Process & Quality Audits
Assess the conformance, effectiveness, and improvement opportunities in your quality management systems and production processes — through formal audits against IATF 16949, AS9100 Rev D, ISO 9001:2015, ISO 55001, NADCAP, and customer-specific quality requirements, with findings reports that close conformance gaps rather than just recording them.
Shaping the Future of Engineering & Manufacturing
Process & Quality Audits
Process and quality audits are structured, independent examinations of quality management systems, production processes, supplier quality systems, and process validations that identify non-conformances, improvement opportunities, and risks before they manifest as customer complaints, production failures, or regulatory findings. EMUG delivers process and quality audit services for automotive OEMs and Tier 1 suppliers (IATF 16949:2016, VDA 6.3 process audit, customer-specific requirements), aerospace and defense organizations (AS9100 Rev D, NADCAP special process audits, AS9102 First Article Inspection), industrial machinery manufacturers (ISO 9001:2015, EN 13849 process validation), and energy and asset-intensive organizations (ISO 55001 asset management system, API Q1 and Q2). EMUG operates across Europe, Middle East, Asia-Pacific, Americas, and Africa — providing audit services in 20 countries with consistent methodology and findings reporting standards.
Quality Directors, VP Quality, and Supplier Quality Engineering Managers engage EMUG for audit services under four conditions: independent audit programs required for regulatory compliance where internal audits lack the independence that IATF 16949, AS9100, and ISO 9001 require for effective internal audit programs; supplier quality audit campaigns where the organization's internal supplier development team lacks the capacity or specific technical expertise to assess all suppliers in the supply base; pre-certification gap assessments in the 6 to 12 months before a third-party certification body audit, where internal management wants an objective assessment of conformance gaps before they are exposed by the external auditor; and post-incident audit programs following a quality escape, customer complaint, or production failure where the root cause investigation has identified systemic quality management system deficiencies requiring independent assessment.
EMUG delivers all process and quality audit programs through the EMUG AUDIT Framework — a five-phase methodology covering audit planning, understanding gaps, data and evidence collection, investigation of findings, and tracking of corrective actions. AUDIT stands for: Audit scope plan, Understand current state, Data and evidence collect, Investigate non-conformances, and Track closure. The framework ensures that audit programs deliver actionable corrective action requirements rather than lists of non-conformances that the audited organization cannot act on because the finding description is too vague to identify the root cause or the required corrective action.
CORE CAPABILITIES
| Capability | What EMUG Delivers |
|---|---|
| IATF 16949 Audit and Gap Assessment | Formal internal audit programs against IATF 16949:2016 requirements covering all QMS processes across the full audit cycle required for certification compliance. Gap assessments in preparation for third-party certification body audits — structured evaluation of QMS conformance against all IATF 16949 clauses with findings graded by severity (major non-conformance, minor non-conformance, opportunity for improvement). Customer-specific requirements (CSRs) audit coverage for major automotive OEM customers including Ford, GM, Stellantis, BMW Group, Volkswagen Group, Toyota, and Hyundai-Kia. IATF 16949 certification preparation support in the 12 weeks before a third-party audit. |
| AS9100 Rev D Audit and Gap Assessment | Internal audit programs and gap assessments against AS9100 Rev D requirements for aerospace and defense manufacturing organizations. AS9100 incorporates ISO 9001:2015 with aerospace-specific additions covering configuration management, first article inspection, key characteristics, counterfeit part prevention, and risk management requirements that go beyond the ISO 9001 baseline. EMUG’s AS9100 audit practice covers the complete aerospace QMS requirement set including product and process validation, control of special processes, FOD (Foreign Object Damage) prevention, and critical item management. NADCAP special process audit preparation support. |
| ISO 9001:2015 QMS Audit | Quality management system audits against ISO 9001:2015 for organizations in industrial machinery, energy, and engineering services sectors — covering context of the organization, leadership and commitment, planning for risks and opportunities, support processes, operational planning and control, performance evaluation, and continual improvement requirements. Process approach audit methodology evaluating the effectiveness of processes rather than simply checking documentation compliance. Certification preparation support and ongoing surveillance audit management. |
