun 10:si.

XV
Kesäkuun 20 päivä
Päivä valkenee varhain kesäkuussa. Jo kello viisi aamulla

pataljoonat
olivat koolla.
Tällä kertaa rymäkkä oli järjestettyä toimintaa; se näytti

säännölliseltä rynnäköltä.
Joukko tunnusti päälliköt, alistui käskyihin; se oli sijoitettu

määräpaikoille, jaettu arvoasteihin ja saanut liput.
Santerre oli ratsain, esikaupunkilais-esikuntansa ympäröimänä.
Billot pysytteli hänen rinnallaan. Jokin salainen mahti tuntui

määränneen hänet vartioimaan Santerrea.
Joukko oli jaettu kolmeksi osastoksi.
Ensimmäistä johti Santerre. Toista komensi Saint-Huruge.

Kolmannen
päällikkönä oli Théroigne de Méricourt.
Kellon käydessä yhtätoista aamupäivällä tämä suunnaton joukko
lähti
liikkeelle jonkun tuntemattoman miehen tuomasta komennuksesta.
Bastiljista lähdettäessä siinä oli arviolta kaksikymmentätuhatta

miestä.
Tämä joukko oli villi, eriskummainen, hirveä nähtävyys.
Santerren johtama pataljoona oli parhaiten järjestetty. Siinä näki

kosolta sotilaspukuja ja jonkun määrän kivääreitä ja pistimiä. Mutta
molemmat toiset osastot olivat rahvaan armeijaa, ryysyistä,
kalpeaa, kuihtunutta joukkoa, neljän nälkävuoden laihduttamaa.
Näistä neljästä vuodesta oli kolme kulunut vallankumouksen
merkeissä.
Sellaisesta kuilusta tämä armeija oli peräisin.
Eipä senvuoksi näkynytkään univormuja eikä kiväärejä.

Riekaleisia nuttuja, reikäisiä puseroita, eriskummaisia aseita, jotka
oli siepattu ensimmäisenä kiukun hetkenä, ensimmäisessä
puolustuskuumeessa, piikkejä, hankoja, taittokärkisiä keihäitä,
kahvattomia miekkoja, pitkiin sauvoihin sidottuja puukkoja,
piilukirveitä, muurausvasaroita, suutarinveitsiä — sellainen oli
ulkoasu ja aseistus.
Lippunaan se kuljetti hirsipuuta, josta punoksen varassa heilui

kuningatarta muka esittävä nukke; — häränpää, jonka sarviin oli
sitaistu paperiliuska riettaine kirjoituksineen; — vasikansydän, joka
oli lävistetty heinähangon piikillä ja jonka otsikkokirjoituksena oli:
Ylimyssydän!
Lippujakin sentään oli. Niihin oli töherretty:
Asetusten vahvistus tai kuolema!

Isänmaalliset ministerit kutsuttava takaisin!
Vapise, tyranni, hetkesi on lyönyt!
Joukko jakaantui Saint-Antoine-kadun kulmassa.
Santerre ja hänen kansalliskaartinsa työntyivät isolle bulevardille

— Santerre pataljoonanpäällikön puvussa. Saint-Huruge,
hallijätkäksi sonnustautuneena ja istuen täysin satuloidun ratsun
selässä, jonka joku tuntematon tallirenki oli tuonut hänelle, ja
Théroigne de Méricout, lojuen tykillä, jota miehet paljain käsivarsin
laahasivat perässään, poikkesivat Saint-Antoinekadulle.
Vendôme-aukion kautta piti joukkojen yhtyä Feuillants-

pengermällä.
Kolme tuntia kesti tämän joukon marssi. Se tempasi mukaansa

niiden
korttelien asukkaat, joiden kautta kuljettiin.
Se muistutti virtavia jokia, jotka juoksunsa varrella yhä paisuvat ja

kohisten syöksyvät eteenpäin.
Joka kadunkulmassa se lisääntyi, jokaisen sivukadun risteyksessä

se
paisui.
Väkijoukko oli äänetön. Mutta hetkittäin se rikkoi hiljaisuuden ja

puhkesi rajuihin huutoihin tai lauloi vuoden 1789 kuulua Käy
päinsä! — laulua, jonka alkuperin rohkaiseva sävy oli vähitellen
muuttunut uhkaavaksi. Silloin tällöin kuului huuto: »Eläköön kansa!
Eläkööt sanskulotit! Alas herra ja rouva Veto!»
Jo kauan ennen kuin joukon alkupää tuli näkyviinkään, kuului sen

askelten töminä, niinkuin kuullaan nousuveden kohina, sekä laulun
ja huutojen pauhu, niinkuin kuullaan rajuilmaa ennustava tuulen
vihellys.
Kun Santerren osasto, joka kuljetti mukanaan Feuillants-

