How I Learned to Stop Worrying and Love the BOM Scrub

If you’re building electronics, you’re building a BOM. Let’s make sure it doesn’t blow up the minute you try to use it.

by

Everett Frank

April 7, 2025
7

Table of contents

Example H2
Example H3
Example H4
Example H5
Example H6

Most BOMs start out with some incomplete part numbers, strange manufacturer abbreviations, obsolete parts, and other problems. What a mess. All BOMs need to be cleaned up, that’s where a BOM scrub comes in. The term may sound casual, but it’s really a key process that combines BOM matching and risk assessment, both essential for any hardware team that wants their product to actually get built.

Two Processes in One

“BOM scrub” is shorthand for two separate but deeply connected processes:

  • BOM matching: validating part numbers and manufacturer names against databases
  • BOM risk assessment: evaluating the parts for compliance, lifecycle status, and availability

Together, these processes determine whether a BOM is merely a list of components, or something that’s actually usable in sourcing, quoting, and manufacturing

BOM Matching: Fix the Fundamentals

BOM matching means aligning every line item in your BOM with real-world, verifiable data. If you’ve tried to use the BOM tools at DigiKey or Octopart, you’ll recognize this as the first step. If it's not done right, nothing downstream works correctly.

The matching process has two core elements:

1. Manufacturer Part Number (MPN)

An MPN is your key to the supply chain. If it doesn’t match what’s in the distributor or aggregator databases, it can’t be sourced—and automation breaks.

There are two flavors of bad MPNs:

  • Definitely bad: No match anywhere. Typos, internal-only codes, defunct parts, you know this drill.
  • Kinda bad: Matchable by some tools, but not others. Ugh. This often happens due to quirks in how distributors format their part numbers (e.g., DigiKey adding “-ND”), or legacy parts from companies that have been acquired (think Altera, now Intel).

2. Manufacturer Name

Same issue. If the manufacturer listed in the BOM doesn’t match what's in the distributor’s system, you’ll hit dead ends. Acquisitions complicate this even more—since 2022 Xilinx is now AMD, but design tools still create BOMs that say “Xilinx.”

And if a BOM line lists multiple MPNs (a common case with an Approved Vendor List or AVL), each one must be individually matched.

Why this matters: You can't buy what you can't validate. And even if a distributor manually corrects your BOM during quoting, those fixes rarely make it back into your system. That leads to long-term data rot—and makes automation impossible.

Matched BOMs are the foundation of modern supply chain integration. If you want to plug into ERP systems, PLM tools, or automated quoting platforms, you need a matched BOM.

BOM Risk Assessment: Know Before You Go

Once all the part numbers are correctly matched, the next step is evaluating whether they are suitable for your intended use. This stage turns a matched BOM into a ready BOM—one that can move confidently into production, quoting, or integrate with other systems. BOM risk assessment typically includes three categories:

1. Compliance

The most common compliance requirement is RoHS, the EU regulation on hazardous substances in electronics. But depending on your industry and geography, others might apply:

  • REACH / SVHC (Substances of Very High Concern)
  • California Prop 65
  • PFAS regulations (emerging rapidly)
  • Automotive grade standards
  • Industrial temperature ratings
  • Mil-spec or aerospace qualifications

For regulated industries, compliance isn’t optional—it’s required for certification, shipping, and customer acceptance. And even in less regulated environments, non-compliant parts can mean rework or redesign.

2. Lifecycle Status

Electronic components don’t last forever. Manufacturers retire parts all the time—and usually with advance warning. Here's what to watch for:

  • Active / Production: Good to go.
  • NRND (Not Recommended for New Designs): A warning shot from the manufacturer. Usually includes a recommended replacement.
  • EOL (End of Life): Part is being phased out. There’s a LTB (last-time-buy) window (often 6–12 months) followed by a final delivery window.
  • Obsolete: Part is no longer available through official channels.
  • Predictive Lifecycle: Available by subscription, or try it yourself
  • For Defense work: Be aware of IEC 62402 governing Obsolescence Management, which has been adopted by the DoD.