| VDA 6.3 Process Audit | Process audits using the VDA 6.3 (Process Audit) methodology required by German automotive OEM customers — structured evaluation of production and logistics processes against the VDA 6.3 question catalogue covering process planning, production, and customer care elements. VDA 6.3 P1 to P7 process element assessment, potential analysis for new products and suppliers entering the supply chain, and re-audits following corrective action implementation. EMUG’s VDA 6.3 auditors hold VDA QMC certification for P1 to P7 process audit qualification. |
| Supplier Quality Audits and Development | Supplier quality audit programs — initial supplier qualification audits (QMS conformance and process capability assessment), periodic surveillance audits for approved suppliers, reactive audits following quality escapes or delivery issues, and supplier development audit programs for suppliers requiring quality improvement support. Audit reports with graded findings and corrective action requirements with defined closure timescales. Supplier corrective action response assessment and close-out verification. Supplier performance trending for strategic sourcing decisions. |
| Process Validation Audits (PPAP, IQ/OQ/PQ) | Process validation audit services confirming that production processes produce conforming product consistently within defined control limits. PPAP (Production Part Approval Process) audit covering all 18 PPAP elements against AIAG PPAP 4th Edition requirements. First Article Inspection (FAI) to AS9102 Rev B for aerospace programs — confirming that the first production article is dimensionally and functionally conforming to design requirements. IQ/OQ/PQ (Installation Qualification, Operational Qualification, Performance Qualification) validation audit for controlled production processes in pharmaceutical, medical device, and high-integrity manufacturing environments. |
| ISO 55001 Asset Management System Audit | Asset management system audits against ISO 55001 for energy companies, utilities, oil and gas operators, and asset-intensive industrial organizations — evaluating the organization’s asset management policy, strategic asset management plan (SAMP), asset management plans, risk and opportunity management for assets, and asset management decision-making processes for capital investment, maintenance, and decommissioning. ISO 55001 certification preparation gap assessment and internal audit program management. |
| Corrective Action Program Management | End-to-end corrective action program management for audit findings — structured corrective action requirement definition with root cause analysis obligation, corrective action plan review confirming that proposed actions address the identified root cause rather than the symptom, implementation timeline management, corrective action effectiveness verification through follow-up review, and corrective action closure confirmation. Prevents the corrective action program failure modes of superficial containment actions submitted as root cause corrections and corrective actions that are closed without effectiveness verification. |
KEY METRICS
of Corrective Actions Resulting from EMUG Audits Closed Within Agreed Timescales
0
%
Quality Management System and Process Audits Conducted Across 20 Countries
0
+
Supplier Quality Audits Completed Across Automotive, Aerospace, and Industrial Supply Chains
0
+
The EMUG AUDIT Framework - Our Process and Quality Audit Delivery Methodology
EMUG delivers all process and quality audit programs through the EMUG AUDIT Framework — a five-phase methodology designed to produce audit programs that drive genuine quality improvement rather than generating non-conformance lists that are filed and forgotten. AUDIT stands for: Audit scope plan, Understand current state, Data and evidence collect, Investigate non-conformances, and Track closure. The framework addresses the most common audit program failure mode: audits that identify symptoms rather than systemic root causes, producing corrective actions that suppress the symptom without preventing recurrence — resulting in the same findings reappearing at the next audit.
1
AUDIT SCOPE PLAN
Audit program planning — defining the audit scope (processes, sites, and QMS elements to be audited), audit type (system audit, process audit, product audit), applicable standard and customer-specific requirements, audit team composition and independence requirements, audit schedule balancing risk-based prioritization with full QMS coverage over the audit cycle, and audit plan communication to auditee management. For supplier audits: supplier risk classification from quality performance data, delivery performance, and strategic supply chain significance. Deliverable: Audit Program Plan with Schedule, Scope Definition, and Risk-Based Prioritization.
