| NODIS Library | Program Management(8000s) | Search |

NPR 8735.2C
Effective Date: March 12, 2021
Expiration Date: March 12, 2026
Printable Format (PDF)

Subject: Hardware Quality Assurance Program Requirements for Programs and Projects (Updated w/Change 1)

Responsible Office: Office of Safety and Mission Assurance

| TOC | ChangeHistory | Preface | Chapter1 | Chapter2 | Chapter3 | Chapter4 | Chapter5 | Chapter6 | Chapter7 | Chapter8 | AppendixA | AppendixB | AppendixC | AppendixD | AppendixE | AppendixF | AppendixG | ALL |

Chapter 6. Management of Quality Risks

6.1 Risk Management

NASA Project Managers shall use risk management processes in accordance with NPR 8000.4, to ensure that technical and programmatic risks associated with departures from the established QA requirements prior to production, during production, and throughout all life-cycle phases are fully mitigated or accepted by the program or project and are documented.

6.2 Manufacturability of Non-standard Designs

The Project Manager shall include requirements or processes in the Project QA program for identifying and managing manufacturability risks for non-standard, unqualified, and low-maturity designs and manufacturing methods where technical specifications of form, fit, function, process control, or verification techniques are not established. See 4.3.1 Note regarding technical specifications not contained in technical standards.

6.3 Managing Quality Nonconformances

6.3.1 The Project Manager shall address the requirements, in a. through i., in the Project QA program plan for managing nonconformances.

a. The required process elements, including the minimum data reported and timing, to be used by suppliers for notifying the project of the occurrences of product or process nonconformances, discrepancies, and failures are defined. (For additional information, see 48 CFR ยง 46.104(e).)

b. Quality nonconformances that present a significant safety, technical, or programmatic risk to mission success are referred to a review board, or equivalent, for assessment and disposition (e.g., Materials Review Board (MRB), Risk Management Board, Failure Review Board, or Investigative Tiger Team).

c. The minimum criteria and/or methodology to be used by the review board managing authority (i.e., the supplier, the program, or the project) to determine which nonconformances satisfy the standard for review board consideration, established in 6.3.1.b above, are defined.

d. The process controls that will be used to ensure SMA TA has awareness of, concurs with, or approves review board dispositions are defined.

e. The membership of the review board provides expertise that covers considerations of QA, manufacturing process controls, engineering and system design, reliability, and programmatic risk.

Note: This requirement does not prescribe a minimum number of people who comprise a review board or the number of consultants engaged by the review board but instead describes the technical and programmatic considerations that must be addressed by the review board to achieve a risk-balanced disposition.

f. Review boards investigate the cause(s) for the quality nonconformances, set the direction for their resolution, assign a disposition (e.g., scrap item, rework, repair, return, downgrade, use as is), and track and report the progress of the investigations and dispositions until closure.

Note: Analysis of the nonconformance should seek to discover the root cause to heighten the likelihood that the assigned corrective actions will be effective.

g. Review boards investigate and address nonconformance scope of impact including those that cut across multiple systems.

h. Review boards specify the engineering and quality controls to be used, including process qualification if applicable, when using board-recommended rework or repair processes that are non-standard and when the consequences of process failure would have a negative impact to safety or programmatic success. Training may be required to support execution of high-risk repair processes and/or for applying nonstandard verification methods and acceptance criteria.

i. The required minimum acquired and delivered review board records are defined to support program and project risk and final hardware configuration assessments, in addition to those specified in 4.5.2 above, that are necessary for completing acceptance data packages. See Appendix E for additional data retention and delivery criteria that may be used for nonconformances and review boards.

6.3.2 Project managers shall comply with the following requirements for nonconformances associated with products or processes from external suppliers that are associated with high levels of risk to mission success objectives (e.g., crew safety, technical, programmatic, regulatory) and that require supplier-led root cause and corrective action (RCCA) processes to resolve the nonconformance and to prevent its reoccurrence:

a. Use corrective action requests (CAR) to require suppliers to execute root cause and corrective action processes to resolve the nonconformance and to prevent its reoccurrence.

Note: See AS9101F for uses of the term "major" for categorizing quality conformance findings for suppliers certified to AS9100D when there is indication of QMS deficiencies rather than of a one-time error.

b. For suppliers who are AS9100D certified, the project uses the Online Aerospace Supplier Information System (OASIS: https://www.iaqg.org/oasis/login) feedback system to report the nonconformances when one of the following applies:

(1) The supplier does not identify the nonconformance as Major in the OASIS system.

(2) The project has not delegated the OASIS reporting task to another NASA entity (e.g., the NASA Safety Center, NASA OSMA) or to the supplier's AS9100D certifying body.

Note: See AS9104/1, Requirements for Aviation, Space, and Defense Quality Management System Certification Programs, for AS9100D certification criteria related to containment and resolution of major nonconformities identified via the OASIS feedback system.

6.3.3 Project Managers shall include requirements in the Project QA program for documenting and controlling both the standard and non-standard processes used for rework and repair. Training may be required to ensure successful implementation of rework or repair processes.

6.3.4 Project Managers shall facilitate reporting to the Office of Inspector General and the Office of General Counsel Acquisition Integrity Program Office when they become aware of noncompliant conditions or failure experiences that may constitute evidence of fraud, malpractice, or other serious misconduct.

6.4 Quality Assurance Program Stability

6.4.1 Project Managers shall use periodic auditing or assessments of their own conformance with the Project QA program requirements to identify and mitigate risks due to Project QA program instabilities. The following types of audits and assessments satisfy this requirement:

a. Program or project internal reviews.

b. Inclusion of the project QA program and its results within the scope of NASA Center QMS audits.

c. Inclusion of the project QA program and its results in an intercenter cooperative audit (e.g., Intercenter Aircraft Operations Panel (IAOP) reviews).

d. Inclusion of the project QA program and its results within the scope of Agency-led audits (e.g., Quality Audit, Assessment, and Review (QAAR) audits).

e. Inclusion of the project QA program and its results within the scope of third-party QMS audits.

6.5 Supplier Process Changes

6.5.1 The Project Manager shall include the requirements in a. through c. in the Project QA program to maintain awareness and manage risk associated with suppliers' design and process changes including:

a. Suppliers report design and process changes.

b. Suppliers requalify changed processes.

c. For changed designs and processes, loss of product traceability to requirements is evaluated.

| TOC | ChangeHistory | Preface | Chapter1 | Chapter2 | Chapter3 | Chapter4 | Chapter5 | Chapter6 | Chapter7 | Chapter8 | AppendixA | AppendixB | AppendixC | AppendixD | AppendixE | AppendixF | AppendixG | ALL |
| NODIS Library | Program Management(8000s) | Search |


This document does not bind the public, except as authorized by law or as incorporated into a contract. This document is uncontrolled when printed. Check the NASA Online Directives Information System (NODIS) Library to verify that this is the correct version before use: https://nodis3.gsfc.nasa.gov.