AS9100 Surveillance Audit

An AS9100 surveillance audit is a periodic assessment performed by an accredited certification body to confirm that an organization’s AS9100 aerospace quality management system continues to conform to the standard between full recertification audits. It focuses on whether the system is being maintained, followed in day-to-day operations, and kept effective over time.

Key characteristics

In an industrial and manufacturing context, an AS9100 surveillance audit typically:

• Occurs on a scheduled cycle (commonly annually or more frequently) during the 3-year AS9100 certification period
• Reviews selected processes and sites rather than the entire management system in full depth
• Samples production, maintenance, and support processes (for example, contract review, document control, training, nonconformance and CAPA, FAI/AS9102 linkage, and configuration management)
• Checks that previous nonconformities have been addressed and that corrective actions are effective
• Verifies that records, data, and change controls support traceability and compliance claims
• Can lead to nonconformities, observations, or opportunities for improvement that must be handled through the organization’s quality system

Operational relevance

For regulated aerospace manufacturing and MRO environments, surveillance audits typically touch:

• Shop-floor controls such as routings, travelers, work instructions, and inspection records
• MES, ERP, PLM and QMS integrations that support traceability, configuration control, and document governance
• Nonconformance, MRB, and CAPA workflows, including data used for root cause and effectiveness checks
• Supplier management, including incoming inspection, outsourced processing, and supplier performance records
• Internal audits, management review, risk-based thinking, and evidence of continual improvement

Surveillance audits are certification audits. They are distinct from internal process audits or customer audits, although the same operational records (for example, DHR/device history-like records, as-built traceability, training records, and change histories) are often used as evidence across all three.

Common confusion

• Surveillance audit vs. recertification audit: A recertification audit is a more comprehensive assessment at the end of the certification cycle, while a surveillance audit is a periodic, more targeted review carried out during the cycle.
• Surveillance audit vs. internal audit: Internal audits are performed by or on behalf of the organization itself to check its own AS9100 implementation. Surveillance audits are carried out by the external certification body that issued the AS9100 certificate.
• AS9100 vs. ISO 9001 surveillance audits: AS9100 surveillance audits build on ISO 9001 principles but add aerospace-specific expectations such as configuration management, special requirements, critical items, and product safety.

Relation to audit readiness

Organizations that manage audit readiness for AS9100 often treat surveillance audits as recurring checkpoints. They use data from MES, ERP, PLM, and QMS systems to keep a standing set of evidence available, such as:

• Controlled procedures and work instructions linked to current revisions
• Training and qualification records for operators and inspectors
• Traceable production and inspection records, including first article inspections when applicable
• Nonconformance reports, corrective actions, and effectiveness reviews
• Internal audit plans, results, and management review minutes

The core purpose of an AS9100 surveillance audit is to verify ongoing conformity and the sustained effectiveness of the aerospace quality management system, not to redesign processes or act as a consulting engagement.