Under AS9100, the practical answer is: any documented information your organization needs to run the quality management system, control product realization, demonstrate conformity, or provide objective evidence should be controlled.
So no, it is not just a small set of quality manual documents. In most aerospace manufacturing environments, document control typically extends to both internally created documents and externally provided documents that affect product, process, inspection, release, or traceability.
Quality manuals or equivalent top-level QMS documentation, if your organization maintains them
Policies, procedures, SOPs, and process maps
Work instructions, standard work, setup sheets, and operator guidance
Engineering drawings, models, specifications, parts lists, and technical data packages when used for production or verification
Inspection plans, test methods, sampling instructions, and acceptance criteria
Forms, templates, and checklists where version matters
Production routers, travelers, job packets, and manufacturing planning documents
Training documents tied to qualified methods or controlled processes
Supplier quality requirements, flow-down documents, and approved external specifications
Customer requirements, customer-provided specifications, and contract quality clauses when they govern execution
Calibration, maintenance, validation, and qualification procedures where applicable
Risk management procedures, change control procedures, nonconformance procedures, and corrective action procedures
Records retention and disposition instructions
AS9100 document control is not limited to what you author internally. If external documents are necessary for planning, operation, inspection, or compliance to customer and regulatory requirements, those documents generally need identification, current revision control, availability at point of use, and protection from unintended use of obsolete versions.
Examples include customer drawings, industry specifications, process standards, supplier instructions, and certain regulatory or statutory references used in execution. The exact list varies by product, contract, and process risk.
Some documents are controlled because they instruct work. Others are controlled because they provide evidence after the fact. In practice, organizations usually control retention, access, integrity, and disposition for records such as:
Training records and qualification records
Inspection and test results
First article and verification records
Material certifications and traceability records
Nonconformance, concession, deviation, and corrective action records
Internal audit results and management review outputs
Supplier performance and approval records
Configuration and change history where applicable
The control method for a record is not always the same as for a work instruction, but both still require governance.
The required scope depends on your actual operating model. A small machine shop, a complex assembly site, and an MRO environment will not control exactly the same document set. The scope is usually shaped by:
Product complexity and criticality
Customer-specific requirements and flowed-down clauses
Special processes and validation requirements
How much work is paper-based versus digital
Whether engineering, planning, quality, and operations are integrated or fragmented across systems
Retention and traceability expectations
If a document can change how work is done, how product is accepted, or how evidence is produced, assume it needs some level of control unless your process definition clearly says otherwise.
In many plants, controlled documents are spread across ERP, MES, PLM, QMS, file shares, network folders, email attachments, and paper binders. That is common, but it increases revision risk and makes evidence collection harder.
A full rip-and-replace approach is often not realistic in regulated aerospace environments. It can fail because of qualification burden, validation effort, downtime risk, integration complexity, and the need to preserve traceability across long asset and program lifecycles. In practice, many organizations improve control by defining system ownership, approved sources of truth, revision synchronization rules, and change control across existing platforms rather than replacing everything at once.
That means document control under AS9100 is partly a process question and partly a systems governance question. If your PLM holds drawings, your MES issues work instructions, and your QMS manages procedures, the control framework has to work across all three. If those handoffs are weak, compliance risk rises even if each individual system looks acceptable on its own.
Operators using printed or locally saved obsolete instructions
Drawings updated in engineering systems but not propagated to execution systems
Uncontrolled spreadsheet templates used for acceptance decisions
Customer specifications referenced in contracts but not maintained at current revision
Records stored in shared drives without retention, access, or change-history discipline
Training content changed without corresponding approval or retraining impact assessment
Those are not edge cases. They are common in mixed-system environments.
AS9100 does not give a short universal checklist of only a few documents that must be controlled. The safer interpretation is broader: control all documented information that is necessary to run the QMS, perform and verify the work, meet customer and applicable requirements, and preserve traceable evidence. The exact inventory is site-specific and should be defined through your processes, document hierarchy, and change-control model.
Whether you're managing 1 site or 100, Connect 981 adapts to your environment and scales with your needs—without the complexity of traditional systems.
Whether you're managing 1 site or 100, C-981 adapts to your environment and scales with your needs—without the complexity of traditional systems.