EN 9104-3:2023

SLOVENSKI STANDARD
01-februar-2024
Aeronavtika - Sistemi vodenja kakovosti - 003. del: Zahteve za usposabljanje,
razvoj, usposobljenost in preverjanje avtentikacije presojevalcev na področju
zračnega prometa, vesoljskih poletov in obrambe
Aerospace series - Quality management systems - Part 3: Requirements for Aviation,
Space, and Defence Auditor Training, Development, Competence, and Authentication
Luft- und Raumfahrt - Qualitätsmanagementsysteme - Teil 003: Anforderungen an
Schulung und Qualifikationen von Auditoren für Qualitätsmanagementsysteme der Luft-
und Raumfahrt (AQMS)
Série aérospatiale - Systèmes de management de la qualité - Partie 003 : Exigences
relatives à la formation, au développement, à la compétence et à l'authentification des
auditeurs dans le domaine aéronautique, spatial et de défense
Ta slovenski standard je istoveten z: EN 9104-3:2023
ICS:
03.100.70 Sistemi vodenja Management systems
03.120.10 Vodenje in zagotavljanje Quality management and
kakovosti quality assurance
49.020 Letala in vesoljska vozila na Aircraft and space vehicles in
splošno general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EN 9104-3
EUROPEAN STANDARD
NORME EUROPÉENNE
November 2023
EUROPÄISCHE NORM
ICS 03.100.70; 03.120.10; 49.020 Supersedes EN 9104-003:2010
English Version
Aerospace series - Quality management systems - Part 3:
Requirements for Aviation, Space, and Defence Auditor
Training, Development, Competence, and Authentication
Série aérospatiale - Systèmes de management de la Luft- und Raumfahrt - Qualitätsmanagementsysteme -
qualité - Partie 3: Exigences relatives à la formation, au Teil 3: Anforderungen an Schulung, Entwicklung,
développement, à la compétence et à l'authentification Kompetenz und Authentifizierung von Auditoren in
des auditeurs dans le domaine aéronautique, spatial et den Bereichen Luftfahrt, Raumfahrt und Verteidigung
de défense
This European Standard was approved by CEN on 18 December 2022.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references
concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN
member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2023 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 9104-3:2023 E
worldwide for CEN national Members.

Contents Page
European foreword . 4
Introduction . 5
1 Scope . 6
2 Normative references . 6
3 Terms and definitions . 6
4 Auditor authentication . 8
4.1 General. 8
4.2 Auditor authentication requirements . 8
4.3 Auditor work experience . 9
4.3.1 Authenticated auditor work experience . 9
4.3.2 Authenticated experienced auditor work experience . 9
4.3.3 Authenticated experienced auditor maintenance work experience . 9
4.4 Aviation, space, and defence industry knowledge . 9
5 Auditor initial authentication . 11
Table 1 — AQMS Auditor Initial Authentication Requirements . 11
6 Auditor re-authentication . 12
Table 2 — AQMS auditor re-authentication requirements . 12
7 Auditor advancement . 13
Table 3 — AQMS auditor advancement requirements . 13
8 Auditor performance monitoring and management . 14
8.1 General. 14
8.2 Auditor performance criteria and parameters . 14
8.3 Auditor requirements . 14
8.4 Certification body requirements . 14
8.4.1 General. 14
8.4.2 Auditor performance assessment . 15
Table 4 — Auditor performance monitoring activity . 15
8.4.3 Auditor performance management . 16
8.4.4 Retained documented information . 16
9 Requirements for auditor authentication bodies . 17
9.1 General. 17
9.2 Operational requirements . 17
9.3 Auditor application review and authentication . 18
9.4 Auditor performance . 18
9.5 Auditor suspension and withdrawal . 19
9.6 Transfer of auditor authentication . 20
9.7 Auditor authentication body withdrawal . 20
10 Requirements for training provider approval bodies . 21
10.1 General. 21
10.2 Approval of training providers . 21
10.3 Approval of training courses and assessments . 22
10.4 Operational requirements . 22
10.5 Training provider suspension or withdrawal . 22
10.6 Training provider approval body withdrawal . 23
11 Requirements for Training Providers. 24
11.1 General . 24
11.2 Operational requirements . 24
11.3 Retained documented information . 25
11.4 Training provider changes . 25
12 Requirements for training courses and assessments . 26
13 Use of marks and logos . 26
Annex A (informative) Acronym log . 27
Bibliography . 28

European foreword
This document (EN 9104-3:2023) has been prepared by the Aerospace and Defence Industries
Association of Europe — Standardization (ASD-STAN).