2
UNDERSTAND CURRENT STATE
Pre-audit preparation and current state understanding — reviewing quality management system documentation (quality manual, procedures, work instructions), previous audit findings and corrective action status, quality performance data (customer complaints, non-conformance rates, Cpk data, supplier quality metrics), and customer-specific requirement registers. Process mapping for processes under audit scope. Preparation of audit checklists tailored to the specific standard, customer-specific requirements, and identified risk areas. Deliverable: Audit Preparation Report with Documentation Review Findings, Process Maps, and Tailored Audit Checklists.
3
DATA AND EVIDENCE COLLECT
On-site audit execution — opening meeting confirming audit scope and process, process and area walkthroughs with observation and questioning, evidence collection through document review, records examination, and operator interviews, process output sampling and comparison to specifications, objective evidence collection for each audit checklist item. Preliminary findings identification during execution with auditor team review at end of each audit day. Auditee management briefing on emerging findings before closing meeting. Deliverable: Audit Execution Records with Objective Evidence References for Each Finding.
4
INVESTIGATE NON-CONFORMANCES
Non-conformance investigation and grading — evaluating each identified finding against the applicable standard clause or requirement to confirm the non-conformance, grading by severity (major: complete absence of a required element or systematic failure across multiple process instances; minor: isolated failure or partial implementation), and root cause analysis for major non-conformances to support effective corrective action definition. Findings report preparation with specific objective evidence references for each non-conformance. Deliverable: Formal Audit Findings Report with Graded Non-Conformances, Objective Evidence References, and Corrective Action Requirements.
5
TRACK CLOSURE
Corrective action tracking and closure verification — corrective action plan review confirming that proposed actions address root causes and not symptoms, implementation timeline monitoring against agreed closure dates, corrective action effectiveness assessment through objective evidence review (re-audit of the specific process, measurement of the quality metric affected by the non-conformance), and formal closure confirmation when effectiveness is verified. Corrective action closure rate reporting for quality management system performance tracking. Deliverable: Corrective Action Closure Report with Effectiveness Verification Evidence and Quality System Improvement Summary.
QUALITY AND PROCESS AUDIT CAPABILITY MATRIX
| Audit Type | Primary Standard | Sector Application | Audit Trigger | Typical Duration |
|---|---|---|---|---|
| IATF 16949 QMS Audit | IATF 16949:2016 + CSRs | Automotive manufacturing | Annual internal audit, pre-cert gap | 2-5 days |
| AS9100 Rev D Audit | AS9100 Rev D (ISO 9001 + aerospace) | Aerospace manufacturing | Annual internal audit, NADCAP prep | 3-5 days |
| VDA 6.3 Process Audit | VDA 6.3 P1-P7 question catalogue | Automotive (German OEMs) | New supplier, re-audit, escalation | 1-3 days |
| ISO 9001:2015 QMS Audit | ISO 9001:2015 | Industrial, energy, EPC | Annual internal, pre-cert gap | 1-3 days |
| Supplier Quality Audit | IATF/AS9100 + customer SQR | All sectors supply chain | Qualification, surveillance, reactive | 1-2 days/site |
| ISO 55001 Asset Mgmt Audit | ISO 55001:2014 | Energy, utilities, industrial | Annual, certification prep | 2-4 days |
EMUG delivers process and quality audits across five primary industries, with audit methodology, standard references, and customer-specific requirement coverage tailored to the quality management requirements of each sector.
INDUSTRY ALIGNMENT
Automotive OEMs & Tier 1 Suppliers
IATF 16949 internal audit programs covering all QMS processes with customer-specific requirements integration for Ford Q1, GM BIQS (Supplier Quality Management System), Stellantis SQR, and VW Group formel Q. VDA 6.3 process audits for new supplier qualification and re-audits following quality escapes. PPAP audit support for customer submission readiness. Supplier quality audit campaigns across Tier 2 and Tier 3 supply chains. IATF 16949 certification preparation gap assessments achieving zero major findings at third-party certification audits in 90 percent of EMUG-prepared programs.