Fun fact: these notices are called PCNs (Product Change Notices) and are so important they are governed by J-STD-046 and J-STD-048

3. Availability

It doesn’t matter if a part is compliant and active if you can’t actually buy it. Availability risk shows up in a few ways:

  • Low stock levels at major distributors
  • Long manufacturer lead times
  • Single-source parts, especially from niche manufacturers

The gold standard is a part that’s multi-sourced (i.e., multiple manufacturers produce it—not just multiple distributors). Multi-sourced doesn’t mean you need to have all the sources on your BOM, it just assures you there will be options if availability shifts.

What Makes a BOM “Ready”?

A ready BOM is one that’s validated, low-risk, and importable into the systems that power your next steps—ERP, PLM, sourcing tools, or contract manufacturers. But “ready” is contextual, and what’s acceptable risk in one case might be a showstopper in another.

Key Considerations

Product Lifecycle

If you’re building an early prototype, you may accept higher risk. But if you’re releasing a product to customers—or building something expected to last 10+ years—you’ll need higher confidence in part longevity.

Financial Impact

Low-cost parts that can hold up high-value products deserve extra attention. If a $0.10 component can stall a $1,000 product, you need to mitigate that risk—possibly by holding buffer stock or locking in long-term supply.

Redesign and Certification Cost

Swapping out a component might mean reworking the PCB, updating schematics, or even recertifying for UL, CE, FCC, or internal reliability standards. For regulated products (medical, aerospace, telecom), recertification alone can be a multi-month, high-cost effort.

Inventory and Supply Strategy

Every team balances lean inventory against production reliability. A lean strategy saves cash but increases vulnerability to part shortages. In some cases, it’s smarter to make a lifetime buy—especially if a part is high risk and critical to your product.

Scrub-a-Dub-Dub

Whether you’re designing a wearable, building industrial automation gear, or manufacturing for aerospace, a BOM scrub is the step that connects design intent to real-world feasibility.

  • BOM matching ensures your part numbers mean something.
  • BOM risk assessment gets you to the good parts.

Want to make this easy? Schedule a free, no obligation Cofactr demo to see how we can help you automate price evaluation, component swaps, and much more.

Frequently Asked Questions (FAQs)

What is a BOM scrub?
A BOM scrub is the process of cleaning and validating a Bill of Materials (BOM) to ensure every part number and manufacturer is accurate and up to date. It combines two key steps—BOM matching and BOM risk assessment—to make the BOM usable for sourcing, quoting, and manufacturing.

Why is BOM matching important?
BOM matching ensures that every line item in your BOM corresponds to a valid manufacturer part number (MPN) and name. Without this validation, automated tools like ERP or PLM systems can’t correctly process the data, leading to sourcing errors and delays.

How do I perform a BOM match?
To perform a BOM match, verify that all MPNs and manufacturer names align with distributor databases such as DigiKey or Octopart. Fix typos, replace obsolete codes, and standardize manufacturer names—especially for companies that have merged or changed names (e.g., Xilinx to AMD).

What is BOM risk assessment?
BOM risk assessment evaluates each part in your BOM for compliance, lifecycle status, and availability. It helps determine whether a component can be safely and reliably used in production without future sourcing or certification problems.

Why does lifecycle status matter in a BOM?
Lifecycle status indicates whether a component is active, near end-of-life, or obsolete. Using parts marked as NRND (Not Recommended for New Designs) or EOL (End of Life) can create major risks for long-term product support and supply stability.

Can I use non-compliant or unverified parts?
In regulated industries—like aerospace, medical, or automotive—non-compliant parts can’t be used at all. Even in less regulated sectors, using unverified or non-compliant components can lead to rework, redesign, or failed certifications.

What makes a BOM “ready” for production?
A ready BOM is validated, low-risk, and compatible with ERP, PLM, and sourcing tools. It has verified MPNs, compliant and available parts, and acceptable risk levels suited to your product’s lifecycle and business goals.

When should I perform a BOM scrub?
A BOM scrub should be done before production quoting or manufacturing begins. It’s also smart to repeat the process when updating designs or preparing for new builds, as part availability and compliance can change over time.

Subscribe to our monthly newsletter to get release notes, events and updates right in your inbox.