The AS9100 Performance-based Surveillance/Recertification (PBS/RP) Program (OPTIONAL)

Existing AS9100 Registered companies have the option to apply for the “Performance-based Surveillance/Recertification Process” (Described in SAE AS9104/1A, “Appendix D”). This option allows for a 33% Reduction in the Audit Duration (Maximum of 50%). The criteria for this option are defined in AS9104/1A, “Table D.1 - Performance-based Surveillance/Recertification Process Requirements”.

Table D.1 - Performance based surveillance/recertification process qualification
PBS/RP QUALIFICATION REQUIREMENTS AND CRITERIA
A. Completion of one AQMS certification cycle.
B. The OCAP risk analysis from 8.5.1.5 results in a low/medium risk for each site, including the central function.
C. Implementation of an Internal Audit Program in accordance with ISO 19011, including:
• Annual audit of all applicable AQMS requirements; and
• Annual audit of all applicable AQMS requirements; and
• Defined, structured, multiple event audit program that adjusts throughout the calendar year based upon:
- performance;
- customer complaints;
- risk; and
- change management.
D. Internal auditor competency that includes:
• Auditor(s) that have completed a TPAB approved ASD Lead Auditor course (reference 9104/3).
E. Organization has an ethics policy that includes communication and reporting processes.
F. No externally identified major nonconformity (e.g., CB, customers, regulatory authorities), as defined in 9101, in the past 12 months related to internal audit, management review, or corrective action processes issued to either a single site or to the central function within a multi-site structure.
G. No certificate suspension due to an AQMS nonconformance in the past six years.
H. Meeting customer satisfaction metrics, based on customer provided data.

A. Must have completed at least 1 (one) Re-Assessment (after initial certification) performed by your AS 9100 series Certification Body (Registrar). Certification can be AS 9100, AS 9110, or AS 9120.

B. See the How OCAP affects AS9100 Companies article for detailed information on how to satisfy this requirement.

C. Implementation of an Internal Audit Program in accordance with ISO 19011 can be subjective because ISO 19011:2018, "Guidelines for auditing management systems" is a GUIDANCE document… NOT a standard. The word “shall” does not appear in any section of ISO 19011 other than the “Foreword”.

I asked an AS9104/1A committee member “how” the AS9100 Auditors would be determining compliance with ISO 19011. His response was “Based on our conversations within the writing team, the intent of that standard is what they are going for.” (sic) However, he also noted that “the IAQG could always come out with a clear ruling” (sic) at a later date.

D. The “PBS/RP Qualification Requirements and Criteria” requiring internal auditors to have successfully completed an “Aviation, Space and Defense (ASD)” Lead Auditor Course provided by a “Training Provider Approval Body (TPAB)” (Must login to OASIS to view listing) is misleading because the ONLY TPAB in the USA is Probitas Authentication; and they do not provide “Aviation, Space and Defense (ASD)” Lead Auditor Courses. Instead, they authenticate AQMS training courses and AQMS training provider administration practices. The ATPs - "Approved Training Providers" appearing in OASIS are all of their “Approved Training Providers” (Must login to OASIS to view listing).

E. While not specifically required to be documented, the requirement is for the company to have an “ethics policy” that includes “communication and reporting processes”. I suggest documenting your “ethics policy” because many AS9100 auditors will likely want to see it as evidence of compliance (considering the documentation of the “ethics policy” to be an “unwritten” requirement). The AIA (Aerospace Industries Association of America) & ASD (AeroSpace and Defence Industries Association of Europe) have developed a "Global Principles of Business Ethics for the Aerospace and Defense Industry" that can be used to provide general guidance on how to create your own “ethics policy” that complies with this requirement.

F & G. Are self-explanatory.

H. Meeting customer satisfaction metrics (established by the company), must be based upon customer-provided data. Due to the subjective nature of “Customer-Satisfaction Surveys” (e.g., TypeForm), I generally discourage their use. However, in order to satisfy this requirement, there may not be sufficient alternative options. If a company does utilize these types of surveys, then I suggest that the surveys and resulting data be handled through the Marketing function rather than the Quality function (because Quality Professionals have little or no training in the development and use of these types of surveys).

A better alternative is “Supplier Scorecards” provided from customers (e.g., CPARs - Contractor Performance Assessment Reporting System), but these are not always available.