Aerospace & Defense
AS9100 Rev D internal audit programs with aerospace-specific clause emphasis — configuration management audit (clause 8.1.3), key characteristics management audit (clause 8.1.4), counterfeit part prevention audit (clause 8.1.4), First Article Inspection to AS9102 Rev B, and FOD prevention program audit. NADCAP special process audit preparation for heat treatment, NDT, chemical processing, and welding special process approvals. AS9100 certification gap assessments and post-audit corrective action support. ITAR-compliant audit documentation for US defense program quality management systems.
Industrial Machinery & Equipment
ISO 9001:2015 QMS audits for machinery design and manufacturing organizations — process approach audit covering product design, procurement, manufacturing, testing, and customer support processes. EN 13849 safety function process audit confirming that the organization's process for designing, implementing, and verifying safety functions satisfies the standard's development process requirements. ATEX quality assurance audit confirming that production processes for ATEX-certified equipment maintain conformance with certified design. ISO 9001 certification preparation support.
Energy, Oil & Gas
ISO 55001 asset management system audits for energy companies and utilities — evaluating the strategic asset management plan (SAMP), asset management plans by asset class, maintenance process effectiveness, risk-based inspection (RBI) process conformance to API 580 and API 581, and asset lifecycle decision-making processes. API Q1 and API Q2 quality management system audits for equipment manufacturers serving the oil and gas sector. Vendor inspection and surveillance programs for major equipment procurement in capital projects (pressure vessels, heat exchangers, rotating machinery). ISO 55001 certification preparation support.
Engineering Services & EPC
ISO 9001:2015 QMS audits for engineering services and EPC organizations — design quality management process audit, document and records management audit, project quality plan conformance audit for active projects, NCR management process effectiveness review, and sub-contractor quality management assessment. Inspection and Test Plan (ITP) compliance audit for multi-discipline construction projects. Third-party inspection coordination and surveillance for equipment procurement packages. Project completion quality documentation audit for handover package completeness.
VALUE PROPOSITION
Why Enterprises Choose EMUG for Process & Quality Audits
| Business Outcome | How EMUG Delivers It |
|---|---|
| 85% of corrective actions closed within agreed timescales | EMUG’s structured corrective action tracking process — with root cause confirmation, implementation monitoring, and effectiveness verification — achieves 85 percent corrective action closure within agreed timescales, compared to the 40 to 50 percent industry average for unmanaged corrective action programs. |
| Findings that identify root causes, not just symptoms | EMUG’s AUDIT Investigation phase requires that every major non-conformance is accompanied by a root cause analysis identifying the systemic failure that produced the finding — enabling corrective actions that prevent recurrence rather than simply addressing the symptom that was visible during the audit. |
| Independent audit credibility for certification body and customer requirements | IATF 16949, AS9100, and ISO 9001 require that internal audits are conducted by auditors independent from the processes being audited. EMUG’s external audit team provides the independence that certification bodies and customer quality teams require — enabling audit programs that are credible to third parties, not just internally reassuring. |
| Risk-based audit scheduling maximizing quality risk coverage | EMUG’s audit program planning uses quality performance data (customer complaints, non-conformance rate, Cpk trends, supplier delivery performance) to prioritize audit coverage toward the processes and suppliers with the highest quality risk — ensuring that audit capacity is directed at the areas where quality failures are most likely, rather than uniformly distributed regardless of risk. |
| Pre-certification gap assessments that prevent certification audit failures | EMUG’s gap assessment methodology identifies major non-conformances against IATF 16949, AS9100, and ISO 9001 in the 6 to 12 months before a third-party certification audit — providing time to implement corrective actions and verify their effectiveness before the certification body conducts its assessment. Programs prepared by EMUG achieve zero major findings at certification audits in 90 percent of cases. |
| Supplier audit programs protecting supply chain quality performance | EMUG’s structured supplier audit programs — combining qualification audits for new suppliers, surveillance audits for approved suppliers, and reactive audits following quality escapes — provide the supply chain quality visibility that automotive OEM customers require from their Tier 1 suppliers under IATF 16949 clause 8.4 external provider controls. |
Frequently Asked Questions
Expert answers from EMUG's Process & Quality Audits practice
System audits, process audits, and product audits examine quality conformance at three different levels. A system audit evaluates the quality management system as a whole — confirming that the organization has implemented all required QMS elements (quality policy, management review, documented information, competence management, internal audit, corrective action) against the applicable standard (IATF 16949, AS9100, ISO 9001). A process audit evaluates a specific production or support process — following the process through its steps, confirming that each step is controlled, measured, and capable of producing conforming output consistently. The VDA 6.3 audit is a structured process audit. A product audit evaluates a specific product against its design and quality requirements — confirming that a sample of production output conforms to all applicable specifications. Effective quality management audit programs use all three levels, allocating emphasis based on the quality risk profile of the organization.