After enquiries and votes carried out in accordance with the rules of this Association, this document has
received the approval of the National Associations and the Official Services of the member countries of
ASD-STAN, prior to its presentation to CEN.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by May 2024, and conflicting national standards shall be
withdrawn at the latest by May 2024.
This document supersedes EN 9104-003:2010.
EN 9104-003:2010:
- Update reference Table 2
- Update paragraph 8.4.2
- Update paragraph and reference 9.4.4
- Revision and restructuring paragraph 10
-
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN website.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and the
United Kingdom.
Introduction
Industry established the IAQG, with representatives from Aviation, Space, and Defence (ASD)
companies in the Americas, Asia/Pacific, and Europe, to implement initiatives that make significant
improvements in quality and reductions in cost throughout the value stream.
The IAQG developed a global scheme for the acceptance and recognition of audits performed by
Certification Bodies (CBs), using the EN 9100 series standards and taking into account the schemes
already in use or under development in the various IAQG sectors, including the application of a:
rd
— 3 party audit certification scheme with specific ASD requirements, under the guidance and
oversight of the ASD industry; and
— harmonized approach for the purpose of improving the quality and process control throughout the
entire supply chain.
Confidence and reliance in the audit process depend on the development and provision of auditor
training, robust auditor authentication, and competence of those conducting the audits. Competence is
based on the demonstration of personal attributes, and the ability to apply knowledge and skills gained
through education, training, and experience.
This document has been prepared by the IAQG and standardizes the requirements for ASD Quality
Management System (QMS) auditor training, development, competence, and authentication in support
of certification to Aerospace Quality Management System (AQMS) standards. This document
supplements existing international standards for competency requirements.
In this document, the following terms are used:
— “shall” indicates a requirement;
— “should” indicates a recommendation;
— “may” indicates a permission;
— “can” indicates a possibility or capability.
Words “example” or “e.g.” indicate suggestions given for guidance. Information marked “NOTE” is for
guidance in understanding or clarifying the associated requirement.
Rationale
This document has been revised to align with the latest revisions of the International Aerospace Quality
Group (IAQG) EN 9104-001 and EN 9104-002 standards, the International Organization for
Standardization (ISO)/International Electrotechnical Commission (IEC) EN ISO/IEC 17021-1 and
EN ISO/IEC 17021-3 standards, and to incorporate lessons learned from past activities, including
feedback from interested parties.
1 Scope
This document defines the minimum requirements for auditors, CBs, auditor authentication bodies
(AABs), training provider approval bodies (TPABs), and training providers (TPs) who participate in the
IAQG industry controlled other party (ICOP) scheme. The requirements in this document supplement
those defined within the EN 9104-001, EN 9104-002, EN ISO/IEC 17021-1, and EN ISO/IEC 17021-3
standards.
Data protection for the parties subject to this document and other relevant requirements of the ICOP
scheme are managed via bi-lateral contracts between the joint controllers of the data.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
EN 9100 , Quality Management Systems — Requirements for Aviation, Space and Defence Organizations
EN 9110 , Quality Management Systems — Requirements for Aviation Maintenance Organizations
EN 9120 , Quality Management Systems — Requirements for Aviation, Space and Defence Distributors
EN ISO/IEC 17000, Conformity assessment — Vocabulary and general principles (ISO/IEC 17000)
3 Terms and definitions
For the purposes of this document, the terms and definitions in EN ISO/IEC 17000, the EN 9104 series
standards, the IAQG International Dictionary, and the following apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https://www.iso.org/obp/
— IEC Electropedia: available at https://www.electropedia.org/
3.1
audit experience
experience gained and demonstrated by direct involvement in an audit as a team leader or team
nd rd
member conducting 2 or 3 party QMS or AQMS audits
3.2
auditor authentication
process and output from confirming an auditor's competence has met or exceeded the minimum
requirements for an auditor, as defined in this document
3.3
auditor authentication cycle
period of three years from initial authentication or re-authentication

As developed under the auspice of the IAQG and published by various standards bodies [e.g., ASD-STAN, SAE
International, European Committee for Standardization (CEN), Japanese Standards Association (JSA)/Society
of Japanese Aerospace Companies (SJAC), Brazilian Association for Technical Norms (ABNT)].
