International Aerospace Quality Management System Standard Aviation, Space, and Defense Organizations

AS9100D:2016
International Aerospace Quality

Management System Standard Aviation,
Space, and Defense Organizations
AN EXECUTIVE OVERVIEW
P
CJ C O N S U L T I N G , I N C .
PERRY JOHNSON
www.pjcinc.com • 1-888-248-0256
AS9100D:2016
Quality Management Systems - Requirements
for Aviation, Space, and Defense Organizations
AN EXECUTIVE OVERVIEW
(with additional content provided for AS9110C and AS9120B)
Revised 4/17
PERRY JOHNSON CONSULTING, INC.

Detroit
5000 Town Center, Suite 2002, Southfield, MI 48075
1-888-248-0256 or (248) 519-2602
PJC Home Page: www.pjcinc.com • Email: [email protected]
©Copyright 2017 by PERRY JOHNSON CONSULTING, INC.
All rights reserved. No part of this book may be reproduced in any form
or by any means without permission, in writing, from Perry Johnson Consulting, Inc.
AS9100D:2016
International Aerospace
Quality Management System Standard
Aviation, Space, and Defense
An Executive Overview
TABLE OF CONTENTS
Foreword .........................................................................................................................................2
The Users of This Guide ................................................................................................................3
What is AS9100? ............................................................................................................................4
Annex SL – A Common Structure ..........................................................................................5
The Origin of ISO 9000 ..........................................................................................................5
Registering to AS9100D:2016 .......................................................................................................7

Key Steps to Completing a New Registration ........................................................................7
What to Look For in a Registrar .............................................................................................9
What to Look For in an Auditor ...........................................................................................10
The Benefits of AS9100D:2016 ...................................................................................................11
The Seven Quality Management Principles ..........................................................................12
AS9100D:2016 Process-Based Structure and Clauses .........................................................13
AS9100D:2016 Quality Management System Requirements ...................................................16
4 Context of the Organization ............................................................................................16
5 Leadership .......................................................................................................................17
6 Planning ..........................................................................................................................18
7 Support ............................................................................................................................19
8 Operation.........................................................................................................................21
9 Performance Evaluation ..................................................................................................31
10 Improvement ...................................................................................................................33
AS9110C: 2016 Summary and Comparison Chart...................................................................34
AS9120B:2016 Summary and Comparison Chart ....................................................................41
Conclusion ....................................................................................................................................47
AS9100D:2016 Executive Overview Page 1 4/17

FOREWORD _____________________________________________________________
In 1999, delegates for the Organization for Standardization (ISO) consisting of representatives
from the Americas Aerospace Quality Group (AAQG), the European Association of Aerospace
Industries (AECMA), the Society of Japanese Aerospace Companies (SJAC) and the Brazilian
aerospace industry, unveiled AS9100. Using ISO 9001 as a base, this international quality
management standard is tailored specifically for the aerospace industry. AS9100 was revised in
2001, 2004, 2009, and 2016. The current version is AS9100 Revision D (AS9100D) and is
aligned with ISO 9001:2015.
Like the other ISO 9001 derivatives, AS9100D is designed to reduce

defects in the supplier chain, continually improve quality and boost
customer satisfaction. It can also considerably reduce the number of
hours spent on audits, requirements and documentation, because it is
an industry-wide standard.
AS9100 also responds to the federal government’s cancellation of

longtime standards, such as MIL-Q-9858A, by filling the vacuum with
a comprehensive quality management systems standard for the aerospace industry. The U.S.
Department of Defense (DOD) and Federal Aviation Administration (FAA) have endorsed
AS9100 for use in conjunction with their individual specifications.
Like ISO 9001, AS9100 is a voluntary standard, but it is one that has drawn unprecedented
support and cooperation from the private and public sectors. Such aerospace prime contractors
as Boeing, General Electric Aircraft Engines, Lockheed-Martin, Rolls Royce Allison, and Pratt
& Whitney are requiring their suppliers to become registered to AS9100 and ISO 9001. The list
continues to expand.
By becoming registered to AS9100 and ISO 9001, companies dealing with the aerospace prime
contractors and the government enjoy a competitive advantage. The regulatory burden is
lightened, so suppliers can spend more time improving the manufacturing process in an industry
that puts a top priority on safety and quality.
This guide was created to aid aerospace and defense suppliers seeking to implement AS9100D or
to upgrade from either ISO 9001 or AS9100 Revision C (AS9100C). It outlines the general
requirements of AS9100 step by step. Since registering to AS9100 and ISO 9001 is a lengthy
and detailed process, it is strongly suggested that firms seeking certification retain the services of
a reputable consulting firm.
PERRY JOHNSON CONSULTING, INC.

April, 2017

THE USERS OF THIS GUIDE _________________________________________
This guide will be useful to all aviation, space, and defense suppliers, in particular those firms
that meet any of the following criteria:
• Firms supplying aerospace prime contractors.
• Companies planning for future business with the aerospace

industry.
• Firms supplying the U.S. Department of Defense.
• Organizations seeking to remain abreast of worldwide quality

management systems standards development.
• Firms planning to improve their quality assurance and

management programs.
• Suppliers seeking a competitive advantage in the marketplace.
• Companies desiring to make customer satisfaction a top priority.
• Suppliers responding to customer mandates to become AS9100 registered.
• Organizations already registered to ISO 9001 or AS9100C that seek an upgrade to

AS9100D.
• Any other firms interested in becoming registered to AS9100D.

WHAT IS AS9100? _______________________________________________________
SAE Aerospace Standard AS9100D, Quality Management Systems – Requirements for Aviation,
Space, and Defense Organizations, is a quality management system standard for the aerospace
industry. It is derived from ISO 9001. AS9100D contains ISO 9001:2015 in its entirety, along
with additional aerospace and defense specific requirements.
AS9100D also addresses flowdown, an important aerospace industry concept. The major aircraft
makers and suppliers have increased their purchases from other suppliers – one estimate is that
60 to 80 percent of airplane components are bought from outside contractors. Like an orchestra
performing a symphony, they want to ensure everyone is on the same page.
Thus, the aerospace prime contractors advocate flowdown of quality

management system requirements from their own operations to
suppliers and on to those companies’ subcontractors. This is similar
to the subcontractor quality management system development
requirements in the ISO/TS 16949 automotive quality standard.
Flowdown includes specifications for parts or assembly designs,
characteristics, inspections, and other process functions and product features.
AS9100D serves as a single standard, with flowdown supported and stressed. A supplier
previously could face a huge compliance burden, with FAA, DOD and MIL-Q standards, as well
as private-sector requirements from each customer. For example, an Allied-Signal plant has an
average of 23 customers, and at one point, each of them had its own quality management system
requirements.
AS9100D has taken hold in the aerospace industry and is growing quickly in acceptance. The
International Aerospace Quality Group (IAQG), the governing body for AS9100D, has drafted
rules for audit frequency and procedures, and auditor qualifications, just as the International
Automotive Task Force (IATF) has done with ISO/TS 16949.
Under IAQG rules, aerospace suppliers register to both AS9100D and ISO 9001:2015.
AS9100D and ISO 9001:2015 registration, in turn, requires regular surveillance audits, which
follows up to ensure a company is maintaining and applying its quality management system.
Registration is the only objective way to assure your customers that you are providing quality
products. To provide objectivity, a registrar (an independent certifying body) performs regular
audits to verify whether your quality management system is meeting all requirements. This
independent evaluation is important to the customer because it is an unbiased guarantee that your
company is performing at its highest level. Without this level of surveillance, companies are not
likely to toe the line.
Because ISO 9001:2015 is the major foundation of this standard, one needs a basic knowledge of
ISO 9001:2015 to fully understand the fundamentals of AS9100D. A brief description of this
series of standards follows.

Annex SL – A Common Structure
ISO 9001:2015 and AS9100D:2016 are structureed per Annex SL. Annex SL exists as part of a
larger publication called “ISO Directives Part 1, Consolidated ISO Supplement – Procedures
specific to ISO.” This expansive document can be thought of a “playbook” for the ISO to follow
in the development of standards. It is projected that all ISO standards will follow the Annex SL
format by 2017. We will learn more about Annex SL and the standardized format over the next
several pages of this Executive Overview.
The Origin of ISO 9000

ISO 9000 is the descendant of a number of earlier quality standards, including the British BS
5750 and DEF/STAN 05-8, the NATO AQAP-1 and the U.S. Department of Defense MIL-Q-
9858A. The purpose for developing ISO 9000 was to simplify the international exchange of
goods and services by creating a common set of quality standards.
BS 5750 had the greatest influence on this international standard when it was first released by
ISO in 1987. Most industrialized nations quickly adopted harmonized versions of ISO 9000.
These national versions, which are identical to the international standard, include the American
ANSI/ISO/ASQ Q9000, sponsored by ANSI and the American Society for Quality (ASQ), and
the European Union’s EN 29000.
AS9100Dis intended to provide requirements for an organization to establish, document and

maintain a quality management system for ensuring the consistency of a process. It is not
mysterious or esoteric, consisting instead of a group of common sense and generally well-known
precepts laid out in an organized fashion.
When implemented correctly, AS9100D:2016 can offer your company several advantages. It
will guide you to build consistency into your products or services, and can help you to avoid
costly warranty costs and rework.
Today, the international standards are sanctioned by the European Union (EU), making
AS9100D:2016 registration a virtual prerequisite for doing business in its member countries.
Previously, there were more than 20 ISO 9000 standards and documents, and this proliferation
raised concerns among ISO 9000 users and consumers. In response, the TC committee agreed
that the 2000 revision and all future revisions would consist of four primary standards, supported
by several technical reports. In addition to the AS9100D:2016 standard, these three additional
primary standards are:
• ISO 9000:2015, Quality Management Systems – Fundamentals and Vocabulary. This

document, which replaced the 2005 revision, provides all sanctioned interpretations for the
numerous terms used throughout the various standards. ISO 9000:2015 also provides an
examination of the Seven Quality Management Principles, including a statement of rationale.
Finally, ISO 9000:2015 provides a number of helpful concept diagrams showing the intended
interrelationships between ideas. ISO 9000:2015 is not a certifiable standard, but it can be of
great benefit to a company newly starting out in pursuit of AS9100D:2016 certification.

