Revised AS&D Standards Take Flight

Risk management concept expanded

by L.L. "Buddy" Cressionnie

the international Aerospace Quality Group (IAQG) has released the IAQG 9100:2009 aviation, space and defense (AS&D) standards in all three of its sectors. The Americas (AS9100) and European (EN9100) versions were released in January, and the Asia-Pacific (JIS Q 9100) version was released ahead of schedule in April.

The published standard, known as
AS/EN/JIS Q 9100, is intended for organizations that design, develop or produce aviation, space and defense products; and organizations providing postdelivery support, including the provision of maintenance, spare parts or materials for their own products.1

The tailored versions of AS/EN/JIS Q 9100 are being released this summer. These tailored versions include:

  • AS/EN 9110 Quality Management Systems—Requirements for Aviation Maintenance Organizations: This standard is for organizations that have a primary business of providing maintenance, repair and overhaul services for commercial and military aviation products. It’s also for original equipment manufacturers with maintenance, repair and overhaul operations that operate autonomously or that are substantially different from their manufacturing and production operations.2 
  • AS/EN 9120 Quality Management Systems—Requirements for Aviation, Space and Defense Distributors: This standard is for organizations that procure parts, materials and assemblies and resell these products to customers in the aviation, space and defense industries. This includes organizations that procure products and split them into smaller quantities for resale. They should use the IAQG-developed 9120 standard.3

The expected 30-month transition period for implementation of AS9100 will not start until the publication of AS9101 Quality Management Systems—Aviation, Space, and Defense Quality Management System Audits (see Figure 1). The IAQG other-party management team (OPMT) will be publishing transition period information after the release of AS9101.

Figure 1

AS9101 status

AS9101, which is mandatory for use during other-party management audits, is currently being completely rewritten. This AS9101 rewrite will replace the existing version of AS9101 Quality Management Systems Assessment, AS9111 Aerospace Series Quality Management System Assessment for Maintenance Organizations (associated with AS9110) and AS9121 Stockist Distributor Quality System Questionnaire Associated with AS9120.

The current versions of these documents drive undesirable results because they inhibit the process approach, focus the auditor on completing the checklist and take time away from actual auditing. In addition, the current versions of the AS9101 series of documents are not in alignment with the newly published AS9100 series of documents and the ISO 17021 stage one and two approach.

The AS9101 rewrite goal is to provide requirements on process auditing and development of AS9100 series audit approaches and tools that focus not only on conformity, but also on effectiveness of a quality management system (QMS). The AS9101 proposal is to develop an enhanced audit process for evaluating process-based management systems that aligns with ISO 17021 and consists of:

  • Process-based information gathering.
  • Assessment or analysis and audit planning.
  • Development of performance-based and process-oriented audit methods and techniques.
  • The ability to capture objective evidence of process conformity and effectiveness.

The major proposed changes in the rewrite of AS9101 include:

  • Creation of one document covering AS9100, AS9110 and AS9120.
  • Elimination of scoring and key requirements designations.
  • Use of data and customer feedback concerning organizational QMS performance as an input for process-oriented audits (for example, Online Aerospace Supplier Information System (OASIS) customer satisfaction or performance scores).
  • Inclusion of determination of effectiveness, in addition to conformity.
  • More emphasis on performance measuring.
  • Introduction of the objective evidence record.

A major theme of the AS9101 rewrite is examining process effectiveness. ISO 9000:2005 defines effectiveness as the extent to which planned activities are realized and planned results achieved. The ultimate measure of QMS effectiveness is customer satisfaction.

What has not changed in AS9101 includes determining conformity to the standards, documenting discovered nonconformities and drawing conclusions on conformity of the organization’s QMS based on information collected during the audit.

To summarize, the gains in the AS9101 rewrite include emphasizing the process approach, shifting energies from completing the questionnaires to determining and documenting conformity and process effectiveness, and providing useful information to stakeholders concerning process performance and history.

The AS9101 rewrite is now in the IAQG ballot process, and the release will depend upon ballot comments and actions required to resolve comments.