pengermälle istutettavaa poppelia, saapui Vendôme-aukiolle, sulki
siltä tien vartiosto kansalliskaartilaisia. Mikään ei olisi ollut
helpompaa tälle joukolle kuin murskata tuo este. Mutta sitä ei
tehty. Kansa halusi juhlia, nauraa, huvitella, peloittaa herra ja rouva
Vetoa. Se ei halunnut surmata. Puun kuljettajat heittivät sikseen
aikeensa istuttaa sen pengermälle ja menivät istuttamaan sitä
läheisen kapusiini-luostarin pihaan.
Kansalliskokous oli jo tunnin ajan kuullut tätä meteliä, kun

joukon lähetit saapuivat istuntosaliin pyytämään, että ne, joita he
edustivat, saisivat marssia kansalliskokouksen ohitse.
Vergniaud ehdotti pyyntöön suostuttavaksi, mutta lisäsi samalla,

että linnaan piti lähettää kuusikymmentä kansanedustajaa palatsia
suojelemaan.
Girondelaisetkin halusivat säikyttää kuningasta ja kuningatarta,

mutta
eivät tahtoneet, että heille tehtäisiin pahaa.
Muuan feuillantti-edustaja vastusti Vergniaudin jälkimäistä

ehdotusta
väittäen, että moinen varokeino loukkaisi syvästi Pariisin kansaa.
Eikö tähän näennäiseen luottamukseen sisältynyt rikoksen toive?
Kansan pyyntöön suostuttiin, ja esikaupunkien asukkaat saisivat

astua
saliin ase kädessä.
Ovet avattiin heti kolmenkymmenentuhannen miehen kulkua

varten salin
läpi. Ohimarssi alkoi kello kaksitoista ja päättyi vasta kello kolme.
Joukko oli suorittanut ohjelman edellisen osan, se oli marssinut

kansalliskokouksen ohi ja lukenut sille anomuksensa. Nyt oli vielä
pyydettävä kuningasta vahvistamaan asetukset.
Koska kansalliskokous oli päästänyt puheilleen lähetystön, miksei

kuningaskin ottaisi sitä vastaan. Eihän kuningas tosiaankaan ollut
mahtavampi herra kuin kansalliskokouksen puheenjohtaja, koskapa
tullessaan tapaamaan puheenjohtajaa kuningas sai tyytyä
nojatuoliin, joka oli samanlainen kuin toinenkin istuin, ja lisäksi se
oli puheenjohtajan vasemmalla puolella!
Kuningas vastasikin, että hän ottaisi vastaan anomuksen, jonka

kaksikymmenmiehinen lähetystö esittäisi hänelle.
Kansa ei ollut odottanutkaan pääsevänsä Tuileriein alueelle.

Mutta se arvasi, että lähetystö pääsisi. Sillä aikaa joukko marssisi
linnan ikkunoiden ohi.
Se saisi näyttää kuninkaalle ja kuningattarelle kaikki uhkasanaiset

liput ja kaameat viirit.
Kaikki linnan portit oli suljettu. Linnanpihalla ja Tuileriein

puutarhassa oli kolme linjarykmenttiä, kaksi santarmieskadroonaa,
monta pataljoonaa kansalliskaartilaisia ja neljä tykkiä.
Kuninkaan perhe näki ikkunoista tämän ilmeisen turvan ja näytti

hyvin
rauhalliselta.
Yhä mitään pahaa aikomatta väkijoukko pyysi, että

Feuillants-pengermälle johtava portti aukaistaisiin.
Sitä vartioivat upseerit kieltäytyivät avaamasta ilman kuninkaan

käskyä.
Kolme valtuuston virkailijaa pyysi silloin päästä sisälle noutamaan

käskyä.
Heidät päästettiin.
Montjoye, Marie-Antoinetten historian kirjoittaja, on tallettanut

heidän nimensä.
Miehet olivat Boucher-René, Boucher-Saint-Sauveur ja Mouchet.

Mouchet oli varemmin mainittu Maraisin pikku rauhantuomari,
heiveröinen, viistoluinen, lenkosääri kääpiö, yllä suunnaton
kolmivärinen vyöhyt.
Heidät päästettiin linnaan ja opastettiin kuninkaan puheille.
Mouchet otti puheenvuoron.
»Sire», aloitti hän, »kansanjoukko liikkuu lain turvissa. Ei tarvitse

olla huolestunut. Rauhallisia kansalaisia on kokoontunut esittämään
kansalliskokoukselle anomusta, ja he haluavat viettää
kansalaisjuhlaa valan muistoksi, joka vannottiin pallohuoneessa
vuonna 1789. Nämä kansalaiset pyytävät päästä kulkemaan
Feuillants-pengermän kautta. Mutta nyt on sen ristikkoportti kiinni,
ja lisäksi muuan panostettu tykki sulkee tien. Olemme tulleet
pyytämään, sire, että ristikkoportti avataan ja joukolle myönnetään
vapaa pääsy.»
»Hyvä herra», vastasi kuningas, »vyöhyestänne huomaan teidät