3.4
auditor performance management
rd
activity undertaken to monitor individual 3 party auditor performance and establish improvement
programs, as required, to maintain auditor authentication, based on the results of performance
information gathered
3.5
authenticated auditor
AA
person with the demonstrated competence (i.e., knowledge, skills, and personal attributes) to conduct
an audit on ASD organizations that has been authenticated in accordance with the requirements of this
document
3.6
authenticated experienced auditor
AEA
person with the demonstrated competence (i.e., knowledge, skills, and personal attributes) to lead an
audit on ASD organizations that has been authenticated in accordance with the requirements of this
document, together with appropriate recognized work experience and demonstrated knowledge in the
ASD industry
3.7
Aviation, Space, and Defence (ASD) lead auditor course
interactive training course approved by a TPAB, that includes current EN 9100 standard requirements,
the process approach as it applies to auditing an entire AQMS, and how to plan, conduct, report, follow-
up, and close an AQMS audit
3.8
continual professional development
CPD
means by which professionals improve and broaden their knowledge and skills required to enhance
individual capability
Note 1 to entry: CPD includes relevant structured learning activities that focus on subjects and topics that are
related to the audit profession, including emerging industry technologies and regulatory requirements.
3.9
contractor
person who undertakes work on behalf of an organization on a contract basis that is specified in a
mutually binding agreement
Note 1 to entry: This does not include individuals who provide expert advice professionally (i.e. consultancy).
3.10
full system audit
direct involvement as a team leader or team member (as applicable) in a QMS (EN ISO 9001) or AQMS
(EN 9100, EN 9110, EN 9120) audit that covers all requirements of the respective standard, aligned to
the certification scope of the audited organization
3.11
International Aerospace Quality Group (IAQG) sanctioned requisites
activity mandated by the IAQG to support auditor authentication (e.g., training, assessment, evaluation)
3.12
performance improvement plan
PIP
means to address performance improvement that includes a clear, structured set of actions and
deliverables, together with timescales, in order to attain a specified level of performance
3.13
regulatory aviation maintenance specific training course
interactive training course (or a series of courses) approved by a civil/military aviation authority,
conducted over a minimum two working days relating to aviation maintenance regulations
3.14
suspension
temporary restriction(s) applied to authentication or approval activity due to the non-fulfilment of
requirements
3.15
withdrawal
cessation of authentication or approval due to the non-fulfilment of requirements
4 Auditor authentication
4.1 General
4.1.1 Auditors seeking authentication shall meet the requirements defined within this document and
provide documented evidence of the required baseline training, audit experience, IAQG sanctioned
requisites, work experience, industry knowledge, and CPD (as applicable) relative to the applicable
AQMS standard to the AAB.
4.1.2 The following auditor grades have been established for each AQMS standard:
a) authenticated auditor (AA);
b) authenticated experienced auditor (AEA).
4.2 Auditor authentication requirements
4.2.1 Auditor authentication shall be undertaken in accordance with the applicable requirements
relating to each authentication phase:
a) auditor initial authentication (see Clause 5);
b) auditor re-authentication (see Clause 6); or
c) auditor advancement (see Clause 7).
4.2.2 Auditors shall only conduct audits for which they are authenticated (e.g. AA/AEA EN 9100
auditors cannot perform audits to EN 9110 or EN 9120).
4.2.3 Auditors can be authenticated for one or more grades and/or standards, but only for one grade
(AA or AEA) per standard at the same time.
