Featured Product
This Week in Quality Digest Live
Standards Features
Using the CASCO Toolbox to repair and restore
Todd Hawkins
Good documentation is worth the effort you put into it
Rupa Mahanti
With data as the fuel of the digital economy, data governance is the much needed brake
Bryan Christiansen
Workplace policies that reduce accidents and enhance safety
Chip Reavley
Well-designed solutions lower costs and increase revenue

More Features

Standards News
Creates one of the most comprehensive regulatory SaaS platforms for the industry
Yotrio and SunVilla to provide interactive, 3D-enabled assembly via BILT app
KCP25C grade with KENGold coating sets new standard for wear and productivity in steel turning
Takes action to mitigate risk of medical devices shortage
Standards, testing help autonomous vehicles drive safely
Offering production versatility and throughput with increased detection sensitivity and low energy consumption
New lines improve software capability and analysis
Automotive cybersecurity on Feb. 9, and AS9145 on Feb. 28

More News

Denise Robitaille


Purchasing Department Vs. Purchasing Process

Consider your organization’s process for product and service purchases made outside of the purchasing department.

Published: Tuesday, March 8, 2005 - 23:00

It’s logical to expect the purchasing process to fall under the purview of the purchasing department. However, the reality is that in most organizations there are people from different departments who generate purchase orders and sign contracts. Not all procurement is done by the purchasing department.The prevailing tendency in many organizations continues to be to associate a process predominantly (if not exclusively) with one particular department. This perpetuates what has been referred to as the “silo” approach to defining the organization, where each activity is treated as a unique self-contained unit, having little interaction beyond its scope. For the purpose of definition, authorization and control, the process approach to systems management requires that a company first consider the process within the context of organizational inputs and outputs before considering how it relates to the area in which it occurs. The relevant ISO 9001:2000 requirements are:
  • 4.1: "Where an organization chooses to outsource any process…it shall ensure control over such processes." 
  • 7.4.1: "The organization shall ensure that purchased product conforms to specified purchase requirements."
  • 7.4.2: “Purchasing information shall describe the product to be purchased…”
  • 8.4: “The analysis of data shall provide information relating to… d) suppliers.”

Note that none of these requirements reads, “The purchasing department shall…”

The purchasing process permeates the entire quality management system with resulting interfaces to myriad other functions. The human resource department contracts with the temp agency for seasonal workers. The quality control lab authorizes the local metrology house to come in and calibrate equipment. The production manager signs off on the purchase of repair parts for equipment, and so on.

There’s nothing wrong with having people other than the purchasing agent signing orders for goods and services. Organizations need to establish procedures and protocols that work best for them. ISO 9001 only requires companies to define the process, say who is authorized, and ensure that the practice is implemented and adequately controlled.

The purchase of raw materials, tooling and components is generally routed through the company’s purchasing department. Purchasing procedures usually provide extensive details of what the purchasing department does. Unfortunately, there’s rarely sufficient language in typical documentation to define alternate practices. Different process owners often make up their own rules as to how they select vendors and issue purchase orders. The purchasing people end up becoming unfamiliar with practices that have been independently developed in the other departments. Conversely, the people in those departments are clueless as to the rules and requirements that the organization has established for selecting vendors, placing orders and monitoring supplier performance.

As an auditor, I have on more than one occasion asked a process owner if a particular supplier was on the company’s approved vendor list, as described in their own supplier qualification procedure. Almost invariably, I get a blank look and a shrug. Often, the person I’m asking isn’t even cognizant that the company has a list of approved vendors. The purchasing procedure is considered to be the property of the purchasing staff, even if they aren’t the only ones buying materials.

The purchasing personnel, for their part, have no idea who is authorized to purchase materials and services that fall outside of their departmental boundaries. When asked, they may say: “John in production handles that. It doesn’t come through my office.” Inconsistencies lead to practices that increase the risk of organizational breakdowns, which can cost the company time and money.

ISO 9001 doesn’t require companies to have a purchasing procedure or an approved vendor list. It doesn’t restrict the requirements to any particular entity within the organization. What it clearly intends is that the organization exercise appropriate control over activities that affect its ability to fulfill customer requirements, regardless of where they may be situated within the mesh of interrelated processes that cumulatively define a quality management system. Just because something is being purchased by another department doesn’t absolve the organization from the need to ensure that the suppliers are appropriately qualified and monitored.

People are often startled when they begin to list all the different items companies buy that aren’t funneled through the purchasing department. It’s important to look at what is being purchased. Are the suppliers furnishing product that’s essential to the fulfillment of the organization’s objectives? How critical are the materials or services being purchased?

When writing purchasing procedures (or other documents used to describe the procurement of goods and services), remember to include those processes that don’t fall under the direct purview of the purchasing department. Decide if the practices purchasing has in-place are adequate and controlled. Determine whether it’s more efficient for the organization to have only one process and require everyone to conform, or if it’s OK for it to have more alternate methods, as long as they’re defined, controlled and effective. Establish if there’s a cost associated with having multiple methods and if there’s a risk of breakdowns.

Sometimes, when departments are allowed to use their own process for purchasing goods and services, they take shortcuts that can have unforeseen consequences. It’s also often the case that they’re unfamiliar with some of the techniques used to ensure that suppliers have the capacity to meet certain requirements. Companies with auditors dedicated exclusively to assessing suppliers of raw materials and components may be able to mentor others in what to look for in a good supplier. Questions to ask might include (depending on how critical the service or product is):

  • Is the calibration house registered to ISO 17025?
  • How does the temp agency qualify the people they send?
  • What records do they keep?
  • How reliable is the inventory management for the supplier of emergency repair parts?
  • How does the customer survey specialist design the surveys he uses?
  • How are they validated?
  • Are the environmental monitoring gages at the remote storage site calibrated?

Regardless of if a company has decided to streamline everything into one procedure or to define and control as many processes as it deems appropriate, managers need to ask process owners what they do. Decide what needs to be defined and controlled and take steps to ensure consistent implementation.

Managers don’t have to control the purchase of every paperclip and roll of toilet paper. They have to make sure they have an adequate handle on the organization’s process for managing critical suppliers and products that fall outside the scope of the purchasing department.


About The Author

Denise Robitaille’s picture

Denise Robitaille

Denise Robitaille is the author of thirteen books, including: ISO 9001:2015 Handbook for Small and Medium-Sized Businesses.

She is chair of PC302, the project committee responsible for the revision to ISO 19011, an active member of USTAG to ISO/TC 176 and technical expert on the working group that developed the current version of ISO 9004:2018. She has participated internationally in standards development for over 15 years. She is a globally recognized speaker and trainer. Denise is a Fellow of the American Society for Quality and an Exemplar Global certified lead assessor and an ASQ certified quality auditor.

As principal of Robitaille Associates, she has helped many companies achieve ISO 9001 registration and to improve their quality management systems. She has conducted training courses for thousands of individuals on such topics as auditing, corrective action, document control, root cause analysis, and implementing ISO 9001. Among Denise’s books are: 9 Keys to Successful Audits, The (Almost) Painless ISO 9001:2015 Transition and The Corrective Action Handbook. She is a frequent contributor to several quality periodicals.