Audits are independent measures of how well an entity is performing an objective against that objectives measurement criteria. Audits are objective with a purpose of fact finding, not fault finding.

Supplier auditing is the quality assurance audit function that focuses on external suppliers. There are four types of audits: System, Process, Compliance, and Product.4

The quality system audit addresses the who, what, where, when and how of the quality system used to produce its product. For example, how is the quality system defined? Who is responsible for producing the product? Who is responsible for assuring the quality of the product meets or exceeds customer requirements? What is the extent of management involvement in the daily operation of the quality system? What procedures are used to guide the organization in its production effort? How are they maintained and updated? Who performs that function? Where are the procedures located? What type of processes are used (both directly and indirectly) to produce the product? How do current procedures support these direct and indirect processes, etc.? A quality system audit is characterized by its emphasis on the macro nature of the quality management system.

The process audit is much more narrowly defined. Unlike the system audit, the process audit is "an inch wide but a mile deep." It revolves around verification of the manner in which: 1) people; 2) material; 3) machines, etc., mesh together to produce a product. A process audit compares and contrasts the manner in which the end product is produced to the written procedures, work instructions, workman-ship standards, etc., used to guide the manufacturing process responsible for building the product in the first place.Process audits are appraisal and analytical in nature.

A product audit is a detailed inspection of a finished product performed prior to delivering the product to the customer. It is a test of both attribute and vari-able data i.e., cosmetic appearance, dimension properties, electrical continuity, etc. Results of product audits often provide interesting bits of information regarding the reliability and effectiveness of the overall quality system.

The compliance audit centers on comparing and contrasting written source documentation (usually the contract) to objective evidence in an attempt to prove (or disprove) compliance with that source documentation. During a compliance audit, the auditor examines the written procedures, work instructions, contractual obligations, etc., and attempts to match them to the actions taken by the auditee to produce the product. In essence, it is a "say what you dodo what you say" type of audit.

The Supplier Audit Process

Supplier audits will follow the following process:

  1. Pre-audit Questionnaire and visit
    • Collect information (including processes and procedures) and determine purpose and objectives.1
  2. Audit team selection
    • Select team based on audit type, availability and expertise of potential audit team members.
  3. Audit notification
    • Notification (usually months in advance) in writing and including:
      • "scope/baseline of audit
      • schedule
      • name of lead auditor
      • draft agenda"1
  4. Opening (in-brief) meeting
    • Finalize agenda and restate purpose and scope.
  5. Audit performance
    • Use of checklist and objective evidence
  6. Debriefing (out-brief) meeting
    • Review all observation sheets (OS)
  7. Report and follow-up
    • Formally summarize the following:
      • purpose
      • requirements
      • team members
      • agenda
      • personnel contacted
      • summary of results
      • Observation Sheets (OS)
      • recommendations on each OS1
    • Obtain and evaluate responses
    • Close audit

For further reading, view the Supplier Risk and Evaluation Control document from the Mission Assurance Improvement Workshop. The Mission Assurance Improvement Workshop's (MAIW's) purpose is to enhance the government/industry mission assurance processes, supporting disciplines, and associate products collaboratively with indsutry and government teams.

Supplier information is important to gather as analysis of this information results in overall supplier ratings. These supplier ratings assist an organization in choosing the optimal suppliers based on their requirements i.e. cost, schedule, quality, etc.

A central database, known as a SMS, allows for a consistent performance rating system for suppliers.


For further reading, refer to the IAQG section on Supplier Audit Management Basics.