Need help? Talk to a specialist: 630.543.3747

AS9100: A Guide to the Aerospace Industry’s Quality Management Standard

The AS9100 standard is a document that contains the requirements for implementing a quality management system (QMS) for companies operating in the aerospace industry (aviation, space, and defense). It is the prevalent standard used globally, and in general any companies doing business in this area must demonstrate AS9100 compliance.

The standard is comprehensive, and covers topics including company policies, procedures, and documentation. It also contains requirements for monitoring and control of the production environment and utilities. It is based on the ISO 9001 standard, with additions and amplifications specific to the aerospace industry. 

Demonstrating AS9100 compliance involves an initial planning and gap analysis process, then an internal audit, and finally an audit by an accredited firm, which can issue an AS9100 certification. We’ll cover that process in more detail later in this article. For companies that don’t currently have AS9100 certification, obtaining it is a strategic decision that can provide access to new markets and customers.

A Brief History of AS9100

Airplane

The origin of the AS9100 standard can be traced to the cancellation of specific MIL standards by the US Department of Defense in the mid 1990’s, in favor of the more general ISO 9000. In response, aerospace companies generated their own specific standards, which were based on ISO 9000, with modifications to address the needs of their customers. This led to an inefficient patchwork of quality systems. In response, an industry collaboration generated the AS9000 standard in 1997, which was also based on ISO 9000. 

In 1999, the standard was updated to make it suitable for global application. The new standard was designated as AS9100 in the Americas. It has slightly different designations elsewhere, which all include the “9100” code. 

The current version of the standard is AS9100D, or more generally IAQG 9100:2016. Since 1999, there have been four revisions:

  • AS9100A (2001) was an update in response to changes in the ISO 9001 standard
  • AS9100B (2004) was a minor administrative revision
  • AS9100C (2009) was written to address the perceived ineffectiveness of the standard to ensure on-time delivery of high quality parts. This was done by adding additional requirements to quantify conformance and delivery performance, and to emphasize risk management. Auditing was also made more rigorous and evidence-based through the AS9101D auditing standard.
  • AS9100D (2016), the current version, was updated to include the entire ISO 9001:2015 standard, and added guidance in the areas of safety and counterfeit parts. Another notable addition to the AS9100D standard was the recognition of human factors, like stress, fatigue, and distraction

In September 2018, AS9100D became the official requirement, and certifications based on the earlier standards were revoked. 


How to Implement AS9100 in Your Organization

AS9100 Auditor

The introduction section of the AS9100D standard states that one of its underlying concepts is “Plan-Do-Check-Act” (PDCA). You’ll see that reflected in the overall process of implementation, and within individual steps. Implementation involves an extensive planning process that includes scoping and gap analysis, a “do” step of writing and piloting the QMS, and then a series of check and act cycles in the form of audits and addressing nonconformance through corrective actions. 

The following steps are generally followed by organizations to achieve AS9100 certification, which is essentially a process of planning, enacting, and auditing a QMS. Note that one important feature of the AS9100 standard is its flexibility. The exact process and quality system that you implement can be tailored for the size and goals of your organization. 

    • Obtain commitment and engagement by top management. This includes a commitment by management to support AS9100D implementation as a project, and to communicate the importance of implementation and high level responsibilities to the rest of the organization. Leadership, including the role of management and communication of the quality policy, is covered explicitly in the standard (Section 5). 

      Because the requirements of AS9100 deeply affect the day-to-day operation of the business, including the “human factors” mentioned in the previous section, employee awareness and engagement is a necessary part of implementation. It’s important to recognize that implementation of a new quality standard can be seen as unnecessarily disruptive and may be resisted within the organization. One way to address these issues is to clearly demonstrate management commitment, and communicate the cost/benefit analysis of adopting the new standard throughout the organization. 

    • Establish an implementation team and a management representative. This team will be responsible for the planning, training, piloting, and auditing processes. It should have representatives from a cross-section of the organization, including not just production and quality control, but also other areas like product design, marketing, and purchasing. Keep in mind that the AS9100 standard will cover internal processes, as well as elements of how your business interacts with suppliers and customers.   