• ISO 9004:2009, Managing for the sustained success of an organization – A quality
management approach. This standard, which replaced ISO 9004-1:1994, Quality
Management and Quality management system Elements – Part 1: Guidelines, provides
guidance beyond AS9100D:2016 towards developing a comprehensive quality management
system to improve an organization’s overall performance.
This document gives guidance on all aspects of a quality management system, based on the
seven quality management principles found in ISO 9000:2015. ISO 9004 is useful in auditing
the effectiveness of a company’s quality management system, with the goal of achieving
benefits for all stakeholder groups through sustained customer satisfaction. It is a reference
standard in that a company cannot become registered to ISO 9004.
• ISO 19011:2011, Guidelines for Auditing Management Systems. Initially, ISO/TC 176 was
to draft ISO 10011, Guidelines for Auditing Quality Systems, which would integrate and
replace the three quality management system auditing standards: ISO 10011-1:1990,
Guidelines for Auditing Quality Systems – Part 1: Auditing, ISO 10011-2:1991, Guidelines
for Auditing Quality Systems – Part 2: Qualifications Criteria for Quality Systems Auditors,
and ISO 10011-3:1991, Guidelines for Auditing Quality Systems – Part 3: Management of
Audit Programs. Instead, the Joint Working Group (JWG) on Quality and Environmental
Auditing, consisting of experts from ISO/TC 176/SC 3, Auditing and ISO/TC 207,
Environmental Management, SC 2, Environmental Auditing, agreed to draft a joint quality
and environmental management systems auditing standard, ISO 19011. It applies to first,
second and third party audits; auditor qualification criteria; and audit program management.
ISO 19011 replaced ISO 10011-1, ISO 10011-2 and ISO 10011-3, along with the three
environmental auditing standards: ISO 14010:1996, Guidelines for Environmental Auditing –
General Principles, ISO 14011:1996, Guidelines for Environmental Auditing – Audit
Procedures – Auditing of Environmental Management Systems, and ISO 14012:1996,
Guidelines for Environmental Auditing – Qualification Criteria for Environmental Auditors.

REGISTERING TO AS9100D:2016 ____________________________________
AS9100D:2016 registration is a tangible expression of a firm’s commitment to quality that is

internationally understood and accepted. AS9100D registered organizations almost universally
realize major increases in customer acceptance, as well as reductions in costs. Many American
firms, already subject to quality management system standards imposed by major customers, find
that the major effect of AS9100D registration is on their non-manufacturing functions, which
tend to be overlooked by manufacturing-based quality systems.
AS9100D registration is carried out by certification bodies (commonly called registrars), which
are accredited organizations that review the facility’s quality manual and other documentation to
ensure that they meet the standard, and audit the firm’s processes to ensure that the quality
management system described in the documentation is in place and is effective. Once registration
is obtained, the registrar conducts regular surveillance audits of the facility to determine if its
quality management system continues to meet the standard’s requirements.
As it typically takes 6 to 18 months to complete the AS9100D registration process, organizations

are advised not to put off registration for too long.
Key Steps to Completing a New Registration

Before an organization can be considered for registration, several preliminary steps should be
taken.
The first step is to implement a quality management system that meets AS9100D:2016
requirements.
To qualify for registration, it’s not enough to just conform to the standard. Organizations must
determine what their processes are, and what their intentions are for controlling their processes.
Methodologies for the myriad requirements for records (called “Retained Documented
Information in AS9100D:2016) must also be determined. Many other questions of approach
have to be answered as well, for requirements ranging from competency records to external
provider evaluation. Organizations must ensure that the system they establish is robust,
effective, transparent, and consistent.
After successfully completing the preliminary steps, a relationship must be established with a
registrar. The registrar’s job is to verify whether an organization’s quality management system
has been properly implemented and conforms to AS9100D:2016 and any other applicable
requirements.

Once the services of an accredited registrar have been obtained, a formal application must be
filed. When all of the documentation has been submitted, the registrar conducts a two stage audit.
The first stage involves an audit of basic documentation including records of a full system
internal audit followed by a formal management review. According to the ISO standard that
controls registrar activities (ISO 17021), “Stage 1” audits may be done off-site. A telephone
conference may occur in place of an on-site visit. The “Stage 1” auditor will identify items that
require correction before the “Stage 2” audit can begin. Once the registrar determines that the
Stage 1 basic documentation and data requirements are met, the “Stage 2” audit may proceed.
The Stage 2 audit is a full system audit that takes place after the Stage 1 corrections are verified
by the Stage 2 auditor. Performance data is checked for effectiveness relative to documented
objectives. Product and service realization activities within the facility are checked for
conformity to quality control plans as well as to effectiveness. Other management system
activities are checked relative to documented processes and procedures. Please note, firms that
are interested in registration to both AS9100D:2016 and ISO 14001:2015 should discuss this
objective with their registrar to determine whether the audits to the two standards may be
conducted simultaneously.
During the on-site “Stage 2” audit, the registrar auditor interviews employees, reviews records,
and performs a detailed inspection of the facility’s quality management system documents. The
purpose of the audit is to ensure that the facility’s quality management system is functioning
adequately and conforms to all AS9100D:2016 requirements.
Afterward, the registrar reports its findings in an audit report. If any major or minor
nonconformities are found, the organization (or auditee) must take corrective action to remedy
the cause of the nonconformity. Nonconformities must be remedied within a set time frame,
determined by the registrar. Once the registrar has closed out all outstanding nonconformities, a
certificate of registration is issued.
To ensure that organizations are following AS9100D:2016 requirements after registration is

obtained, the registrar conducts on-site surveillance audits at least once each year.
Remember: In order to achieve registration to AS9100D:2016, the organization must

completely embrace the standard, which focuses on performance, consistency, and
objective/audit evidence.

What to Look For in a Registrar
In selecting a registrar, it is extremely important for every organization to be aware of the
relevant qualifications.
A registrar must:
• Be accredited by a national accreditation body, such as the ANAB (ANSI-ASQ National

Accreditation Board) of the United States, the Raad voor Accreditatie (RvA) of the
Netherlands, or the United Kingdom Accreditation Service (UKAS); to the requirements of
ISO/IEC 17021 Requirements for Bodies providing audit and certification of management
systems. Among other benefits, using an accredited registrar assures the following:
– The registrar is required to provide a fair and documented process for any disputed
findings, client complaints, or other similar situations;
– The registrar can be reported, and by extension held accountable to the requirements of
ISO 17021 by the accreditation bodies;
– The registrar must ensure that their auditors are full competent for the audits they
perform; and
– All audits are subject to a wide ranging review process by numerous persons, assuring a
fair and unbiased process.
• Maintain a listing of its AS9100D qualified auditors;
• Have personnel on its executive (registration) committee or governing board with industry
experience and expertise in the appropriate Standard Industrial Classification (SIC), North
American Industry Classification System (NAICS) or European Accreditation of
Certification (EAC) codes;

What to Look For in an Auditor
Requirements have been established for the auditors working for accredited AS9100D registrars.
Before an auditor can evaluate an organization’s facility to verify whether its quality
management system conforms to AS9100D:2016 requirements, the auditor must satisfy the
following conditions:
1) Auditors must have satisfactorily completed AS9100D training courses and demonstrated
their knowledge of AS9100D:2016. Certificates are awarded to those auditors who have
successfully completed this training;
2) Auditors must comply with ISO 19011:2011, Guidelines for auditing management systems;
3) They must be recognized and qualified as AS9100D auditors under the registrar’s criteria;
and,
4) At least one member of an audit team must have relevant industry knowledge in the
appropriate SIC, NAICS or EAC codes, as determined by the registrar’s qualification
process, for each client.
Before hiring the services of a registrar, it’s a good idea to make sure the registrar and its
auditors have met the above qualifications.
Auditors and other relevant registrar personnel are required to demonstrate knowledge and
understanding of AS9100D:2016 requirements; the seven quality management principles on
which the revised standards are based, and the standard’s many terms and definitions, both of
which appear in ISO 9000:2015.
Registrars must take particular care in defining the scope of AS9100D:2016 registration
certificates and any cited “non-applicable clauses”, as set forth in AS9100D:2016, Section 4.3.
When issuing a tailored registration certificate, a registrar must keep in mind that “such non-
applicable clauses do not affect the organization’s ability, or responsibility, to provide product
that fulfills customer and applicable regulatory requirements.”

THE BENEFITS OF AS9100D:2016 ____________________________________
AS9100D is an ideal quality management system for facilities that are serious about quality, with
AS9100D:2016 registration providing a competitive edge. AS9100D:2016 registration gives the
facility the benefit of an objectively evaluated and enforced quality management system.
Facilities that operate AS9100Dquality management systems tend to exhibit a philosophy of

prevention rather than detection; risk management of potential concerns, continuous review of
critical process points; corrective actions and outcomes; consistent communication within the
process, and among facility, suppliers and customers; thorough record keeping and efficient
control of critical documents; total quality awareness by all employees; and a high level of
executive management confidence and support.
These attributes lead to dependable process input, control of quality costs, increased productivity
and reduced waste. A well-designed and implemented AS9100D quality management system
creates a process that tends to be lean, sensitive to customer needs, highly reactive, efficient and
positioned at the leading edge of its marketplace.
Any company that becomes registered to AS9100D:2016 will be better positioned to do business
overseas, especially in countries where the standard has become a virtual necessity for market
entry. Registration also enables facilities to protect existing markets when their customers
mandate it. It offers the potential of reducing time-consuming and expensive supplier audits, and
is a powerful strategic benefit for facilities having current or planned business ties with the
European Union (EU).
The EU Council of Ministers now mandates AS9100D registration for makers of such products
as commercial scales, construction products, gas appliances, industrial safety equipment, medical
devices, and telecommunications terminal equipment.
More products may be added to this list under additional product directives. This is especially
likely for products and services that are potentially hazardous involve personal safety or are
otherwise affected by product liability or similar regulations.
Organizations that register to AS9100D:2016 also enjoy a clear competitive edge over
companies that are not registered. Registered organizations are authorized to display a special
mark or logo, and firms throughout the U.S., the EU and elsewhere understand the significance
behind that mark.
Bottom line: An organization that chooses to conform to AS9100D will be operating a top-notch
quality management system that focuses on informed and competent management decision
making, control of quality costs, increased productivity and reduced waste.

The Seven Quality Management Principles
ISO 9000:2005, Section 2.3 set forth seven quality management principles, which have been
identified for leading an organization toward improved performance. Beyond simply listing the
Principles, ISO 9000 also provides rationale, benefits, and information on possible approaches to
each Principle. These Principles are the basis of AS9100D:2016. They are:
a. Customer Focus. Organizations depend on their customers and therefore should understand
current and future customer needs, should meet customer requirements and strive to exceed
customer expectations.
b. Leadership. Leaders establish unity of purpose and direction of the organization. They
should create and maintain the internal environment in which people can become fully
involved in achieving the organization’s objectives.
c. Engagement of People. Competent, empowered, and engaged people at all levels are the
essence of an organization and drive the organization’s ability to create and deliver value.
d. Process Approach. Desired results are achieved more efficiently when activities and related
resources are managed as processes within a coherent system.
e. Improvement. Improvement of the organization’s overall performance should be an ongoing

focus of the organization.
f. Evidence Based Decision Making. Decisions based on the analysis of data and information is
more likely to deliver desired results.
g. Relationship Management. An organization and its external interested parties are

interdependent and share a role in each other’s success.

