What Not to Tell an Auditor During an AS9100 Audit

Posted on by Ronnie Roberts II
What Not to Tell an Auditor During an AS9100 Audit

Introduction

What not to tell an auditor during an AS9100 audit is rarely covered in training yet frequently causes avoidable findings. Auditors assess objective evidence and system effectiveness, but how information is presented can expand scope, trigger deeper sampling, or create unnecessary risk.

Why wording matters during an AS9100 audit

Auditors follow trails. Casual statements, speculation, or informal language can redirect an audit even when processes are effective. The goal is accuracy and evidence, not narrative.

Statements to avoid during an AS9100 audit

Statements to avoid during an AS9100 audit are informal or speculative remarks that imply inconsistency, unclear responsibility, or lack of control. These statements can redirect audit focus, expand sampling, or create findings unrelated to actual system performance.

“We usually do it this way”

This implies inconsistency.

Why it causes issues

It suggests the process is not defined or not consistently followed.

Safer approach

Reference the documented process and provide current records.

“I’m not sure, someone else handles that”

This signals unclear responsibility.

Why it causes issues

Clause 5 and Clause 7 expect defined roles and awareness.

Safer approach

Identify the responsible role and confirm evidence availability.

“That document is outdated, but we follow the new way”

This creates a direct document control concern.

Why it causes issues

Clause 7.5 requires controlled documented information.

Safer approach

Provide the current approved document and revision history.

“We haven’t had issues, so we didn’t document it”

This undermines risk-based thinking.

Why it causes issues

Clause 6 expects proactive risk consideration.

Safer approach

Explain how risk was evaluated and monitored.

“We plan to fix that later”

This acknowledges a known nonconformity.

Why it causes issues

Clause 10 requires action on identified nonconformities.

Safer approach

Explain current containment and planned corrective action status.

“The auditor last year didn’t care about this”

This challenges consistency and independence.

Why it causes issues

Audits are not precedent based.

Safer approach

Focus on current requirements and evidence.

“We don’t really follow that procedure”

This is a direct system failure admission.

Why it causes issues

Procedures define the system.

Safer approach

Explain how the process is implemented and align documentation if needed.

How to communicate effectively during an AS9100 audit

Answer what is asked

Do not volunteer unrelated information during an AS9100 audit. Auditors follow evidence trails, and introducing details outside the question asked can unintentionally expand audit scope or trigger additional sampling.

Answer only what is relevant to the specific process, record, or timeframe requested. Extra commentary about other activities, historical issues, or informal practices can create risk without adding value. Let the auditor guide the depth of inquiry through follow-up questions.

Use evidence first

Provide records before explanations during an AS9100 audit. Objective evidence establishes what was done and allows the auditor to evaluate compliance without interpretation bias. Explanations should follow only to clarify how the record aligns with the documented process and requirements.

Speak in process terms

Describe how the system works, not individual habits. Auditors assess process consistency and system effectiveness, not personal workarounds or preferences. Framing responses around defined processes, roles, and controls demonstrates a functioning quality management system and avoids introducing variability that can lead to findings.

Pause before answering

Clarifying the question during an AS9100 audit is appropriate and often necessary. Auditors may phrase questions broadly to explore system understanding rather than request a specific record. Asking for clarification helps ensure the response aligns with the intent of the question, not an assumption.

Clarification prevents oversharing. Answering a misunderstood question can introduce unrelated processes, documents, or informal practices into scope. A brief clarification keeps the discussion focused and controlled.

What auditors are actually listening for

  1. Consistency between words and records
  2. Clear ownership of processes
  3. Evidence aligned with documented methods
  4. Risk awareness tied to operations

Common misconceptions

“Being honest means oversharing”

Honesty during an AS9100 audit means providing accurate, verifiable information supported by evidence. It does not require guessing, assuming, or filling gaps with personal interpretation when facts are unclear.

Speculation introduces risk. If an answer is not known with certainty, it is appropriate to confirm the information or identify the responsible role rather than offering an estimated or informal response.

“Auditors want explanations”

Auditors want evidence supported by explanation, not explanation without evidence. Evidence establishes compliance. Explanation provides context so the evidence can be evaluated correctly.

Evidence comes first. Records, logs, reports, and outputs demonstrate what was done. Explanation should describe how the evidence fits within the documented process and requirements.

Graphic titled “What Not to Say to an AS9100 Auditor” showing common risky statements during an AS9100 audit paired with quicker, audit-safe responses focused on documented processes, evidence, risk evaluation, and corrective action.

Key takeaway

What not to tell an auditor during an AS9100 audit often determines how the audit unfolds. Informal language, speculation, or casual remarks can expand scope and trigger unnecessary sampling even when the system is effective.

Clear, evidence-based responses anchor the audit to documented processes and objective records. This keeps the discussion focused on system performance, consistency, and compliance rather than individual habits or opinions.

The objective is not to withhold information but to present it accurately and in context. When evidence leads and explanations support it, audits remain controlled, efficient, and aligned with the intent of AS9100.

Ronnie Lee Roberts II has worked in the Department of Defense (DoD) quality environment since 2017, supporting programs at Patuxent River and Webster Field (NAWCAD/NAVAIR). A certified AS9100:2016 Rev D Lead Auditor (2022–2025), he brings deep knowledge of quality management systems, documentation control, and audit readiness across aerospace and defense operations. His background includes hands-on experience inspecting to specification per engineering drawings and customer requirements, verifying process conformity, and maintaining compliance with AS9100D clauses related to documented information, product realization, and risk management.

In addition to audit work, Ronnie has supported QMS development, technical writing, CAD-based documentation, and controlled record structures that ensure traceability and repeatability. He also holds ISO/IEC 20000-1:2018 Lead Auditor (TPECS, 2023) and Certified CMMI® Associate (2025) credentials, supporting CMMI-DEV Level 3 environments. His focus remains on aligning documentation and inspection practices with AS9100D standards to drive measurable quality performance and readiness for customer and regulatory audits.