Tel No. (+91) 9844042424

Aerospace (AS9100) Rev D Certification and AS9100 documentation


The AS9100 quality standard is based on ISO 9001, adding requirements specific to the aviation, space and defence industry, while striving to meet the needs of stakeholders.

These supplementary requirements emphasize areas that impact on process and service safety, quality and reliability for aviation, space & defence products It is designed to meet the complex and unique demands of the aviation, space & defence industry, from commercial aviation to defence and include several additional requirements to ISO 9001 that participating aerospace OEM companies felt were necessary to clearly define their expectations for aerospace suppliers.

AS9100 is Based on ISO 9001, but with nearly 100 additional requirements specific to aviation, space & defence. AS9100 is the international management system standard for the Aircraft, Space and Defence (AS&D) industry.

The standard provides suppliers with a comprehensive quality system for providing safe and reliable products to the aviation, space & defence industry.

AS9100 Rev. D is built on the structure of ISO 9001:2015 and includes all the requirements of ISO 9001:2015 along with approximately 105 additional requirements specific to the Aviation, Space and Defence industry.

The drivers of AS9100 Rev. D are the changes found in ISO 9001:2015, along with aerospace additions and other IAQG standards.

High Level Process

  • Identify your specific needs and provide unique support with customized training and consultancy program
  • Understanding the current status of the organization and formulating the Growth Plan of your Organization as per the AS 9100 standard requirement
  • Documentation
  • Awareness Training
  • Implementation & Monitoring
  • Internal Auditor’s Training & Internal Audit
  • Management Review
  • Registration Audit
A gap analysis is an activity designed to evaluate the existing system against the aerospace requirements, identify the gaps, and develop an action plan to close those gaps so that the system then conforms. Part of the activities of this gap analysis & planning would be spent in training in the requirements and the recommended actions. A deliverable from the gap analysis would be a report showing strengths, weaknesses, and areas that need to be addressed.
This tool is designed to transform negative motivations into positive involvement of the entire management staff. By identifying why an organization is implementing a management system and defining what each member would like out of the effort not only gets everybody on board but provides key design criteria for establishing a system that meets organizational needs
A critical part of an improvement based system and required by AS9100, AS9110, and AS9120 is the identification of top management objectives. Many organizations struggle with driving the objectives down to the process level so that all the players understand what they must do to achieve the goal. This tool (Strategic Business Breakout) is designed to provide management with the methodology to manage this ongoing project
The heart of the aerospace management systems, AS9100 is the process management approach. Previous versions of ISO 9000 were focused on a silo-approach which had major weaknesses. The identification of processes, their sequence and interaction, along with defining how a process is known to be effective is a key step in developing an aerospace compliant system. SMCPL Consulting has developed an easy to use and encompassing tool to facilitate this effort.
To have a truly robust management system there needs to be a suitable documentation system. Documents need to be brief, to the point, applicable to the organization, and easy to understand and use. SMCPL Consulting has developed templates along these lines to facilitate the development of a documented system. It is not necessary to re-invent the wheel.
This is one of the many aerospace additional requirements that must be addressed to prior to approaching certification. SMCPL’s consultants have a proven method to assist client organizations in developing a configuration management process that meets the needs of that organization and the standard without creating a paperwork nightmare. This program includes establishing an approved baseline, documentation and change control, and configuration audits.
A strong, solid internal audit program is essential to the development and continual growth of improvement based aerospace management systems (AS9100). SMCPL has developed the premier internal auditor training course available. Most of the lessons are taught in a Socratic-style using actual case studies. Internal audits must evolve with the management system, with emphasis changing from documentation to implementation to effectiveness. Auditors in this course learn how to perform process-based internal audits in each of these phases.
SMCPL has a team of highly qualified aerospace auditors that are also performing certification audits for registrars so they know exactly the kind of internal audit that is useful for your company. Many organizations are finding it cost effective to contract out the internal audit function to SMCPL.
The Management Representative is not only the key person in maintaining an improvement based aerospace management system (AS9100), but also has the greatest opportunity within the organization to make a positive impact in the competitive advantage. One of SMCPL’s primary objectives is to see that this person is a success. The Management Representative must effectively manage internal audits, corrective & preventive actions, document control, continual improvement, supplier development, and many other things such as interacting with senior management and every other level within the organization and frequently external parties as well.
Management Review, when done properly, will have dramatic positive effects on the organization. This is intended to be a top management meeting in which all management are interacting and involved. SMCPL Consulting has developed methodologies to facilitate this dynamic management review.
SMCPL Consulting has developed a highly effective Corrective and Preventive Action methodology. Effectiveness here is dependent upon identifying and addressing the actual root-cause. The best solution may not be eliminating the root-cause, but in interrupting the sequence.
Even though an organization may enjoy competitive advantage today, it must continue to improve or it will be out of business tomorrow. SMCPL Consulting has developed a method for organizations to drive significant, measurable, and lasting improvements in areas of critical importance to senior management.
Many organizations are dependent on their suppliers in order to provide quality and on-time delivery. SMCPL Consulting’s supplier development is founded on establishing mutually beneficial relationships with suppliers. This has resulted in shorter lead times, higher quality received, less inventory, and shorter cycle times.

