Supplier quality management software — approval, COAs, SCARs and scorecards in one chain.
V5 connects supplier approval to dock receiving to lot genealogy. Approved suppliers ship in. Lapsed COAs block at the gate. SCARs link back to the lot, the CAPA, and the supplier scorecard — no orphan emails, no missed requalifications.
What breaks without this.
Supplier approval lives in a folder no one updates
Last year's audit is in a PDF on someone's desktop. The new ingredient gets received because no one checks.
COA review is manual and slow
Receiving waits for QA to open the PDF and key the values. Lots sit on the dock, the line goes idle.
SCARs disappear into email
The supplier says they fixed it. There's no proof, no effectiveness check, and the same defect arrives next quarter.
Records-by-execution. Compliance, by design.
Approved Supplier List that's actually live
Approval status, scope, expiration, and required documents are first-class data. Receiving cannot accept a lot from a lapsed supplier.
COA verification — automated against spec
Supplier COAs parsed against the item spec. In-spec releases; out-of-spec opens a deviation linked to the lot, the supplier, and the next SCAR.
SCAR with effectiveness check
Supplier Corrective Action Requests follow the same gate as internal CAPA — root cause required, effectiveness verification mandatory before close.
Scorecards that drive sourcing decisions
On-time delivery, COA accuracy, SCAR cycle time, defect rate — trended per supplier, per item, per site. Purchasing sees the truth before the next PO.
What to look for when you're buying.
Supplier quality is where most QMS programs visibly leak: lapsed approvals, missing COAs, SCARs that never close.
ASL tied to receiving
What it tests: Does the Approved Supplier List actually block receiving from lapsed suppliers — or is it a posted spreadsheet?
Why it matters: If the dock can receive from a lapsed supplier, the ASL is decorative.
V5: ASL status is read at the dock scan. Lapsed approval refuses receipt.
COA verification before release
What it tests: Does the system parse COA values, compare to spec, and gate material release on conformance?
Why it matters: Filing the COA is not verification. Comparing against spec is.
V5: COA values parse against spec at receipt. Non-conforming attributes quarantine the lot automatically.
SCAR as a closed loop
What it tests: Does the Supplier Corrective Action Request track root cause, action, and effectiveness — or is it just an email?
Why it matters: An open SCAR with no effectiveness verification is the same problem as an open CAPA with no effectiveness verification.
V5: SCARs follow the CAPA lifecycle with effectiveness verification. Closure is gated on signed evidence.
Scorecards from receiving data
What it tests: Are supplier scorecards derived live from receiving, deviations, and SCARs — or assembled quarterly in Excel?
Why it matters: Quarterly scorecards are too late. Procurement needs the signal at PO time.
V5: Scorecards trend live: OTIF, COA conformance, NCR rate, SCAR cycle. Procurement sees them at PO.
Re-qualification cadence
What it tests: Does the system schedule re-qualification audits based on risk and tier — and lock the ASL when overdue?
Why it matters: Lapsed re-qualifications are the #1 finding in supply-chain audits.
V5: Re-qual cadence is risk-tiered and scheduled. Overdue re-qual flags the supplier and gates receiving.
Material genealogy back to supplier
What it tests: Can you trace from a finished lot back to every supplier, lot, and COA in its bill?
Why it matters: Without this, supplier-driven recalls become guesswork.
V5: Reverse genealogy resolves every supplier lot in the finished product in one query.
Supplier portal with controlled docs
What it tests: Can suppliers upload COAs, certifications, and acknowledgements through a controlled portal — not email?
Why it matters: Email-attached COAs are not controlled records and cannot be audited.
V5: Supplier portal handles COA upload, doc acknowledgement, and re-qual evidence with full audit trail.
Risk-based segmentation
What it tests: Does the system tier suppliers by risk — and apply controls proportional to tier?
Why it matters: One-size-fits-all controls waste effort on low-risk and miss high-risk.
V5: Risk tier drives controls: COA frequency, audit cadence, sampling intensity, escalation thresholds.
Spreadsheet vs legacy QMS vs V5.
Supplier quality compared to a vendor spreadsheet or a procurement-bolted module from a legacy ERP/QMS.
| Capability | Spreadsheet | Legacy QMS | V5 Ultimate |
|---|---|---|---|
| ASL blocks dock | No — posted only | Sometimes, with lag | Yes, at scan |
| COA value parsing | Manual | Manual or weak OCR | Parsed and spec-gated |
| SCAR effectiveness gate | No | Optional | Mandatory |
| Live scorecards | Quarterly | Monthly export | Live at PO |
| Re-qual lockout | No | Reminder email | ASL flag + dock block |
| Supplier portal | Email attachments | Sometimes; clunky | Controlled portal, audit trail |
| Genealogy to supplier lot | Manual | Manual report | One-query reverse trace |
| Time to deploy | Day 1 | 6-12 months | 10-14 days |
The clauses, verbatim — and how V5 answers each.
Supplier-control clauses auditors test verbatim.
