Smithers Quality Assessments, Inc.

AS9100 Rev B

QUALITY MANAGEMENT SYSTEM

AEROSPACE REQUIREMENTS

Differences between

ISO 9001:2000 and AS9100B

John R. Sedlak
Vice President, COO

January 2006
(revised August 2006)

Page 1 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B

Introduction:

The material contained in this paper is intended for organizations that wish to comply with the
requirements of AS9100B and personnel who are engaged in auditing the requirements.

The focus is limited to the differences (deltas) between ISO 9001:2000 and AS9100B. It
assumes that the requirements of ISO 9001:2000 are understood by the user.

It should be noted that throughout AS9100B, there are requirements that make reference
to “contract requirements” and/or “regulatory authorities.” In such cases, it is mandatory
to first refer to the contract and, as applicable, regulatory requirements and make a
determination of applicability.

Since “Notes” are included for guidance, they have not been treated as requirements. This does
not in any way diminish their importance.

Disclaimers:

Each section has three parts:

• Requirement
o The clause and/or sub-clause number containing the differences is listed, along
with a summary of the subject applicable subject matter. For the full text of the
requirements, the reader will need to refer to the copyrighted version of
AS9100B.

Copies of AS9100B can be obtained from:

SAE World Headquarters

400 Commonwealth Drive
Warrendale, PA 15096-0001 USA

Phone: 724-776-4841

www.store.sae.org

• Summary
o This is the author’s attempt to emphasize the key points of each clause. In no way
should the reader rely on summaries to be all-inclusive. The text of AS9100B is
the source document.

• Audit Guidance
o These are suggested audit techniques and considerations, which have been
reviewed by qualified AS9100B auditors. They are in no way meant to be all-
inclusive. Each circumstance will have its own unique set of considerations. As
always, an effective audit relies heavily on the experience and knowledge of the
auditor.
Page 2 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

1 SCOPE:

SUMMARY

• ISO 9001:2000 is the basic requirement.

• Additional requirements have been added specific to the aerospace industry.
• Exclusions are limited to requirements within Clause 7, and such exclusions do not
affect the organization’s ability, or responsibility, to provide product or service that
meets customer and applicable regulatory requirements.
o Some elements of the QMS may be executed for a site at a remote location, such
as a corporate office. Regardless, the functions must be included in the scope of
the QMS, with reference to where these remote, support functions are executed.
• All applicable elements of AS9100B must be addressed by the various organizational
processes and included in all certification activities.

AUDIT GUIDANCE

• No special guidance is required for qualified auditors.

• All applicable elements and organizational processes must be subjected to assessment
both for initial and recertification assessments; sampling of these organizational
processes is permitted during on-going surveillance actions.
• All exclusions must be justified by the organization being certified.
• If specific processes are executed at a remote location(s), it is incumbent upon the
auditor to determine the effectiveness of the interactions between the various
locations.

Page 3 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

3.4.2 PRODUCT:

SUMMARY

• This is a basic definition of product, with emphasis on aerospace industry

considerations.
• Focus is on the intended product (that which is purchased by the customer).
• By-products effecting the environment are generally excluded (see below).
• Products can be of a hard (washers, engines, propellers) or soft (knowledge, concepts)
nature.
• In most cases, the scope of the certification audit will be limited to the quality
management system under which the “products” are manufactured.
• The one exception for this is those special cases where the organization has integrated
its QMS with its EMS (ISO 14001). In these cases, the by-products of the process
may enter into “a” certification decision. However, it will be under the requirements
of ISO 14001, not AS9100.

AUDIT GUIDANCE

• The scope statement that will ultimately be stated on the certificate is very important.
It must define the products and/or services being supplied by the organization, and the
general processes used to produce and deliver them. It must also include reference to
any remote, support locations.
• During document review and, if applicable, pre-assessment, pay special attention to
the way the quality management system (QMS) has been documented; determine if
the documented QMS fully encompasses the products and/or services provided by the
organization.
• Early in the assessment process, determine if the QMS and environmental
management system (EMS) are integrated. If they are, the audit team will need
someone that is qualified for EMS.

Page 4 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

3.3.1, -.5, -.6 ORGANIZATION:

SUMMARY

• The three terms listed above define the macro process flow:
o Customers provide requirements to organizations.
o Organizations pass down requirements to suppliers.
o Suppliers provide materials and services to organizations.
o Organizations provide products to customers.
• These three terms define the relationships that exist in all business organizations.
Requirements ultimately start with customers. Organizations supply products, often
using the services of suppliers.

AUDIT GUIDANCE

• For the most part, these “terms” will be audited as part of the overall assessment
process, perhaps with emphasis on the purchasing and design processes (if applicable
at the site being assessed).

Page 5 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

3 KEY CHARACTERISTICS:

SUMMARY

• The term “key characteristic” is not unique to aerospace, but it does have a high level
of importance. In other industries, the following terms are similar: special
characteristics, key product characteristics and critical characteristics.
• Note that this term applies not just to product, but also to material and processes.
• Safety is often a consideration when designating key characteristics.
• It is common for some sort of symbol to be used to highlight or designate key
characteristics.
• Key characteristics can be designated by the customer or by the organization.
• As applicable, the existence of key characteristics must be communicated to all
applicable personnel, including suppliers. (Refer to configuration management.)
• Key characteristics often have special controls associated with them, e.g., SPC,
special records and/or tests, special tools, special training for applicable personnel.