valtuuston virkailijaksi. Teidän tehtäviänne on siis lain
sovelluttaminen. Jos kansalliskokouksen istuntosalin
tyhjentämiseksi pidätte sitä välttämättömänä, aukaisuttakaa vain
Feuillants-pengermän portti. Kansalaiset kulkekoot pengermän
kautta ja poistukoot tallipihan portista. Sopikaa asiasta kaartin
ylipäällikön kanssa ja huolehtikaa ennen kaikkea siitä, ettei yleinen
rauhallisuus häiriinny.»
Miehet tervehtivät ja poistuivat erään upseerin mukana, joka sai

tehtäväkseen vakuuttaa, että kuningas tosiaankin oli antanut
määräyksen aukaista portin.
Ristikkoportti työnnettiin auki. Kaikki ryntäsivät sisälle.
Syntyi tungos. Jokainen tietää, mitä tällainen tungos merkitsee.

Se on pieneen tilaan puristettu höyry, joka räjähtää ja murskaa.
Feuillants-pengermän ristikkoportti murtui kuin niiniseula.
Tungos harveni, ja joukko hajaantui ilakoiden puutarhaan.
Tallipihan portti oli unohdettu avata. Kun joukko huomasi tämän

portin olevan kiinni, marssi se kansalliskaartin ohitse, joka oli
järjestetty riveihin linnan julkipuolen edustalle.
Sitten se vyöryi laituriportista ulos, ja koska sen oli mentävä
esikaupunkeihin, halusi se päästä pois Carrousel-aukion puolisesta
ulkoportista. Tämä pääsy oli suljettu ja vartioitu.
Mutta äskeisessä tungoksessa puristettu, tyrkitty ja kolhiintunut

joukko alkoi ärtyä.
Se murahteli. Käytävä aukaistiin ja joukko levittäytyi

suunnattomalle
aukiolle.
Tällöin muistettiin, että päivän varsinainen tehtävä olikin anoa

kuningasta peruuttamaan kieltonsa.
Joukko ei siis jatkanutkaan matkaansa, vaan jäi Carrousel-aukiolle

odottelemaan.
Näin kului tunti. Kärsimättömyys yltyi. Kaikki olivat valmiit

lähtemään tiehensä, mutta se ei sopinut johtajien suunnitelmiin.
Ryhmästä toiseen kulki miehiä, jotka puhelivat:
»Jääkää, jääkää vielä! Kuningas vahvistaa asetuksen, Älkää

poistuko,
ennenkuin kuningas on sen vahvistanut, muutoin saamme aloittaa
leikin
uudelleen.»
Joukon mielestä nämä miehet puhuivat silkkaa järkeä, mutta

asetuksen
vahvistamista saatiin odotella melko kauan.
Ihmisten oli nälkä. Sitä huudettiin yleisesti. Leipä ei tosin ollut

enää kallista, mutta ei ollut työtä eikä rahaa. Ja vaikka leipä olikin
halpaa, ei sitä sentään annettu ilmaiseksi.
Kaikki nämä ihmiset olivat nousseet kello viisi aamulla, olivat

lähteneet hökkeleistään, missä olivat panneet nälkäisinä levolle
edellisenä iltana. Kaikki nämä työläiset vaimoineen ja vaimot
lapsineen olivat lähteneet liikkeelle epämääräisesti toivoen, että
kuningas vahvistaisi asetuksen ja että kaikki sujuisi hyvin.
Mutta kuningas tuntui kaikkein vähimmän halukkaalta

vahvistamaan asetusta.
Oli kuuma, ja ihmisten tuli jano.
Nälkä, jano ja kuumuus saavat koirat raivoisiksi. Kansa-parka

odotteli
ja oli kärsivällinen.
Sillaikaa jotkut alkoivat ravistella linnan ristikkoporttia. Joku

virkamies ilmestyi linnanpihalle.
»Kansalaiset», sanoi hän, »tämä on kuninkaan asunto, ja jos

tänne tunkeudutaan aseet kädessä, tietää se hyökkäystä. Kuningas
haluaa kyllä ottaa vastaan anomuksenne, mutta vain
kahdenkymmenen edustajanne esittämänä.»
Niitä edustajia, joiden paluuta joukko odotti ja joiden se luuli

päässeen kuninkaan puheille jo tunti sitten, ei ollut siis vielä
lähetetty edes sisällekään!
Äkkiä kuului laiturikadun taholta kovaäänistä melua. Siellä tulivat