AS9100D:2016 Process-Based Structure and Clauses
The revised continues to be consistent with the plan-do-check improvement cycle, and continues
to use the process management structure widely used in business today. It introduces several
new clauses intended to drive Risk Based Thinking.
The reader is reminded that the Annex SL format provided in this structure is the same used by
ISO 14001:2015 and all other ISO issued standards.
Non-Auditable clauses of AS9100D:2016 are:
1. Scope – which provides a general statement about to whom AS9100D:2016 is intended to

apply.
2. Normative Reference – which provides an explanation of the linkage between

AS9100D:2016 and ISO 9000:2015.
3. Terms and Definitions – which establishes the use of ISO 9000:2015 for all official
definitions.
Auditable clauses of AS9100D:2016 are:
4. Context of the Organization (4 clauses), which mandate an organization to determine the

scope of its system, ascertain interested parties, and in general determine the breadth of their
quality management system, which defines and manages processes in order to produce a
consistent product or service and allow for continual improvement.
5. Leadership (3 clauses), under which management defines policy, organizational roles, and
assures focus on the customer. It is emphasized that Leadership means a shared responsibility
for the management of the quality system.
6. Planning (3 clauses), under which the primary requirements related to risk management, as
well as objectives (planning, reporting, etc.) are found. A set of requirements pertaining to
management of changes is also found here.
7. Support (5 clauses), which provide requirements pertaining to all of the various resources an
organization needs to effectively operate their quality system, including people (competency)
measurement devices (calibration/verification), and documented information (maintained and
retained.)
8. Operation (7 clauses), which provides requirements pertaining to the crucial and central
activities of a quality management system. All of the “day-to-day” activities are found here,
including interaction with customers, design of products/services, and interface with external
providers, and control of production/service provision.

9. Performance Evaluation (3 clauses), which provide requirements pertaining to three of the
most crucial methods used by Organizations to self-regulate their quality management
system and ensure its effectiveness. These are Management Review, Internal Audit, and
Customer Satisfaction.
10. Improvement (3 clauses), which provides requirements pertaining to the actions that should
be taken as a result of evaluations and other output monitoring actions discussed in earlier
parts of the standard. Ideas covered here include Corrective Action and Continual
Improvement.
Taken together these seven auditable sections can be thought of as a three part approach to the
functioning of a quality management system, as follows:
Foundation/Basic Building Blocks (Sections 4-7)
The first four sections of auditable content taken together represent the basic pieces that an
organization needs to establish to enable a successful quality management system. Without these
pieces, the later requirements will likely not be successful.
Day to Day Activities (Section 8)
Taken together, the requirements provided in Section 8 are almost a process flow in and of
themselves. Beginning with Operational Planning in 8.1 and Customer Requirements
Determination in 8.2 the organization is supposed to figure out what is needed, later taking steps
such as designing the product (8.3), purchasing materials (8.4) and ensuring that
production/service is carried out consistently (8.5.1.) Auditors typically spend at least 60% of
available audit time in Section 8. The processes it attempts to control are inevitably the most
important in any organization.
Analysis and Improvement (Sections 9 and 10)
The standard concludes with a pair of Sections that attempt to collect all of the best methods that
a company should use to ensure that its processes are effective, its customers are satisfied, and
that continual improvement is being achieved. Many auditors review these sections early in an
audit to develop audit trails.
All quality management system requirements for achieving conformity of product and/or service
may be placed within this process model. Leadership can be thought of as impacting all of the
various activities of the quality management system. The Plan-Do-Check-Act cycle follows the
various processes of the organization. Careful planning based on input from customers and other
interested parties leads to effective operations, which in turn are evaluated with improvement
actions taken where needed or desired. The ultimate goal of these interacting activities is a
consistent effective product/service that satisfies all customers.

Plan
Check

AS9100D:2016 QUALITY MANAGEMENT SYSTEM
REQUIREMENTS _______________________________________________________
All AS9100D:2016 clauses are briefly described below.
4 – Context of the Organization
4.1 Understanding the organization and its context requires the organization to determine
external and internal issues that are relevant to its purpose and its strategic direction and that
affect its ability to achieve the intended result(s) of its quality management system. It also
requires the organization to monitor and review information about these external and internal
issues. Issues are understood to include positive and negative factors or conditions for
consideration. Understanding of external context can be facilitated by considering issues arising
from legal, technological, competitive, market, cultural, social and economic environments,
whether international, national, regional or local. Understanding of internal context can be
facilitated by considering issues related to values, culture, knowledge and performance of the
organization.
4.2 Understanding the needs and expectations of interested parties requires an organization
to determine the interested parties and requirements therein that are relevant to the quality
management system. The organization is also required to monitor and review information about
these interested parties and their relevant requirements.
4.3 Determining the scope of the quality management system requires the organization to
determine the boundaries and applicability of the quality management system to establish its
scope. When doing so, the organization should consider the external and internal issues referred
to in 4.1, the requirements of relevant interested parties referred to in 4.2, and what their products
and services are. Organizations are required to apply all the requirements of AS9100D:2016 if
they are applicable within the determined scope of the quality management system. The scope of
the organization’s quality management system has to be available and maintained as documented
information. The scope must stipulate the types of products and services covered, and provide
justification for any requirement of AS9100D:2016 that the organization has determined as not
applicable to the scope of its quality management system. Conformity to AS9100D:2016 may
only be claimed if the requirements determined as not being applicable do not affect the
organization’s ability or responsibility to ensure the conformity of its products and services and
the enhancement of customer satisfaction.

4.4 Quality management system and its processes establish two different sets of requirements:
4.4.1 Requires the organization to establish, implement, maintain and continually improve a
quality management system, including the processes needed and their interactions, in accordance
with the requirements of AS9100D:2016. It also requires the organization to address customer
and applicable statutory and regulatory quality management system requirements. It requires the
organization to determine the processes needed for the quality management system and their
application throughout the organization. It requires the organization to determine the inputs
required and the outputs expected from these processes, determine the sequence and interaction
of these processes, to determine and apply the criteria and methods (including monitoring,
measurements and related performance indicators) needed to ensure the effective operation and
control of these processes, to determine the resources needed for these processes and ensure their
availability, to assign the responsibilities and authorities for these processes, to address the risks
and opportunities as determined in accordance with the requirements of 6.1, to evaluate these
processes and implement any changes needed to ensure that these processes achieve their
intended results, and to improve the processes and the quality management system.
4.4.2 Requires the organization to maintain documented information to support the operation of
its processes, and to retain documented information to have confidence that the processes are
being carried out as planned.
In addition, the organization must establish and maintain documented information that includes a
general description of relevant interested parties, the scope of the quality management system,
including boundaries and applicability, a description of the processes needed for the quality
management system and their application throughout the organization, the sequence and
interaction of these processes, and assignment of the responsibilities and authorities for these
processes.
There is a note added to suggest the above description of the quality management system can be
in a quality manual.
5 – Leadership
5.1 Leadership and commitment
5.1.1 General requires top management to demonstrate leadership and commitment with respect
to the quality management system by taking accountability for the effectiveness of the quality
management system, ensuring that the quality policy and quality objectives are established for
the quality management system and are compatible with the context and strategic direction of the
organization, ensuring the integration of the quality management system requirements into the
organization’s business processes, promoting the use of the process approach and risk-based
thinking, ensuring that the resources needed for the quality management system are available,
communicating the importance of effective quality management and of conforming to the quality
management system requirements, ensuring that the quality management system achieves its
intended results, engaging, directing and supporting persons to contribute to the effectiveness of
the quality management system, promoting improvement, and supporting other relevant
management roles to demonstrate their leadership as it applies to their areas of responsibility.

5.1.2 Customer focus requires top management to demonstrate leadership and commitment with
respect to customer focus by ensuring that customer and applicable statutory and regulatory
requirements are determined, understood and consistently met, the risks and opportunities that
can affect conformity of products and services and the ability to enhance customer satisfaction
are determined and addressed, that the focus on enhancing customer satisfaction is maintained,
and that product and service conformity and on-time delivery performance are measured and
appropriate action is taken if planned results are not, or will not be, achieved.
5.2 Policy
5.2.1 Establishing the quality policy requires top management to establish, implement and
maintain a quality policy that is appropriate to the purpose and context of the organization and
supports its strategic direction, provides a framework for setting quality objectives, includes a
commitment to satisfy applicable requirements, and includes a commitment to continual
improvement of the quality management system.
5.2.2 Communicating the quality policy requires the quality policy to be available and be
maintained as documented information, be communicated, understood and applied within the
organization, and be available to relevant interested parties, as appropriate.
5.3 Organizational roles, responsibilities and authorities requires top management to ensure
that the responsibilities and authorities for relevant roles are assigned, communicated and
understood within the organization. It further requires top management to assign the
responsibility and authority for ensuring that the quality management system conforms to the
requirements of AS9100D:2016, ensuring that the processes are delivering their intended
outputs, reporting on the performance of the quality management system and on opportunities for
improvement (see 10.1), in particular to top management, ensuring the promotion of customer
focus throughout the organization, and ensuring that the integrity of the quality management
system is maintained when changes to the quality management system are planned and
implemented.
In addition, the standard requires the appointment of a management representative with similar
requirements found in AS9100C:2009. Please note there is no such specific call out in ISO
9001:2015.
6 – Planning
6.1 Actions to address risks and opportunities
6.1.1 Requires the organization to consider the issues referred to in 4.1 and the requirements
referred to in 4.2 and then to determine the risks and opportunities that need to be addressed to
give assurance that the quality management system can achieve its intended result(s), to enhance
desirable effects, to prevent, or reduce, undesired effects, and to achieve improvement.
6.1.2 Requires the organization to plan actions to address these risks and opportunities, to
determine how to integrate and implement the actions into its quality management system
processes and to evaluate the effectiveness of these actions. Actions taken to address risks and
opportunities must be proportionate to the potential impact on the conformity of products and
services.

