FAQ

What documentation is required before a Stage 1 audit?

Audit Readiness (AS9100)

There is no single universal list of documents for every Stage 1 audit. Requirements vary by standard (e.g. ISO 9001, AS9100, ISO 13485, IATF 16949), by certification body, and by how your system is implemented across QMS, MES, ERP, PLM and other tools. However, auditors generally expect to see a coherent, controlled management system already documented and in use.

Typical document expectations for Stage 1

Most Stage 1 audits focus on whether your system is designed, documented, and ready to be fully assessed at Stage 2. Typically, you should have at least:

  • Scope and context of the management system
    • Documented scope statement, including exclusions and justification.
    • Description of sites, processes, and key outsourced activities.
    • Context, interested parties, and high-level risk and opportunity summary (where required by the standard).
  • Policy and objectives
    • Approved quality policy / environmental policy / OH&S policy, as applicable.
    • Documented, measurable objectives and related KPIs at relevant functions and levels.
    • Evidence of communication of policy and objectives to relevant personnel (e.g. training records, postings, meeting minutes).
  • Documented processes and procedures
    • High-level process map or interaction of processes.
    • Core operational and support procedures (e.g. contract review, design and development if applicable, purchasing, production, inspection and test, nonconformance and CAPA, internal audit, management review).
    • Documented risk-based thinking where required (e.g. risk assessment methods, FMEA references, control plans).
    • Where processes live in MES/ERP/PLM, descriptions or references that show how those tools implement and control the process.
  • Document control and records control
    • Documented procedure or method for control of documented information.
    • Evidence of version control, approval, distribution, and change history.
    • Retention rules for records, including product, process, and calibration records.
  • Top-level governance and planning
    • Management review procedure or defined process.
    • At least one completed management review record is often expected, or clear planning showing when the first full review will occur.
    • Internal audit procedure and an internal audit program, with at least some audits planned or completed.
    • Risk and opportunity planning records where required by the standard.
  • Core operational control
    • Production and process control procedures or work instructions, including how you control revisions and point-of-use instructions.
    • Control of nonconforming product and rework instructions.
    • Corrective action and, where relevant, preventive action process.
    • Supplier selection, evaluation, and monitoring process and related records.
    • Where digital systems (MES, ERP, LIMS, SCADA) implement controls, documentation of how they are configured, validated where required, and governed by change control.
  • Competence, training, and awareness
    • Process for determining competence requirements for roles.
    • Training and qualification records for key roles, including special processes and regulated operations.
    • Evidence that personnel are aware of relevant policies and their responsibilities.
  • Infrastructure, maintenance, and calibration
    • Process for maintaining infrastructure and work environment.
    • Calibration and equipment control procedures.
    • Sample calibration certificates and maintenance records.
  • Customer and regulatory focus
    • Process for handling customer requirements, contracts, and changes.
    • Process for customer complaints and feedback.
    • Identification of applicable regulatory and customer-specific requirements and how they are integrated into your system.

Typical records auditors may request at Stage 1

Stage 1 is usually more about the design of your system than about performance. However, auditors often sample a small set of records to confirm the system is operating:

  • Recent internal audit plans and at least some completed internal audit reports.
  • Management review agenda, inputs, outputs, and action tracking (if already held).
  • Nonconformance reports, corrective actions, and evidence of closure for at least a few issues.
  • Training records for a subset of critical roles.
  • Sample production records, inspection records, and traceability records for selected products or lots.
  • Calibration certificates and evidence of equipment status control.
  • Supplier evaluation records and monitoring metrics for key suppliers.

In regulated industries (e.g. aerospace, medical devices, defense), the auditor may also review how you handle:

  • Configuration management and product revision control across PLM, ERP, and MES.
  • Electronic records and signatures, including access control and audit trails.
  • Software validation and change control for systems that affect product quality or compliance.
  • Export-controlled or ITAR-controlled technical data, where applicable.

Brownfield and mixed-system considerations

In brownfield environments, your management system is often distributed across legacy and modern platforms rather than a single QMS tool. For Stage 1, the key is to show that:

  • You have a documented framework describing which system is the system of record for each type of document and record.
  • Interfaces between systems (e.g. MES to ERP) are understood, controlled, and, where needed, validated.
  • Change control covers not only procedures and forms, but also configuration changes in MES/ERP/PLM that affect quality-critical processes.
  • There is a clear method to retrieve evidence during audits without extended manual data mining.

Full replacement of legacy systems just to “look clean” for an audit is rarely practical in aerospace- and medical-grade environments, due to validation burden, downtime risk, and integration complexity. Auditors are usually more concerned with clarity, control, and traceability of your existing landscape than with standardizing on a single platform.

Dependencies and how to confirm exact requirements

The definitive list of required documentation for your Stage 1 audit depends on:

  • The specific standard and revision you are pursuing.
  • Any customer-specific or regulatory requirements incorporated into your scope.
  • Your certification body’s documented requirements and pre-audit information requests.
  • How your processes are implemented across paper-based and digital systems.

To avoid gaps and late surprises, align with your certification body at least several weeks before Stage 1 and request their specific documentation checklist or questionnaire. Map their expectations to your document index, system architecture, and evidence locations, and resolve obvious gaps through controlled updates rather than last-minute, unvalidated changes.

Related Blog Articles

What Aircraft Backlog Really Means: Execution Liability in Aerospace Programs

Aircraft backlog is usually celebrated as proof of demand, but in regulated aerospace manufacturing it is also a long-duration execution liability. This article breaks down the risks hidden inside large order books and shows how a connected execution layer changes how OEMs and suppliers experience backlog.

First Article Inspection (FAI) in Aerospace Manufacturing: Complete Operational Guide

A comprehensive guide to First Article Inspection in aerospace manufacturing, including AS9102 requirements, FAIR documentation, traceability, workflow execution, system integration, common failure points, and how digital platforms improve compliance in regulated production environments.

When First Article Inspection Is Required in Aerospace Manufacturing

A practical guide to AS9102 FAI triggers, including full, partial, and delta FAI decisions across aerospace production and supplier change scenarios.

Building the Business Case and Measuring ROI for Digital AS9102 FAI

Learn how to calculate the ROI of AS9102 software by tying FAI cycle time, error reduction, and audit performance to clear financial outcomes, with metrics, examples, and a practical business case framework.

Get Started

Built for Speed, Trusted by Experts

Whether you're managing 1 site or 100, Connect 981 adapts to your environment and scales with your needs—without the complexity of traditional systems.

Talk to an Aerospace Expert
Explore Solutions

product

Shopfloor OperationsSupply Chain & ProcurementMROSolutionsRequest a Demo

Resources

BlogCommunitySecurity & ComplianceAPI & IntegrationsTalk to an Aerospace Expert

About

About UsPrivacy PolicyCookie PolicyTerms of ServiceContact Us

© 2026 Connect 981. All rights reserved.

Get Started

Built for Speed, Trusted by Experts

Whether you're managing 1 site or 100, C-981 adapts to your environment and scales with your needs—without the complexity of traditional systems.

Request a Demo
Explore Solutions