AUDIT GUIDANCE

• Review the organization’s quality documentation and/or engineering documentation

(product and/or process) to determine: a) how key characteristics are determined, b)
how they are designated, c) how they are communicated, and d) how they are
controlled.
• Review working documents to see if key characteristics are clearly communicated, as
applicable.
• Review records for those key characteristics that have special controls defined.
• Review performance to verify that these key characteristics are reviewed at the
frequency required.

Page 6 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

4.2.1f GENERAL:

SUMMARY

• It is not uncommon for customers and/or regulatory agencies to “pass down”

requirements to organizations. Whenever this occurs, it is required that the
organization develop methods for including such requirements in its documented
quality management system.
• There are many specific requirements that could be “passed down.” Some examples
are:
o Requirement for specific non-destructive evaluation.
o Requirements to use specified suppliers.
o Special labeling requirements.

AUDIT GUIDANCE

• Examine customer purchase orders. Look for specific requirements that may be
“passed down.”
• If requirements are “passed down”, verify that they have been included within the
documented QMS.
• Request that the organization provide you with documents from regulatory agencies
(e.g., FAA) that have requirements applicable to the organization and/or product
being produced by the organization.
• Assess the effectiveness of the accessibility of documents to those employees that
have a need for their use.

Page 7 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

4.2.2b QUALITY MANUAL:

SUMMARY

• Generally, in ISO 9001 systems, it is not required to make direct linkage or reference
in organization procedures to the clauses of the Standard. However, AS9100B makes
this a requirement.
• This requirement is limited to those procedures that are required by the standard as
well as those that the organization determines to be necessary.

AUDIT GUIDANCE

• During the document review phase of the assessment, and during the assessment of
all changes to the QMS, pay particular attention to how the organization has met this
requirement.
• There are various methods to meet this requirement, such as:
o Inclusion of the ISO 9001 clause reference in each procedure
o Creation of a matrix listing each procedure and the corresponding clause of the
standard.
o Referencing the procedures within the applicable clause in the quality manual.

Page 8 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

4.2.3 g. CONTROL of DOCUMENTS:

SUMMARY

• This is a requirement aimed at keeping those that have a need-to-know informed.

The purpose is to prevent unintended consequences.

AUDIT GUIDANCE

• If the organization maintains a change log, as part of each assessment activity, review
it for the documents comprising the AS9100B QMS. Ascertain if customers and/or
regulatory bodies have been notified of such changes. If not, determine if there is
legitimate justification for the lack of notification.
o NOTE: If there is a contractual requirement for notification, there is no
justification for any lack of notification.
o This requirement may apply to customer-supplied documents, e.g., part drawings
and other design documents.
• If a change log is not maintained, the auditor will have to determine how the
organization controls changes to documents how the changes are coordinated with
customers and/or regulatory authorities.

Page 9 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

4.2.4 CONTROL OF RECORDS:

SUMMARY

• The first added requirement emphasizes “controlling” records that are created or
retained by suppliers. Remember, suppliers provide organizations with materials,
components, products or services.
o Records could include traceability documents, certificates of inspection, testing,
analysis, SPC data, and other such documents.
o There is special emphasis on records that are created and retained by suppliers.
This requires the organization to specify or “pass down” requirements to suppliers
regarding control of such records. Control may include items like a list of records
to be controlled, storage, accessibility, change authorization (or forbidden to make
changes), and disposal
• The second added requirement addresses the need to make records available to
customers and regulatory authorities – in accordance with contract or regulatory
requirements.
o This does not mean that customers and/or regulatory authorities have access to all
records within an organization; only to those specified in the contract or defined
in applicable regulations.

AUDIT GUIDANCE

• There is a heavy emphasis on creation and control of records in the aerospace

industry. Ascertain how the organization has determined what records are required.
This could be self-determined or as defined by the customer in the contract or by
applicable regulations.
• Review the controls as defined in the organization’s documented procedures.
Determine which records are to be controlled by suppliers. Determine how the
organization has passed down the requirements to the supplier. Contact a random
selection of suppliers and determine if records are being controlled as defined by the
organization, or as required by the customer and/or regulatory authority.

Page 10 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

4.3 CONFIGURATION MANAGEMENT:

SUMMARY

• Configuration management involves control of all documents that pertain to the

product, including such items as part drawings, material specifications, field service
manuals, installation instructions, cross-reference documents, part samples, warranty
documents, just to name a few.
• A key aspect of configuration management is interchangeability of components.
• Another aspect deals with existing inventory and product in the field.
o A sub-category of this, as warranted, may be product recall.

AUDIT GUIDANCE

• Start with a review of the process the organization has defined regarding
configuration management.
• Determine if the extent of the process is appropriate to the product.
• Review records of recent changes with emphasis on interchangeability, inventory,
field stock (if applicable), and product already in use.
• Review drawing notes for listed requirements. Determine if the configuration
management program has addressed them as applicable and appropriate.

