This is an old revision of the document!
AS9100D Objective Evidence Requirements: Part 2 Records
As mentioned in Part 1, AS 9100D is an incredibly poorly written QMS standard littered with ambiguous / vague requirements that have resulted in subjective interpretations and inconsistent implementation. This article discusses the minimum “Objective Evidence” actually by the standard. Any interpretations beyond these minimum requirements (e.g., by an internal or external auditor) are based purely on subjective opinion.
The second confusing point to address is which “records” are any actual required by AS 9100D. First, let's look at how ISO 9001:2015 defines a “record”.
AS 9100:2016 (Rev. D) Annex A states:
A.6 Documented Information
| # | “Retained” as Documented Information (Records) | Sec. |
|---|---|---|
| 1 | To the extent necessary, the organization shall: b. retain documented information to have confidence that the processes are being carried out as planned. [SUBJECTIVE requirement - to be determined by the ORGANIZATION (as per 7.5.1b)… NOT the auditor.] | 4.4.2b |
| 2 | The organization shall retain appropriate documented information as evidence of fitness for purpose of the monitoring and measurement resources. [SUBJECTIVE requirement - because AS 9100D fails to adequately address this topic] | 7.1.5.1 |
| 3 | When measurement traceability is a requirement, or is considered by the organization to be an essential part of providing confidence in the validity of measurement results, measuring equipment shall be: a. calibrated or verified, or both, at specified intervals, or prior to use, against measurement standards traceable to international or national measurement standards; when no such standards exist, the basis used for calibration or verification shall be retained as documented information; | 7.1.5.2a |
| 4 | The organization shall: d. retain appropriate documented information as evidence of competence. | 7.2d |
| 5 | The organization shall plan, implement, and control the processes (see 4.4) needed to meet the requirements for the provision of products and services, and to implement the actions determined in clause 6, by: e. determining, maintaining, and retaining documented information to the extent necessary: 1. to have confidence that the processes have been carried out as planned; 2. to demonstrate the conformity of products and services to their requirements; [SUBJECTIVE requirement - to be determined by the ORGANIZATION (as per 7.5.1b)… NOT the auditor.] | 8.1.e |
| 6 | 8.2.3 Review of the Requirements for Products and Services 8.2.3.2 The organization shall retain documented information, as applicable: a. on the results of the review; b. on any new requirements for the products and services. | 8.2.3.2 |
| 7 | The organization shall retain documented information on design and development inputs. | 8.3.3 |
| 8 | 8.3.4 Design and Development Controls The organization shall apply controls to the design and development process to ensure that: a. the results to be achieved are defined; b. reviews are conducted to evaluate the ability of the results of design and development to meet requirements; c. verification activities are conducted to ensure that the design and development outputs meet the input requirements; d. validation activities are conducted to ensure that the resulting products and services meet the requirements for the specified application or intended use; e. any necessary actions are taken on problems determined during the reviews, or verification and validation activities; f. documented information of these activities is retained; g. progression to the next stage is authorized. | 8.3.4 |
| 9 | 8.3.4.1 When tests are necessary for verification and validation, these tests shall be planned, controlled, reviewed, and documented to ensure and prove the following: a. test plans or specifications identify the test item being tested and the resources being used, define test objectives and conditions, parameters to be recorded and relevant acceptance criteria; b. test procedures describe the test methods to be used, how to perform the test, and how to record the results; c. the correct configuration of the test item is submitted for the test; d. the requirements of the test plan and the test procedures are observed; e. the acceptance criteria are met. [While this requirement does not include the words “maintained” or “retained”, it is generally interpreted as applying in part to “test plans” (or specifications), “test procedures”, and to the “test results” (i.e., record)] | 8.3.4.1 |
| 10 | The organization shall retain documented information on design and development outputs. | 8.3.5 |
| 11 | 8.3.6 Design and Development Changes The organization shall retain documented information on: a. design and development changes; b. the results of reviews; c. the authorization of the changes; d. the actions taken to prevent adverse impacts. | 8.3.6 |
| 12 | The organization shall determine and apply criteria for the evaluation, selection, monitoring of performance, and re- evaluation of external providers, based on their ability to provide processes or products and services in accordance with requirements. The organization shall retain documented information of these activities and any necessary actions arising from the evaluations. | 8.4.1 |
| 13 | 8.4.1.1 The organization shall: b. maintain a register of its external providers that includes approval status (e.g., approved, conditional, disapproved) and the scope of the approval (e.g., product type, process family); | 8.7.1 |
| 14 | When externally provided product is released for production use pending completion of all required verification activities, it shall be identified and recorded to allow recall and replacement if it is subsequently found that the product does not meet requirements. | 8.4.2 |
| 15 | Controlled conditions shall include, as applicable: n. the availability of evidence that all production and inspection/verification operations have been completed as planned, or as otherwise documented and authorized; | 8.5.1n |
| 16 | Controlled conditions shall include, as applicable: q. the identification and recording of products released for subsequent production use pending completion of all required measuring and monitoring activities, to allow recall and replacement if it is later found that the product does not meet requirements. | 8.5.1q |
