ISO 9001 suppliers should prepare for AS9100 by treating it as an aerospace quality and execution discipline, not as a simple documentation upgrade. ISO 9001 provides a useful base, but AS9100 adds expectations around risk, traceability, configuration control, product safety, counterfeit part prevention, supplier flow-downs, nonconformance control, and objective evidence. Whether those expectations become contractual requirements depends on the customer, program, purchase order, and certification scope.
The first step is a clause-by-clause and process-by-process gap assessment against AS9100, not just a document comparison. The assessment should identify where current ISO 9001 practices are adequate, where evidence is weak, and where aerospace-specific controls are missing or informal.
Common gaps include:
AS9100 expectations often expose weak connections between contract review, engineering data, production planning, purchasing, inspection, and quality records. A supplier needs a reliable way to identify applicable customer requirements and show that they were applied at the right step.
This usually requires tighter control over purchase order review, drawing and specification revisions, work instructions, inspection plans, certificates, training records, and nonconformance records. The issue is not only whether the procedure exists. The issue is whether the supplier can produce credible, time-bound evidence that the procedure was followed for the specific order, part, lot, or serial number.
Suppliers moving from ISO 9001 toward AS9100 should expect more scrutiny in several areas:
MES, ERP, PLM, QMS, inspection, and document control systems can help, but only if the process design, master data, roles, approvals, and validation are sound. In brownfield environments, evidence often lives across several systems and older manual records. Full replacement is usually unrealistic for aerospace-grade suppliers because of validation cost, qualification burden, downtime risk, integration complexity, and long equipment lifecycles.
A practical approach is usually to stabilize the critical interfaces first: customer requirements into ERP or planning, engineering revisions from PLM or document control into routings and work instructions, production and inspection records into MES or QMS, and nonconformance and CAPA records into the quality system. If those handoffs are weak, AS9100 preparation becomes an evidence-reconstruction exercise during audits and customer reviews.
AS9100 preparation should include role-based training for buyers, planners, operators, inspectors, engineers, quality staff, and supervisors. The training should explain what each role must do differently: how to recognize flow-down requirements, how to verify the correct revision, when to stop work, how to document a defect, when customer approval is required, and how to preserve traceability.
Generic awareness training is rarely enough. The standard may be written at a management-system level, but audit findings often come from shop-floor execution, purchasing decisions, uncontrolled changes, incomplete inspection records, and unclear ownership.
Internal audits should test real jobs, not just procedures. Pick completed and active orders and trace requirements from contract review through purchasing, production, inspection, nonconformance handling, shipping, and record retention. This is where weak handoffs, missing approvals, stale work instructions, and incomplete evidence usually appear.
Internal audit results should feed corrective action and management review. They should not be treated as rehearsal paperwork. If systemic gaps are found, the supplier needs time to correct process design, train users, update records where appropriate, and verify effectiveness before inviting customer or certification scrutiny.
AS9100 certification can support supplier qualification, but it does not guarantee customer approval, audit outcomes, program award, or acceptance of parts. Customers may impose additional requirements for FAI, source inspection, special process approval, ITAR or export-controlled data handling, record retention, delegated authority, or reporting formats.
The safe preparation path is to build a quality system that can show controlled execution, not just compliance language. For an ISO 9001 supplier, that means closing the practical gaps between requirements, work performed, records produced, and changes controlled.
Whether you're managing 1 site or 100, Connect 981 adapts to your environment and scales with your needs—without the complexity of traditional systems.
Whether you're managing 1 site or 100, C-981 adapts to your environment and scales with your needs—without the complexity of traditional systems.