Mark Hammar Once you implement AS9100 Rev D, it can be difficult and confusing to understand the certification for your aerospace Quality Management System (QMS). In a previous article, 13 implementation steps for AS9100 Rev D, we discussed the entire implementation process, and in this article we focus on the AS9100 certification process and how this works.
AS9100 certification requirements
The elements of certification for your QMS can have a critical impact on how useful your certification can be. Unless you are a company that only wants to gain certification to be able to show the certificate to others, you will find that having the right certification body will be an important part of using your QMS to find real improvements to benefit your organization. So, here are three key steps to take during the AS9100 certification process.
Certification body choice. Once you have your QMS in place, you will need to have certification auditors come to review your processes and determine if they meet the requirements of the AS9100 standard and your other internal requirements. Choosing the right certification body can mean the difference between having auditors who are merely knowledgeable in your industry, and having ones that can really help you to find the issues and improvements that will make your QMS truly helpful to you.
The certification body has some requirements before they can audit your management system. You will need to use the QMS processes in order to collect records, and you will need to perform a full set of internal audits and a management review. The right certification body can help to guide you on what is needed during this process so that the certification audit can be as successful as possible when the certification auditors arrive to perform their stage 1 and stage 2 audits. Most certification bodies have pre-determined lengths of time that they expect you to use your management system, and they should let you know this up front to avoid problems. They can also guide you on the expected outputs of the internal audit and management review process for your organization. Remember, they are not able to consult you on how to implement and use your system, but they can give you helpful tips on what they would expect to see for an organization similar to yours, in your industry.
You will want to make sure that you find a certification body that will benefit you, so for some help with what to ask, see this checklist: List of questions to ask an AS9100 Rev D certification body.
Stage 1 certification audit. Sometimes called a “documentation audit,” a stage 1 certification audit requires the certification auditors to review your documentation and ensure that it meets the requirements of the AS9100 Rev D standard. If you have all of the required documentation, they will then wait until you have used your system for an adequate amount of time before performing the certification audit as described above.
The auditors will issue a report after this documentation audit that will identify any nonconformities in the documentation, such as missing documents or records that are required, any problematic inconsistencies in the documentation, and other points where the documentation does not meet the requirements of AS9100. With the right certification body, you can use this time to also get some tips from the auditors on best practices for your documentation to find improvements going forward.
To make sure you do not miss any required documentation, see this free white paper: AS9100 Rev D List of Mandatory Documents.
Stage 2 certification audit. Here the certification auditors will come and audit all of your QMS processes to ensure that the activities that are actually occurring meet the requirements of the AS9100 standard, as well as the requirements you have defined within your system. The audit activity will look at every process, determine what the planned arrangements are for that process, and then assess what is actually happening in that process through the use of interviews, observation, and review of records. Once this data is collected, the auditors will compare what is happening to what is supposed to happen, and then determine if each process is carried out as planned. If a nonconformity is found, they will expect you to take corrective action to address the problem.
Once they have confirmed that everything is occurring as planned, or any discrepancies have had corrective action taken, they will issue a certification stating that your QMS meets the requirements of AS9100 Rev D. This is where your choice of certification auditors can affect how well your certification is received by customers and other interested parties. If you chose a reputable certification body that is accredited in your area, you will have a certification that is widely accepted. If, however, you chose an unaccredited certification body, then you can expect that your certification may be questioned or potentially dismissed.
Of course, the initial certification is only the beginning. The certification process continues at least yearly to ensure that the management system is maintained, updated, and improved over time. This cycle will consist of surveillance audits (where the auditors only look at part of the QMS processes) and full re-certification audits in which they repeat the audit of the entire QMS. Quality Management System certification is an ongoing effort to help you make the QMS processes better.
Implement and certify a QMS for your benefit
Finding and utilizing the knowledge of a good certification body can be one of the best benefits for your QMS in the long run. A good certification body will help you to succeed, without directly interfering in how you run your processes. Remember that the reason to implement the QMS is to find improvements for your company, not just to satisfy the certification body, so ensure that you choose a certification body that will help you improve and not just interfere in what you do.
For more help about how to prepare for the ISO certification audit, download this free white paper: What to expect at the ISO certification audit: What the auditor can and cannot do.
