SIST EN 9101:2011

SLOVENSKI STANDARD
SIST EN 9101:2011
01-september-2011
1DGRPHãþD
SIST EN 9101:2008
6LVWHPLYRGHQMDNDNRYRVWL=DKWHYH]DSUHVRMRRUJDQL]DFLM]UDþQHJDSURPHWD
YHVROMVNLKSROHWRYLQREUDPEH
Quality Management Systems - Audit Requirements for Aviation, Space, and Defence
Organizations
Qualitätsmanagementsysteme - Audit-Anforderungen für Organisationen der Luftfahrt,
Raumfahrt und Verteidigung
Systèmes de management de la Qualité - Exigences d’audit pour les Organismes de
l’Aéronautique, l'Espace et la Défense
Ta slovenski standard je istoveten z: EN 9101:2011
ICS:
03.120.10 Vodenje in zagotavljanje Quality management and
kakovosti quality assurance
49.020 Letala in vesoljska vozila na Aircraft and space vehicles in
splošno general
SIST EN 9101:2011 en,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST EN 9101:2011

---------------------- Page: 2 ----------------------

SIST EN 9101:2011


EUROPEAN STANDARD
EN 9101

NORME EUROPÉENNE

EUROPÄISCHE NORM
July 2011
ICS 03.120.20; 49.020 Supersedes EN 9101:2008
English Version
Quality Management Systems - Audit Requirements for Aviation,
Space, and Defence Organizations
Systèmes de management de la Qualité - Exigences Qualitätsmanagementsysteme - Audit-Anforderungen für
d'audit pour les Organismes de l'Aéronautique, l'Espace et Organisationen der Luftfahrt, Raumfahrt und Verteidigung
la Défense
This European Standard was approved by CEN on 28 March 2011.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European
Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national
standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same
status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland,
Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom.





EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2011 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 9101:2011: E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
Contents Page
Foreword . 3
0 Introduction . 5
0.1 General . 5
0.2 Auditing Approach . 5
0.3 Audit Records and Reports . 5
1 Scope . 6
1.1 General . 6
1.2 Application . 6
2 Normative references . 6
3 Terms and definitions . 7
4 Auditing and reporting . 8
4.1 General . 8
4.1.1 Audit Process . 9
4.1.2 Audit Methodology . 11
4.2 Common Audit Activities . 15
4.2.1 Audit Planning . 15
4.2.2 On-site Audits . 16
4.2.3 Audit Reporting . 19
4.2.4 Nonconformity Management . 19
4.2.5 Audit Records . 20
4.3 Audit Phase Specific Requirements . 20
4.3.1 Pre-audit Activities . 20
4.3.2 Stage 1 Audit . 21
4.3.3 Stage 2 Audit . 24
4.3.4 Surveillance . 25
4.3.5 Recertification . 25
4.3.6 Special Audits . 26
Annex A (normative) Objective Evidence Record (OER) . 28
Annex B (normative) Nonconformity Report (NCR) . 53
Annex C (normative) Process Effectiveness Assessment Report (PEAR) . 56
Annex D (normative) QMS Process Matrix Report . 58
Annex E (normative) Audit Report (Stage 2, Surveillance, Recertification/Approval and Special) . 62
Annex F (normative) Audit Report (Stage 1) . 69
Annex G (normative) Supplemental Audit Report . 76

