Phase 1:Pre-Audit Preparation

  Blog    |     March 10, 2026

Auditing a factory's supplier approval process is crucial for ensuring supply chain resilience, quality consistency, ethical compliance, and risk mitigation. Here’s a structured approach to conducting a comprehensive audit:

  1. Define Scope & Objectives

    • Identify which suppliers/processes to audit (e.g., raw materials, critical components).
    • Set goals: Validate compliance, identify gaps, assess risk, or improve efficiency.

  2. Review Documentation

    • Examine:
      • Supplier approval policy/procedure.
      • Supplier qualification forms/questionnaires.
      • Approved supplier list (ASL) and supporting evidence.
      • Risk assessment records (e.g., FMEA, supplier scorecards).
      • Audit reports, corrective actions, and performance history.

  3. Audit Plan Development

    • Create a checklist based on standards (ISO 9001, IATF 16949, internal policies).
    • Schedule interviews with procurement, quality, engineering, and operations teams.
    • Request access to supplier files, performance data, and audit trails.

Phase 2: On-Site Audit Execution

Key Audit Areas & Questions

Area Audit Focus Sample Questions
Process Design Alignment with best practices, risk-based approach, and documentation clarity. - Is the process documented and communicated?
- Are risks (quality, financial, ESG) assessed?
Supplier Selection Objectivity, criteria consistency, and conflict of management. - How are suppliers shortlisted?
- Are costs/quality balanced?
- Are gifts/relationships disclosed?
Supplier Evaluation Thoroughness of assessments (financial, technical, compliance). - What data is reviewed (financials, certifications, audits)?
- Are site visits conducted?
- Are sustainability/ethical practices checked?
Approval Workflow Authorization levels, segregation of duties, and compliance. - Who approves? Are approvals documented?
- Is there segregation between procurement and quality?
Onboarding Training, contract clarity, and initial validation. - Are suppliers trained on requirements?
- Are SLAs/QPs signed?
- Is first-article inspection done?
Ongoing Monitoring Performance tracking, audits, and continuous improvement. - How are suppliers rated?
- Are periodic audits conducted?
- Is performance data used for requalification?
Corrective Actions Effectiveness of CAPA for underperforming suppliers. - How are non-conformities tracked?
- Is root cause analysis performed?
- Are suspensions/delists documented?

Audit Techniques

  • Interviews: Talk to cross-functional staff (e.g., "How do you validate a new supplier’s technical capability?").
  • Document Review: Trace approvals from request to ASL update.
  • Observation: Walk through the process (e.g., review how a new supplier is added to the system).
  • Data Analysis: Check for trends in supplier performance, audit findings, or rejections.

Phase 3: Post-Audit Reporting & Follow-Up

  1. Identify Gaps & Risks

    • Document non-conformities (e.g., "No site visit conducted for high-risk suppliers").
    • Rate severity: Critical (immediate action), Major (correct within 30 days), Minor (improvement).

  2. Develop Corrective Action Plan

    • Assign owners and deadlines for addressing gaps.
    • Example: "Revise supplier risk assessment matrix within 60 days."

  3. Report & Present Findings

    • Summarize: Scope, methodology, key findings, risks, and recommendations.
    • Use visuals (e.g., process flowcharts with gaps highlighted).

  4. Track Implementation

    • Verify CAPA completion via follow-up audits or document reviews.
    • Update supplier approval process based on lessons learned.

Critical Red Flags to Watch For

  • Vague Approval Criteria: "Supplier must be reliable" (measurable standards needed).
  • Lack of Risk Differentiation: Treating all suppliers equally (high-risk suppliers need deeper scrutiny).
  • Missing Documentation: No evidence of audits, assessments, or approvals.
  • Single-Source Reliance: No backup suppliers for critical items.
  • Ignoring Performance Data: Approved suppliers with recurring defects not reviewed.

Tools & Standards

  • Frameworks: ISO 9001 (Clause 8.4), IATF 16949 (Clause 8.4.1), AS9100.
  • Tools: Supplier scorecards, risk matrices, audit management software (e.g., Intelex, QAD).
  • Checklist: Download a Supplier Audit Checklist Template (ISO 9001 example).

Pro Tips

  • Focus on Risk: Prioritize audits for critical suppliers (e.g., those affecting safety or compliance).
  • Integrate ESG: Include checks for labor practices, environmental impact, and governance.
  • Leverage Technology: Use digital platforms for real-time supplier performance tracking.
  • Continuous Improvement: Schedule periodic audits (e.g., annually or after major incidents).

By systematically evaluating each stage of the supplier lifecycle, you’ll build a resilient supply chain that minimizes disruptions and ensures quality from source to end-product.

Previous: Beyond Tier 1:Uncovering the Hidden Risks in Your Supply Chain
Next: 1.User Frustration Poor Experience The Most Common Reason)

Request an On-site Audit / Inquiry

SSL Secured Inquiry