CALL US 1-888-553-2256

IATF 16949 Knowledge base

'. get_the_author_meta('first_name'). ' '.get_the_author_meta('last_name').'

How to make an Internal Audit checklist for IATF 16949:2016

Ask any quality professional in the automotive industry, and they will likely tell you that the internal audit process is vital to any Quality Management System (QMS) certified according to IATF 16949. Not only does the internal audit help you to quantify how well your company manages risk, but it can also provide a crucial overview of the continual improvement (or lack thereof) within your organization.

With the increased focus of IATF 16949 on customer satisfaction, and the need to comply with applicable requirements, the internal audit function plays a key role in looking for gaps and measuring progress toward overall improvement in system performance. So, it’s a given that a company’s internal audit has to be meticulous and accurate, but where should its focus lie?

An internal audit checklist can help you focus your internal audit on appropriate business processes and risks, and identify relevant components of the IATF 16949 standard that should be emphasized. This checklist can be used and reused, adapted and changed as needed to apply to your company’s internal audit cycle. Let’s take a look at what we need to do to create our checklist.

The steps in the internal audit

The steps required to make an IATF 16949 internal audit checklist are the same as those for any other management standard, like ISO 14001, ISO 9001, and others. Here’s how to get started:

  1. Review the documentation. First of all, you’ll need to read through all of the documents in your QMS so that you can become familiar with QMS processes, and to determine whether there are any nonconformities in your documentation as compared to IATF 16949.
  2. Create the checklist. As you learn the requirements during the document review—like policies, procedures, plans, etc.—you can begin to make your checklist. This helps you know what to check when you get to the main audit.
  3. Plan the main audit. You will have lots of things to check during the main audit, so use your checklist to plan your focus, and to schedule which locations and departments to visit (and when).
  4. Conduct the main audit. Unlike the document review, the main audit is very active. You will need to physically visit the company and look around, observe processes and activities, talk to employees, conduct interviews, etc. This is where the checklist is invaluable—you need to make thorough notes on your findings, and without it, you’re likely to forget at least a few things.
  5. Write the report. After the conclusion of the main audit, it’s time to write a summary of your findings, including any nonconformities. Using your completed checklist and detailed notes, you will create this internal audit report, which you or another person will use for initiating corrective action.
  6. Follow up. Most of the time, it falls to the internal auditor to follow up on any corrective actions recommended at the internal audit. Here again, your notes and checklist will come in handy to remember what nonconformities you raised (and why), and to determine whether corrective actions have been taken as specified. Once these nonconformities are closed, your job is complete.

The importance of accuracy

As we have learned, your internal audit checklist must make reference to all requirements listed in IATF 16949, as well as comments to help you determine whether the QMS processes and procedures are operating as planned. Therefore, you need to carefully read your company’s process documents, and the standard itself, to make sure your internal audit is accurate. Become familiar with these important documents, and you will be on the right path to creating a helpful and efficient internal audit checklist.

What to include in your checklist

Generally, the internal audit checklist will include 4 columns:

  • Reference – for example, the clause number in the IATF 16949 standard, or the section number of a particular policy, etc.
  • What to focus on – where you write down what you will be looking for at the main audit, for example, who you will interview, the questions you should ask, what records to request, which locations or departments to visit, what processes to observe, etc.
  • Compliance – you will fill in this column during the main audit, indicating whether the organization is in compliance with the requirement. Most of the time, this only requires a simple Yes or No, but occasionally it might be Not Applicable.
  • Findings – here is where you record your internal audit findings, like the names of people you interviewed, what they said, titles and contents of the records you checked, descriptions of the locations/departments you visited, remarks about the processes you observed, etc.

Let’s get started!

Now, all you have to do is read the IATF 16949 standard, look at how it corresponds to your existing company policies, and make sure that your internal audit checklist aligns with both. Think of your checklist as a set of guidelines to keep you focused and on the right track with what you need to check, and to make sure you record precise notes to facilitate any necessary corrective actions.

In the case of a gap between the requirements and the existing QMS, accurate and detailed records are critical to be sure that any chosen corrective actions are adequate to eliminate the root cause of the nonconformity. So, invest the necessary time and thought into creating a checklist that addresses all of these elements, and your company will be well on its way to a successful IATF 16949 certification.

If you want to learn more about IATF 16949 implementation, check out this free IATF 16949 implementation diagram.

If you enjoyed this article, subscribe for updates

Improve your knowledge with our free resources on IATF 16949 standard.

You may unsubscribe at any time.

For more information on what personal data we collect, why we need it, what we do with it, how long we keep it, and what are your rights, see this Privacy Notice.

Leave a Reply

Your email address will not be published. Required fields are marked *

Strahinja Stojanovic
Lead IATF 16949 Expert, Advisera




  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.