Page 11 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

5.5.2 MANAGEMENT REPRESENTATIVE:

SUMMARY

• In aerospace focused manufacturing, there is a need to have at least one person inside
the organization that, in a very real sense, has the authority to speak for the customer
or regulatory authority. This person must be the management representative (MR) –
as a minimum.
• Having “organizational freedom” means that this person does not need to seek
authority for each action on a case-by-case basis. Rather, the MR is authorized to
take action that is binding upon the organization – period!

AUDIT GUIDANCE

• Review the quality documentation and determine how the authority of the MR is
defined.
• Determine if there are any limitations on the authority of the MR. If there are,
ascertain if these limitations are legitimate and do not conflict with this requirement.
• Ask to review records of actions where the MR executed his/her authority; check
consequences, follow-up, etc.
• Review the organization chart and reporting relationships. Determine if there is true
organizational freedom.

Page 12 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.1 e PLANNING OF PRODUCT REALIZATION:

SUMMARY

• ISO 9001:2000 does not get specific regarding maintenance, whereas AS9100B
does.
• “Resources” includes personnel, equipment, repair parts, tooling and/or machine
repair and maintenance facilities (may be internal or external).

AUDIT GUIDANCE

• Interview personnel in the maintenance department. Ascertain their level of

competence.
• Review the organization’s inventory of repair parts, tools, etc.
• Review the organization’s maintenance and/or tool repair facilities. If either of these
is outsourced, pay particular attention to the controls established by the organization
to assure that product continues to meet all requirements.
• Review maintenance and/or tool repair records. Look for evidence of post-action
conformance of product.
• Determine if maintenance activities are occurring as scheduled.
• Determine if there are any “bottle necks” in the manufacturing process. If so, are
they due to a lack of resources?

Page 13 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.2.2d REVIEW OF REQURIEMENTS RELATED TO PRODUCT:

SUMMARY

• In essence, this requirement says: “Don’t just take the order.”

• There is a defined requirement to recognize risks, analyze their potential impacts, and
take actions to mitigate negative effects.
• Another view: Don’t assume anything. If there is anything that is in question, work
with the customer in advance. The goal is prevention of problems.

AUDIT GUIDANCE

• Review evidence of contract review processes/actions.

• Determine how the organization goes about identifying potential risks, actions taken,
level of customer involvement.
• Review records of such actions, including customer inputs and/or responses.

Page 14 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.3.1a DESIGN AND DEVELOPMENT PLANNING:

SUMMARY

• The emphasis is on the planning process for design.

• Questions: Are there sufficient trained and competent personnel? What are the
sequential steps for design activities? Of these steps, which are mandatory and
significant? (E.g., validation testing, change approval, prototyping.) Has there been
any assignment(s) to other personnel in the organization?
• Configuration control is a key consideration (see 4.3).

AUDIT GUIDANCE

• Review the design planning documents for recent projects.

• Determine how the organization has addressed this requirement.
• Review records of actions from mandatory and significant design planning steps.
• Determine if the organization has executed effective configuration control. (4.3)

Page 15 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.3.1c DESIGN AND DEVELOPMENT PLANNING:

SUMMARY

• Design projects run the range from very simple (one component) to very complex
(space shuttle).
• The organization must make a good-faith effort to classify new projects to the
appropriate level of complexity.
• As complexity increases, there will be increasing needs to assure that responsibilities,
authorities, and other key design considerations are defined and controlled.
• Emphasis is on personnel, design input, constraints and performance conditions.
• Throughout, the design process must assure that contract requirements are met.
• There is added emphasis on safety and functional objectives of the product.

AUDIT GUIDANCE

• Same as 7.3.1a
• Review the process used by the organization to determine the project complexity. Do
you agree?
• Review the timing between design steps.
• Determine if safety and functional objectives are applicable. If they are, have they
been defined? Do records indicate that such objectives have been met?

Page 16 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.3.3e DESIGN AND DEVELOPMENT OUTPUTS:

SUMMARY

• In essence, this is an example of configuration management. (4.3)

• The emphasis is on the finished product.

AUDIT GUIDANCE

• Review the output documents of a design project.

• Determine if there is clear and adequate definition of the product and all related
requirements, such as those listed above.
• Examine engineering change control documents to determine if the integrity of the
configuration has been maintained at all applicable points of control.
• Review any changes in assignments and how they effect the final design output and
timing of the project.

Page 17 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.3.4 DESIGN AND DEVELOPMENT REVIEW:

SUMMARY

• This requirement is focused on personnel that have defined authority to permit the
design process to continue to the next step.
• Inherent in this requirement are the issues of: effective contract review; competent
personnel; team involvement (if required); as applicable, customer involvement.

AUDIT GUIDANCE

• Determine how the organization has designated those personnel with defined
authority to permit design processes to proceed through the various steps.
• Look for records that verify that such authority was exercised at the appropriate
design steps/phases.
• Determine if review has been limited to design personnel. If other
departments/functions have not been included, it may be that problems will occur in
the manufacturing process.

