Internal auditing is one of the most powerful tools in an AS9100 Quality Management System (QMS), yet it is often treated as a checklist exercise. When done correctly, internal audits drive risk reduction, process effectiveness, on-time delivery, escape prevention, and continuous improvement. AS9100 internal auditing is not about finding minor document issues but about evaluating whether processes achieve planned results and support customer, regulatory, and safety requirements. The purpose of internal auditing in AS9100 is to conduct audits at planned intervals, evaluate conformity to AS9100 and the QMS, assess process effectiveness, address risks and opportunities, and ensure corrective actions are implemented.
The goal is process performance, not clause compliance alone. AS9100 is built on the process approach, so audits must follow operational flow rather than clause order. Audits should be performed by process such as contract review, design and development, purchasing, production, inspection and testing, nonconformance and corrective action, configuration management, and risk management. Each audit should evaluate inputs, activities, outputs, resources, risks, and KPIs. Using a turtle diagram is an effective way to structure process audits. AS9100 emphasizes risk-based auditing, so audit programs should prioritize special processes, new product introduction, first-time suppliers, poor-performing processes, customer complaints, and escape trends. High-risk areas should be audited more frequently than stable processes.
AS9100 requires auditors to be trained, knowledgeable in process auditing, independent of the area being audited, and familiar with aerospace regulatory and customer requirements. Auditors must be able to follow audit trails, interview personnel, evaluate objective evidence, and identify systemic issues. An effective audit program includes an annual schedule that covers all QMS processes using risk-based frequency and includes production, support, and leadership processes. Audit criteria should include AS9100 requirements, customer requirements, internal procedures, and regulatory requirements. The audit scope must define the process, locations, products, and time period. During preparation, auditors should review procedures, KPIs, previous audit results, and risks while preparing process-based questions.
The process audit should be performed on the shop floor by following a job from contract to shipment, verifying traveler flow-down, confirming special process control, checking traceability, and verifying inspection and test records. Auditors should interview personnel by asking what they do, how they know it is correct, and what happens if there is a problem to evaluate training effectiveness and process understanding. Objective evidence includes records, metrics, observations, interviews, and physical product. Findings must be clear, objective, evidence-based, and linked to a requirement. A strong finding identifies the specific requirement, the objective evidence, and the condition observed. Internal audits must drive root cause corrective action rather than quick fixes, including root cause analysis, actions to prevent recurrence, and verification of effectiveness.
Common internal audit issues include auditing by clause instead of process, lack of risk-based planning, no linkage between KPIs and process effectiveness, superficial shop floor audits, corrective actions closed without effectiveness review and repeat findings. Best practices include auditing by process using real jobs, following the product through the system, focusing on special processes and key characteristics, using performance data, integrating risk into the audit plan, training auditors, and auditing leadership processes. When implemented effectively, internal audits reduce escapes, improve on-time delivery, strengthen customer confidence, identify systemic issues early, and prepare the organization for certification and customer audits.
A strong internal audit program is a clear indicator of a mature AS9100 QMS. Internal auditing to AS9100 is not about checking boxes but ensuring processes deliver safe, conforming products on time. Organizations that audit for effectiveness gain better process control, fewer escapes, stronger audit results, and higher customer satisfaction. In aerospace, where quality failures have serious consequences, an effective internal audit program is essential.
QMS Innovations supports aerospace organizations by developing AS9100-compliant audit procedures, creating risk-based audit programs, training internal auditors, performing gap assessments and mock audits, and improving corrective action effectiveness. We turn internal auditing into a business performance tool rather than a compliance activity.