Santerre ja Saint-Huruge ratsastaen ja Théroigne tykillään lojuen.
»No mitä te teette tuon portin edessä?» huusi Saint-Huruge.
»Miksette
mene sisälle?»
»Juuri niin», sanoivat rahvaanmiehet, »miksemme mene sisälle?»
»Mutta näettehän portin olevan kiinni», huomauttivat toiset.
Théroigne hypähti alas tykiltään.
»Tämä on panostettu», kehaisi hän. »Räjäyttäkää portti auki.»
Tykki siirrettiin portin eteen.
»Odottakaa, odottakaa!» huudahti kaksi linnan virkailijaa. »Ei

väkivaltaa! Teille avataan.»
He painoivat puomia, joka telkesi portin puoliskot.
Puomi siirtyi ja portti aukeni.
Kaikki ryntäsivät sisälle.
Haluatteko tietää, mitä on lauma ja minkä hirveän virran se panee

paisumaan?
Joukko ryntäsi sisälle, tykki laahattiin mukana linnanpihan yli,

portaita ylös ihan eteiseen asti.
Portaitten yläpäässä seisoi valtuuston vyöhytkoristeisia virkailijoita.
»Mitä aiotte tehdä tuolla tykillä?» kysyivät he. »Tykki kuninkaan

huoneistossa? Luuletteko saavuttavanne jotakin sellaisin
väkivaltaisin keinoin?»
»Se on totta», vastasivat miehet itsekin tuiki kummissaan, että
tykki oli tullut heidän mukanaan.
Tykki käännettiin ja aiottiin viedä pois.
Akselinpää tarttui kiinni pihtipieleen, ja tykinsuu ammotti

väkijoukkoon päin.
»Vai niin, kuninkaan huoneissa asti on tykistöä?» huusivat ne,

jotka yrittivät sisälle ja jotka tuntematta sitä Théroignen tykiksi
ihmettelivät, mistä se oli tullut, ja arvelivat, että se oli tuotu heitä
tuhoamaan.
Mouchetin käskystä kaksi miestä alkoi kirvein silpoa pihtipieliä ja

väljentää oviaukkoa. Lopulta tykki saatiin eteiseen.
Tämä puuha, jonka tarkoituksena oli irroittaa tykki, pani

luulemaan,
että linnan ovia särjettiin kirveillä.
Lähes kaksisataa aatelismiestä kiiruhti linnaan. He eivät toivoneet

voivansa puolustaa sitä, mutta arvelivat kuninkaan olevan vaarassa
ja tulivat kuolemaan hänen kanssaan.
Heitä oli muiden muassa vanha marsalkka de Mouchy, d'Hervilly,

viralta pannun perustuslaillisen kaartin kapteeni, Acloque, Saint-
Marceaun kansalliskaartin pataljoonanpäällikkö, kolme Saint-
Martinin esikaupungin pataljoonakrenatööriä, jotka olivat jääneet
paikoilleen, herrat Lecrosnier, Bridaud ja Gosse sekä muuan
mustapukuinen mies. Tämä oli jo kerran rientänyt tarjoamaan
rintansa murhaajien luodeille, mutta hänen neuvoistaan ei ollut
koskaan piitattu; nähdessään vaaran, jota oli turhaan koettanut
torjua, hän saapui nyt kuin viimeiseksi rintasuojukseksi asettumaan
vaaran ja kuninkaan väliin. Se mies oli Gilbert.
Kuningas ja kuningatar, jotka aluksi olivat hyvin levottomia

väkijoukon kauhean hälinän takia, olivat vähitellen tottuneet siihen.
Kello oli tällöin puoli neljä. He toivoivat päivän päättyvän, kuten

se
oli alkanutkin.
Kuninkaan perhe oli kerääntynyt kuninkaan huoneeseen.
Äkkiä kuului sinne asti kirveeniskujen jytinä, mutta sitäkin

selvempänä väkijoukon hoilaus, joka muistutti kaukana raivoavan
myrskyn ärjyntää.
Tällöin syöksyi muuan mies kuninkaan makuusuojaan huutaen:
»Sire, älkää poistuko likeltäni! Minä vastaan kaikesta!»