Risk management

The new AS9100 risk management requirement has generated much interest inside and outside AS&D user community.

Risk management is one of the expanded concepts introduced into AS9100:2009. The concepts can be applied throughout a QMS, such as during management review, when assessing resource requirements and while planning and conducting internal audits.

The intent of AS9100:2009 was to introduce the risk management concept into section 7 to focus the user community on risk management during product realization. The standards writers placed this expanded requirement into clause 7.1.2 because risk management, like planning, is an iterative process that occurs across product realization and the product life cycle. The concept of risk management during product realization can be categorized by risks associated with execution of the AS9100 product realization requirements and product risks.

The concept of risk is not new to AS9100 because clause 7.2.2d already required the evaluation of risks during the review of requirements related to the product. The inclusion of clause 7.1.2 in AS9100:2009 is the next logical step to expand risk management thinking to all the product realization requirements in section 7.

Consideration of risks is a direct callout in the following AS9100:2009 clauses:

  • 7.1.1—project management.
  • 7.1.2—risk management.
  • 7.2.2—review of requirements related to the product.
  • 7.4.1—purchasing process.

Product risks are applicable across product realization with the introduction of the concepts of special requirements and critical items. Special requirements are those determined by the customer or the organization to have a high risk of
not being achieved. Factors can include product or process complexity, past experience and product or process maturity.

Examples of special requirements include performance requirements imposed by the customer that are at the limit of the industry’s capability, or requirements determined by the organization to be at the limit of its technical or process capabilities. The assessment of these requirements is conducted in clause 7.2 when the requirements related to the product are being determined and reviewed (see Figure 2).

Figure 2

Special requirements are reviewed and, if necessary, translated into critical items, including key characteristics, during the design and development process executed during clause 7.3. Critical items are items having significant effect on the product realization and use of the product. This includes safety, performance, form, fit, function, producibility and service life. Critical items require specific actions to ensure they are adequately managed. These are not new concepts to the AS&D industry, which has experience with such matters as safety critical items, fracture critical items, mission critical items and key characteristics.

These critical items are identified, and controls are put into place for transfer into the procurement contracts and in-house production activities. These requirements are added to purchase orders, requiring suppliers to incorporate additional controls, including variation management (see AS9103) when applicable.

Lower-tier or build-to-print suppliers would rarely be creating special requirements or critical items. These suppliers typically do not have visibility to the criticality of parts they build for customers. Lower-tier or build-to-print suppliers would receive critical item requirements from customers in purchasing information.

The identification, monitoring, measurement and analysis of special requirements and critical items are included in the risk management process. The sidebar "Helpful Resources" provides published resources and websites related to risk management.

Not prescriptive

AS9100 is not mandating a prescriptive manner for how risk management is to be performed; only that certain aspects be established, implemented and maintained as appropriate according to the requirements in clause 7.1.2.

The risk management wording in AS9100:2009 defines the steps, sequences and interactions an organization needs to perform to ensure risks are properly handled. This risk process can be applied in various ways dependent on the business approach and integrated into key points of the organization’s product realization processes.

Additional AS9100:2009 standard guidance and deployment support material is available at www.iaqg.sae.org/iaqg.


  1. IAQG (AS/EN/JIS Q) 9100—Quality Management Systems—Requirements for Aviation, Space and Defense Organizations, IAQG, 2009.
  2. Ibid.
  3. Ibid.

L.L. "Buddy" Cressionnie is the Americas lead for the IAQG 9100 team and is a voting member on the U.S. Technical Advisory Group to ISO/ TC 176. He represents Lockheed Martin Corp. in these roles, where he works in the aeronautics business area as a senior manager over quality and mission success processes. Cressionnie is an ASQ senior member with quality manager and quality auditor certifications. He is also a certified RABQSA aerospace experienced auditor and International Register of Certified Auditors lead auditor for ISO 9001 and ISO 14001. Cressionnie has an MBA from Texas Christian University and bachelor’s degree in industrial and systems engineering from the University of Florida.

Average Rating


Out of 0 Ratings
Rate this article

Add Comments

View comments
Comments FAQ

Featured advertisers