2

---------------------- Page: 4 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
Foreword
This document (EN 9101:2011) has been prepared by the Aerospace and Defence Industries Association of
Europe - Standardization (ASD-STAN).
This European Standard shall be given the status of a national standard, either by publication of an identical
text or by endorsement, at the latest by January 2012, and conflicting national standards shall be withdrawn
at the latest by January 2012.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights.
This document supersedes EN 9101:2008.
After enquiries and votes carried out in accordance with the rules of this Association, this Standard has
received the approval of the National Associations and the Official Services of the member countries of ASD,
prior to its presentation to CEN.
This standard was reviewed by the Domain Technical Coordinator of ASD-STAN’s Quality Domain.
To assure customer satisfaction, aviation, space, and defence organizations must produce and continually
improve, safe, reliable products that meet or exceed customer and applicable statutory and regulatory
requirements. The globalization of the industry and the resulting diversity of regional and national
requirements and expectations have complicated this objective. Organizations have the challenge of
purchasing products from suppliers throughout the world and at all levels of the supply chain. Suppliers have
the challenge of delivering products to multiple customers having varying quality requirements and
expectations.
Industry has established the International Aerospace Quality Group (IAQG), with representatives from
companies in the Americas, Asia/Pacific, and Europe, to implement initiatives that make significant
improvements in quality and reductions in cost throughout the value stream. This standard has been
prepared by the IAQG.
This document standardizes the requirements for conducting and reporting of quality management system
audits. It provides requirements for an audit and reporting process based on:
• the process and continual improvement approach defined in 9100-series standards;
• the specific aviation, space, and defence additions in 9100-series standards;
• the use of common audit tools; and
• the uniform, transparent, and standardized reporting of audit results.
It can be used by aviation, space, and defense organizations at all levels throughout the global supply chain.
In this European Standard, the word “shall” indicates a requirement and the word “should” a recommendation
to meet the intent of the standard. Words “typical”, “example”, or “e.g.” indicate suggestions given for
guidance. Information marked “NOTE” is for guidance in understanding or clarifying the associated
requirement.
This standard has been completely rewritten to incorporate the 2009 changes to IAQG 9100-series standard
quality management system requirements, the requirements for accredited Certification Bodies (CBs)
introduced by International Organization for Standardization (ISO) / International Electrotechnical Commission
(IEC) 17021, and inputs received from industry stakeholders associated to process based auditing methods
3

---------------------- Page: 5 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
and the evaluation of process effectiveness. It replaces the existing versions of 9101, 9111, and 9121
(e.g., AS9101C, AS9111, AS9121, EN 9101:2006, EN 9111:2005, EN 9121:2005, SJAC 9101C).
According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following
countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus,
Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia,
Spain, Sweden, Switzerland and the United Kingdom.
4

---------------------- Page: 6 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
0 Introduction
0.1 General
Auditing is a basic tool to assess effective implementation of and conformity to quality management system
requirements. In addition to the determination of conformity, this standard focuses on the evaluation of
effectiveness of the quality management system and its associated processes.
An organization is not only required to be in conformity with quality management system requirements, but to
be effective in meeting customer expectations and delivering products that meet those expectations. In other
words, an organization must not only meet the requirements of the quality management system standard, but
at the same time deliver products that satisfy customer expectations.
Additionally, this standard takes into account the new requirements presented in the 2009 revisions of the
9100-series standards [e.g., critical items, special requirements, On-time Delivery (OTD) performance, risk
management, project management].
0.2 Auditing Approach
This standard supports the engagement and evaluation of an organization’s quality management system
process approach, as required by the 9100-series standards. When evaluating an organization’s quality
management system, there are basic questions that should be asked of every process, for example:
a) Is the process identified and appropriately defined?
b) Are responsibilities assigned?
c) Are the processes implemented and maintained?
d) Is the process effective in achieving the desired results?
The collective answers to these and other associated questions will contribute to the evaluation results.
Additionally, product quality (as delivered), customer satisfaction, and quality management system
effectiveness can be considered as interrelated. This relationship should be reflected in the audit process
and associated results.
0.3 Audit Records and Reports
This standard defines the audit records and reports to be generated and maintained. They are critical in
providing objective evidence on the conformity and effectiveness of the quality management system
(including process effectiveness), and reporting the audit results. They can be used to inform the
organization and its customers in a standard format/structure.
Records and reports to be generated are identified within this standard as annexes and shall be used to fulfill
the reporting requirements.
NOTE Electronic templates of these documents will be made available by the IAQG.
5