6.2 Quality objectives and planning to achieve them
6.2.1 Requires the organization to establish quality objectives at relevant functions, levels and
processes needed for the quality management system. It further requires that quality objectives
be consistent with the quality policy, be measurable, take into account applicable requirements,
be relevant to conformity of products and services and to enhancement of customer satisfaction,
be monitored, be communicated, and be updated as appropriate. Lastly, it requires the
organization to maintain documented information on the quality objectives.
6.2.2 Requires the organization (with regards to Quality Objectives) to determine what will be
done, what resources will be required, who will be responsible, when it will be completed, and
how the results will be evaluated.
6.3 Planning of changes requires (when an organization determines that there is a need for
changes to the quality management system,) that those changes be carried out in a planned
manner (per 4.4.) Furthermore, it requires the origination to consider the purpose of the changes
and their potential consequences, the integrity of the quality management system, the availability
of resources, and the allocation or reallocation of responsibilities and authorities.
7 – Support
7.1 Resources
7.1.1 General requires the organization to determine and provide the resources needed for the
establishment, implementation, maintenance and continual improvement of the quality
management system. It further requires the organization to consider the capabilities of, and
constraints on, existing internal resources, and what needs to be obtained from external
providers.
7.1.2 People requires the organization to determine and provide the persons necessary for the
effective implementation of its quality management system and for the operation and control of
its processes.
7.1.3 Infrastructure requires the organization to determine, provide and maintain the
infrastructure necessary for the operation of its processes and to achieve conformity of products
and services. Infrastructure is understood to include buildings and associated utilities, equipment,
including hardware and software, transportation resources, and information and communication
technology.
7.1.4 Environment for the operation of processes requires the organization to determine,
provide and maintain the environment necessary for the operation of its processes and to achieve
conformity of products and services. Environment is understood to include a combination of
human and physical factors, such as social (e.g. non-discriminatory, calm, non-confrontational),
psychological (e.g. stress-reducing, burnout prevention, emotionally protective), and physical
(e.g. temperature, heat, humidity, light, airflow, hygiene, noise). These factors can differ
substantially depending on the products and services provided.

7.1.5 Monitoring and measuring resources
7.1.5.1 General requires the organization to determine and provide the resources needed to
ensure valid and reliable results when monitoring or measuring is used to verify the conformity
of products and services to requirements. It further requires the organization to ensure that the
resources provided are suitable for the specific type of monitoring and measurement activities
being undertaken, and are maintained to ensure their continuing fitness for their purpose.
Finally, it requires the organization to retain appropriate documented information as evidence of
fitness for purpose of the monitoring and measurement resources.
7.1.5.2 Measurement traceability requires that when measurement traceability is a requirement,

or is considered by the organization to be an essential part of providing confidence in the validity
of measurement results, measuring equipment be calibrated or verified, or both, at specified
intervals, or prior to use, against measurement standards traceable to international or national
measurement standards; when no such standards exist, the basis used for calibration or
verification to be retained as documented information. It also requires that measuring equipment
be identified in order to determine their status, and safeguarded from adjustments, damage or
deterioration that would invalidate the calibration status and subsequent measurement results.
The standard requires that the organization provide a recall process for calibration and
verification and that a register is maintained with specific information related to equipment type,
unique identification, location, and the calibration or verification method, frequency, and
acceptance criteria.
Finally, it requires the organization to determine if the validity of previous measurement results
has been adversely affected when measuring equipment is found to be unfit for its intended
purpose, and to take appropriate action as necessary.
7.1.6 Organizational knowledge requires the organization to determine the knowledge

necessary for the operation of its processes and to achieve conformity of products and services.
It also requires that knowledge be maintained and made available to the extent necessary. When
addressing changing needs and trends, the organization must consider its current knowledge and
determine how to acquire or access any necessary additional knowledge and required updates.
7.2 Competence requires the organization to determine the necessary competence of person(s)
doing work under its control that affects the performance and effectiveness of the quality
management system, to ensure that these persons are competent on the basis of appropriate
education, training, or experience, to take actions (where applicable) to acquire the necessary
competence, to evaluate the effectiveness of the actions taken; and to retain appropriate
documented information as evidence of competence.
7.3 Awareness requires the organization to ensure that persons doing work under the
organization’s control are aware of the quality policy, relevant quality objectives, their
contribution to the effectiveness of the quality management system, including the benefits of
improved performance, the implications of not conforming with the quality management system
requirements, relevant quality management system documented information and changes, their
contribution to product or service conformity, their contribution to product safety, and the
importance of ethical behavior.

7.4 Communication requires the organization to determine the internal and external
communications relevant to the quality management system, including on what it will
communicate, when to communicate, with whom to communicate, how to communicate, and
who communicates.
7.5 Documented information
7.5.1 General requires the organization’s quality management system to include documented
information required by AS9100D:2016, documented information, as well as documented
information determined by the organization as being necessary for the effectiveness of the
quality management system.
7.5.2 Creating and updating requires that when creating and updating documented information,
the organization ensures appropriate identification and description (e.g. a title, date, author, or
reference number), format (e.g. language, software version, graphics) media (e.g. paper,
electronic) and review and approval for suitability and adequacy.
7.5.3 Control of documented information
7.5.3.1 Requires documented information required by the quality management system and by
AS9100D:2016 to be controlled to ensure it is available and suitable for use, where and when it
is needed. It further requires that documented information be adequately protected (e.g. from
loss of confidentiality, improper use, or loss of integrity).
7.5.3.2 Requires the organization (as it pertains to control of documented information) to address
the following activities, as applicable. Distribution, access, retrieval and use, storage and
preservation, including preservation of legibility, control of changes (e.g. version control), and
retention and disposition. It further required that documented information of external origin
determined by the organization to be necessary for the planning and operation of the quality
management system be identified as appropriate, and be controlled. It requires documented
information retained as evidence of conformity is protected from unintended alterations. Finally,
the organization must prevent the unintended use of obsolete documented information by
removal or by application of suitable identification or controls if kept for any purpose.
8 – Operation
8.1 Operational planning and control requires the organization to plan, implement and control
the processes (see 4.4) needed to meet the requirements for the provision of products and
services, and to implement the actions determined in Clause 6. This is to be accomplished by
determining the requirements for the products and services, establishing criteria for the processes
and the acceptance of products and services, determining the resources needed to achieve
conformity to the product and service requirements, implementing control of the processes in
accordance with the criteria, determining, maintaining and retaining documented information to
the extent necessary to have confidence that the processes have been carried out as planned and
to demonstrate the conformity of products and services to their requirements and to meet on-time
delivery of products and services.

Additional requirements include determining the processes and controls needed to manage
critical items (including production process controls when key characteristics have been
identified), engaging representatives of affected organization functions for operational planning
and control, determining the process and resources to support the use and maintenance of the
products and services, determining the products and services to be obtained from external
providers, and establishing the controls needed to prevent the delivery of nonconforming
products and services to the customer.
As appropriate, the organization must plan and manage product and service provision in a
structured and controlled manner including scheduled events performed in a planned sequence to
meet requirements at acceptable risk, within resource and schedule constraints.
Furthermore it requires that the output of this planning be suitable for the organization’s
operations. The organization must control planned changes and review the consequences of
unintended changes, taking action to mitigate any adverse effects, as necessary. It requires that
the organization ensures control of the outsourced processes (per 8.4), establishing,
implementing, and maintaining a process to plan and control the temporary or permanent transfer
of work, to ensure the continuing conformity of the work to requirements. The process must
ensure that work transfer impacts and risks are managed.
Specific plans must be planned, implemented, and maintained for Operational Risk Management,
Configuration Management, Product Safety, and Prevention of Counterfeit Parts.
8.2 Requirements for products and services
8.2.1 Customer communication requires that communication with customers includes

providing information relating to products and services, handling enquiries, contracts or orders,
including changes, obtaining customer feedback relating to products and services, including
customer complaints, handling or controlling customer property, and establishing specific
requirements for contingency actions, when relevant.
8.2.2 Determining the requirements for products and services requires that when determining
the requirements for the products and services to be offered to customers, the organization must
ensure that the requirements for the products and services are defined, including any applicable
statutory and regulatory requirements, as well as those considered necessary by the organization.
The organization must determine that it can meet the claims for the products and services it
offers. It also must ensure that special requirements of the products and services are determined
and operational risks (e.g., new technology, ability and capacity to provide, short delivery time
frame) have been identified.

8.2.3 Review of the requirements for products and services
8.2.3.1 Requires the organization to ensure that it has the ability to meet the requirements for
products and services to be offered to customers. The organization must conduct a review before
committing to supply products and services to a customer. This review must include
requirements specified by the customer, including the requirements for delivery and post-
delivery activities, requirements not stated by the customer, but necessary for the specified or
intended use, when known, requirements specified by the organization, statutory and regulatory
requirements applicable to the products and services and contract or order requirements differing
from those previously expressed. Furthermore it mandates that the customer’s requirements must
be confirmed by the organization before acceptance when the customer does not provide a
documented statement of their requirements.
This review must be coordinated with applicable functions of the organization. If upon review
the organization determines that some customer requirements cannot be met or can only partially
be met, the organization shall negotiate a mutually acceptable requirement with the customer.
8.2.3.2 Requires the organization to retain (as applicable) documented information on the results
of the review, and on any new requirements for the products and services.
8.2.4 Changes to requirements for products and services require the organization to ensure
that relevant documented information is amended, and that relevant persons are made aware of
the changed requirements, when the requirements for products and services are changed.
8.3 Design and development of products and services
8.3.1 General requires the organization to establish, implement and maintain a design and
development process that is appropriate to ensure the subsequent provision of products and
services.
8.3.2 Design and development planning requires the organization (when they determine the
stages and controls for design and development) to consider the nature, duration and complexity
of the design and development activities, the required process stages, including applicable design
and development reviews, the required design and development verification and validation
activities, the responsibilities and authorities involved in the design and development process, the
internal and external resource needs for the design and development of products and services, the
need to control interfaces between persons involved in the design and development process, the
need for involvement of customers and users in the design and development process, the
requirements for subsequent provision of products and services, the level of control expected for
the design and development process by customers and other relevant interested parties, and the
documented information needed to demonstrate that design and development requirements have
been met.
When appropriate, the organization must divide the design and development effort into distinct
activities and, for each activity, define the tasks, necessary resources, responsibilities, design
content, and inputs and outputs. Design and development planning must consider the ability to
provide, verify, test and maintain products and services (reference output of 8.1 a).

8.3.3 Design and development inputs requires the organization to determine the requirements
essential for the specific types of products and services to be designed and developed. It further
requires the organization to consider functional and performance requirements, statutory and
regulatory requirements, standards or codes of practice that the organization has committed to
implement, and potential consequences of failure due to the nature of the products and services.
When applicable, the potential consequences of obsolescence (e.g., materials, processes,
components, equipment, products) must be considered. It further requires that inputs be adequate
for design and development purposes, as well as complete and unambiguous. Finally, it requires
that conflicting design and development inputs be resolved and that the organization retain
documented information on design and development inputs.
8.3.4 Design and development controls requires the organization to apply controls to the design
and development process to ensure that the results to be achieved are defined, that reviews are
conducted to evaluate the ability of the results of design and development to meet requirements,
that verification activities are conducted to ensure that the design and development outputs meet
the input requirements, that validation activities are conducted to ensure that the resulting
products and services meet the requirements for the specified application or intended use, that
any necessary actions are taken on problems determined during the reviews, or verification and
validation activities, that documented information of these activities is retained, and that
progression to the next stage is authorized.
When tests are necessary for verification and validation, these tests shall be planned, controlled,
reviewed, and documented to ensure and prove test plans or specifications identify the test item
being tested and the resources being used, define test objectives and conditions, parameters to be
recorded and relevant acceptance criteria; test procedures describe the test methods to be used,
how to perform the test, and how to record the results; the correct configuration of the test item is
submitted for the test; the requirements of the test plan and the test procedures are observed; and,
the acceptance criteria are met.
Monitoring and measuring devices used for testing must be controlled as defined in clause 7.1.5.
At the completion of design and development, the organization must ensure that reports,
calculations, test results, etc., are able to demonstrate that the design for the product or service
meets the specification requirements for all identified operational conditions.
8.3.5 Design and development outputs requires the organization to ensure that design and
development outputs meet the input requirements, are adequate for the subsequent processes for
the provision of products and services, include or reference monitoring and measuring
requirements, as appropriate, and acceptance criteria, specify the characteristics of the products
and services that are essential for their intended purpose and their safe and proper provision, e.
specify, as applicable, any critical items, including any key characteristics, and specific actions
to be taken for these items, and are approved by authorized person(s) prior to release.
Furthermore, it requires the organization to define the data required to allow the product to be
identified, manufactured, verified, used, and maintained, and to retain documented information
on design and development outputs.