Page 18 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.3.6.1 DOCUMENTATION OF DESIGN AND/OR DEVELOPMENT

VARIFICATION AND VALIDATION:

SUMMARY

• In the context of this clause, verification refers to “inspection” activities, e.g.,

checking of a drawing, measurement of prototype parts, solid modeling, inspection
records, comparison to similar designs, sample calculations, among others.
• Validation refers to performance testing under defined conditions.
• This requirement is focused on the documentation or computer modeling that exists to
show that all requirements have been met.
• There is emphasis on product meeting requirements throughout identified operational
conditions (e.g., vibration, temperature, g-forces, life cycles, exposure to water,
chemicals, etc.)

AUDIT GUIDANCE

• Review records of verification and validation test results.

• Ascertain whether or not records indicate conformance.
• In those cases where conformance is not indicated, determine what actions the
organization took to resolve the situation.
• If required, have the customer or other outside agency (e.g., FAA, military) been
involved?
• Is the approval process adhered to?

Page 19 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.3.6.2 DESIGN AND/OR DEVELOPMENT VERIFICATION AND

VALIDATION TESTING:

SUMMARY

• The emphasis is on control of all aspects of verification and validation testing.

• In a few words: be sure the correct product, at the correct revision level and status, is
being tested; the test method is defined and adhered to; results are recorded; test
results meet defined requirements.

AUDIT GUIDANCE

• Review the documentation defining verification and validation testing requirements.

• Determine if the methods are correct to defined requirements.
• Review test results for conformance to defined requirements.
• Are all failures documented?
• As applicable and required, are the customer and/or outside agencies involved?

Page 20 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.3.7 CONTROL OF DESIGN AND DEVELOPMENT CHANGES:

SUMMARY

• “Changes” are very important to all aspect of aerospace manufacturing.

• It is not uncommon for contracts to have defined requirements for customer and/or
regulatory authorities to reserve authority for all changes.
• Even if an organization is “design responsible,” there may be contract or regulatory
authorities to reserve authority for change approval for themselves.
• Changes may effect the airworthiness of an aircraft. The customer and FAA (or
equivalent agency in a foreign country) must be involved.

AUDIT GUIDANCE

• Review contract requirements.

• If there are contract requirements for customer and/or regulatory authority
involvement in design and development changes, ascertain if the organization is
adhering to the defined requirements.

Page 21 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.4.1a-e PURCHASING PROCESS:

SUMMARY

• It is not uncommon for customers to designate suppliers for certain materials,

components, assemblies, and services.
• Being “customer-designated” does not relieve the organization of responsibility for
controlling the quality from such suppliers.
• All suppliers are to be “approved” via an organization-defined process; this includes a
disapproval process and defined authority for all such actions.
• There is special emphasis on out-sourced special processes, such as welding, plating,
Non-destructive Evaluation (NDE), etc.
• There may be customer approval required for outsourced work.
• There may be NADCAP approval required for special processes.

AUDIT GUIDANCE

• Review contracts, engineering requirements, part drawings.

• Determine if there are any customer-designated suppliers, or if there is a requirement
for customer approval of suppliers.
• Review the receiving and in-process inspection records that pertain to these suppliers;
check for incoming and in-process conformance.
• If the organization has a defined supplier control process that involves supplier on-
site evaluations, review records.
• Compare supplier records to the approved-supplier list. Determine that all belong on
the approved list.
• Look at corrective action requests issued to suppliers. Determine if action is
appropriate and effective.
• Review supplier performance data.
• Determine, as applicable, if NADCAP or customer approval was obtained.

Page 22 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.4.2d-j PURCHASING INFORMATION:

SUMMARY

• The overriding theme of this list of requirements is communication of important

information, at the current or applicable level, to appropriate parties.
• The details of these requirements are, for the most part, self-explanatory. There is
emphasis on communication upstream and downstream in the event of a problem.
• Suppliers are not to change product or manufacturing processes without first
informing the organization.
• Right of access to suppliers’ (and, as applicable, to sub-tiers) facilities and applicable
records is required; applies to the organization, customers and regulatory authorities
• If supplier purchase from lower tiers, they have a responsibility to pass-down
applicable requirements and controls.

AUDIT GUIDANCE

• Start with the contract and engineering documents.

• Determine what is being purchased.
• Review purchasing documents to determine if all of these requirements are being met
– in the documented quality management system as well as in practice; verify all flow
down requirements.
• Pay special attention to those cases where suppliers are purchasing from sub-tiers.

Page 23 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.4.3a-e VERIFICATION OF PRUCHASED PRODUCT:

SUMMARY

• This requirement provides a list of acceptable methods for supplier-provided product

by the organization.
• The method must be appropriate and effective.
• Generally, don’t use product until it is approved. Positive recall is permitted, but
should not be used unless fully warranted and the process effectively prevents the
flow of nonconforming product to the customer.
o Work that has been subcontracted generally has paperwork associated with its
delivery to the organization, e.g., test reports, data packages, etc.
• Test reports need to be periodically validated – typically by the organization or an
outside laboratory.
• Delegation is a highly visible process, not to be taken lightly. Those that are granted
delegated authority must be competent and be granted authority for unencumbered
decision making.
• As warranted by contract, customers and their representative must be able to verify
product at suppliers prior to use by the organization. Such verification shall not be
used by the organization as evidence of acceptance – that is, the organization retains
it own responsibility to verify conformance of purchased product even if the customer
has pre-inspected it and found it to be acceptable.