4.2.4 Auditors shall be authenticated to EN 9100, in order to be authenticated for other AQMS
standards (i.e. EN 9110 and/or EN 9120).
Where an auditor is already authenticated to EN 9100 and is seeking authentication to another AQMS
standard, the work experience utilized for initial authentication may be used to demonstrate
compliance to the requirements, provided the EN 9100 authentication is current.
4.2.5 Auditors shall disclose within their application to the AAB if they have had any previous
applications or authentications rejected, suspended, or withdrawn; including the reason(s) why.
4.3 Auditor work experience
4.3.1 Authenticated auditor work experience
Work experience shall be full time as an employee or contractor in industries with similar scopes of
applicability (e.g. automotive, nuclear, maritime, medical devices, other high risk/safety critical
industries), with direct involvement in engineering, design, manufacturing, quality, or process control.
4.3.2 Authenticated experienced auditor work experience
Work experience shall be full time as an employee or contractor within the ASD industry with direct
involvement in engineering, design, manufacturing, quality, or process control within any of the
following organizations:
a) major equipment manufacturer/integrator organization – an organization that designs, produces,
and delivers complete vehicles or systems for ASD applications (e.g. aircraft, ships, submarines,
major weapon systems, launchers or spacecraft);
b) prime organization – an organization that designs and/or produces a major assembly, major
subassembly, or major component of an ASD end item (e.g. cabins, wings, fuselages, propulsion
systems, control systems, health monitoring systems, ordnance management systems, radar
systems, emergency or backup systems);
c) ASD Regulatory Agency – a civil [e.g. National Aviation Authority (NAA)], military [e.g. Ministry of
Defence (MoD)], or space organization [e.g. European Space Agency (ESA), National Aeronautics
and Space Administration (NASA), Canadian Space Agency (CSA), Japan Aerospace Exploration
Agency (JAXA), China National Space Administration (CNSA)].
4.3.3 Authenticated experienced auditor maintenance work experience
Work experience shall be full time as an employee or contractor within an aviation maintenance
organization authorized by a civil or military aviation authority with direct involvement in overhaul,
disassembling, inspection, testing, replacement, defect rectification, and the embodiment of a
modification or repair.
4.4 Aviation, space, and defence industry knowledge
4.4.1 Industry knowledge shall include at a minimum, an understanding of the processes and controls
for:
a) advance product quality planning;
b) change control;
c) containment, cause analysis, and corrective action;
d) configuration, identification, and traceability;
e) critical items and key characteristics;
f) design and development;
g) external provider approval and control;
h) foreign object damage/debris (FOD) prevention program;
i) nonconforming material management;
j) operational risk management;
k) ASD regulatory requirements;
l) prevention of counterfeit/unapproved parts;
m) product safety;
n) production part approval process;
o) production processes and product verification/validation; and
p) sampling inspection or testing.
4.4.2 In addition for EN 9110 authentication, this knowledge shall also include at a minimum, an
understanding of the processes and controls for:
a) aviation maintenance regulations;
b) continued airworthiness management;
c) development and/or maintenance of technical data;
d) qualification and certification of persons;
e) identification and control of serviceable/unserviceable articles or products;
f) parts distribution and rotable pools;
g) prevention of suspected unapproved parts;
h) installation of approved parts; and
i) return to service processes.
5 Auditor initial authentication
5.1 The requirements for auditor initial authentication for each auditor grade shall be in accordance
with Table 1.
5.2 To initiate the process, the auditor shall apply for authentication to their selected AAB for each
relevant AQMS standard.
Table 1 — AQMS Auditor Initial Authentication Requirements
Element Authenticated auditor (AA) Authenticated experienced auditor
(AEA)
Baseline training Evidence of passing a TPAB approved ASD lead auditor course (see 3.7).