      The management representative, which is a role specifically described in the standard, will act as the advocate for the quality system within the company, and as the point of contact for the certification body during the audit process.

    • Establish the scope and goals of the QMS. This involves first defining the context of your organization. In this case, context refers to the external factors, like the expectations of customers and other interested parties, and internal factors, like pre-existing company values, processes, and historical performance. The context informs the scope of the QMS, which includes the goals of implementation, expected outcomes, and the limits of its application within your organization (with justification for those limits). The scope should also consider risks that could affect the interested parties, and how these risks can be addressed and mitigated. 

      Note that the scope of the QMS is a written document recognized in the AS9100 standard, and should be maintained with the other documents that are developed as part of implementation.

      When setting the goals of the QMS, keep in mind that they should be specific and measurable. In addition to making it possible to quantitatively track your progress, these characteristics are something that auditors will look for.  

    • Perform a gap assessment. Once the scope is defined, the gaps between the existing policies and procedures and those required for AS9100D should be identified. A gap assessment worksheet or checklist can be helpful for this task, where each relevant section of the AS9100 standard is checked individually. 

      The outcome of the gap assessment will be a list of areas where AS9100D procedures are already being met, and a second list of areas where procedures and documents will need to be modified or created. 

    • Update and/or write the necessary documents based on the outcome of the gap assessment. Here, a process approach is recommended, where the organization is viewed as a set of processes. Each process interacts with others through inputs and outputs. 

      For example, consider the life cycle of a part that will be sold in the aerospace market. Processes that are involved in that life cycle could be design, production, and release. Each of these processes has inputs and outputs that affect the others. For example, drawings produced in the design stage could be used to check for nonconformity in the release stage. 

      Within each process, specific procedures and documents are involved. For example, the design stage should include a procedure for making design changes and a system for keeping records of incremental revisions and approvals. In the production stage, there could be a process for identifying and rejecting suspected counterfeit parts or materials from sub-suppliers. The written procedures and systems for documentation make up the QMS. Areas where documentation is needed are listed in the standard, which is why reviewing it thoroughly during the gap analysis is necessary.  

      The need for an adequate environment and infrastructure to ensure production quality is also covered in the AS9100 standard, in Sections 7 and 8. This includes having a documented process for monitoring and recording environmental conditions in the production space, such as temperature and humidity, and any associated procedures related to maintaining and calibrating the monitoring equipment. 

      In the standard, the term “infrastructure” also includes the equipment and utilities used for production, metrology, and quality control, so procedures should also be in place for the use and maintenance of this equipment. Monitoring utilities could include measurements of electrical voltages or currents, or gas pressures and flow rates, for example.

      Note that in addition to the documents developed for specific processes, the AS9100D standard includes a number of required documents, like a quality policy, description of the scope of the QMS, and a process for managing non-conformity. 

    • Select a registrar. This is the company that will audit and provide AS9100 certification if all requirements are met. Registrars should be accredited by the ANAB, or the relevant local accreditation body. There are many registrars available for this, and it can be advantageous to select a certification body that has specific experience in your field. 

    • Release documents and conduct the necessary employee training. Note that document control becomes especially important during and after this stage. Document templates, numbering schemes, and systems for reviewing and updating documents should be in place before they are released. 

    • Use the new QMS during a “pilot” period. The audits that come next will be based on a review of your use of the QMS, and documented evidence that it is working for its intended purpose, in keeping with the ISO 9001 principle of evidence-based decision making. For this reason, the organization should run under the new QMS for a period of time, typically 3-6 months, before moving on to the audit phase. This period is also useful to fine-tune the QMS. 

    • Internal audit and management review. Before the certification audit, internal audits must be performed by employees trained for the task. They should review all of the processes covered by the QMS that were documented as part of implementation. Findings from these audits should be reviewed by management, and any necessary corrective actions should be taken prior to the next step. 

    • External audits. External auditors can then be brought in from the certification body to review all documentation, systems for record-keeping, and other applicable components of the QMS. We’ll discuss what to expect from an external audit in the following section. Once corrective actions have been completed and the audit is passed, an AS9100 certification can be issued, which is valid for 3 years. 