8.3.6 Design and development changes requires the organization to identify, review and control
changes made during, or subsequent to, the design and development of products and services, to
the extent necessary to ensure that there is no adverse impact on conformity to requirements. It
further requires the organization to retain documented information on design and development
changes, the results of reviews, the authorization of the changes, and the actions taken to prevent
adverse impacts. Design and development changes must be controlled in accordance with the
configuration management process requirements.
8.4 Control of externally provided processes, products and services
8.4.1 General requires the organization to ensure that externally provided processes, products
and services conform to requirements; be responsible for the conformity of all externally
provided processes, products, and services, including from sources defined by the customer;
ensure, when required, that customer-designated or approved external providers, including
process sources (e.g., special processes), are used; identify and manage the risks associated with
the external provision of processes, products, and services, as well as the selection and use of
external providers; and require that external providers apply appropriate controls to their direct
and sub-tier external providers, to ensure that requirements are met.
It further requires the organization to determine the controls to be applied to externally provided
processes, products and services when products and services from external providers are
intended for incorporation into the organization’s own products and services, when products and
services are provided directly to the customer(s) by external providers on behalf of the
organization, or when a process, or part of a process, is provided by an external provider as a
result of a decision by the organization. This requirement further stipulates that the organization
must determine and apply criteria for the evaluation, selection, monitoring of performance, and
re-evaluation of external providers, based on their ability to provide processes or products and
services in accordance with requirements. Lastly the organization is required to retain
documented information of these activities and any necessary actions arising from the
evaluations.
Finally the organization must define the process, responsibilities, and authority for the approval
status decision, changes of the approval status, and conditions for a controlled use of external
providers depending on their approval status; maintain a register of its external providers that
includes approval status (e.g., approved, conditional, disapproved) and the scope of the approval
(e.g., product type, process family); periodically review external provider performance including
process, product and service conformity, and on-time delivery performance; define the necessary
actions to take when dealing with external providers that do not meet requirements; and, define
the requirements for controlling documented information created by and/or retained by external
providers.

8.4.2 Type and extent of control requires the organization to ensure that externally provided
processes, products and services do not adversely affect the organization’s ability to consistently
deliver conforming products and services to its customers. Furthermore, it requires the
organization to ensure that externally provided processes remain within the control of its quality
management system, to define both the controls that it intends to apply to an external provider
and those it intends to apply to the resulting output, to take into consideration the potential
impact of the externally provided processes, products and services on the organization’s ability
to consistently meet customer and applicable statutory and regulatory requirements, the
effectiveness of the controls applied by the external provider, and the results of the periodic
review of external provider performance. This requirement also stipulates that the organization
must determine the verification, or other activities, necessary to ensure that the externally
provided processes, products and services meet requirements.
Verification activities of externally provided processes, products, and services must be

performed according to the risks identified by the organization. These must include inspection or
periodic testing, as applicable, when there is high risk of nonconformities including counterfeit
parts.
When externally provided product is released for production use pending completion of all
required verification activities, it must be identified and recorded to allow recall and replacement
if it is subsequently found that the product does not meet requirements.
When the organization delegates verification activities to the external provider, the scope and
requirements for delegation must be defined and a register of delegations shall be maintained.
The organization shall periodically monitor the external provider’s delegated verification
activities.
When external provider test reports are utilized to verify externally provided products, the
organization must implement a process to evaluate the data in the test reports to confirm that the
product meets requirements. When a customer or organization has identified raw material as a
significant operational risk (e.g., critical items), the organization must implement a process to
validate the accuracy of test reports.
8.4.3 Information for external providers requires the organization to ensure the adequacy of
requirements prior to their communication to the external provider. It further requires the
organization to communicate to external providers its requirements for the processes, products
and services to be provided through the identification of relevant technical data (e.g.,
specifications, drawings, process requirements, work instructions, including specific products
and services, methods, processes, equipment; and requirements pertaining the release of products
and services. This requirements further requires that the organization communicate additional
information to external providers including required competence, including any required
qualification of persons, the external providers’ interactions with the organization, control and
monitoring of the external providers’ performance to be applied by the organization, and
verification or validation activities that the organization, or its customer, intends to perform at
the external providers’ premises.

Specific information must also be flowed down. The information includes:
• design and development control;

• special requirements, critical items, or key characteristics;
• test, inspection, and verification (including production process verification);
• the use of statistical techniques for product acceptance and related instructions for acceptance
by the organization;
• the need to:
− implement a quality management system;

− use customer-designated or approved external providers, including process sources (e.g.,
special processes);
− notify the organization of nonconforming processes, products, or services and obtain
approval for their disposition;
− prevent the use of counterfeit parts (see 8.1.4);
− notify the organization of changes to processes, products, or services, including changes
of their external providers or location of manufacture, and obtain the organization’s
approval;
− flow down to external providers applicable requirements including customer
requirements;
− provide test specimens for design approval, inspection/verification, investigation, or
auditing;
− retain documented information, including retention periods and disposition requirements;
• the right of access by the organization, their customer, and regulatory authorities to the
applicable areas of facilities and to applicable documented information, at any level of the
supply chain;
• ensuring that persons are aware of:
− their contribution to product or service conformity;

− their contribution to product safety;
− the importance of ethical behavior.
8.5 Production and service provision
8.5.1 Control of production and service provision requires the organization to implement
production and service under controlled conditions. Controlled conditions are understood to
include (as applicable) the availability of documented information that defines the characteristics
of the products to be produced, the services to be provided, or the activities to be performed, as
well as the results to be achieved. Controlled conditions is also taken to include the availability
and use of suitable monitoring and measuring resources, the implementation of monitoring and
measurement activities at appropriate stages to verify that criteria for control of processes or
outputs, and acceptance criteria for products and services, the use of suitable infrastructure and

environment for the operation of processes, the appointment of competent persons, including any
required qualification, the validation, and periodic revalidation, of the ability to achieve planned
results of the processes for production and service provision, where the resulting output cannot
be verified by subsequent monitoring or measurement, the implementation of actions to prevent
human error, and the implementation of release, delivery and post-delivery activities.
Additional requirements include ensuring that documented information for monitoring and
measurement activity for product acceptance includes criteria for acceptance and rejection;
where in the sequence verification operations are to be performed; measurement results to be
retained (at a minimum an indication of acceptance or rejection); any specific monitoring and
measurement equipment required and instructions associated with their use; and ensuring that
when sampling is used as a means of product acceptance, the sampling plan is justified on the
basis of recognized statistical principles and appropriate for use (i.e., matching the sampling plan
to the criticality of the product and to the process capability).
Documented information must also include the:
• establishment of criteria for workmanship (e.g., written standards, representative samples,

illustrations);
• accountability for all products during production (e.g., parts quantities, split orders,
nonconforming product);
• control and monitoring of identified critical items, including key characteristics, in
accordance with established processes;
• determination of methods to measure variable data (e.g., tooling, on-machine probing,
inspection equipment);
• identification of in-process inspection/verification points when adequate verification of
conformity cannot be performed at later stages;
• availability of evidence that all production and inspection/verification operations have been
completed as planned, or as otherwise documented and authorized;
• provision for the prevention, detection, and removal of foreign objects;
• control and monitoring of utilities and supplies (e.g., water, compressed air, electricity,
chemical products) to the extent they affect conformity to product requirements (see 7.1.3);
• identification and recording of products released for subsequent production use pending
completion of all required measuring and monitoring activities, to allow recall and
replacement if it is later found that the product does not meet requirements.
Control of Equipment, Tools, and Software Programs- equipment, tools, and software programs
used to automate, control, monitor, or measure production processes must be validated prior to
final release for production and must be maintained. Storage requirements must be defined for
production equipment or tooling in storage including any necessary periodic preservation or
condition checks.

Validation and Control of Special Processes- for processes where the resulting output cannot be
verified by subsequent monitoring or measurement, the organization must establish arrangements
for these processes including, as applicable:
• definition of criteria for the review and approval of the processes;

• determination of conditions to maintain the approval;
• approval of facilities and equipment;
• qualification of persons;
• use of specific methods and procedures for implementation and monitoring the processes;
• requirements for documented information to be retained.
Production Process Verification – the organization must implement production process

verification activities to ensure the production process is able to produce products that meet
requirements. The organization must retain documented information on the results of production
process verification.
8.5.2 Identification and traceability requires the organization to use suitable means to identify
outputs when it is necessary to ensure the conformity of products and services. It further requires
the organization to identify the status of outputs with respect to monitoring and measurement
requirements throughout production and service provision. Lastly, it requires the organization to
control the unique identification of the outputs when traceability is a requirement, and to retain
the documented information necessary to enable traceability.
The organization must maintain the identification of the configuration of the products and
services in order to identify any differences between the actual configuration and the required
configuration.
When acceptance authority media are used (e.g., stamps, electronic signatures, passwords), the
organization must establish controls for the media.
8.5.3 Property belonging to customers or external providers requires the organization to

exercise care with property belonging to customers or external providers while it is under the
organization’s control or being used by the organization. It further requires the organization to
identify, verify, protect and safeguard customers’ or external providers’ property provided for
use or incorporation into the products and services. Lastly, it requires that when the property of
a customer or external provider is lost, damaged or otherwise found to be unsuitable for use, the
organization must report this to the customer or external provider and retain documented
information on what has occurred.
8.5.4 Preservation requires the organization to preserve the outputs during production and
service provision, to the extent necessary to ensure conformity to requirements.
Preservation of outputs must also include, when applicable in accordance with specifications and
applicable statutory and regulatory requirements, provisions for:

• cleaning;
• prevention, detection, and removal of foreign objects;
• special handling and storage for sensitive products;
• marking and labeling, including safety warnings and cautions;
• shelf life control and stock rotation;
• special handling and storage for hazardous materials.
8.5.5 Post-delivery activities require the organization to meet requirements for post-delivery
activities associated with the products and services. It further requires the organization (when
determining the extent of post-delivery activities that are required) to consider any applicable
statutory and regulatory requirements, the potential undesired consequences associated with its
products and services, the nature, use and intended lifetime of its products and services, any
applicable customer requirements, any relevant customer feedback, collection and analysis of in-
service data (e.g., performance, reliability, lessons learned), control, updating, and provision of
technical documentation relating to product use, maintenance, repair, and overhaul, controls
required for work undertaken external to the organization (e.g., off-site work), and
product/customer support (e.g., queries, training, warranties, maintenance, replacement parts,
resources, obsolescence). When problems are detected after delivery, the organization shall take
appropriate action including investigation and reporting.
8.5.6 Control of changes requires the organization to review and control changes for production
or service provision, to the extent necessary to ensure continuing conformity with requirements.
It further requires the organization to retain documented information describing the results of the
review of changes, the person(s) authorizing the change, and any necessary actions arising from
the review. Persons authorized to approve production or service provision changes must be
identified.
8.6 Release of products and services requires the organization to implement planned
arrangements, at appropriate stages, to verify that the product and service requirements have
been met. It further requires the release of products and services to the customer not to proceed
until the planned arrangements have been satisfactorily completed, unless otherwise approved by
a relevant authority and, as applicable, by the customer. Lastly it requires the organization to
retain evidence of conformity with the acceptance criteria, and ensure traceability to the
person(s) authorizing the release.
When required to demonstrate product qualification, the organization must ensure that retained
documented information provides evidence that the products and services meet the defined
requirements. The organization must ensure that all documented information required to
accompany the products and services are present at delivery.
8.7 Control of nonconforming outputs
8.7.1 Requires the organization to ensure that outputs that do not conform to their requirements
are identified and controlled to prevent their unintended use or delivery. It further requires the
organization to take appropriate action based on the nature of the nonconformity and its effect on
the conformity of products and services. This also applies to nonconforming products and
services detected after delivery of products, during or after the provision of services.

Additionally, this requirement mandates that the organization deal with nonconforming outputs
in one or more of the following ways. These include correction, segregation, containment, return
or suspension of provision of products and services, informing the customer, and obtaining
authorization for acceptance under concession by a relevant authority and, when applicable, by
the customer.
The organization’s nonconformity control process must be maintained as documented

information including the provisions for defining the responsibility and authority for the review
and disposition of nonconforming outputs and the process for approving persons making these
decisions; taking actions necessary to contain the effect of the nonconformity on other processes,
products, or services; timely reporting of nonconformities affecting delivered products and
services to the customer and to relevant interested parties; and defining corrective actions for
nonconforming products and services detected after delivery, as appropriate to their impacts (see
10.2).
Dispositions of use-as-is or repair for the acceptance of nonconforming products must only be
implemented after approval by an authorized representative of the organization responsible for
design or by persons having delegated authority from the design organization and after
authorization by the customer, if the nonconformity results in a departure from the contract
requirements.
Product dispositioned for scrap must be conspicuously and permanently marked, or positively
controlled, until physically rendered unusable.
Counterfeit, or suspect counterfeit, parts must be controlled to prevent reentry into the supply
chain.
Finally conformity to the requirements must be verified when nonconforming outputs are
corrected.
8.7.2 Requires the organization to retain documented information that describes the
nonconformity, describes the actions taken, describes any concessions obtained, and identifies
the authority deciding the action in respect of the nonconformity.
9 – Performance Evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.1.1 General requires the organization to determine what needs to be monitored and measured,
the methods for monitoring, measurement, analysis and evaluation needed to ensure valid results,
when the monitoring and measuring to be performed, and when the results from monitoring and
measurement to be analyzed and evaluated. Furthermore, it requires the organization to evaluate
the performance and the effectiveness of the quality management system. Lastly, it requires the
organization to retain appropriate documented information as evidence of the results.

9.1.2 Customer satisfaction requires the organization to monitor customers’ perceptions of the
degree to which their needs and expectations have been fulfilled. Further the organization is
required to determine the methods for obtaining, monitoring and reviewing this information.
Information to be monitored and used for the evaluation of customer satisfaction must include,
but is not limited to, product and service conformity, on-time delivery performance, customer
complaints, and corrective action requests. The organization must develop and implement plans
for customer satisfaction improvement that address deficiencies identified by these evaluations,
and assess the effectiveness of the results.
9.1.3 Analysis and evaluation requires the organization to analyze and evaluate appropriate data
and information arising from monitoring and measurement. Furthermore, it requires that the
results of analysis be used to evaluate conformity of products and services, the degree of
customer satisfaction, the performance and effectiveness of the quality management system, if
planning has been implemented effectively, the effectiveness of actions taken to address risks
and opportunities, the performance of external providers, and the need for improvements to the
quality management system.
9.2 Internal audit
9.2.1 Requires the organization to conduct internal audits at planned intervals to provide
information on whether the quality management system conforms to the organization’s own
requirements for its quality management system, as well as the requirements of AS9100D:2016,
and to ensure that the quality management system is effectively implemented and maintained.
9.2.2 Requires the organization to plan, establish, implement and maintain an audit program(s)
including the frequency, methods, responsibilities, planning requirements and reporting, which
must take into consideration the importance of the processes concerned, changes affecting the
organization, and the results of previous audits. The organization is further required to define the
audit criteria and scope for each audit, to select auditors and conduct audits to ensure objectivity
and the impartiality of the audit process, to ensure that the results of the audits are reported to
relevant management, to take appropriate correction and corrective actions without undue delay,
and to retain documented information as evidence of the implementation of the audit program
and the audit results.
9.3 Management review
9.3.1 General requires top management to review the organization’s quality management
system, at planned intervals, to ensure its continuing suitability, adequacy, effectiveness and
alignment with the strategic direction of the organization.
9.3.2 Management review inputs stipulates that the management review be planned and carried
out taking into consideration the status of actions from previous management reviews, any
changes in external and internal issues that are relevant to the quality management system, any
information on the performance and effectiveness of the quality management system, including
trends in customer satisfaction/feedback from relevant interested parties, the extent to which
quality objectives have been met, process performance and conformity of products and services,
nonconformities and corrective actions, monitoring and measurement results, audit results, the

performance of external providers, and on-time delivery performance. It further requires that
inputs include a discussion of the adequacy of resources, the effectiveness of actions taken to
address risks and opportunities (per 6.1), and any opportunities for improvement.
9.3.3 Management review outputs requires the outputs of the management review to include
decisions and actions related to opportunities for improvement, any need for changes to the
quality management system, resource needs, and risks identified. It further requires the
organization to retain documented information as evidence of the results of management
reviews.
10 – Improvement
10.1 General requires the organization to determine and select opportunities for improvement
and implement any necessary actions to meet customer requirements and enhance customer
satisfaction. It further requires that improvement action must include improving products and
services to meet requirements as well as to address future needs and expectations, as well as
correcting, preventing or reducing undesired effects and improving the performance and
effectiveness of the quality management system.
10.2 Nonconformity and corrective action
10.2.1 Requires that when a nonconformity occurs, including those arising from complaints, the
organization must react to the nonconformity and, as applicable take action to control and correct
it and deal with the consequences. Furthermore, it requires the organization to evaluate the need
for action to eliminate the cause(s) of the nonconformity, in order that it does not recur or occur
elsewhere, by reviewing and analyzing the nonconformity, by determining the causes of the
nonconformity, by determining if similar nonconformities exist, or could potentially occur, by
implementing any action needed, by reviewing the effectiveness of any corrective action taken,
updating risks and opportunities determined during planning, if necessary, by making changes to
the quality management system, if necessary, flow down corrective action requirements to an
external provider when it is determined that the external provider is responsible for the
nonconformity, and take specific actions when timely and effective corrective actions are not
achieved.. Furthermore it requires that corrective actions be appropriate to the effects of the
nonconformities encountered. The organization must maintain documented information that
defines the nonconformity and corrective action management processes.
10.2.2 Requires the organization to retain documented information as evidence of the nature of
the nonconformities and any subsequent actions taken, as well as the results of any corrective
action. The organization must monitor the implementation of improvement activities and
evaluate the effectiveness of the results.
10.3 Continual improvement requires the organization to continually improve the suitability,
adequacy and effectiveness of the quality management system.

AS9110C:2016 QUALITY MANAGEMENT SYSTEMS –
REQUIREMENTS FOR AVIATION, SPACE, AND DEFENSE
DISTRIBUTORS ____________________________________________________________________________
AS9110C is a sector specific standard geared towards organizations that strictly provide
maintenance and repair services for the aerospace industry. In the past many of these
organizations sought certification as a certified FAA Repair Station under the 14 CFR Part 145
Repair Station Standard. Realizing the necessity to incorporate these requirements into an
international standard the IAQG issued the first version of AS9110 in 2003. Following an
update in 2009 to incorporate the changes to the ISO 9001 standard published in 2008, the
AS9110’s was revised in 2012. It was transitioned to the Annex SL format in 2016.
The revisions in 2012 were issued in response to concerns raised by the European Aviation
Safety Agency (EASA) in an effort to promote usage of the AS9110 standard by NAA (National
Aviation Authorities.) Critical revisions included several additional definitions as well as
clarifications of clauses necessary to promote international usage of the standard. The revisions
in 2016 were made to align with ISO 9001:2015 and AS9100D:2016.
The AS9110C standard defines the quality management system requirements and offers
additional comprehensive requirements/criteria for overhaul facilities and maintenance repair for
the aircraft industry at all levels of the MRO (Maintenance, Repair & Overhaul) process.
AS9110C incorporates nearly all of the additional requirements found in AS9100D. In numerous
cases, however, the requirement is modified to more appropriately reflect an MRO process.
The primary additional clauses found in AS9110C that are not found in AS9100D primarily
focus on safety. These are Safety Objectives and Safety Policy. The implication is that an MRO
operation has a heighted level of responsibility for ensuring the safety and overall airworthiness
of the components and aircraft that it services. Please note the product safety is addressed in
several places of AS9100D.
Additional unique requirements include the appointment of an Accountable Manager, Quality

Manager, and Other Accountable Manager(s) (5.3.1-5.3.3) The implication of these
requirements is to give assurance that all management resources will be made available to ensure
compliance with all applicable customer and industry regulations.
Companies whose primary business is providing maintenance, repair, and overhaul services for
aviation sector products should investigate if AS9110C certification is right for them. It is also
intended to be used by organizations with maintenance, repair, and overhaul operations that
operate autonomously, or that are substantially different from their manufacturing operations.
Please refer to the grids beginning on the following page for an explanation of the differences
between AS9110B and AS9110C.