XVI
Kuningas huomaa, että eräissä tilanteissa voi panna päähänsä

punaisen myssyn vaikkei ole jakobiini
Tulija oli tohtori Gilbert.
Hänet nähtiin linnassa vain ajoittain ja alati sen suunnattoman

murhenäytelmän käännekohdissa, joka kehittyi loppuaan kohti.
»Ah, tohtori, tekö sieltä tulette! Mitä siis on tekeillä?» kysyivät

kuningas ja kuningatar yhtaikaa.
»Sire», huudahti Gilbert, »linnaan on tunkeuduttu, ja kuulemanne

melu
johtuu siitä, että kansa haluaa nähdä teidät».
»Voi, me emme jätä teitä,-sire!» huudahtivat kuningatar ja

madame
Elisabeth yhtaikaa.
»Haluaako kuningas antaa minulle tunniksi samat valtuudet kuin

on
laivan kapteenilla myrskyn aikana?» kysyi Gilbert.
»Annan teille ne valtuudet», myönsi kuningas.
Tällä hetkellä kansalliskaartin kapteeni Acloque ilmestyi

kynnykselle,
kalpeana, mutta valmiina puolustamaan kuningasta loppuun saakka.
»Hyvä herra», huudahti Gilbert, »tässä on kuningas. Hän seuraa

teitä.
Huolehtikaa kuninkaasta!»
Kuninkaalle hän virkkoi:
»Menkää, sire, menkää!»
»Mutta minä tahdon seurata puolisoani!» huudahti kuningatar.
»Ja minä veljeäni!» lisäsi madame Elisabeth.
»Seuratkaa te veljeänne, madame», sanoi Gilbert madame

Elisabethille, »mutta te, madame, jääkää tänne», lisäsi hän
kääntyen kuningattareen päin.
»Herra…!» aloitti Marie-Antoinette.
»Sire, sire», vaikeroi Gilbert, »taivaan tähden, pyytäkää

kuningatarta
luottamaan minuun, muutoin en vastaa mistään!»
»Madame», sanoi kuningas, »noudattakaa herra Gilbertin neuvoja

ja
totelkaa hänen käskyjään, jos tarvis vaatii».
Gilbertille hän virkkoi:

»Hyvä herra, vastaatteko kuningattaren ja kruununprinssin
turvallisuudesta?»
»Sire, vastaan siitä tai kuolen heidän kanssaan! Siinä kaikki, mitä
perämies voi sanoa myrskyn riehuessa.»
Kuningatar aikoi vielä kerran inttää vastaan, mutta Gilbert kohotti

käsivartensa kuin katkaistakseen häneltä tien.
»Madame», sanoi hän, »teitä eikä kuningasta todellinen vaara

uhkaa.
Syyttä tai syystä teitä soimataan kuninkaan vastustelusta. Teidän
esiintymisenne siis vain paljastaisi hänet eikä puolustaisi häntä.
Ruvetkaa ukkosenjohdattimeksi. Johtakaa salama muualle, jos
voitte.»
»Iskeköön salama siis vain minuun ja säästäköön lapseni!»
»Olen luvannut kuninkaalle vastata teistä ja heistä, madame.

Seuratkaa minua!»
Sitten hän kääntyi puhuttelemaan rouva de Lamballea, joka

kuukausi sitten oli palannut Englannista ja tullut Vernonista kolmea
päivää aikaisemmin, sekä toisia kuningattaren hovinaisia.
»Seuratkaa meitä!» kehoitti hän.
Kuningattaren toiset hovinaiset olivat Tarenten ja Trémouillen

prinsessat, rouvat de Tourzel, de Mackau ja de la Roche-Aymon.
Gilbert tunsi palatsin sisäpuolenkin hyvin ja tahtoi nyt päästä

johonkin suureen saliin, missä kaikki voivat nähdä ja kuulla. Se olisi
ensimmäinen vallattava rintavarustus. Hän sijoittaisi kuningattaren,
molemmat lapset ja hovinaiset tämän rintavarustuksen taakse ja
asettuisi itse sen eteen. Niinpä hänen mieleensä tuli neuvostosali,
joka onneksi oli vielä tyhjä.
Hän työnsi kuningattaren, lapset ja hovinaiset ikkunakomeroon.

Hetket
olivat niin kalliit, ettei ollut aikaa puhella. Oville jo kolkutettiin.
Hän laahasi ministerineuvoston raskaan pöydän ikkunan eteen.

Rintasuojus oli valmis.
Kuninkaallinen prinsessa seisoi pöydällä veljensä vieressä, joka

istui,
Kuningatar pysytteli heidän takanaan. Viattomuus puolustaisi

epäsuosioon joutunutta.
Mutta Marie-Antoinette halusi sijoittua lastensa eteen.
»Ei, näin on hyvä», sanoi Gilbert kuin kenraali, joka järjestää

ratkaisevan sotaliikkeen. »Älkää liikahtakokaan!»
Ja kun ovea jyskytettiin ja hän kuuli naisten ääniä ulvovan

hyökyaallon keskeltä, kiersi hän salvat auki ja sanoi:
»Astukaa sisälle, kansattaret! Kuningatar ja hänen lapsensa

odottavat
teitä!»
Ovi aukeni, ja tulva syöksyi sisälle kuin murtuneesta padosta.
»Missä on Itävallatar, missä on rouva Veto?» kiljui viisisataa ääntä.
Se oli kauhea silmänräpäys.