---------------------- Page: 7 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
1 Scope
1.1 General
This European standard defines requirements for the preparation and execution of the audit process.
Additionally, it defines the content and composition for the audit reporting of conformity and process
effectiveness to the 9100-series standards, the organization’s quality management system documentation,
and customer/regulatory requirements.
The requirements in this standard are additions or represent changes to the requirements and guidelines in the
standards for conformity assessment, auditing, and certification as published by ISO/IEC (i.e., ISO/IEC 17000,
ISO 19011, ISO/IEC 17021). When there is conflict with these standards, the requirements of the 9101 standard
shall take precedence.
NOTE 1 In this standard, the term “9100-series standards” comprises the following quality management system
standards: 9100, 9110, and 9120; developed by the IAQG and published by various national standards
bodies.
NOTE 2 In addition to this standard, IAQG publishes recommended practices that can be used by audit teams when
executing the audit process.
1.2 Application
This standard shall be used for audits of 9100-series standards by CBs for certification of organizations,
under the auspices of the aviation, space, and defense industry certification scheme [also known as Industry
Controlled Other Party (ICOP) scheme]. The ICOP scheme requirements are defined in the 9104-series
standards.
NOTE 1 Conflicts between 9104-series standards and this standard will be escalated to IAQG and resolved by an
IAQG decision(s).
NOTE 2 Relevant parts of this standard (e.g., 4.2.1, 4.2.2, 4.2.3, and 4.2.4) can be used by an organization in support
st nd
of internal audits (1 party) and external audits at suppliers (2 party). This includes the audit methodology,
guidance material, and document formats [e.g., audit reports, Nonconformity Reports (NCRs), other
documents described in the Annexes]. In such case, the words “Certification Body” or “CB” should be read
as “auditor” or “auditing organization” as appropriate.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
1)
EN 9100, Quality Management Systems — Requirements for Aviation, Space and Defence Organizations
1)
EN 9110, Quality Management Systems — Requirements for Aviation Maintenance Organizations
1)
EN 9120, Quality Management Systems — Requirements for Aviation Space and Defence Distributors
EN 9104, Aerospace series — Quality management systems — Requirements for Aerospace Quality
1)
Management System Certification/Registrations Programs

1) As developed under the auspice of the IAQG and published by various standards bodies (e.g., ASD-STAN, SAE,
CEN, JSA/SJAC, ABNT).
6

---------------------- Page: 8 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
EN 9104-002, Aerospace series — Quality management systems — Part 002: Requirements for Oversight of
1)
Aerospace Quality Management System Certification/Registrations Programs
EN 9104-003, Aerospace series — Quality management systems — Part 003: Requirements for Aerospace
1)
Quality Management System (AQMS) Auditor Training and Qualification
IAF MD 2:2007, IAF Mandatory Document for the Transfer of Accredited Certification of Management
Systems
ISO 9000:2005, Quality management systems — Fundamentals and vocabulary
ISO/IEC 17000:2004, Conformity assessment — Vocabulary and general principles
ISO/IEC 17021:2006, Conformity assessment — Requirements for bodies providing audit and certification of
management systems
ISO 19011:2002, Guidelines for quality and/or environmental management systems auditing
3 Terms and definitions
For the purpose of this standard, the terms and definitions provided in ISO 9000, ISO/IEC 17000, 9100-series
standards, 9104-series standards (i.e., 9104, 9104-002, 9104-003), and the following apply.
3.1
containment
action to control and mitigate the impact of a nonconformity and protect the customer's operation (stop the
problem from getting worse); includes correction, immediate corrective action, immediate communication,
and verification that the nonconforming situation does not further degrade
3.2
major nonconformity
a non-fulfilment of a requirement which is likely to result in the failure of the quality management system or
reduce its ability to assure controlled processes or compliant products; it can be one or more of the following
situations:
a) a nonconformity where the effect is judged to be detrimental to the integrity of the product or service;
b) the absence of or total breakdown of a system to meet a 9100-series standard requirement, an
organization procedure, or customer quality management system requirement;
c) any nonconformity that would result in the probable shipment of nonconforming product; and/or
d) a condition that could result in the failure or reduce the usability of the product or service and its
intended purpose
3.3
minor nonconformity
a non-fulfilment of a requirement which is not likely to result in the failure of the quality management system
or reduce its ability to assure controlled processes or compliant products; it can be either one of the following
situations:
a) a single system failure or lapse in conformance with a 9100-series standard or customer quality
management system requirement; or
b) a single system failure or lapse in conformance with a procedure associated to the organization's quality
management system
7

