Glossary

Certification audit

A formal, independent assessment to determine whether an organization’s management system meets the requirements of a specific standard.

Audit and Compliance Readiness (AS9100, LPAs and Process Audits)

A certification audit is a formal, independent assessment performed by an external body to determine whether an organization’s management system conforms to the requirements of a specific published standard. In industrial and regulated manufacturing environments, this often relates to standards such as ISO 9001, AS9100, ISO 13485, ISO 14001, or information security and cybersecurity standards.

The outcome of a certification audit is typically a recommendation to grant, maintain, suspend, or withdraw a certificate that states the management system is in conformity with the audited standard. The audit focuses on documented processes, implementation on the shop floor and in supporting functions, and objective evidence that requirements are consistently met.

Key characteristics

  • External and independent: Conducted by a third-party certification body, not by the organization itself.
  • Standard-specific: Evaluates conformity against a defined standard (for example, ISO 9001 for quality management or AS9100 for aerospace quality).
  • Evidence-based: Uses interviews, document reviews, records, and on-site observations to verify practices match documented procedures and standard requirements.
  • Certificate-focused: The primary purpose is to support a decision on issuing or continuing an official certificate, often required by customers or contracts.
  • Recurring cycle: Usually follows a multi-year certification cycle with an initial audit followed by periodic surveillance and recertification audits.

How it appears in manufacturing operations

In industrial and regulated manufacturing, a certification audit typically includes:

  • Review of quality management system documentation, process maps, procedures, and work instructions.
  • Sampling of production, inspection, maintenance, calibration, and traceability records from MES, ERP, QMS, LIMS, and document control systems.
  • Interviews with operators, supervisors, engineers, and quality personnel to confirm understanding and consistent application of procedures.
  • Walkthroughs of production lines, test labs, and material handling areas to verify that actual practices align with documented processes and standard requirements.
  • Verification that nonconformances, CAPA, MRB decisions, and audit findings are recorded, analyzed, and closed according to defined processes.

Certification audits often require organized evidence from systems such as MES, ERP, and electronic document control, including revision histories, training records, change control documentation, and audit trails.

Types of certification audits

  • Initial certification audit: A comprehensive, often two-stage audit conducted when an organization first seeks certification to a standard.
  • Surveillance audit: Periodic, usually annual or semi-annual, audits that sample parts of the management system to confirm continued conformity.
  • Recertification audit: A more extensive audit performed at the end of a certification cycle (often every three years) to determine whether to renew certification.
  • Scope extension audit: Conducted when an organization wants to extend the scope of its existing certificate to new sites, processes, or products.

Common confusion

  • Certification audit vs. internal audit: An internal audit is performed by or on behalf of the organization itself to assess its own processes and readiness. A certification audit is carried out by an external certification body and is directly linked to issuing or maintaining a certificate.
  • Certification audit vs. customer (second-party) audit: Customer audits are performed by a customer or their representative to evaluate a supplier’s capability or compliance with contract requirements. Certification audits focus on conformity to a published standard, not to a specific customer contract.

Relation to audit readiness and evidence management

For organizations operating in regulated manufacturing, certification audits drive requirements for structured documentation, record retention, and traceability across systems. Digital tools such as MES, electronic DHR or DMR, QMS, and document control platforms are frequently used to organize evidence, demonstrate version control, and provide audit trails that support certification decisions.

Related Blog Articles

There are no available FAQ matching the current filters.

Related FAQ

What are the 10 clauses of ISO 9001?

ISO 9001:2015 is structured into 10 high‑level clauses, but only clauses 4 through 10 are auditable quality management system requirements. Clauses 1 to 3 define scope, references, and terms. How each clause is implemented and evidenced depends heavily on your processes, documentation, and existing systems.

What is AS9100 used for?

AS9100 is a quality management system standard used in aerospace and defense to structure, document, and control how organizations plan, execute, and improve their operations. It is applied to product realization, risk management, configuration control, and supplier oversight, but using it does not guarantee certification, regulatory approval, or specific audit outcomes.

What are common AS9100 mistakes?

Common AS9100 mistakes include treating it as a paperwork exercise, ignoring process ownership, weak risk-based thinking, poor configuration and document control, and disconnects between design, manufacturing, suppliers, and quality. In mixed, legacy environments, gaps often come from uncontrolled interfaces, weak evidence, and fragile change management.

How do supplier scorecards relate to the approved supplier list in AS9100?

Supplier scorecards and the approved supplier list are related, but they are not the same thing. In practice, scorecards provide monitored performance evidence that can support supplier approval, continued use, conditional status, or removal from the ASL. The exact linkage depends on your documented criteria, review process, data quality, and change control.

Related Glossary

SAE International

SAE International is a global professional standards organization that develops engineering and quality standards, widely used in aerospace and other regulated manufacturing.

High-Level Structure (HLS)

High-Level Structure (HLS) is a common ISO management system framework that standardizes clause order, terms, and core text.

Gap analysis

Gap analysis is a structured comparison between current and desired states to identify specific shortfalls in processes, systems, or compliance.

Tailoring

Tailoring is the deliberate adaptation of standards, procedures, or system configurations to fit a specific manufacturing context or project.

Let's talk

Ready to See How C-981 Can Accelerate Your Factory’s Digital Transformation?

Request a Demo

product

Shopfloor OperationsSupply Chain & ProcurementMROSolutionsRequest a Demo

Resources

BlogCommunitySecurity & ComplianceAPI & IntegrationsTalk to an Aerospace Expert

About

About UsPrivacy PolicyCookie PolicyTerms of ServiceContact Us

© 2026 Connect 981. All rights reserved.