AUDIT GUIDANCE

• Review organization-defined methods for acceptance of purchased product.

• Determine if these methods are/will be effective.
• Review records for conformance of purchased product.
• If authority has been delegated, review the basis of competency for the person(s) to
whom authority has been delegated; review the list of delegations.
• Review purchasing documents to determine how suppliers are informed of their
requirement to permit on-site verification of product by customers.
• Determine if there are any instances where customers have pre-inspected product at
suppliers; verify that the organization has also performed its defined verification
controls.

Page 24 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.1 CONTROL OF PRODUCTION AND SERVICE PROVISION:

SUMMARY

• A control plan lists the methods used at each operation to assure conformance of
product (e.g., gages, frequency, records, SPC, operations, actions to take if
nonconforming product is identified); required for key characteristics.
• If product transformation actions make inspection impossible, upstream controls are
required.
• There is a requirement for utilization of variable measurements to be taken; minimize
the use of attribute gages, e.g., go/no-go gages.
• Special processes (e.g., welding, plating, painting) require special controls.

AUDIT GUIDANCE

• Assess the effectiveness of in-process control methods.

• Special emphasis on key characteristics, and special processes.
• Control plans are required for key characteristics.
• Evaluate the effectiveness of upstream inspection/control points to prevent the
production of (or at least the flow of) nonconforming product.

Page 25 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.1g-k CONTROL OF PRODUCTION AND SERVICE PROVISION:

SUMMARY

• This requirement addresses the need to account for all material – from start to finish –
to preclude the occurrence of nonconforming product being shipped to the customer.
• Consideration given to split lots – duplication of applicable paperwork, configuration
control, especially of non-used product is placed back into inventory.
• The prevention damage from the presence of foreign objects is of high importance in
aerospace work. (FOD = foreign object damage.) Foreign objects are any objects
that does not belong in/with the defined product. Typically, this may include items
like dirt, chips, wrong or mixed parts.
• Criteria for workmanship means communicating how to determine good from
nonconforming. If representative samples are used, they need to be controlled in a
manner similar to gages.

AUDIT GUIDANCE

• Assess the effectiveness of the organization to account for all material and parts from
start to finish; special emphasis on split lots, reworked or repaired product (must be
done in accordance with approved procedures)
• Examine parts bins, inventory storage areas for the presence of foreign objects.
• Determine if the process/methods for conveying workmanship criteria are effective
and controlled.
• Look for split lots. If this has occurred, determine if all processing executed after the
split has been documented, e.g. routers updated or annotated, inspection sheets, test
reports, etc.

Page 26 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.1.1 PRODUCTION DOCUMENTATON:

SUMMARY

• Production operations shall be executed in such a manner that all personnel have
available to them correct and current data.
• Part of this control includes the listing of required tooling and, as applicable,
numerical control information.

AUDIT GUIDANCE

• Review the documentation that accompanies product through the manufacturing

processes.
• Determine if this documentation is sufficient to assure conforming product at all
phases of manufacturing.
• If NC controls are in place, determine if they are controlled to the extent necessary to
assure current, conforming product.
• If NC controls are in place, determine if the same version of the NC program has
been used on all parts in the lot. If not, was there a review of this action and were
results acceptable?

Page 27 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.1.2 CONTROL OF PRODUCTION PROCESS CHANGES:

SUMMARY

• “Changes” require proper control – similar to design changes.

• All changes must be documented.
• It is not uncommon for customers to require their approval of any process change.
• If a process is changed, the effect on the resultant product must be evaluated to
validate continued conformance.
o This may include changes to NC programs.

AUDIT GUIDANCE

• Determine if customers have defined “process changes.”

• Review customer contracts; ascertain the degree of required involvement.
• Review records of process changes, with emphasis on validation records for resultant
product.

Page 28 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.1.3 CONTROL OF PRODUCTION EQUIPMENT, TOOLS AND

NUMERICAL CONTROL (NC) MACHINE PROGRAMS:

SUMMARY

• Tooling needs to be validated prior to production.

• One common method is termed “first article’ inspection. There are others.
• Tooling needs to be maintained, during use and when in storage.
• Tooling needs to be inspected periodically in accordance with documented
procedures.

AUDIT GUIDANCE

• Review records for new and/or rebuilt/refurbished tooling.

• Determine if the records demonstrate effective validation, that is, capability of
producing conforming product on a continuing basis.
• Observe tooling held in storage – assess for effective protection.
• Determine how the organization verifies that tooling held in storage is determined to
be current prior to each use, that is, as applicable, it has been updated to meet current
design revision levels.
• Determine if changes or modifications to NC programs required a new first-article. If
so, was it done?

