ISO/TS 16949

Automotive Quality Management Standard



  1. Introduction
  2. Overview
  3. Global adoption
  4. Benefits
  5. Auditing
  6. Choosing a registrar
  7. Route to registration
  8. Costs
  9. Contributing editor


The automotive industry Quality Management System (QMS) consists of ISO/TS 16949 Standard and the related customer-specific requirements (CSR).

  • The 3rd edition is the latest version and it was published on the 15th of June 2009.  It has been technically updated to align with ISO 9001:2008 Standard.  The previous revision was based on ISO 9001:2000.
  • Customer-Specific Requirements (CSR) is the additional requirements imposed by the OEM.  These requirements will form part of the audit criteria during the certification & internal audits.

ISO/TS 16949:2008 was developed by IATF (International Automotive Task Force) members and approved by ISO (International Organization for Standardization) for publication.  It is an industry specific Quality Management System (QMS) catering for automotive industries with the following objectives:

  • Promote continue improvement
  • Emphasis defect prevention, and
  • Continual waste and variation reduction.


The Standard is based on ISO 9001:2008 standard with additional common automotive industry requirements.  The requirements are encompassed in 5 clauses, namely:

  1. Quality Management System,
  2. Management Responsibility,
  3. Resource Management,
  4. Product Realization,
  5. Measurement, Analysis & Improvement.

Exclusion to the requirements is only limited to the product design & development processes.

Organizations that spearheading for certification must be parts of the automotive supply chain that provides value added activities or services to their customers.  The term “automotive” include cars, buses, trucks, motorbikes but exclude special purpose vehicle such as tractors for agricultural purposes.  Producers of automotive after-market products or providers of support services such as warehousing, transportation, calibration and others are not eligible for certification.  Scope of certification includes site where value added activities are performed as well as remote locations if any where support services are provided.

The ISO/TS 16949 Standard was an international effort to develop a common Quality Management System for automotive industry.  It was initially presented as an alternative to those organizations that were certified to US9000, VDA 6.1, AVSQ and EAQF.  However, with the retirement of QS 9000, AVSQ and EQFQ in recent year, more and more companies have chosen to be certified with ISO/TS 16949.

Is ISO/TS 16949 relevant to your organization?

It is part of the common procurement requirement among the IATF members that all their suppliers, especially tier-1 suppliers shall be certified to ISO/TS 16949.  JAMA strongly encourages their members’ suppliers to be certified to the ISO/TS 16949.  In recent years, more are more OEMs (besides IATF and JAMA members) are encouraging or has made it part of the procurement requirements that require their suppliers to be 3rd party certified to ISO/TS 16949, one of those examples is Proton in Malaysia.


  • IATF members include the following vehicle manufacturers: BMW Group, Chrysler Group LLC, Daimler AG, Fiat Group Automobiles, Ford Motor Company, General Motors Corporation (including Opel Vauxhall), PSA Peugeot-Citroen, Renault, Volkswagen AG and the vehicle manufacturers respective trade associations - AIAG (U.S.), ANFIA (Italy), FIEV (France), SMMT (U.K.) and VDA (Germany)
  • JAMA members include the following vehicle manufacturers: Daihatsu Motor Co., Ltd, Fuji Heavy Industries Ltd., Hino Motors, Ltd., Honda Motor Co., Ltd., Isuzu Motors Ltd., Kawasaki Heavy Industries, Ltd., Mazda Motor Corporation, Mitsubishi Motors Corporation, Mitsubishi Fuso Truck & Bus Corporation, Nissan Motor Co., Ltd., Suzuki Motor Corporation, Toyota Motor Corporation, UD Trucks Corporation, and Yamaha Motor Co., Ltd.

Global adoption

At the end of June 2010, a total of 42,189 certificates were issued to ISO/TS 16949.  Asia Pacific region accounted for the biggest number of certificates issued - 16,585 (47%).  Among all the countries, China was the fastest growing country which itself accounted for 13,031 (31%) certificates.


IATF has set up an IATF Global Database Customer Portal that allows anyone to check the validity of the certification certificates.  This provides a simple mean for any organization to verify its supplier ISO/TS 16949 certification status. The benefits of being certified to ISO/TS 16949 Standard includes but not limited to:

  • Quality improvement in product & process,
  • Additional confidence to the customers,
  • Common approach for managing Quality Management System,
  • Reassignment of resources to quality improvement and
  • Reduction in the multiple 3rd party registrations.


ISO/TS 16949 requires organization to plan and conduct internal audit at the planned interval as well as having Its QMS to be audited by the appointed 3rd party certification body on the annual basis.

Internal Audits

ISO/TS 16949 Standard requires that the internal auditors be competent on the basis of education, skill, training and experience.  Organization can decide the criteria for competency.  However, certain OEMs through their customer-specific requirements (CSR) spell out the criteria for internal auditor competency.  Nevertheless, in general a competent auditor must be able to demonstrate certain level of competency in the following subjects:

  • Understanding of the ISO/TS Requirements,
  • Process Based Approach in Auditing,
  • Understanding of the Core Tools (SPC, MSA, FMEA, APQP and PPAP)
  • Applicable Customer-Specific Requirements


  • SPC – Statistical Process Control
  • MSA – Measurement System Analysis
  • FMEA – Potential Failure Modes and Effect Analysis
  • APQP – Advanced Product Quality Planning
  • PPAP – Production Part Approval Process

Appointed internal auditors must not audit their own work.  Internal audit is allowed to be outsourced to outside parties such as consultant to carry out.  It is sometime more effective than using its own staff but the costs can be high.

