Outsourced Internal Audit requirements for Aerospace Suppliers

J

J.Enger

Involved In Discussions
Due to the struggles with performing our own Internal Audit, we are outsourcing it to accredited companies, and I was wondering what kind of verbiage I should add to our current Internal Audit Procedure.

What I have so far is this:

1.2 This procedure and associated documents only apply when Mac Machine performs Internal Audits by competent Mac Machine personnel. Should Top Management decide to use an accredited Outside Service Provider to perform the audit, this procedure will not apply.
1.2.1 The audit shall be a full scope audit to ensure Mac Machine is meeting the requirements set forth in SAE AS9100 Rev. D, in accordance with the requirements of AS9101:2016
1.2.2 The OSP shall supply credentials for the auditor assigned and these will be retained with the documentation from the audit.

One of my questions is in 1.2.1 "in accordance with the requirements of AS9101:2016". Is this the right requirement, or should it be to AS9104, or not needed at all?

Thanks in advance
 
Last edited by a moderator:
Sidney Vianna

Sidney Vianna

Post Responsibly
Leader
Admin
AS9101, currently under Rev. F is meant for the audits performed by the CB auditors, operating under the IAQG ICOP Scheme and it is not meant for internal audits. Some of the components of the AS9101 document could be used in the internal audit program, but others would be counterproductive.
 
J

J.Enger

Involved In Discussions
So best thinking it to just delete that section and leave the rest?

1.2.1 The audit shall be a full scope audit to ensure Mac Machine is meeting the requirements set forth in SAE AS9100 Rev. D.
 
Jim Wynne

Jim Wynne

Leader
Admin
J.Enger said:
So best thinking it to just delete that section and leave the rest?

1.2.1 The audit shall be a full scope audit to ensure Mac Machine is meeting the requirements set forth in SAE AS9100 Rev. D.
Click to expand...
What is a "full scope audit"?
 
G

Guest

On Holiday
J.Enger said:
Due to the struggles with performing our own Internal Audit, we are outsourcing it to accredited companies,
Click to expand...

Accredited? For what?

Who does the audit and their (contractual: W2 or 1099 in the USA) relationship to your organization is of no importance to the conduct of audits. What is important is a) competency and b) results. You need nothing in any procedure any different than if YOU were doing the audit.
 
Sidney Vianna

Sidney Vianna

Post Responsibly
Leader
Admin
Guest said:
You need nothing in any procedure any different than if YOU were doing the audit.
Click to expand...
They certainly have to comply with the applicable requirements of AS9100D 8.4 for the outsourced internal audit service. While I agree that competence is critical, any organization outsourcing internal audits for the first time, would be hard pressed to know if the individual is competent or not, beforehand. At most they will be looking for credentials/qualifications. An experienced aerospace auditor who is very competent to audit aerospace suppliers involved in software development might be lost auditing a machine shop, because s/he might not have the required knowledge in that context.

To the OP, I suggest you peruse similar threads (scroll down the page). Many a discussions have been had on this topic before.

Good luck.
 
J

J.Enger

Involved In Discussions
Guest said:
Accredited? For what?

Who does the audit and their (contractual: W2 or 1099 in the USA) relationship to your organization is of no importance to the conduct of audits. What is important is a) competency and b) results. You need nothing in any procedure any different than if YOU were doing the audit.
Click to expand...


Again, it may just be wrong verbiage, but to me, accredited means the company meets the our requirements as detailed in 8.4 (has a registered QMS, etc) and the auditors have some form of record to show competency ( i.e. resume of work, any certificates of training, etc).
 
G

Guest

On Holiday
IMHO, using the "outsourced processes" to engage an internal auditor is futile. Expecting a perfectly good, experienced auditor - someone who has retired from auditing aerospace suppliers, or something equally applicable - to have a registered QMS is not going to happen. Certificates of training don't make good auditors. Resumes are often fictitious or not a good representation of the person's actual abilities. Auditors need to posses good soft skills, plausibility, integrity, and a bunch of other things which only a referral might reveal. I'd ask your local ASQ if they know of anyone.
 
Sidney Vianna

Sidney Vianna

Post Responsibly
Leader
Admin
Guest said:
IMHO, using the "outsourced processes" to engage an internal auditor is futile. snip..... and a bunch of other things which only a referral might reveal. I'd ask your local ASQ if they know of anyone.
Click to expand...
Nothing wrong with a referral, but 8.4 STILL applies to an outsourced internal audit provider.
 
You must log in or register to reply here.

Similar threads

A
AS9100D 8.4.1 c. Control on external providers... part of a process
2
Replies
13
Views
972
APetersen
A
Vader22
ISO 17025 Internal Auditor Requirements
Replies
4
Views
531
itsbiodiversity
I
F
Confused about Non conformace from internal audit
2 3
Replies
22
Views
1K
qualitymanagerTT
Q
F
SI-8 8.4.2.3 Supplier quality management system development
Replies
7
Views
307
darkmago
D
Crusader
Internal Audit AS9100 - all elements within a 3 year cycle…required or not?
2
Replies
11
Views
2K
Randy
Randy
Top Bottom