Page 29 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.1.4 CONTROL OF WORK TRANSFERRED ON A TEMPORARY BASIS,

OUTSIDE THE ORGANIZATION’S FACILITIES:

SUMMARY

• On occasion, organizations may find it necessary to outsource one or more of its

standard manufacturing processes. (This is different from purchasing product.)
• If this occurs, the organization must develop/define effective controls to assure that
only conforming product reaches the customer.

AUDIT GUIDANCE

• Determine if the organization has had any occurrences of outsourcing one or more of
its manufacturing processes.
• Determine how the organization qualified the source.
• Evaluate the effectiveness of the controls put in place by the organization to assure
that only conforming product reaches the customer. Pay particular attention to the
required paperwork, e.g., routers, inspection sheets, first-article documents. Is this
flowing to the outsourced organization as required? Does it come back with the
product?

Page 30 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.1.5 CONTROL OF SERVICE OPERATIONS:

SUMMARY

• Service typically occurs after delivery. It differs from warranty work.

• Since service activities have the potential to effect product quality, they are expected
to have equal, and sometimes more, control than the original manufacturing
processes.
• Servicing often involves working with multiple revision levels – read, configuration
control.

AUDIT GUIDANCE

• Determine if the organization has contractual requirements for post-delivery service.

• If yes, determine how the organization assures conformance at the required product
revision level.
• Evaluate the competency of service personnel.
• Evaluate the calibration of tools and/or gages used in service applications.
• Review service records to determine how service-related information is reviewed and
used by the organization.

Page 31 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.2a & c VALIDATION OF PROCESSES FOR PRODUCITON AND SERVICES

PROVISION:

SUMMARY

• Special processes are those, the result of, that cannot be inspected without destroying
or damaging the part. For example, welding, soldering, brazing, heat treatment,
plating, some aspects of painting. All of these require destructive testing to assure
testing.
o Welding requires the weld to be pulled to destruction or cut and micro-analyzed
for integrity.
o Heat treated parts require some sort of Rockwell-type test or a micro-analysis.
o Plating requires micro-analysis and possibly corrosive environment testing.
o Painting, to test for adhesion, may require scoring with a razor blade and tape
application/removal.
• In these cases, the control must be on process parameters, including process controls,
training of personnel, special records.
• AS9100B requires that all such special processes be qualified and approved prior to
use (for production). This may require NADCAP certification.

AUDIT GUIDANCE

• Review the manufacturing processes. Determine if there are any special processes
used – within the organization or outsourced.
• Review the records for
o Qualification of the process(es)
o Qualification of personnel
o Records of process and/or product tests.
• Determine if there are any outsourced special processes. If so, review the records for
qualification of the supplier, control imposed by the organization, inspection records,
corroboration testing as applicable, NADCAP.
• In either case, if changes have been made to the process, determine if subsequent
process and product re-qualification meets all applicable contract requirements.

Page 32 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.3& a-d IDENTIFICATION AND TRACEABILITY:

SUMMARY

• It is not uncommon for a customer to purchase similar products at different

configuration levels. When this occurs, it is incumbent upon the organization to
maintain separation and control of the differing configuration levels.
• Use of stamps, etc, to indicate acceptance of processes or products is common in the
aerospace industry. Such media need to be controlled to preclude misapplication and
misuse, including use by unauthorized personnel.
• As applicable, traceability is very important. The primary purpose is to minimize the
size of a recall should such action become necessary. In the absence of traceability,
all product produced becomes suspect.
o Items a-d spell out specific requirements, and are self-explanatory.

AUDIT GUIDANCE

• Start with contract review.

o Determine what configuration levels have been ordered.
o Determine what level of traceability is required.
• Review records of product shipped and in-process for conformance to traceability
requirements
o Pay particular attention to material or batch controls to be sure all such material
has been accounted for.
• If an assembly is involved, ask for a bill of material. Verify that all components and,
if applicable, manufacturing processes, have required records and that the records
verify conformance of shipped product.

Page 33 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.5.5a-f PRESERVATION OF PRODUCT:

SUMMARY

• These requirements address the critical need to maintain the integrity of product after
manufacture through all phases of the delivery process.
• There is special emphasis on the prevention, detection and removal of foreign objects.
• Shelf life has to do with expiration dates of product or material. If applicable, these
shall be clearly marked and adhered to. FIFO (first-in, first-out) is one way to
minimize problems with shelf life.
• Hazardous materials typically require special marking, packing, and packaging. They
may also require special transportation modes.

AUDIT GUIDANCE

• Review the contract for the presence of special, post-manufacturing requirements

associated with identification, packing, packaging.
• If there are special requirements, assess for conformance to these requirements.
• If there are no special requirements, exercise good judgment regarding the
organization’s approach to these issues – determine if the product will be shipped and
received as intended.
• Pay special attention to how well shipping documents, and other documents required
for inclusion with the shipment, are identified and protected.
• Review process routers to assure that cleanliness, foreign objects, etc. are addressed
within the process.

Page 34 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

7.6 & f CONTROL OF MONITORING AND MEASURING DEVICES:

SUMMARY

• AS9100B gets very specific regarding the nature of instruction documentation

required for a compliant gage calibration system.
• Gages need to be listed, identified, located, have a defined frequency for calibration,
defined check method and acceptance criteria.
• Additionally, the process for recalling gages (getting them into the calibration
function) needs to be defined.