AS9110B:2012 TO AS9110C:2016 COMPARISON CHART
AS9110B:2012 AS9110C:2016
1. Scope 1 Scope
1.1 General 1.1 General
1.2 Application 1.2 Application
2 Normative references 2 Normative references
ISO 9000:2005 ISO 9000:2015
3 Terms and definitions 3 Terms and definitions
3.1 Airworthy 3.1 Airworthy

3.2 Article 3.2 Article
3.3 Authority 3.3 Certified Person
3.4 Certified Personnel 3.4 Certifying Staff
3.5 Certifying Staff 3.5 Competent Authority

3.6 Counterfeit Part 3.6 Continuing Airworthiness Management
3.7 Critical Items 3.7 Counterfeit Part

3.8 Human Factors 3.8 Dismantling
3.9 Key Characteristic 3.9 Life Limited Part

3.10 Maintenance 3.10 Maintenance
3.11 Release Certificate 3.11 Maintenance Data
3.12 Risk 3.12 Product Safety

3.13 Safety Policy 3.13 Qualified Person
3.14 Special Requirements 3.14 Safety Policy
3.15 Suspected Unapproved Part 3.15 Suspected Unapproved Part
3.16 Technical Data 3.16 Technical Data
3.17 Unapproved Part

AS9110B:2012 AS9110C:2016
4 Quality management system 4 Context of the organization
4.1 Understanding the organization and its context

4.2 Understanding the needs and expectations of
interested parties
4.4 Quality management system and its processes
4.1 General requirements 4.4 Quality management system and its processes
8.4 Control of externally provided processes,
products and services
4.2 Documentation requirements 7.5 Documented information
4.2.1 General 7.5.1 General
4.2.2 Quality Manual 4.3 Determining the scope of the quality

management system
7.5.1 General
4.4 Quality management system and its Processes
4.2.3 Control of Documents 7.5.2 Creating and updating

7.5.3 Control of documented Information
4.2.4 Control of Records 7.5.2 Creating and updating


AS9110B:2012 AS9110C:2016
5 Management responsibility 5 Leadership
5.1 Management commitment 5.1 Leadership and commitment
5.1.1 General
5.2 Customer focus 5.1.2 Customer focus
5.3 Quality policy 5.2 Policy

5.2.1 Establishing the Quality policy
5.2.2 Communicating the Quality policy
5.4 Planning 6 Planning
5.4.1 Quality Objectives 6.2 Quality objectives and planning to achieve
them
5.4.2 Quality Management System Planning 5.3 Organizational roles, responsibilities and
authorities
6 Planning
6.3 Planning of changes
5.4.3 Safety Objectives 5 Leadership 5.1.1k
5.5 Responsibility, Authority & Communication 5 Leadership
5.5.1 Responsibility and Authority 5.3 Organizational roles, responsibilities and

authorities
5.5.1.1 Accountable Manager 5.3.1 Accountable Manager
No AS9110B:2012 requirement 5.3.2 Quality Manager
5.5.1.2 Maintenance Manager(s) 5.3.3 Other Appoimted Manager(s)
5.5.2 Management Representative 5.3 after e.
5.5.3 Internal Communication 7.4 Communication
5.6 Management Review 4 Quality management system

4.1 Understanding the organization and its
context
4.2 Understanding the needs and expectations of
interested parties
5.6.2 Review Input 9.3.2 Management review input
5.6.3 Review Output 9.3.3 Management review output

AS9110B:2012 AS9110C:2016
6 Resource management 7 Support
7.1 Resources
6.1 Provision of Resources 7.1.1 General
7.1.2 People
6.2 Human Resources 7.2 Competence
6.2.1 General 7.2 Competence
6.2.2 Competence, Training and Awareness 7.2 Competence
7.3 Awareness
6.3 Infrastructure 7.1.3 Infrastructure
6.4 Work Environment 7.1.4 Environment for the operation of processes
AS9110B:2012 AS9110C:2016
7 Product realization 8 Operation
7.1 Planning of Product Realization 8.1 Operational planning and control
7.1.1 Project Management 8.1 Operational planning and control
7.1.2 Risk Management 8.1.1 Operational Risk Management
7.1.3 Configuration Management 8.1.2 Configuration Management
No AS9110B:2012 requirement 8.1.3 Product Safety
No AS9110B:2012 requirement 8.1.4 Prevention of Counterfeit Parts
No AS9110B:2012 requirement 8.1.5 Prevention of Suspected Unapproved Parts
No AS9110B:2012 requirement 8.1.6 Installation of Approved Parts
7.1.4 Control of Work Transfers 8.4 Control of externally provided processes,
7.2 Customer-Related Processes 8.2 Requirements for products and services
7.2.1 Determination of Requirements 8.2.2 Determination of requirements for products
Related to the Product and services
7.2.2 Review of Requirements Related to 8.2.3 Review of the requirements for products and
the Product services
8.2.4 Changes to requirements for products and
services
7.2.3 Customer Communication 8.2.1 Customer communication
7.3 Design and Development 8.3 Design and development of products and
services
7.3.1 Design and Development Planning 8.3.1 General
8.3.2 Design and development planning
7.3.2 Design and Development Inputs 8.3.3 Design and development Inputs
7.3.3 Design and Development Outputs 8.3.5 Design and development outputs
7.3.4 Design and Development Review 8.3.4 Design and development controls
7.3.5 Design and Development Verification 8.3.4 Design and development controls
7.3.6 Design and Development Validation 8.3.4 Design and development controls

AS9110B:2012 AS9110C:2016
7 Product realization (continued) 8 Operation (continued)
7.3.6.1 Design & Development Verification & 8.3.4 Design and development controls
Validation Testing
7.3.6.2 Design and Development Verification 8.3.4 Design and development controls
and Validation Documentation
7.3.7 Control of Design and Development 8.3.6 Design and development changes
Changes 8.5.6 Control of changes
7.4 Purchasing 8.4 Control of externally provided processes,
7.4.1 Purchasing Process 8.4 Control of externally provided processes,
8.4.1 General
8.4.2 Type and extent of control
7.4.2 Purchasing Information 8.4.3 Information for external providers
7.4.3 Verification of Purchased Product 8.4.2 Type and extent of control
8.4.3 Information for external providers
8.6 Release of products and services
7.5 Production and service provision 8.5 Production and service provision
7.5.1 Control of Production and Service 8.5.1 Control of production and service provision
Provision 8.5.5 Post-delivery activities
7.5.1.1 Maintenance Process Verification 8.5.1.3 Production Process Verification (not
applicable)
8.5.1.4 Evaluation of a New Capability
7.5.1.2 Control of Maintenance Process 8.5.1.4 Evaluation of a New Capability
Changes
7.5.1.3 Control of Maintenance Equipment, 8.5.1.1 Control of Equipment, Tools, and Software
Tools and Programs Programs
7.5.1.4 Post-Delivery Support 8.5.5 Post-Delivery Activities
7.5.2 Validation of Processes for Production 8.5.1.2 Validation and Control of Special Processes
and Service Provision
7.5.3 Identification and Traceability 8.5.2 Identification and traceability
7.5.4 Customer Property 8.5.3 Property belonging to customers or external
providers
7.5.5 Preservation of Product 8.5.4 Preservation
7.6 Control of Monitoring and Measuring 7.1.5 Monitoring and measuring resources
Equipment 7.1.5.1 General
7.1.5.2 Measurement traceability

AS9110B:2012 AS9110C:2016
8 Measurement, analysis and improvement 9 Performance evaluation
9.1 Monitoring, measurement, analysis and

evaluation
8.1 General 9.1.1 General
8.2 Monitoring and measurement 9.1 Monitoring, measurement, analysis and

evaluation
8.2.1 Customer Satisfaction 9.1.2 Customer satisfaction
8.2.2 Internal Audit 9.2 Internal audit
8.2.3 Monitoring and Measurement of 9.1.1 General
Processes
8.2.4 Monitoring and Measurement of 8.6 Release of products and services
Product
8.3 Control of nonconforming product 8.7 Control of nonconforming outputs
8.4 Analysis of data 9.1.3 Analysis and evaluation
8.5 Improvement 10 Improvement
8.5.1 Continual Improvement 10.1 General
10.3 Continual Improvement
8.5.2 Corrective Action 10.2 Nonconformity and corrective action
8.5.3 Preventive Action 6.1 Actions to address risks and opportunities (see
6.1.1, 6.1.2)

AS9120B:2016 QUALITY MANAGEMENT SYSTEM STANDARD
REQUIREMENTS FOR AVIATION, SPACE, AND DEFENSE
DISTRIBUTORS ____________________________________________________________________________
AS9120B is a sector specific standard designed for organizations that provide warehousing and
distribution services and do not perform any value added services. In general, value added
services would include any form of repair, rework, modification, or other similar activity.
AS9120B certified distributors are permitted to provide re-packaging (for example from a larger
quantity to smaller quantities) labeling, and inspection services.
AS9120 was originally published in 2003, later revised in 2009 to accommodate the changes
made in 2008 to the ISO 9001 standard. AS9120B transitions the standard to align with Annex
SL, ISO 9001:2015, and AS9100D:2016.
The primary aim of the AS9120B standard is to promote a full line of traceability from the OEM
to the customer for all aspects of the aerospace supply chain. It can be applied to any form of
distributed product, including tires, fasteners, electronic systems, batteries, and numerous others.
AS9120B seeks to ensure a complete chain of custody, full traceability, and availability of all
related records.
One section found in the ISO 9001:2015 and AS9100D:2016 standards is addressed differently
in the AS9120B standard. Design and Development of Products and Services (Clause 8.3) is
reintroduced back into the standard because its applicability should be determined in accordance
with section 4.3 and Annex A (see A.5).
Numerous requirements found in AS9100D are also found in AS9120B. These include
Configuration Management (8.1.2), Control of Work Transfers (per 8.4 and 8.5), and Foreign
Object Controls (8.5.1l and 8.5.4b.) These additional requirements seek to emphasize the role
that the distributor has in ensuring that the products it distributes are safe, free of contaminants,
and airworthy.
The only unique section found within AS9120A Evidence of Conformity (Clause 8.2.5) is now
covered in 9120B, 8.6a. This clause establishes requirements for ensuring full traceability to
manufacturer inspection records, including airworthiness certifications where applicable. This is
particularly relevant in situations where a product’s quantity is split into two or more smaller
quantities.
Please refer to the grid beginning on the following page for an explanation of the differences
between AS9120A and AS9120B.