Unlike other management systems audit, ISO/TS 16949 audit must be planned and conducted to cover all working shifts.  The internal audit must be planned on the annual basis, and take into the consideration the importance of the processes to be audited as well as the results from the previous audits.  In addition, the internal audit itself is divided into 3 distinct types of audit – Quality Management System (QMS) Audit, Manufacturing Process Audit and Product Audit.  QMS audit focuses on the conformance of ISO/TS 16949 and other related QMS including CSR requirements.  Manufacturing Process Audit focuses on verifying the effectiveness of each manufacturing processes.  Lastly, the Product Audit is focusing on auditing the product requirements at the appropriate stages from production to delivery to ensure product requirements are met.

All the findings that against the audit criteria will be issued with a Non-Conformance (NC) note and corrective action (CA) is required to be carried out by the auditees to address the root cause(s) of the problem to prevent recurrence.   OFI (Opportunity for Improvement) or Observations were issued by the auditors to address the potential non-conformance findings.  Preventive Actions (PA) were sometime initiated to address the OFI or Observation to prevent occurrence of the potential non-conformance.

Internal audit must be viewed positively in the organization as it provides a platform for continuing improving the organization’s QMS.  The internal audit results are one of key inputs to the Management Review.

External Audits

All the external auditors are trained and qualified by their respective IATF Oversight Office (SMMT, IAOB, VDA, IATF France, QMC and ANFIA).   All the auditors need to have at least 6 years of full time working experiences in the automotive industries with at least 2 years in the quality assurance activities.  Throughout the year, IATF Oversight Office will perform witness audit on the auditors to ensure they maintain the high level of competency, consistency and professionalism.

Choosing a registrar

As of May 2011, only 49 certification bodies are approved by the IATF to perform ISO/TS 16949 certification audit.  The details on the approved certification bodies are available on the IATF website.  It is recommended that the organization goes through the following items before deciding which certification body to engage.

  • Make sure the certification body is approved by IATF.
  • Obtain few quotations from the different certification bodies for comparison, and you would be surprise on the differences in price quoted.
  • Make sure the certification body is having its own local auditor to do the job.  Importing auditors from other countries might create an unnecessary communication problem.  The additional costs will be high too.
  • It is best to talk or interview the auditors before engaging them.  It will provide you with the first valuable assessment as are they the right auditors for your organization.
  • Talk to your clients to see if they have any preferred certification bodies to use.

Route to registration

These are the steps to registration:

Pre-audit Assessment

Pre-audit or pre-assessment prior to Stage 1 readiness review is allowed to be carried out by the certification body with the following restrictions:

  1. Pre-audit is not part of the certification audit process (Stage 1 & Stage 2).
  2. Only one single visit to one site of a client is allowed.  Multiple visits shall be considered as consultancy visit.
  3. The audit time must be less than 80% of the calculated audit time for Stage 2 Audit.
  4. Pre-audit shall not be considered as a factor for reducing the audit time for Stage 1 and 2 Audits.
  5. External auditor that was assigned to perform the pre-audit assignment will not be allowed to participate in the Stage 1 and 2 Audits of the organization.

The pre-audit may result in some non-binding findings and auditor is advised not to recommend solutions to the findings.

Stage 1 Audit (Readiness Review)

Stage 1 audit must be carried out on site.  Under some special circumstances, Stage 1 audit may be completed without visiting the site, however, approval from the relevant IATF Oversight Office shall be obtained first.  A member of the assigned audit team for Stage 1 and Stage 2 audits shall carry out the audit and preferably the lead auditor of the audit team should perform the Stage 1 Audit.

The following documentation (as minimum) must be prepared by the organization and ready for Stage 1 audit.

Description of key processes showing the sequence and interactions.  This includes the identification of outsourced processes.

  • Key performance indicators trends for the previous 12 months, as minimum.
  • Quality Manual, including the interactions and support functions for manufacturing site and remote locations, if any.
  • Evidence to indicate all the requirements of ISO/TS 16949 have been addressed by the organization’s processes.
  • Evidence of one full cycle of Internal Audit to ISO/TS 16949 and followed by a Management Review.
  • List of Qualified Internal Auditors and the criteria for qualification.
  • List of automotive customers, and their applicable customer-specific requirements (CSR).
  • Customer complaint summary and responses including scorecards and special status issued by customers.

Stage 1 Audit activities include the verification of the following information to assess the organization readiness for Stage 2 Audit.