AUDIT GUIDANCE

• Review the organization’s documented procedures and work instructions, as

applicable, for gage calibration.
• Randomly select gages in use and in storage for further assessment; review the
records for these gages, checking for conformance.
• Observe gages in-use. Look for unique identification and, as applicable, gage
calibration status identification.
• Assess the adequacy of the environmental conditions where gages are calibrated.
Typically, gages capable of high discretion need more control, such as environmental
stability, a defined soaking period, special handling.
• In all cases, assess the adequacy of the masters to which gages are compared – with
special attention to the traceability of such masters to national standards.
• If gages are calibrated where they are used (that is, not taken to a calibration room),
assure that there is an adequate soaking time used for the master to become equalized
to the ambient temperature.
• If gages are in use at suppliers, assess the effectiveness of the recall system. If
responsibility for the calibration of such gages is “flowed down” to the supplier,
assess the process whereby the organization assures the on-going integrity of such
gages.

Page 35 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

8.2.2 INTERNAL AUDIT:

SUMMARY

• As stated earlier, the internal audit process is “looking at the trees”, that is, it is the
process whereby the details of the organization’s processes are assessed.
• AS9100B has a requirement to take a disciplined approach to internal audits; reliance
on checksheets and similar tools. This assumes an effective planning process.
• The organization is free to select and implement its own tools and approach to
internal audits.
• The internal audit process will be deemed effective if it discovers weaknesses prior to
any negative affect on product. (Think of internal audits as a powerful prevention
tool.)
• As has been seen throughout AS9100B, there is the admonition to pay strict attention
to contract and/or regulatory requirements – if applicable.

AUDIT GUIDANCE

• Review the documented procedure(s) for internal auditing; including the tools (e.g.,
checksheets, process flow diagrams) used by auditors.
• Pay particular attention to the audit planning process, looking at frequency of audits,
duplication of audits for high-impact/risk processes.
• Assess the competency of internal audit personnel.
• Review audit records; look for schedule compliance and completion of all checklist
requirements.
• Compare audit results to customer feedback documents, e.g., customer complaints,
product returns, etc.

Page 36 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

8.2.3a-c MONITORING AND MEASUREMENT PROCESSES:

SUMMARY

• The focus here is on process nonconformity, as opposed to product nonconformity.

• Think of it this way: A design process could have a latent error; purchasing may have
issued a purchase order to the wrong design level; production scheduling may have
issued manufacturing documents that contain errors; etc. Any one of these may result
in product nonconformities, but the cause was a nonconforming process.
• Processes that are found to be nonconforming must be corrected.
• When a nonconforming process is identified, the possibility/probability of the
nonconformity resulting in product nonconformity must be assessed. Actions may
include: design review, dimensional inspection, visual analysis, laboratory analysis,
inventory review or product recall (worst case), just to name a few.
• If nonconforming product is identified, it must be identified and controlled in
accordance with the organizations procedures and the requirements of clause 8.3.
The customer may need to be notified, especially if they are design responsible and in
charge of the airworthiness certificate.

AUDIT GUIDANCE

• Process failures can be detected in a variety of ways, including internal audits, in-
process inspection, analysis of returned product, customer complaints.
• Review records for all of these potential inputs. Pay particular attention to the actions
taken, especially action to prevent recurrence of the problem.
• If product was involved, assess the effectiveness of actions taken to identify all
suspect product, including containment actions and subsequent actions to deal with
the product, such as scrap, rework (in accordance with approved procedures), repair
(in accordance with approved procedures), subsequent re-qualification of such
product. Actions may also include a recall, depending upon the severity of the
problem and input from the customer.

Page 37 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

8.2.4 MONITORING AND MEASUREMENT OF PRODUCT:

SUMMARY

• There is emphasis on key characteristics; this does not preclude monitoring and
control of other, non-key characteristics.
• Sampling plans shall have statistical validity. The acceptance number shall always be
“zero.”
• Inspection activities need to be completed as planned. In those cases where such
inspection must be delayed, processing through subsequent processes may proceed
provided it is done such that positive-recall must be assured; this does not include
shipping to the customer unless previous approvals are obtained on a case-by-case
basis.

AUDIT GUIDANCE

• Determine if there are any key characteristics defined. If so, assess the control
processes for adequacy and effectiveness.
• If sampling is used, ask to see the statistical evidence that the sampling plan has
statistical validity (look at OC and AOQ curves). In all cases, the acceptance number
(“C”) must be zero.
o Determine if the customer requires approval of sampling plans. If so, is there
evidence of this approval?
• If practicable, observe a process (or processes) where sampling is being used.
• Review the organization’s procedure for positive recall of in-process product control.
• Determine if there have been any instances where this procedure was used. If so,
assess the controls used to assure that no nonconforming product reached the
customer.

