AS9100D:2016 Master Internal Audit Checklist

The internal audit checklist will ensure your audits concisely appraise your management system and processes against the requirements of AS9100D:2016. Answer Enter 'x' into Column F, G or H.
questions 1 to 450 to determine conformance. The audit results are summarized in the 'Audit Results' worksheet. Capture OFIs separately in Column I. Describe the possible cause of the minor or Provide a reference to the documentation,
Note any process or practice that seems Audit Risk
records, observations, questioning, etc.
Audit Finding major nonconformance. weak, cumbersome, redundant or complex. Score
Each audit question phrases each AS9100D:2016 'shall' requirement as a question, in order to elicit either a 'yes' or 'no' response, that can be represented as an 'x'. The supporting the answer each audit finding.
scoring formula assumes each requirement conforms, until an 'x' is entered into Column G or H. Conform Minor NC Major NC OFI
Does your organization plan, implement and control the processes (see 4.4) needed to meet the
requirements for the provision of products and services, and to implement the actions determined in
8.1 8.1g Quality Operational Planning & Control 145 100
Clause 6 by engaging representatives of affected organization functions for operational planning and
control?
Does your organization plan, implement and control the processes (see 4.4) needed to meet the
requirements for the provision of products and services, and to implement the actions determined in
8.1 8.1h Quality Operational Planning & Control 146 100
Clause 6 by determining the process and resources to support the use and maintenance of the products
and services?

Does your organization plan, implement and control the processes (see 4.4) needed to meet the
8.1 8.1i Quality Operational Planning & Control 147 requirements for the provision of products and services, and to implement the actions determined in 100
Clause 6 by determining the products and services to be obtained from external providers?

Does your organization plan, implement and control the processes (see 4.4) needed to meet the
requirements for the provision of products and services, and to implement the actions determined in
8.1 8.1j Quality Operational Planning & Control 148 100
Clause 6 by establishing the controls needed to prevent the delivery of nonconforming products and
services to the customer?
As appropriate to the organization, customer requirements, and products and services, is product and
service provision planned and managed in a structured and controlled manner, including scheduled
8.1 8.1 Quality Operational Planning & Control 149 100
events performed in a planned sequence to meet requirements at acceptable risk, within resource and
schedule constraints?

8.1 8.1 Quality Operational Planning & Control 150 Is the output of this planning suitable for the organization’s operations? 100
Does your organization control planned changes and review the consequences of unintended changes,
8.1 8.1 Quality Operational Planning & Control 151 100
taking action to mitigate any adverse effects, as necessary?

8.1 8.1 Quality Operational Planning & Control 152 Does the organization ensure that outsourced processes are controlled (see 8.4)? 100

Has a process been established, implemented, and maintained to plan and control the temporary or
8.1 8.1 Quality Operational Planning & Control 153 permanent transfer of work, to ensure the continuing conformity of the work to requirements, and does 100
the process ensure that work transfer impacts and risks are managed?
Has a process been planned, implemented and controlled for managing operational risks to the
8.1 8.1.1a Operational Risk Management 154 achievement of applicable requirements, that includes as appropriate to the organization and the 100
products and services, the assignment of responsibilities for operational risk management?
Has a process been planned, implemented and controlled for managing operational risks to the
achievement of applicable requirements, that includes as appropriate to the organization and the
8.1 8.1.1b Operational Risk Management 155 100
products and services, the definition of risk assessment criteria (e.g., likelihood, consequences, risk
acceptance)?
Has a process been planned, implemented and controlled for managing operational risks to the
achievement of applicable requirements, that includes as appropriate to the organization and the
8.1 8.1.1c Operational Risk Management 156 100
products and services, the identification, assessment, and communication of risks throughout
operations?
Has a process been planned, implemented and controlled for managing operational risks to the
achievement of applicable requirements, that includes as appropriate to the organization and the
8.1 8.1.1d Operational Risk Management 157 100
products and services, the identification, implementation, and management of actions to mitigate risks
that exceed the defined risk acceptance criteria?
Has a process been planned, implemented and controlled for managing operational risks to the
8.1 8.1.1e Operational Risk Management 158 achievement of applicable requirements, that includes as appropriate to the organization and the 100
products and services, the acceptance of risks remaining after implementation of mitigating actions?
Has a process been planned, implemented, and controlled for configuration management as appropriate
8.1 8.1.2 Configuration Management 159 to the organization and its products and services in order to ensure the identification and control of 100
physical and functional attributes throughout the product lifecycle?
Does this process control product identity and traceability to requirements, including the
8.1 8.1.2a Configuration Management 160 100
implementation of identified changes?
Does this process ensure that the documented information (e.g., requirements, design, verification,
8.1 8.1.2b Configuration Management 161 validation and acceptance documentation) is consistent with the actual attributes of the products and 100
services?
Have the processes needed to assure product safety during the entire product life cycle been planned,
8.1 8.1.3 Product Safety 162 100
implemented and controlled, as appropriate to the organization and the product?
Have processes, appropriate to your organization and the product been planned, developed and
8.1 8.1.4 Prevention of Counterfeit Parts 163 controlled for the prevention of counterfeit or suspect counterfeit part use and their inclusion in 100
product(s) delivered to the customer?

8.2 8.2.1a Customer Communication 164 Does communication with customers include providing information relating to products and services? 100

8.2 8.2.1b Customer Communication 165 Does communication with customers include handling enquiries, contracts or orders, including changes? 100
Does communication with customers include obtaining customer feedback relating to products and
8.2 8.2.1c Customer Communication 166 100
services, including customer complaints?