---------------------- Page: 9 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
NOTE A number of minor nonconformities against one requirement (e.g., similar nonconformities associated to
different sites or different departments/functions/processes within a single site) can represent a total
breakdown of the system and thus be considered a major nonconformity.
3.4
Nonconformity Report (NCR)
a document stating results and providing objective evidence of nonconformity against audit criteria, including
the following information: containment, correction, root cause, corrective action implementation, and closure
3.5
Objective Evidence Record (OER)
a document recording objective evidence of the audit findings, including reference to the reviewed or observed
procedures, records, products, processes, and associated NCRs and opportunities for improvement
3.6
Online Aerospace Supplier Information System (OASIS)
web-based IAQG database containing information on participating IAQG member companies, National
Aerospace Industry Associations (NAIAs), National Accreditation Bodies (NABs), accredited CBs,
authenticated Aerospace Experience Auditors (AEAs), certified suppliers, certificates, and assessment
results
3.7
Process Effectiveness Assessment Report (PEAR)
a document stating results and providing evidence of determination on the effectiveness of a process
4 Auditing and reporting
Referenced ISO/IEC 17021 and ISO 19011 clauses shall be invoked as requirements, including the associated
‘practical help’ text in applicable ISO 19011 clauses.
4.1 General
Audit Process
The audit process and associated activities (see 4.1.1) shall be followed when auditing and certifying quality
management systems in the aviation, space, and defence industry.
The audit process established to assess conformity, including the determination of effectiveness, of quality
management systems to the 9100-series standards shall meet the requirements of ISO/IEC 17021 and the
additional requirements defined by this standard.
The audit process requirements consist of three main parts:
a) the phases of the audit process (see 4.1.1);
b) information on the common activities (see 4.2) that shall be used to support the audit phases; and
c) the specific requirements for each audit phase (see 4.3).
8

---------------------- Page: 10 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
Audit Methodology
The audit can be conducted through the use of various auditing methods to determine the quality
management system conformity, including the determination of effectiveness. The methodologies defined in
4.1.2 are complementary to audit practices of ISO 19011 and can be employed to establish audit trails and
facilitate information collection.
4.1.1 Audit Process
The audit process consists of the following phases (see Table 1):
a) Pre-audit activities (see 4.3.1);
b) Stage 1 audit (see 4.3.2);
c) Stage 2 audit (see 4.3.3);
d) Surveillance audit (see 4.3.4); and
e) Recertification audit (see 4.3.5).
Pre-audit activities, Stage 1, and Stage 2 are applicable for initial certification. Stage 1 audit can be utilized
for recertification [see ISO/IEC 17021, 9.4].
NOTE 1 Although ‘Special Audit’ is not listed as a part of the audit program, it can be applicable after initial
certification when directed by special request. The requirements for special audits are addressed in 4.3.6.
NOTE 2 Although certification is formally part of the audit process, the requirements for certification are defined by the
9104-series standards.

9

---------------------- Page: 11 ----------------------

EN 9101:2011 (E)
10
SIST EN 9101:2011

Table 1 — Overview of audit process flow
Pre-audit Activities (4.3.1)


Exchange of information between Identification of areas Develop and
Review of application Select audit
the auditing organization and the of concern and request communicate

and scope for team leader
organization to be audited (i.e., for additional draft audit
certification/approval

process and business research) information, program





Stage 1 Audit (4.3.2)

Develop and Select competent Perform Stage 1 Report Stage 1 audit Resolve Stage 1 Review closing out

communicate audit audit team audit results, including areas audit areas of areas of concern

plan for Stage 1 audit of concern (App. F) concern






Stage 2 Audit (4.3.3) / Surveillance (4.3.4) / Recertification Audit – (4.3.5)