AS9120A:2009 TO AS9120B:2016 COMPARISON CHART _________
AS9120A:2009 AS9120B:2016
1. Scope 1 Scope
1.1 General 1.1 General
1.2 Application 1.2 Application
2 Normative references 2 Normative References
ISO 9000:2005 ISO 9000:2015
3 Terms and definitions 3 Terms and Definitions
3.1 Airworthiness Certificate 3.1 Article
3.2 Certificate of Conformity 3.2 Authorized Release Certificate
3.3 Counterfeit Part 3.3 Certificate of Conformity
3.4 Distributor 3.4 Counterfeit Part
3.5 Risk 3.5 Distributor
3.6 Splitting 3.6 Product Safety
3.7 Suspected Unapproved Part 3.7 Splitting
3.8 Test Report 3.8 Suspected Unapproved Part
No AS9120A definition 3.9 Test Report
No AS9120A definition 3.10 Unapproved Part
4 Quality management system 4 Context of the organization
context
4.2 Understanding the needs and expectations
of interested parties
4.4 Quality management system and its
processes
4.1 General requirements 4.4 Quality management system and its
processes
8.4 Control of externally provided processes,
4.2 Documentation requirements 7.5 Documented information
4.2.2 Quality Manual 4.3 Determining the scope of the quality
management system
7.5.1 General
4.4 Quality management system and its
Processes
4.2.3 Control of Documents 7.5.2 Creating and updating
4.2.4 Control of Records 7.5.2 Creating and updating

AS9120A:2009 AS9120B:2016
5 Management responsibility 5 Leadership
5.1 Management commitment 5.1 Leadership and commitment
5.1.1 General
5.2 Customer focus 5.1.2 Customer focus
5.3 Quality policy 5.2 Policy

5.2.1 Establishing the Quality policy
5.2.2 Communicating the Quality policy
5.4 Planning 6 Planning
5.4.1 Quality Objectives 6.2 Quality objectives and planning to achieve
them
5.4.2 Quality Management System Planning 5.3 Organizational roles, responsibilities and
authorities
6 Planning
6.3 Planning of changes
5.5 Responsibility, Authority and Communication 5 Leadership
5.5.1 Responsibility and Authority 5.3 Organizational roles, responsibilities and

authorities
5.5.2 Management Representative 5.3 Organizational roles, responsibilities and
authorities
5.5.3 Internal Communication 7.4 Communication
5.6 Management Review 4 Quality management system
context
4.2 Understanding the needs and expectations
of interested parties
5.6.2 Review Input 9.3.2 Management review input
5.6.3 Review Output 9.3.3 Management review output

AS9120A:2009 AS9120B:2016
7 Support
6 Resource management
7.1 Resources
7.1.1 General
6.1 Provision of Resources
7.1.2 People
6.2 Human Resources 7.2 Competence
6.2.1 General 7.2 Competence
7.2 Competence
6.2.2 Competence, Training and Awareness
7.3 Awareness
6.3 Infrastructure 7.1.3 Infrastructure
7.1.4 Environment for the operation of
6.4 Work Environment
processes
AS9120A:2009 AS9120B:2016
7 Product realization 8 Operation
7.1 Planning of product realization 8.1 Operational Planning and Control
7.1.1 Configuration Management 8.1.2 Configuration Management
7.1.2 Control of Work Transfers 8.4 Control of externally provided processes,
No AS9120A:2009 requirement 8.1.4 Prevention of Counterfeit Parts
No AS9120A:2009 requirement 8.1.5 Prevention of Suspected Unapproved
Parts
7.2 Customer-Related Processes 8.2 Requirements for products and services
7.2.1 Determination of Requirements Related to 8.2.2 Determination of requirements for
the Product products and services
7.2.2 Review of Requirements Related to the 8.2.3 Review of the requirements for products
Product and services
8.2.4 Changes to requirements for products
and services
7.2.3 Customer Communication 8.2.1 Customer communication
7.3 Design and development – NOTE This clause 8.3 Design and Development of Products and
not required for conformance to this standard Services- NOTE: Clause 8.3 applicability should
be determined in accordance with section 4.3
and Annex A (see A.5).
No AS9120A requirement 8.3.1 General
No AS9120A requirement 8.3.2 Design and development planning
No AS9120A requirement 8.3.3 Design and development Inputs
No AS9120A requirement 8.3.4 Design and development controls
No AS9120A requirement 8.3.5 Design and development outputs
No AS9120A requirement 8.3.6 Design and development changes

AS9120A:2009 AS9120B:2016
7 Product realization (continued) 8 Operation (continued)
7.4 Purchasing 8.4 Control of externally provided processes,
7.4.1 Purchasing Process 8.4 Control of externally provided processes,
8.4.1 General
8.4.2 Type and extent of control
7.4.2 Purchasing Information 8.4.3 Information for external providers
7.4.3 Verification of Purchased Product 8.4.2 Type and extent of control
8.4.3 Information for external providers
8.6 Release of products and services
7.5 Production and service provision 8.4 Control of externally provided processes,
7.5.1 Control of Production and Service Provision 8.5 Production and service provision
No AS9120A requirement 8.5.1.1 Control of Equipment, Tools, and
Software Programs
7.5.2 Validation of Processes for Production and 8.5.1 Control of production and service
Service Provision – NOTE This clause not required provision
for conformance to this standard 8.5.5 Post-delivery activities
7.5.3 Identification and Traceability 8.5.2 Identification and traceability
7.5.4 Customer Property 8.5.3 Property belonging to customers or
external providers
7.5.5 Preservation of Product 8.5.4 Preservation
7.6 Control of monitoring and measuring 7.1.5 Monitoring and measuring resources
Equipment 7.1.5.1 General
7.1.5.2 Measurement traceability

AS9120A:2009 AS9120B:2016
8 Measurement, analysis and improvement 9 Performance evaluation
9.1 Monitoring, measurement, analysis and

evaluation
8.1 General 9.1.1 General
8.2 Monitoring and measurement 9.1 Monitoring, measurement, analysis and

evaluation
8.2.1 Customer Satisfaction 9.1.2 Customer satisfaction
8.2.2 Internal Audit 9.2 Internal audit
8.2.3 Monitoring and Measurement of Processes 9.1.1 General
8.2.4 Monitoring and Measurement of Product 8.6 Release of products and services
8.2.5 Evidence of Conformity 8.6a Release of Products and Services
8.3 Control of nonconforming product 8.7 Control of nonconforming outputs

8.4 Analysis of data 9.1.3 Analysis and evaluation
8.5 Improvement 10 Improvement
8.5.1 Continual Improvement 10.1 General

8.5.2 Corrective Action 10.2 Nonconformity and corrective action
8.5.3 Preventive Action 6.1 Actions to address risks and opportunities

(see 6.1.1, 6.1.2)

CONCLUSION ___________________________________________________________
Since its initial release in 1987, the AS9100D quality management systems standard has had an
enormous impact on thousands of organizations around the world.
In the short run, implementing an AS9100D:2016 quality management system has a major and
positive impact on quality, productivity and cost reduction. And AS9100D:2016 registration can
give American businesses unmatched credibility and competitive advantages in the European
Union.
In the long run, AS9100D:2016 implementation and registration will preserve and create
domestic and international markets for American businesses in virtually every field. Even now,
many major American businesses and government agencies are requiring AS9100D:2016
registration as a supplier quality assurance qualification.
The standard furthers a tradition of flexibility, and through its alignment with Annex SL ensures
that the organization can easily and seamlessly incorporate as many additional standards (ISO
14001, ISO 50001, etc.) as it sees fit.
THE STANDARD SHOULD BE OBTAINED FROM: www.sae.org

International Aerospace Quality Management System Standard Aviation, Space, and Defense Organizations

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

International Aerospace Quality Management System Standard Aviation, Space, and Defense Organizations

Uploaded by

Copyright:

Available Formats

AS9100D:2016

International Aerospace Quality

PERRY JOHNSON CONSULTING, INC.

PJC Home Page: www.pjcinc.com • Email: [email protected]

©Copyright 2017 by PERRY JOHNSON CONSULTING, INC.

Registering to AS9100D:2016 .......................................................................................................7

AS9100D:2016 Executive Overview Page 1 4/17

Like the other ISO 9001 derivatives, AS9100D is designed to reduce

AS9100 also responds to the federal government’s cancellation of

PERRY JOHNSON CONSULTING, INC.

AS9100D:2016 Executive Overview Page 2 4/17

• Firms supplying aerospace prime contractors.

• Companies planning for future business with the aerospace

• Firms supplying the U.S. Department of Defense.

• Organizations seeking to remain abreast of worldwide quality

• Firms planning to improve their quality assurance and

• Suppliers seeking a competitive advantage in the marketplace.

• Companies desiring to make customer satisfaction a top priority.

• Suppliers responding to customer mandates to become AS9100 registered.

• Organizations already registered to ISO 9001 or AS9100C that seek an upgrade to

• Any other firms interested in becoming registered to AS9100D.

AS9100D:2016 Executive Overview Page 3 4/17

Thus, the aerospace prime contractors advocate flowdown of quality

AS9100D:2016 Executive Overview Page 4 4/17

The Origin of ISO 9000

AS9100Dis intended to provide requirements for an organization to establish, document and

• ISO 9000:2015, Quality Management Systems – Fundamentals and Vocabulary. This

AS9100D:2016 Executive Overview Page 5 4/17

AS9100D:2016 Executive Overview Page 6 4/17

AS9100D:2016 registration is a tangible expression of a firm’s commitment to quality that is

As it typically takes 6 to 18 months to complete the AS9100D registration process, organizations

Key Steps to Completing a New Registration

AS9100D:2016 Executive Overview Page 7 4/17

To ensure that organizations are following AS9100D:2016 requirements after registration is

Remember: In order to achieve registration to AS9100D:2016, the organization must

AS9100D:2016 Executive Overview Page 8 4/17

• Be accredited by a national accreditation body, such as the ANAB (ANSI-ASQ National

• Maintain a listing of its AS9100D qualified auditors;

AS9100D:2016 Executive Overview Page 9 4/17

AS9100D:2016 Executive Overview Page 10 4/17

Facilities that operate AS9100Dquality management systems tend to exhibit a philosophy of

AS9100D:2016 Executive Overview Page 11 4/17

e. Improvement. Improvement of the organization’s overall performance should be an ongoing

g. Relationship Management. An organization and its external interested parties are

AS9100D:2016 Executive Overview Page 12 4/17

Non-Auditable clauses of AS9100D:2016 are:

1. Scope – which provides a general statement about to whom AS9100D:2016 is intended to

2. Normative Reference – which provides an explanation of the linkage between

Auditable clauses of AS9100D:2016 are:

4. Context of the Organization (4 clauses), which mandate an organization to determine the

AS9100D:2016 Executive Overview Page 13 4/17

Foundation/Basic Building Blocks (Sections 4-7)

Day to Day Activities (Section 8)

Analysis and Improvement (Sections 9 and 10)

AS9100D:2016 Executive Overview Page 14 4/17

AS9100D:2016 Executive Overview Page 15 4/17

All AS9100D:2016 clauses are briefly described below.

4 – Context of the Organization

AS9100D:2016 Executive Overview Page 16 4/17

5.1 Leadership and commitment

AS9100D:2016 Executive Overview Page 17 4/17

6.1 Actions to address risks and opportunities

AS9100D:2016 Executive Overview Page 18 4/17