Page 38 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

8.2.4.1a-d+ INSPECTION DOCUMENTATION:

SUMMARY

• Required inspection actions must be documented. It may be done on separate

inspection instructions, or it may be incorporated in to the production documentation,
e.g., routers, travelers, etc.
• Such instructions must define criteria for acceptance or rejection. For dimensional
characteristics, this is the nominal value and the associated tolerance. For visual
characteristics, there should be approved (controlled) visual standards. For
performance characteristics, there should be defined conditions and results.
• Instructions must define where and when inspections take place.
• Inspection results must be recorded, and include a-d above.
• Gages, etc., shall be defined, and, as required, special instructions for application and
use.

AUDIT GUIDANCE

• Determine how the organization conveys inspection instructions and criteria.

• Audit actual inspection operations against these instructions.
• Observe for correct implementation, records, and actions as warranted.
• Assess the effectiveness of the conveyance/communication for acceptance and
rejection criteria.
• If visual standards are required, determine if they are controlled to the extent
necessary to ensure their continued validity.
• If special gages or other test equipment is used, determine if associated instructions
are adequate to ensure that only conforming product is accepted. Note that even
routine gages (e.g., calipers, micrometers) may have special application instructions,
such as where on the part to apply the gage.

Page 39 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

8.2.4.2 FIRST ARTICLE INSPECTION:

SUMMARY

• New parts require a first article inspection.

• Depending upon the nature of the part, this may be as simple as a dimensional
inspection (full 100% layout) or as complex as to include chemical analysis,
performance testing, or other related tests. (AS9102 may be a requirement.)
• If there are subsequent changes, the first article inspection needs to be repeated.
Typical “changes” include engineering changes, significant manufacturing process
changes, and new suppliers.

AUDIT GUIDANCE

• Randomly select a group of part numbers being produced by the organization.

• Ask for the first article records for each of these parts. This may require the retention
of the actual part used for the first article inspection.
• Determine if there have been any changes made to the part, or if there have been any
significant manufacturing process or supplier changes.
• If so, ask for records of the first article inspection action used to validate the changes.
• As applicable, are the requirements of AS9102 met?

Page 40 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

8.3 CONTROL OF NONCONFORMING PRODUCT:

SUMMARY

• Nonconforming product, by its very nature, requires a lot of attention and control.
• The organization must define its process for reviewing and dispositioning such
product.
• This is typically done via use of a Material Review Board, typically consisting of
engineering, quality and customer-representative personnel. (Others may be
included.)
• Personnel participating in such actions must have qualification and competency for
the actions they take.
• “Use-as-is” or “repair” are not acceptable disposition categories – unless prior
approval is received from the customer.
• There are some exceptions to this. For instance, a stamped part may be rejected for
excessive burrs. Such parts can typically be “repaired” by some non-standard de-
burring operation. Such actions are acceptable provided the resulting product does
not deviate from contract requirements.

AUDIT GUIDANCE

• Review the organization’s documented procedure for controlling nonconforming

product.
• Review records to determine if these procedures are being adhered to.
• Review all disposition decisions. If “use-as-is” or “repair” has be used, determine if
such actions were taken with customer approval or, if not, if the actions taken did not
result in product that deviated in any way from contract requirements.

Page 41 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

8.3 (cont’d.) CONTROL OF NONCONFORMING PRODUCT:

SUMMARY

• Scrap control is very important to AS9100B certification. The intent is to preclude

inadvertent use by the organization or by unscrupulous scrap handlers. In other
words, there must be absolute assurance that scrap parts never find their way in to
aircraft.
• Scrap must be identified in conspicuous and permanent manners, followed by actions
to make it absolutely unusable.
• Should an organization inadvertently ship nonconforming product, it has a
responsibility to notify all applicable customers. Timely is not specifically defined,
but is usually interpreted as hours, not days.
• Such notification requires conveyance of all required descriptive information.

AUDIT GUIDANCE

• Review the organization’s procedure for scrap control.

• Observe how scrap is handled, marked, and ultimately rendered unusable.
• Determine if there have been any instances where the organization realized that
nonconforming product had been inadvertently shipped to a customer. If so, review
the records to determine if actions taken were adequate to assure that all
nonconforming product was accounted for and properly dispositioned.
• Determine if such notification was timely.
• Determine if any special customer directions were followed.

Page 42 of 43
Smithers Quality Assessments:
Differences between ISO 9001:2000 and AS9100B
REQUIREMENT

8.5.2g & h CORRECTIVE ACTION:

SUMMARY

• A documented procedure is required for corrective action.

• This procedure must contain specific actions and controls for those situations where it
has been determined that suppliers are the source of the root cause of the
nonconformance.
• There must be defined actions that address subsequent actions where the actions
originally planned are not completed on time or are not effective.

AUDIT GUIDANCE

• Review the documented procedure for corrective action.

• Determine if flow down to suppliers is addressed (in those cases where suppliers are
determined to be the root cause of the nonconformance).
• Review records for corrective actions. Pay particular attention to:
o Flow down to suppliers if applicable
o Completion of planned corrective action within the defined timeframe.
o Verification by the organization that actions taken were effective at correcting the
problem and preventing recurrences.
• If corrective actions were not timely or effective, determine what additional actions
the organization took to address this situation.

Page 43 of 43