Gilbert käsitti, että tällä äärimmäisellä hetkellä kaikki inhimillinen
voima oli turhuutta ja että vain Jumalassa oli turva.
»Mielenmalttia, madame!» neuvoi hän kuningatarta. »Minun ei

tarvinne
kehoittaa teitä esiintymään ystävällisesti.»
Muuan nainen tuli toisten edellä, hajahapsin, sapelia heilutellen,

kauniina vihasta, kenties myös nälästä.
»Missä on Itävallatar?» kirkui hän. »Hän kuolee minun kädestäni!»
Gilbert tarttui hänen käteensä, talutti hänet kuningattaren eteen

ja sanoi:
»Tuossa hän on!»
Kaikkein ystävällisimmällä äänellään kuningatar sanoi silloin:
»Olenko tehnyt teille itsellenne jotakin pahaa, lapsukainen?»
»Ette mitään, madame», vastasi esikaupunkilaisnainen peräti

kummissaan
Marie-Antoinetten äänen ystävällisyydestä ja ylevyydestä.
»No, miksi siis haluatte surmata minut?»
»Minulle on kerrottu, että te viette kansan turmioon», sopersi

nuori nainen hämmentyneenä ja laski sapelinkärjen lattiaan.
»Teitä on petetty. Olen naimisissa Ranskan kuninkaan kanssa.

Olen kruununprinssin äiti, tämän lapsen, katsokaa… Olen ranskatar
enkä näe milloinkaan synnyinmaatani… en voi siis olla onnellinen
tai onneton muualla kuin Ranskassa… Ah, olisin onnellinen, jos te
rakastaisitte minua!»
Ja kuningatar huoahti raskaasti.
Nuoren naisen kädestä kirposi sapeli ja hän alkoi itkeä.
»Voi, madame», nyyhkytti hän, »en tuntenut teitä. Suokaa

minulle anteeksi! Huomaan, että teillä on hyvä sydän!»
»Jatkakaa näin, madame», kuiskasi Gilbert kuningattarelle, »ja te

ette ainoastaan ole pelastettu, vaan neljännestunnin perästä koko
tuo joukko on polvillaan edessänne».
Sitten hän uskoi kuningattaren parin kolmen juuri saapuneen

kansalliskaartilaisen ja väkijoukon mukana tänne joutuneen
sotaministeri Lajardin huostaan, rientäen itse tapaamaan
kuningasta.
Kuningas oli saanut osakseen miltei samanlaisen vastaanoton.

Ludvig XVI oli kiiruhtanut sille suunnalle, mistä meteli kuului. Juuri
kun hän astui Häränsilmä-saliin, murtui oven peililaudoitus, ja
pistimet, piikit ja kirveenterät työntyivät aukosta sisälle.
»Avatkaa ovi», huusi kuningas, »avatkaa!»
»Kansalaiset», sanoi d'Hervilly kuuluvalla äänellä, »tarpeetonta on

särkeä ovea, sillä kuningas tahtoo, että ovi avataan».
Samalla hän väänsi salvat auki ja kiersi avainta. Puoleksi

murskattu
ovi kääntyi saranoillaan.
Acloque ja herttua de Mouchy ehtivät parhaiksi työntää
kuninkaan ikkunakomeroon parin kolmen krenatöörin kumotessa ja
kasatessa raheja hänen suojakseen.
Nähdessään väkijoukon ryntäävän sisälle ulvoen, sadatellen ja

meluten kuningas ei voinut pidättyä huudahtamasta:
»Apuun, herrat!»
Neljä krenatööriä paljasti heti säilänsä ja asettui hänen rinnalleen.
»Miekka tuppeen, hyvät herrat!» komensi kuningas. »Pysykää

vierelläni,
siinä kaikki, mitä teiltä pyydän.»
Se ei tosiaankaan tapahtunut liian varhain. Sapelien välähdys oli

vaikuttanut uhittelulta.
Muuan ryysyläinen, hihat käärittyinä, suu vaahdossa, hyökkäsi

kuninkaan eteen.
»Ah, siinä sinä oletkin, Veto!» puuskutti hän.
Ja hän yritti sohaista uhriaan sauvan nenään sidotulla puukolla.