  • Evaluation of Organization’s management system documentation,
  • Evaluation of Organization manufacturing site and remote locations readiness for Stage 2 Audit,
  • Evaluation of organization’s status and understanding of the requirements of the standard,
  • Collection of information regarding the scope of management system, processes, and applicable statutory and regulatory requirements to the product,
  • Reviewing the allocation of resources with the organization and agree with the organization the details for Stage 2 Audit,
  • Provision a focus for Stage 2 Audit by understanding the organization’s management system and site operation,
  • Evaluation of the planning and execution of  Internal Audit and Management Review to assess the level of implementation that provide information regarding the organization readiness for Stage 2 Audit, and
  • Verification that both organization and its design subcontractors have sufficient capability to meet the ISO/TS 16949 requirements.

Upon collecting all the relevant information, the audit team will decide if the organization has sufficient readiness to proceed to Stage 2 Audit.    If the audit team concluded that the organization is “not ready” for Stage 2 Audit, the organization will need to go through another round of Stage 1 Audit again.  An organization will be deemed “not ready” if the audit team concluded that:

  • The organization was not able to present or complete the items required, or
  • The organization has an issue which could result in major non-conformity at the Stage 2 Audit with respect to the effective implementation of the quality management system.

Stage 2 Audit

The Stage 2 Audit must be conducted within 90 calendar days from the approval of the Stage 1 Audit.  The Audit is the evaluation of the implementation effectiveness of the organization’s quality management system and it must be conducted on-site.

Registration Confirmation

The audit team will make the recommendation for certification only after all the non-conformities identified during the Stage 2 Audit have been resolved.  On site verification of major non-conformity is required.  The certification decision must be made 120 days from the last day of the Stage 2 Audit.

Certificate Issue

Your certificate will only be issued if there is:

  • 100% compliance to the requirements,
  • Non-conformities found during the audit are either closed or open but 100% resolved.

Certificates to ISO/TS 16949 shall be issued by the IATF contracted certification body office or an approved regional office under the control of the IATF contracted certification body office.

Continued Assessment

After registration, your certification body will perform surveillance audit (on-site) to assess your management system’s fulfilment to the requirements.  Whenever nonconformity was found during the audit, decertification process will be initiated.  For a major non-conformity found during the audit, the organization will have 20 days from the last day of the audit to initiate root cause analysis and implementation of correction.  The certification body must review the correction and to decide if the certificate is to be suspended.


Your certification body is required to perform a reassessment of your management system every 3 years.   The purpose of the reassessment audit is to confirm the continue conformity and effectiveness of the quality management system as a whole and its continued relevance and applicability for the scope of certification.


Internal Costs

Implementation of ISO/TS 16949 management system is by no means an easy task.  Organizations that have chosen the DIY (Do-It-Yourself) approach may find it confusing when upgrading their ISO 9001 management system to ISO/TS 16949 which includes additional automotive industry requirements and customer-specific requirements which looks similar but different among the different OEMs.  For a company of around 100 staff, it will probably take close to a year to ready itself for the certification process.  Even though ISO 9001 is not a pre-requisite for ISO/TS 16949, it is recommended to be implemented first.

To be effective, project team that consists of a team leaders and members from the key processes should be formed to spearhead for the project.  Usually, in the initial phase, the team will spend almost 50% of their working time devoted to this purpose. Additional costs could come from the additional staff employed to temporarily take over the duties of the team members assigned.

Consultancy Costs

Engaging a consultant will probably help the organization to avoid many problem or pitfalls when the organization is trying to implement the system itself.  Consultants with their years of experience in auditing and consulting will be able to advise the organization how to effectively implement the management system.  However, a word of caution – the organization should always maintain ownership of the system – not the consultant.  In many cases, where the consultant is left alone to develop and implement the entire management system and after certification is complete, the organization will realize they have no idea how to maintain the system.

The consultancy costs will depend on the certification scope, number of site and remote locations.  It is always a good idea to obtain few quotations from a few reputable consultancy firms for comparison before a final decision is made.   Price should not necessary be the deciding factor as sometimes the track record and the consultant's professionalism are the more important factors to be considered.

Certification Costs

The costs of certification for ISO/TS 16949 are depend on the scope of certification, size of the organization, number of manufacturing sites and remote locations.   IATF through its “Rules for Achieving Recognition” states the audit man-day requirement be based on the number of employees in the organisation.  Most of the certification bodies follow the rule quite closely in quoting audit man-days for the organization.  Certification bodies usually charge a certain day rate for the audit performed and the rate can be quite different among different countries and different certification bodies.

Other costs include application fees and certificate fees, if additional certificates are needed.

To maintain your certification, the Certifying Body must perform surveillance audit, usually once every 6 months.  Every 3 years, re-certification will be carried out by your certification body.  However, the audit days will be fewer than the original certification audit.

Contributing editor

Ioh Shar

Ioh Shar is a qualified trainer, consultant and manager that has worked with Quality Management Systems for 22 years. For the last 13 years, Ioh has worked with Neville Clarke performing different duties as consultant, trainer and manager.  Ioh is an approved trainer with Neville Clarke, and one of the teachers of the lead auditor training course in Quality Management Systems.  In 2006, Ioh was trained and approved by SMMT to conduct the lead auditor training course for 1st and 2nd party audit in ISO/TS 16949 for South East Asia region.

Find a Standard

Find a Consultant