It has recently been brought to the attention of IMS that there are concerns within the aerospace industry regarding organisations internal audits, especially taking into account organisations certified to AS9100, AS9120 and AS9110.
There are various points within the Aerospace Scheme standards that refer to ensuring the Management System takes into account customer and regulatory requirements (4.1-The organisation’s quality management system shall also address customer and applicable statutory and regulatory quality management system requirements) is an example. This implies that when applying the management system requirements the organisation needs to include customer and regulatory requirements.
One of the concerns being identified is that the internal audit plans and processes are not identifying applicable customer and regulatory requirements and being audited accordingly. Many organisations are performing their internal audits against the Aerospace Standard clauses but not considering the other standards which may be applicable to them. As an example, the internal audits should review compliance with customer specifications which may be referenced within contracts. This could also include CAA, EASA and FAA requirements etc. The “note” within the internal audit clause states “Planned arrangements include customer contractual requirements” when making reference to the internal audit plans.
With this in mind, IMS Auditors will be reviewing internal audit plans in greater detail to ensure that customer, regulatory and statutory requirements have been planned and audited sufficiently. Auditors will need to see that the Audit Plan/Schedule covers all requirements and the internal audit records cover the above.