The EMUG AUDIT Framework is EMUG’s five-phase process and quality audit methodology, standing for: Audit scope plan, Understand current state, Data and evidence collect, Investigate non-conformances, and Track closure. It produces better corrective actions through two structural features. In the Investigate phase, EMUG requires that every major non-conformance finding includes a root cause analysis identifying the systemic failure that produced the finding — not just a description of the symptom observed. This forces corrective actions to address the root cause. In the Track Closure phase, EMUG assesses proposed corrective actions against the root cause before they are approved, and verifies corrective action effectiveness before formally closing the finding — preventing the closure of corrective actions that have been implemented but not verified to actually prevent recurrence.
VDA 6.3 is the process audit standard published by the German Association of the Automotive Industry (VDA) — used by German automotive OEMs (BMW, Mercedes-Benz, Volkswagen Group, Audi, Porsche) and their global supply chains for structured assessment of production and logistics process quality. VDA 6.3 uses a structured question catalogue organized into seven process elements: P1 (Potential analysis for new suppliers), P2 (Project management), P3 (Planning of product and process development), P4 (Supplier management), P5 (Incoming goods and storage), P6 (Production process and product analysis), and P7 (Customer care and customer satisfaction). Each element is scored on a percentage scale; suppliers must achieve 90 percent or above in P6 for production process approval. German OEMs require VDA 6.3 audits because the structured process-level assessment provides more detailed quality risk information than an ISO 9001 system audit for manufacturing suppliers.
EMUG’s IATF 16949 certification preparation approach uses three sequential activities in the 6 to 12 months before the certification audit. Gap assessment: a complete audit of the organization’s QMS against all IATF 16949:2016 clauses and applicable customer-specific requirements, identifying every major and minor non-conformance. This assessment is structured to replicate the third-party certification body’s approach — using the same audit questions, evidence standards, and grading criteria that a certification body auditor applies. Corrective action support: for each major non-conformance identified, EMUG facilitates root cause analysis and supports corrective action development, ensuring that proposed actions address the systemic root cause. Pre-audit verification: a follow-up assessment 4 to 6 weeks before the certification audit confirming that corrective actions have been implemented and are effective. Programs prepared using this three-phase approach achieve zero major findings at certification audits in 90 percent of cases.
EMUG conducts supplier quality audits across 20 countries using a combination of EMUG-employed auditors in key markets (India, Germany, UK, UAE, China) and a network of qualified supplier development audit partners for markets with lower audit frequency. All auditors follow EMUG’s standard audit methodology (EMUG AUDIT Framework) and use consistent findings grading criteria, corrective action requirement formats, and audit report structures — ensuring that a supplier audit report from EMUG in South Korea is directly comparable to one from Germany or Mexico. For automotive customers requiring VDA-certified VDA 6.3 auditors, EMUG uses VDA QMC-certified auditors for all VDA 6.3 supplier audit programs. Remote audit capabilities for initial document review phases, with on-site execution for process walkthrough and evidence collection.
