- Counterfeit Parts Policy: The organization’s top management should establish and document a policy to prevent the purchasing, acceptance, and distribution of counterfeit parts. Additionally, policies for the disposal and reporting of suspected, counterfeit, and/or confirmed counterfeit parts should be clearly stated.
- Counterfeit Electronic Parts Control Plan: The organization should develop and implement a control plan that includes risk reduction, disposal, and reporting processes used to combat counterfeit electronic parts.
- Customer-Related Contract Review, Agreement, and Enforcement: Review, understanding, and fulfillment of contractual requirements should be documented to minimize the risk of counterfeit parts trafficking. In cases where customer commitments cannot be met, notification must be made within 5 days at the latest, the source of supply must be explained in writing with the company name and location in each offer, and a minimum 1-year product warranty must be provided.
- Supplier Approval and Source Selection: Potential sources of supply must be evaluated to determine the risk of receiving counterfeit parts and a record of approved suppliers must be kept.
- Purchase Order Requirement: The organization must clearly state in communication and documentation the contractual provisions that determine purchasing controls to prevent the risk of counterfeit parts.
- Supply Chain Traceability: Documented processes require records to be kept that provide traceability throughout the supply chain.
- Product Protection: Products must be protected by identification, handling, packaging, storage and protection methods to maintain compliance with requirements during processing and delivery.
- Purchased Product Verification: The organization must verify that purchased products comply with the standard.
- Control of Non-Conforming Products: The organization must establish a procedure to identify, segregate and control products that do not conform to the requirements and prevent them from being unintentionally used or shipped.
- Material Control: The organization’s processes must ensure that no changes are made to labeling and information, that excess and non-conforming parts are controlled and that suspicious or confirmed counterfeit parts are prevented from re-entering the supply chain.
- Reporting: Suspicious, counterfeit and confirmed counterfeit parts must be reported to internal organizations, customers and relevant official authorities (e.g. GIDEP or ERAI) within 60 days of detection.
- Personnel Training: Personnel directly handling electronic parts must receive training in techniques for detecting suspicious and counterfeit parts.
- Internal Audit: The organization shall periodically conduct internal audits to assess whether the quality management system meets requirements.