Potential Risks

Failure to comply with the PCI Security Standards can result in the revocation of processing privileges and up significant financial penalties. It's also important to keep in mind the possibility of PR damage to your organization.
Our qualified experts understand the impact certain requirements can have on your payment data collection, transfer, and maintenance procedures. We will bring procedural expertise to your organization regarding these issues.
Failure to comply with relevant requirements can have a devastating impact on your organization. Don't take chances - let our experts help! SMCPL has a variety of services that you can leverage to meet your PCI compliance needs

PCI Security Standards Audits

Credit card fraud in the US is at an all-time high. The PCI DSS standard establishes a framework by which organizations can protect their cardholder data environment. By complying with PCI requirements, merchants and service providers can reduce the risk of a breach, gain competitive advantage, and increase their credibility.
Our PCI engagements focus on managing the full life cycle of our client’s certification process for their cardholder data environment. SMCPL offers a full suite of services to assist organizations with all aspects of their compliance effort.

Policies & Procedures

Every organization needs written policies and procedures that clearly define the company’s methods for protecting in-formation and data assets.

Every organization should have written policies and procedures that clearly define the company's policies for protecting information and data assets. Your information security policies and procedures documents provide clarity in employee communications and provide a layer of defences against liabilities associated with misconduct.
SMCPL has a thorough consulting process that can help you achieve this!

Step 1 - Information Gathering

Our security consultants conduct a series of interviews with your personnel to gain a better understanding of your operating environment. This information serves as the framework of the policy and procedure documents.

Step 2 - Policy & Procedure Development

We create a comprehensive set of policies and procedures that address your company's needs to ensure compliance with relevant legislation or requirements.

Step 3 - Document Review

Your staff reviews the documents along with the SMCPL consultants to ensure that all of your objectives are addressed

Step 4 - Document Release & Implementation

Upon your approval of the policies and procedures, we provide a final version for release and implementation. We can also provide consulting services to assist with the implementation, if necessary.

Information Security Awareness Training

An organization may underestimate the impact their employees can have on its security and compliance posture. Consider the fact that many of these people have critical responsibilities such as managing the network, running applications, handling customer data, communicating through email, visiting websites, and more. Therefore, Security Awareness Training plays a vital role as the organization’s first-line of defense against both internal and external threats and vulnerabilities.
We have developed a fully comprehensive and highly interactive Security Awareness Training program to train your workforce, probe threats in your user community, strategically deploy training and phishing assessments to vulnerable end users, and reduce the risk of security and privacy breaches.

Security Consulting

Our Security Consultants understand the risks involved and the security processes and procedures that should be implemented. These services can be related to any aspect of information security such as technology, policy and procedures, network design, disaster recovery, and more.

Securing your company's data and information assets involves more than technology. It requires a deep understanding of the risks involved and the security processes and procedures that should be implemented.
SMCPL's experts understand this through their years of experience in all aspects of information security. Our consulting services are customizable and can be related to any aspect of information security such as technology, policy and procedures, network design, disaster recovery, compliance standards, and more.
No matter what your security concerns or needs are, our experienced consultants will help you understand your organization's risk profile and the specific steps that must be taken to close gaps and mitigate risk.
Outlined are key activities, deliverables, and milestones for ensuring the organization's PCI compliance and certification

Gap Assessment,Audit & Reporting

Our team will review and analyse current policies, procedures, and initiatives relevant to the organization’s debit/credit/payment transaction environment or payment application design. All significant third party outsourcers and managed service providers will be reviewed as well.
After the gap analysis report is developed and delivered, our team will conduct a joint review of the findings and recommendations. Additionally, our team will create a recommendation and implementation project plan.
Once the assessment and report of the organization’s PCI compliance is complete, our team will issue or validate the appropriate compliance certificate.