Document audit results, Supplemental

Develop and communicate
Audit Report (App. G), Audit Report
Select Perform audit using Verify and
audit plan for Stage 2, Resolve
(App. E), including NCRs (App. B),
competent Objective Evidence report NCR
recertification, and NCRs
 PEARs (App. C), and
audit team Record (App. A) closure
surveillance visits
QMS Process Matrix Report (App.D)






Decide (Yes/No) – certification /
Recommend (Yes/No) – certification
Update

Issue / reissue of
recertification / approval or
/ recertification / approval or
audit program,
certificate or approval
sustaining of new and/or existing
sustaining of new and/or existing
as needed
certificate or organization approval
certificate or organization approval




= as required App. = Annex

---------------------- Page: 12 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
Common Activities
Audit planning, on-site auditing, and audit reporting are common activities linked with Stage 1, Stage 2,
surveillance, and recertification audits. Nonconformity management is common for Stage 2, surveillance, and
recertification audits.
The requirements for activities and/or common activities that apply to each phase of the audit program are
referenced in Table 2.
The Stage 1, Stage 2, surveillance, and recertification activities shall be described in the audit program
established during the ‘Pre-audit Activities’ phase.
Table 2 — Relationships between audit phases and common audit activities

 Audit Phase (4.3)
  Audit Program

Pre-audit Stage 1 Stage 2 Surveillance Recertification
Activities (4.3.2) (4.3.3) (4.3.4) (4.3.5)
(4.3.1)
Audit Planning (4.2.1)
√ √ √ √ √
On-site Auditing (4.2.2)
— √ √ √ √
Audit Reporting (4.2.3)
— √ √ √ √
Nonconformity Management
— — √ √ √
(4.2.4)
4.1.2 Audit Methodology
The following approaches identify different audit methods that can be used, as appropriate, to conduct
audits.
NOTE The identified methods are not intended to be a complete listing, but represent a significant contribution for
auditors to evaluate quality management system conformity and effectiveness. Use of these methods will
help transition from clause based auditing and put focus on the actual processes, their effectiveness, and
their ability to meet the quality objectives.
4.1.2.1 Customer Focus
The audit team should assess whether customer satisfaction is adequately evaluated and appropriate
actions are taken by the organization based on available performance information (e.g., nonconformity data,
corrective action requests, results of satisfaction surveys, complaints regarding product quality, OTD, service
provision, responsiveness to customer and internal requests) provided by the organization’s customers (e.g.,
scorecards, report cards). In addition, organization related ‘feedback requests’ received through OASIS
should be evaluated to confirm they have been adequately addressed.
Customer feedback is a process and should be audited as a process; not audited as a clause of the standard.
An evaluation should be performed in how this process is managed and its ability to provide meaningful
information in order to assess the overall effectiveness of the quality management system.
11
Common Activity (4.2)

---------------------- Page: 13 ----------------------

SIST EN 9101:2011
EN 9101:2011 (E)
4.1.2.2 Organizational Leadership
There should be an interview(s) with top management to evaluate the:
a) establishment and continued relevance of the organization’s quality policy and objectives;
b) establishment of performance measures aligned to quality objectives;
c) quality management system development, implementation, and continual improvement;
d) top management commitment;
e) quality management system performance and effectiveness;
f) performance to customer expectations (e.g., supplier rating, scorecard, audit results); and
g) actions taken to address issues that are not meeting customer performance expectations.
4.1.2.3 Quality Management System Performance and Effectiveness
The audit of quality management system performance and effectiveness should include a review of the
following:
a) the processing and handling of customer complaints, customer feedback data (e.g., periodic
performance reports received from customers), and other relevant customer data (e.g., results of
customer surveys);
b) results and actions from internal and external audits of the quality management system, including their
associated records;
c) stakeholder feedback (e.g., feedback from regulatory authorities or other interested parties);
d) the process and handling of p
...