Muuan krenatööri, joka ei ollut työntänyt sapeliaan tuppeen, työnsi
sauvan syrjään. Mutta silloin kuningas, täysin tointuneena, tarttui
krenatöörin käsivarteen ja sanoi:
»Antakaa olla, hyvä herra! Mitä pelättävää minulla on oman

kansani keskuudessa?»
Ja astuen askelen eteenpäin Ludvig XVI tarjosi rintansa

kaikenmuotoisten aseitten lävistettäväksi ja esiintyi komean
ylevästi, mitä hänestä ei olisi uskonut, ja rohkeasti, mikä oli ollut
hänelle siihen saakka vierasta.
»Hiljaa», huusi muuan ääni kauhean metelin seasta, »minä haluan

puhua!»
Missä tykinlaukaus ei olisi kuulunut, siinä tämä ääni vaiensi melun

ja
kiroustulvan.
Ääni oli teurastaja Legendren. Hän lähestyi kuningasta käden

ulottuville.
Kuninkaan ympärille kasaantui piiri, jonka takimmaiseen riviin nyt

ilmestyi muuan mies, ja Dantonin näköisen hirveän olennon ohitse
kuningas tunsi tohtori Gilbertin kalpeat, mutta tyynet kasvot.
Tutkiva katse kysyi tältä: »Kuinka on kuningattaren laita, hyvä

herra?»
Tohtorin hymy vastasi: »Hän on turvassa, sire!» Kuningas kiitti

Gilbertiä kädenliikkeellä.
»Herra!» sanoi Legendre kuninkaalle.
Kuullessaan sanan herra kuningas kääntyi kuin käärme olisi

purrut häntä, sillä se sana tuntui viittaavan viraltapanoon.
»Niin, herra… herra Veto, teille juuri minä puhun», jatkoi

Legendre. »Kuunnelkaa siis, sillä teidät on luotu meitä
kuuntelemaan. Te olette valapatto, te olette pettänyt meitä alati ja
petätte yhä. Mutta kavahtakaa, mittanne on täysi ja kansa on
väsynyt olemaan leikkikalunne ja uhrinne!»
»Hyvä on, minä kuuntelen, herra», virkkoi kuningas.
»Sitä parempi! Tiedättekö, miksi olemme tulleet tänne? Olemme

tulleet pyytämään, että te vahvistaisitte molemmat asetukset ja
kutsuisitte takaisin erotetut ministerit… Tässä on anomuksemme
kirjoitettuna.»
Legendre otti taskustaan paperin, levitti sen auki ja luki saman

uhkaavan anomuksen, joka oli jo luettu kansalliskokouksessa.
Kuningas kuunteli, tarkaten lukijaa. Kun lukeminen oli päättynyt,

sanoi hän ainakin näköjään ihan rauhallisesti:
»Hyvä herra, minä teen, mitä lait ja hallitusmuoto käskevät minun

tehdä.»
»Niin, niin, se on sinun ainainen keppihevosesi», virkkoi muuan

ääni joukosta. »Hallitusmuoto, vuoden 91 perustuslaki, sen avulla
sinä lamautat koko koneiston, kytket Ranskan kaakinpuuhun ja
odottelet itävaltalaisia kuristamaan kansan!»
Kuningas kääntyi sille taholle, mistä tämä ääni kuului, sillä hän
oivalsi, että sieltä oli tulossa edellistä vakavampi hyökkäys.
Gilbert niinikään liikahti ja riensi koskettamaan miehen olkapäätä.
»Olen nähnyt teidät varemminkin, hyvä ystävä», sanoi kuningas.

»Kuka
te olette?»
Ja hän silmäili miestä pikemmin uteliaana kuin peläten, vaikka

tuntemattoman piirteet ilmaisivat hirveää päättäväisyyttä.
»Olette nähnyt minut varemmin, sire. Olette nähnyt minut jo
kolme kertaa: kerran Versaillesista palatessanne heinäkuun
kuudentenatoista päivänä, kerran Varennesissa ja nyt täällä…
Muistakaa nimeni, sire, se on synkkäenteinen nimi. Minä olen
Billot!» [Mestauspölkky. — Suom.]
Huudot yltyivät. Muuan piikkimies yritti survaista aseensa

kuninkaaseen.
Mutta Billot tarttui keihääseen, riuhtaisi sen miehen kädestä ja

taittoi sen polveaan vasten.
»Ei murhaa!» sanoi hän. »Vain yksi rauta saa kajota tuohon
mieheen, lain rauta! Englannissa kuuluu hallinneen kuningas, jonka
kaulan petetyn kansan tuomio on katkaissut. Sinun pitäisi tietää
hänen nimensä, Ludvig! Älä unohda sitä!»
»Billot!» mutisi Gilbert.
»Sanokaa mitä tahansa», vastasi Billot ravistaen päätänsä, »tuo

mies tuomitaan kuolemaan petturina!»
»Petturina», toistivat sadat äänet, »petturina, petturina,