Each manufacturer shall establish and maintain procedures to ensure that all purchased or otherwise received product and services conform to specified requirements.
V5: Receiving in V5 enforces conformance: approved supplier, current re-qual, COA-on-spec, sampling-as-required. Non-conforming receipts quarantine automatically.
Evaluate and select potential suppliers… on the basis of their ability to meet specified requirements.
V5: Supplier qualification is structured data: capability assessment, audit results, scorecard trend. Selection criteria are auditable, not anecdotal.
The organization shall document procedures to ensure that purchased product conforms to specified purchasing information.
V5: Purchasing info, receiving criteria, and conformance verification are linked records in V5 with audit trail end-to-end.
Each facility must establish and implement a supply-chain program… that includes using approved suppliers and conducting supplier verification.
V5: Risk-based supplier program with verification activities scheduled, evidenced, and trended live.
The reliability of supplier's analyses should be checked at appropriate intervals.
V5: Verification testing cadence is risk-tiered per supplier. Results trend against supplier-reported COA values; drift opens a SCAR.
Step by step on the floor.
The supplier quality loop in V5, from onboarding to scorecard.
- 1Onboarding
Risk-tiered qualification
New supplier qualification gathers capability data, audit results, and certifications. The risk tier sets COA frequency, audit cadence, and verification testing intensity.
- 2PO
Status visible at purchase
Procurement sees live scorecards at PO: OTIF, COA conformance, NCR rate, open SCARs. Lapsed re-qual blocks the PO.
- 3Receiving
Dock gates conformance
Inbound lot scan reads ASL status, parses COA, samples per plan, and quarantines on non-conformance. No human discretion required.
- 4Production
Genealogy captures lot
Supplier lot follows the material through the bill, preserved in forward and reverse genealogy. Any finished lot resolves back to every supplier input.
- 5Incident
SCAR with effectiveness
Non-conformance opens a SCAR with root cause, action, and effectiveness verification. The supplier portal carries the loop; closure is signed by both sides.
- 6Quarterly
Scorecards drive review
Live scorecards anchor the quarterly business review with each supplier. Risk tier may move up or down based on trended performance.
The math, with the assumptions visible.
Supplier quality ROI is dominated by avoided line stops, recall scope, and procurement leverage.
Receiving non-conformance escape rate
Dock gating on ASL, COA, and sampling catches the failures that used to make it to production.
SCAR cycle time
Portal-driven loop with effectiveness gate eliminates the email back-and-forth that dominates legacy SCAR cycles.
Supplier-driven recalls
One-query reverse trace gives exact list of finished lots affected by a supplier lot.
Procurement leverage at PO
Live scorecards turn supplier reviews into evidence-based negotiations.
For a site with 200+ active suppliers, V5 supplier quality typically pays back in under a year on receiving-NCR avoidance alone.
What changed on the floor.
Setting
A medical-device contract manufacturer with 280 active suppliers running supplier quality in an ERP module plus Excel scorecards.
Before
Average 8% of inbound lots had a COA discrepancy missed at receiving. Open SCAR backlog averaged 47 with a median age of 94 days. A supplier-driven recall in 2023 expanded scope by 4x because finished-lot linkage couldn't be reconstructed in time.
After
Six months after V5 go-live: receiving COA escape rate under 1%, SCAR backlog under 10 with median age of 22 days, and a 2024 supplier issue contained to its true 9-lot scope inside 3 hours.
Proof points
- Lapsed supplier? Dock receipt blocked at the scan — not found in audit
- COA out-of-spec opens deviation, SCAR, and quarantines the lot in one action
- Requalification reminders fire 60/30/7 days out — no expired approvals
- Supplier scorecard is live — not a quarterly PDF
Built to satisfy
- 21 CFR 211.84 (testing & approval of components — pharma)
- 21 CFR 820.50 (purchasing controls — devices)
- 21 CFR 117.420 (supply-chain program — food)
- ISO 9001 §8.4 (control of externally provided processes)
- ISO 13485 §7.4 (purchasing)
Frequently asked questions
What does supplier quality management software do?+
It runs the lifecycle of every supplier — approval, qualification, documents (COAs, allergen statements, audits), receiving inspection, non-conformance, SCARs, and scorecards — and links each step to the lots that supplier shipped you.
Does V5 block receipts from lapsed suppliers?+
Yes. If a supplier's approval has expired or the required document is missing, the dock scan is blocked. The receiver gets a clear reason and a path to escalate — not a workaround.
Can V5 parse supplier COAs automatically?+
Yes. COAs are matched against the item spec; in-spec lots release, out-of-spec lots open a deviation linked to the supplier and the SCAR workflow. PDF, CSV, and EDI formats are supported.
How does the SCAR process work?+
SCARs follow the same gate as internal CAPA — root cause analysis required, action plan with owners and dates, effectiveness verification before close. The supplier responds through a portal; nothing lives in email.
See V5 on your own line.
Free trial, no card. Live in 7 days with guided onboarding.