| 17 | 8.5.1.2 Validation and Control of Special Processes For processes where the resulting output cannot be verified by subsequent monitoring or measurement, the organization shall establish arrangements for these processes including, as applicable: f. requirements for documented information to be retained. [SUBJECTIVE requirement - to be determined by the ORGANIZATION (as per 7.5.1b)… NOT the auditor.] | 8.5.1.2f |
| 18 | 8.5.1.3 Production Process Verification The organization shall retain documented information on the results of production process verification. | 8.5.1.3 |
| 19 | 8.5.2 Identification and Traceability The organization shall control the unique identification of the outputs when traceability is a requirement, and shall retain the documented information necessary to enable traceability. | 8.5.2 |
| 20 | 8.5.3 Property Belonging to Customers or External Providers When the property of a customer or external provider is lost, damaged, or otherwise found to be unsuitable for use, the organization shall report this to the customer or external provider and retain documented information on what has occurred. | 8.5.3 |
| 21 | 8.5.6 Control of Changes The organization shall retain documented information describing the results of the review of changes, the person(s) authorizing the change, and any necessary actions arising from the review. | 8.5.6 |
| 22 | 8.6 Release of Products and Services The organization shall retain documented information on the release of products and services. The documented information shall include: a. evidence of conformity with the acceptance criteria; b. traceability to the person(s) authorizing the release. When required to demonstrate product qualification, the organization shall ensure that retained documented information provides evidence that the products and services meet the defined requirements. | 8.6 |
| 23 | 8.7 Control of Nonconforming Outputs 8.7.2 The organization shall retain documented information that: a. describes the nonconformity; b. describes the actions taken; c. describes any concessions obtained; d. identifies the authority deciding the action in respect of the nonconformity. | 8.7.2 |
| 24 | 9.1 Monitoring, Measurement, Analysis, and Evaluation The organization shall evaluate the performance and the effectiveness of the quality management system. The organization shall retain appropriate documented information as evidence of the results. | 9.1.1 |
| 25 | 9.2.2 The organization shall: f. retain documented information as evidence of the implementation of the audit program and the audit results. NOTE: See ISO 19011 for guidance. | 9.2.2f |
| 26 | The organization shall retain documented information as evidence of the results of management reviews. | 9.3.3 |
| 27 | 10.2.2 The organization shall retain documented information as evidence of: a. the nature of the nonconformities and any subsequent actions taken; b. the results of any corrective action. | 10.2.2 |
<note tip># 2
Because AS 9100D fails to adequately address “fitness for purpose”, knowledgable Aerospace companies such as Collins Aerospace (previously UTAS) & Pratt & Whitney identify a minimum “accuracy ratio” for M&TE (as 4:1) in their United Technologies ASQR-01 (Rev. 11), sec. 5.4.1.</note>
<note tip># 3
1. To begin clause 7.1.5.2 with the words “When measurement traceability is a requirement…” seems odd because ALL M&TE should have metrological traceability. While it has been speculated that this requirement is intentionally vague so as to also encompass subjective “measuring tools” (e.g., customer satisfaction surveys), due to this ambiguity, most AS 9100 auditors simply interpret this as a requirement for “calibration” (a.k.a. “Metrological Confirmation”) records. The bottom line is, if ISO / IAQG had wanted something different, they should have been more specific.
2. For clause 7.1.5.2a to require metrological traceability to “to international or national measurement standards” indicates either an ignorance on the part of ISO / IAQG concerning metrological traceability OR the influence of government members mandating the use of government funded NMIs (National Metrology Institutes). In either case, this is an antiquated way in which to address metrological traceability. To gain a better understanding of metrological traceability, read “NIST Traceability Numbers - The Sasquatch of Metrology.</note>
<note tip># 4
For guidance on addressing AS 9100, clause 7.2d, see the (non-binding) IAF
ISO 9001 Auditing Practices Group Guidance on: Competence.</note>
<note important># 9
The IAQG official "AS 9100:2016 Series Clarifications" states: The 9100-series clause 7.1.5.2 was not intended to force organizations to have the register specifically include the “equipment type, unique identification, location, and the calibration or verification method, frequency, and acceptance criteria.” The organization is required to have this information for equipment listed on the calibration register but not specifically in the register.
Almost no one identifies the “method” or “acceptance criteria” in their “register” (database)… unless they have a full in-house calibration laboratory. What auditors typically see is:
1. the “method” identified on the calibration certificate (from the calibration/metrology lab).
2. the “acceptance criteria” either identified in the calibration certificate (from the calibration/metrology lab) OR for the company to have a copy of the calibration “method” that was used (containing the acceptance criteria).
While the company could have the instrument specifications, if those specifications can’t be matched to the actual calibration method used, then there is no way to confirm that was the actual “acceptance criteria” used in performing the calibration.</note>
<note important># 11
When asked whether clause no. 8.5.1a) of ISO 9001:2015 “availability of documented information” means “maintain documented information”, the ”
Official ISO 9001:2015 Inerpretations from ISO TC/176/SC2” stated “No”. And explained ”The terms “available” and “maintain” are not synonyms, and the use of “availability” was deliberate. “Available” means “able to be used or obtained, or accessible”, whereas “maintain” means “cause or enable to continue”. The “maintenance” of documented information is not explicitly required by Clause 8.5.1(a), but is addressed by other parts of ISO 9001:2015. Clause 8.5.1 (a) requires the documented information to be “available” so that it can be used, not just “maintained” (i.e. preserved). The documented information that needs to be available under Clause 8.5.1(a) is part of the quality management system documentation, and therefore has to be managed in accordance with Clause 7.5.“.</note>
