Phase 1:Pre-Audit Preparation

  Blog    |     March 07, 2026

Auditing a factory's supplier qualification process is crucial for ensuring supply chain stability, product quality, regulatory compliance, and risk mitigation. Here’s a structured approach to conduct a thorough audit:

  1. Define Scope & Objectives

    • Identify suppliers to review (e.g., critical raw materials, high-risk categories).
    • Set goals: Verify compliance with standards (ISO 9001, IATF 16949, FDA), identify gaps, assess risk management.
    • Review relevant documents: Supplier policies, qualification procedures, approved supplier lists (ASL), and audit reports.

  2. Gather Documentation

    • Supplier Qualification Process:
      • Written procedures for supplier selection, assessment, approval, monitoring, and requalification.
      • Risk assessment methodology (e.g., FMEA, risk matrices).
      • Templates for supplier questionnaires, audits, and scorecards.
    • Records:
      • Approved Supplier List (ASL) with approval dates.
      • Supplier questionnaires, on-site audit reports, capability assessments.
      • Performance reviews (quality, delivery, cost).
      • Corrective actions for underperforming suppliers.

  3. Audit Team & Tools

    • Assemble auditors with expertise in quality, procurement, and relevant regulations.
    • Prepare checklists, interview questions, and a risk assessment framework.

Phase 2: On-Site Audit Execution

A. Process Review (Desk Audit)

  1. Process Design & Compliance

    • Does the procedure align with industry standards (e.g., ISO 9001:2015 Clause 8.4)?
    • Are roles/responsibilities defined (e.g., QA vs. Procurement)?
    • Is the process risk-based (e.g., higher scrutiny for critical suppliers)?

  2. Supplier Selection & Initial Assessment

    • Screening:
      • Are suppliers pre-screened for financial stability, compliance, and reputation?
      • Is a supplier questionnaire used to gather data (e.g., quality systems, certifications)?
    • On-Site Audits:
      • Are critical suppliers audited before approval?
      • Audit scope: Quality systems, processes, facilities, and controls.
      • Audit report quality: Clear findings, evidence, and CAPA requirements.

  3. Approval Process

    • Is there a formal approval committee?
    • Is the ASL updated promptly?
    • Are grandfathered suppliers (pre-existing) qualified?

B. Record Review

  • Approved Supplier List (ASL):
    • Is it current? Does it include risk tiers?
    • Are approval/review dates documented?
  • Performance Monitoring:
    • Are KPIs tracked (e.g., PPM, OTD, audit scores)?
    • Is periodic review conducted (e.g., annually or per risk level)?
  • Corrective Actions:
    • Are supplier non-conformities addressed with CAPAs?
    • Is evidence of resolution maintained?

C. Interviews & Walkthroughs

  • Interview Key Personnel:
    • Procurement: How are suppliers selected?
    • QA: How are quality issues handled?
    • Management: How is supplier risk addressed?
  • Process Walkthrough:

    Trace a supplier from selection to approval. Verify records alignment.

Phase 3: Risk Assessment & Compliance Check

  1. Risk Evaluation

    • Assess if suppliers are classified by risk (e.g., high/medium/low).
    • Verify controls match risk levels (e.g., audits for high-risk, reviews for low-risk).
    • Check for contingency plans (e.g., backup suppliers).

  2. Compliance Verification

    • Regulatory:
      • Suppliers comply with industry-specific rules (e.g., FDA, RoHS, conflict minerals).
      • Certifications are current and audited.
    • Ethical/Social:

      Labor practices, environmental standards (e.g., ISO 14001).

Phase 4: Findings & Reporting

  1. Document Non-Conformities

    • Cite specific evidence (e.g., "Supplier X lacks annual performance review per procedure 4.2").
    • Classify by severity: Critical (non-compliance), Major (system gap), Minor (documentation lapse).

  2. Audit Report

    • Summarize process strengths, gaps, and risks.
    • Include recommendations for improvement (e.g., "Implement automated supplier scoring").
    • Share draft with factory for input before finalization.

Phase 5: Post-Audit Follow-Up

  1. Corrective Action Plan (CAP)

    • Require the factory to address gaps with timelines and owners.
    • Verify CAP implementation in a follow-up audit.

  2. Continuous Improvement

    • Suggest process enhancements (e.g., digital ASL management, predictive risk analytics).
    • Update audit checklists based on findings.

Key Audit Red Flags

  • Missing documentation: No audit reports for critical suppliers.
  • Inconsistent criteria: Varying approval standards across categories.
  • Poor performance tracking: No KPIs or reviews for high-risk suppliers.
  • Lack of traceability: Cannot link supplier performance to product quality issues.
  • Over-reliance on self-assessments: No independent verification.

Tools & Templates

  • Supplier Audit Checklist: Cover quality systems, controls, and compliance.
  • Risk Assessment Matrix: Score suppliers based on impact/likelihood.
  • Supplier Scorecard: Track performance metrics (quality, delivery, cost).

Example Audit Checklist Snippet

Area Audit Question Evidence Required
Supplier Selection Are suppliers pre-screened for financial stability? Pre-screening records
On-Site Audit Were critical suppliers audited in the last 3 years? Audit reports with dates
Performance Review Is annual performance data reviewed for top suppliers? Review meeting minutes & KPI data

By following this structured approach, you’ll ensure the factory’s supplier qualification process is robust, compliant, and aligned with business objectives. Always tailor the audit to the factory’s industry, scale, and specific risks.

Previous: 1.Time Pressure Urgency:
Next: 1.Lack of Design Validation Verification:

Request an On-site Audit / Inquiry

SSL Secured Inquiry