petturina!»
Gilbert heittäytyi kuninkaan ja väkijoukon väliin. »Älkää pelätkö,

sire!» sanoi hän. »Koettakaa jollakin vakuuttavalla tavalla
rauhoittaa noita raivopäitä.» Kuningas tarttui Gilbertin käteen ja
kohotti sen sydämelleen.
»Tunnettehan, ettei sydämeni pelkää mitään, hyvä herra», sanoi

hän. »Tänä aamuna sain nauttia pyhää ehtoollista. Tehtäköön
minulle nyt mitä tahansa, minä olen levollinen. Kehoititte minua
keksimään jonkun tehokkaan keinon. Riittääkö tämä?»
Kuningas tempasi erään sanskulotin päästä punaisen myssyn ja

painoi sen omaan päähänsä.
Mieslauma puhkesi heti suosionosoituksiin.
»Eläköön kuningas! Eläköön kansa!» huusivat kaikki yhteen

ääneen.
Muuan mies tunkeutui joukon halki ja astui kuninkaan eteen. Hän

piteli
kädessään pulloa.
»Kuulepas, paksu Veto, jos rakastat kansaa niinkuin sanot, todista

se
juomalla kansan terveydeksi!»
Hän ojensi kuninkaalle pulloaan.
»Älkää juoko, sire!» varoitti muuan ääni. »Viini on kenties

myrkytettyä.»
»Juokaa, sire, minä vastaan kaikesta», vakuutti Gilbert.
Kuningas otti pullon.
»Kansan terveydeksi!» sanoi hän.
Ja hän joi.
»Eläköön kuningas!» kajahti jälleen kuorossa.

Guidelines For Failure Mode and Effects Analysis FMEA For Automotive Aerospace and General Manufacturing Industries 1st Edition Dyadem Press

Uploaded by

Copyright:

Available Formats

Guidelines For Failure Mode and Effects Analysis FMEA For Automotive Aerospace and General Manufacturing Industries 1st Edition Dyadem Press

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Guidelines For Failure Mode and Effects Analysis FMEA For Automotive Aerospace and General Manufacturing Industries 1st Edition Dyadem Press

Uploaded by

Copyright:

Available Formats

Full download ebook at ebookgate.

Guidelines for Failure Mode and Effects

Download more ebook from https://ebookgate.com

High Performance Coatings for Automotive and Aerospace

Labor Relations in the Aviation and Aerospace

Guidelines for Enabling Conditions and Conditional

Stop Motion Craft Skills for Model Animation Second

Distributed Generation The Power Paradigm for the New

ISTFA 2009 proceedings from the 35th International

Transfer Path Analysis Based on in Situ Measurements

Encyclopedia of Products Industries Manufacturing 1st

ISBN 0-203-00968-1 Master e-book ISBN

International Standard Book Number 0-8493-1908-0 (Print Edition)

Chapter 2—Automotive, Aerospace and General Manufacturing Quality System

Chapter 4—Risk Management Planning

Chapter 5—Risk Analysis Methodologies

Chapter 6—Overview of FMEA

Chapter 7—FMEA Procedures

Chapter 8—FMEA Team

Chapter 9—Common Tools Used with FMEA

Chapter 10—Pitfalls with FMEA

Chapter 11—Product Life Cycle & FMEA

Chapter 12—Product/Design FMEA

Chapter 13—Process FMEA

Chapter 14—Machinery FMEA

This chapter describes the objectives of Machinery FMEA (M-FMEA), recommended

Chapter 15—Application FMEA

Chapter 16—Service FMEA

Chapter 17—Hardware and Software FMEA

Chapter 18—Analysis of FMEA Results

Chapter 19—Overview of Failure Mode, Effects and Criticality Analysis (FMECA)

Chapter 20—Post FMEA Study

Chapter 21—FMEA in Advanced Quality Planning/Advanced Product Quality

Chapter 22—Product Quality Control Plans and Dynamic Control Plans

General Manufacturing Industry

ISO 9000 Series

related to other management systems (e.g. environmental) and many sector-specific

Standard Title Description

quality manuals maintenance of quality manuals tailored to your

a. Quality System Requirements—QS 9000:1998

Section 2: contains customer-specific requirements (Ford, Chrysler, GM and OEM

Section I—ISO 9000-based requirements include the following

4.1 Management Responsibility

4.2 Quality System

Updating of quality control, inspection and testing techniques as required;

4.3 Contract Review

4.4 Design Control

4.5 Document and Data Control

4.7 Control of Customer Supplied Product

4.8 Product Identification and Traceability

4.9 Process Control

▪ Process parameters and product characteristics, especially defined special

4.10 Inspection and Testing

4.11 Control of Inspection, Measuring and Test Equipment

4.12 Inspection and Test Status

4.13 Control of Nonconforming Product

4.14 Corrective and Preventive Action

4.15 Handling, Storage, Packaging, Preservation and Delivery

4.16 Control of Quality Records