NADCAP (National Aerospace and Defense Contractors Accreditation Program) is an industry-managed special process accreditation program administered by the Performance Review Institute (PRI) — required by major aerospace OEMs (Boeing, Airbus, Lockheed Martin, Raytheon) for suppliers performing special processes including heat treatment, non-destructive testing (NDT), chemical processing, welding, and composites manufacturing. NADCAP approval requires a structured audit against NADCAP audit criteria (AC7110 for NDT, AC7102 for heat treatment, AC7004 for welding) performed by a NADCAP-approved auditor. EMUG supports NADCAP approval preparation by conducting pre-NADCAP gap assessments against the applicable audit criteria, identifying non-conformances and supporting corrective action development before the formal NADCAP audit, and coaching process engineers and quality teams on the specific evidence and documentation requirements of each NADCAP audit criteria set.
Corrective action effectiveness verification is the step most frequently skipped in audit programs — and its absence is the reason the same findings recur across successive audits. EMUG verifies corrective action effectiveness through two mechanisms. Documentary verification: reviewing the corrective action implementation evidence (updated procedure, training records, process change documentation) to confirm that the corrective action has been implemented as planned. Objective effectiveness measurement: confirming that the quality metric affected by the non-conformance has improved to an acceptable level — for example, a corrective action addressing inadequate incoming inspection is verified effective by confirming that the non-conformance rate for incoming inspection has declined to within the target range after the new inspection process has been operational for 60 to 90 days. A corrective action is only formally closed in EMUG’s tracking system when both documentary implementation and objective effectiveness measurement are confirmed.
EMUG delivers process and quality audit services to automotive OEMs and Tier 1 suppliers (IATF 16949, VDA 6.3, customer-specific requirements), aerospace and defense organizations (AS9100 Rev D, NADCAP, AS9102 FAI), industrial machinery manufacturers (ISO 9001, EN 13849, ATEX), energy and oil and gas companies (ISO 55001, API Q1, API Q2, ISO 9001), and engineering services and EPC firms. Delivery countries include Germany, France, UK, Netherlands, Sweden, Italy, Spain, Poland, Czech Republic, UAE, Saudi Arabia, Qatar, Kuwait, Bahrain, India, China, Japan, South Korea, Malaysia, Thailand, USA, Canada, Mexico, Brazil, South Africa, Nigeria, and Kenya.
Find Quality System Gaps Before Your Certification Body Does.
Connect with EMUG's audit practice to plan your internal audit program, conduct gap assessments before certification audits, audit your critical suppliers, and manage corrective action programs that close findings with verified effectiveness.
Advancing industries requires reimagining how products are designed, built and optimized at scale.
Automotive & Mobility
Engineering solutions for electric vehicles, connected mobility platforms, and next-generation automotive product development.
Aerospace & Defense
Advanced engineering support for aerospace and defense programs, ensuring safety, precision, and performance.
Industrial & Heavy Engineering
Engineering expertise for heavy machinery, industrial equipment, and complex mechanical systems development.
Manufacturing & Smart Factory
Smart manufacturing solutions enabling Industry 4.0 automation, digital factories, and efficient production systems.
Energy & Sustainability
Engineering solutions supporting renewable energy systems, sustainable infrastructure, and efficient power technologies.
Hi-Tech, Electronics & Semiconductors
Engineering solutions for semiconductor technologies, electronics design, and high-tech product innovation.
Aerospace Manufacturing & MRO
Engineering support for aerospace manufacturing, maintenance, repair, and aircraft lifecycle management.
Emerging & Future Industries
Engineering and digital innovation enabling next-generation technologies and future-focused industry development.
Independent Audit. Specific Findings. Closed Corrective Actions.
Partner with EMUG Tech to run a quality audit program that identifies root causes rather than symptoms, produces corrective actions that prevent recurrence, and builds the quality system maturity that sustains IATF 16949, AS9100, and ISO 9001 certification without late-stage compliance crises.