    • Continual monitoring and improvement. After certification is given, periodic surveillance audits are done to confirm adherence to the standard. Review and updates of the quality system should also be done regularly, with the goal of reacting to changes in the business and in the interest of general continuous improvement. 


Being Prepared for an AS9100 Audit

Man with tablet checking compliance

Audits for AS9100 are similar to those conducted for ISO 9001 compliance. The certification audit takes place in two stages:

    • The focus of the first stage is ensuring that the documentation you have in place meets all of the requirements of the AS9100D standard. For example, if manufactured parts are sensitive to temperature or humidity fluctuations, auditors will confirm that your QMS contains a process for monitoring these conditions, keeping thorough records, and calibrating and maintaining monitoring equipment as needed. Auditors will also review all of the required documents, such as the quality policy and the scope of the QMS. 

    • In the second stage, auditors will review the records that have been accumulated since the implementation of the QMS to confirm they have been meeting their intended purpose. Continuing with the example above, auditors could confirm that temperature and humidity data were collected during the pilot period, and that they were used to determine whether environmental control systems were effective. 

One way to ensure these audits go smoothly is to have a robust system of internal auditing, so that any major issues are found and corrected before the arrival of external auditors. Here are some other points to keep in mind when planning for an external audit:

    • Expect that the audit will cover every process and document within the scope of the QMS. 
    • Part of the auditing process is to document that the QMS system you’ve implemented complies with the AS9100 standard using evidence you provide, so you should plan for this when setting up the QMS.
    • Auditors will also check to see if your standard is compliant with relevant legislation. 
    • If any part of your process is done at a remote location, auditors will want to visit those locations, likely in the second stage of the certification process. 
    • If any issues are found, these are documented in a non-conformance report (NCR). You are then responsible for performing a root cause analysis, and making a plan for corrective actions. 
    • Issues must be corrected, with confirmation, within 6 months, or a repeat of the stage 2 audit will be required. 
    • While you will work with the auditors from the certification body to identify non-conformance issues, the certification body cannot act as a consultant. There are, however, independent consulting agencies that can help with implementation and developing plans for corrective action. 

Additional Ways AS9100 Can Benefit Your Organization

Airplane being manufactured

As we discussed in earlier sections, the AS9100 standard is widely accepted, and is based on the proven ISO 9001 quality management system. In other words, the AS9100 standard is the best known method to ensure quality and safety of products, and adopting it will demonstrate your commitment to quality to OEMs and other downstream customers and interested parties. 

Achieving and maintaining AS9100 compliance can have additional benefits, including:

    • Increased efficiency, through standardizing and documenting procedures and enforced reliance on evidence-based decision making
    • Implementing AS9100 requires that “institutional knowledge” is documented, evaluated, and distributed throughout the organization, preserving potentially valuable information
    • Faster diagnosis and recovery from process excursions, with thorough monitoring and record-keeping
    • Expanded business opportunities. Not only is AS9100D certification a requirement for entry to the aerospace market, but certified companies are also listed in the OASIS database of aerospace suppliers maintained by the International Aerospace Quality Group (IAQG), the organization responsible for maintaining the AS9100 standard.
    • An improved focus on risk management through the audit process
    • Streamlined documentation that can be used by a wide cross section of customers
    • Improved relationships with your suppliers, through more thorough, systematic, and standardized quality checks


Conclusion

The AS9100 standard provides comprehensive guidance on the implementation of a quality management system (QMS) in the aerospace industry. It is the best known method for ensuring product quality and mitigating risk.

The process of implementing AS9100 is rigorous and time-consuming, but for many businesses, the benefits of adopting the standard justify the cost. AS9100 certification is a requirement for doing business in the areas of aviation, space, and defense, and has additional benefits related to improving efficiency and protecting institutional knowledge. 

As with the implementation of any QMS in a complex and highly regulated industry, it often simplifies the process significantly to call on third party experts for assistance. 

If you have questions about your monitoring needs as they relate to AS9100, contact Dickson today.

Contact Us 

 

About the author: Before coming to Dickson, Director of Services Antoine Nguyen spent more than 18 years in quality and validation roles in the pharmaceutical and medical device industries.