Audit experience Evidence within the past three Evidence within the past three years of:
(see 3.1) years of:
nd
a) a minimum of four 2 party QMS/AQMS
nd rd
a) a minimum of four 2 party and/or 3 party QMS full system audits
rd
QMS/AQMS and/or 3 party (see 3.10) leading a team in a team
QMS full system audits leader role;
(see 3.10) in a team member or
b) additional audits, if necessary, to
team leader role;
demonstrate coverage of all
b) additional audits, if necessary, requirements of the respective standard
to demonstrate coverage of all at least twice; and
requirements of the respective
c) a minimum of 20 on-site audit days
standard at least twice; and
(excluding planning and report writing).
c) a minimum of 20 on-site audit
days (excluding planning and
report writing).
IAQG sanctioned Evidence of successful completion (including examination, as applicable) of any
requisites IAQG requisites.
(see 3.11)
Auditor work Evidence of two years work EN 9100 Evidence of four years ASD
experience experience within the past ten work experience (see 4.3.2)
EN 9120
(see 4.3) years (see 4.3.1). within the last ten years.
EN 9110 EN 9100 above, plus evidence of
two years aviation maintenance
work experience (see 4.3.3)
within the last four years.
ASD industry Evidence not required. EN 9100 Evidence of industry knowledge
knowledge (see 4.4.1).
EN 9120
(see 4.4)
EN 9110 Evidence of industry knowledge
(see 4.4.2).
6 Auditor re-authentication
6.1 The requirements for auditor re-authentication for each auditor grade shall be in accordance with
Table 2.
6.2 To initiate the process and prior to expiry, auditors shall apply for re-authentication in
accordance with their selected AAB requirements, in order to maintain their authentication.
6.3 Auditors shall disclose within their application to the AAB (in relation to their previous
authentication cycle):
a) any PIPs raised (see 3.12), including their status; and
b) all CBs for whom they have conducted AQMS audits.
Table 2 — AQMS auditor re-authentication requirements
Element Authenticated auditor (AA) Authenticated experienced auditor
(AEA)
Audit Evidence within the past three years of: Evidence within the past three years of:
experience nd nd
a) a minimum of four 2 and/or a) a minimum of four 2 and/or
(see 3.1) rd rd
3 party QMS/AQMS full system 3 party AQMS full system audits
audits (see 3.10); (see 3.10);
b) additional audits, if necessary, to b) additional audits, if necessary, to
demonstrate coverage of all demonstrate coverage of all
requirements of the respective requirements of the respective
standard at least twice; and standard at least twice; and
c) a minimum of 20 on-site audit days c) a minimum of 20 on-site audit days
(excluding planning and report (excluding planning and report
writing). writing).
IAQG sanctioned Evidence of successful completion (including passing an examination, as
requisites applicable) of any IAQG requisites.
(see 3.11)
Auditor work Evidence not required.
experience
(see 4.3)
ASD industry Evidence not required.
knowledge
(see 4.4)
Continual Evidence of 40 h within the auditor authentication cycle, with a minimum of 10 h
professional per year.
development
NOTE  Each hour of structured learning activity is equivalent to one CPD hour.
(CPD) (see 3.8)
Auditor Evidence of any PIPs raised [see 6.3 a)] and any other reported performance
performance issues or concerns over the auditor authentication cycle (see 9.4).
management
(see 3.4)
7 Auditor advancement
7.1 The requirements for auditor advancement from AA to AEA shall be in accordance with Table 3.
7.2 Successful advancements shall not change or extend the applicants existing re-authentication
cycle.
7.3 To initiate the process, the AA shall apply for authentication as an AEA to their selected AAB for
each relevant AQMS standard.
7.4 Auditors shall disclose within their application to the AAB (in the previous three years):
a) any PIPs raised (see 3.12), including their status; and
b) all CBs for whom they have conducted AQMS audits.
Table 3 — AQMS auditor advancement requirements
Element Authenticated auditor (AA) to authenticated experienced auditor (AEA)
Audit experience For advancement to EN 9100, evidence of:
rd
(see 3.1) a) at least one full auditor authentication cycle as an AA conducting 3
party AQMS audits;
rd
b) a minimum of 30 on-site 3 party AQMS audit days (excluding planning
and report writing), in each of any three consecutive years; and
rd
c) a minimum of four 3 party QMS audits
...