info@iapmoscb.org | (909) 230-5526 | www.iapmoscb.org
Q1 2023
AS9100 Lead Auditor Training is Back!
Mark your calendars for June 12th-16th 2023 as we are hosting with our training partner Apex Quality Assurance, a Probitas Authenticated AS9100 Lead Auditor Training course. The location of the training will be at our IAPMO SCB office on 5001 East Philadelphia Street in Ontario, California. 
 
This 5-day course was developed to cover all requirements of both the ISO 9001:2015 and AS9100 Rev D standards. Group exercises and case studies with examples from the aerospace industry will be used to develop the required auditing skills. The auditing guidelines —including the auditing process and methodologies, e. g., planning and conducting an audit, writing nonconformity statements, preparing an audit summary and report, and verifying corrective actions and their application in the aerospace process approach are covered. Auditing case studies from the aerospace industry to develop skills for identifying nonconformities will be used. Techniques for leading audit teams will also be discussed.

Who Should Attend?
This seminar is primarily designed for internal or third party auditor candidates, but can also be valuable for Quality Assurance Managers, AS9100:2016 Implementation and/or Transition Team Members, Management Representatives, and all others who would like to develop competency in AS9100:2016 and the auditing process for first, second and third-party auditing. An understanding of both ISO 9001:2015 and AS9100:2016 requirements and/or work experience in applying AS9100:2016 is recommended.
 
To register, please contact Trevor King- trevor@apexqualityassurance.com or P: 919-635-5580. Mention IAPMO SCB to receive special discounted pricing.
Will We See CMMC in 2022?
It’s been nearly four years since former Pentagon official Katie Arrington unveiled the “Cybersecurity Maturity Model Certification” at a 2019 conference. The plan was to begin certifying contractors as soon as 2020. At the time she said, “Every single business doing any kind of business with the Department of Defense will need to get certified and get a third-party audit that they have basic cyber hygiene.”

Will You Be Ready?
Reports continue to find organizations are not following the required National Institute of Standards and Technology cybersecurity controls. However, these same organizations are at risk of being targeted for potential cyber-attacks. The nature of cybersecurity threats continues to evolve, as well. The defense industrial base and related high technology industries remain prime targets for hackers, who have increasingly focused on the “supply chain” of smaller businesses that supply key components and services to large defense contractors.

The program’s requirements will likely be introduced as part of a phased rollout to avoid disrupting the market and straining the C3PAO ecosystem. A phased rollout allows everyone to take into account the readiness of C3PAOs and assessors to meet the demand. However, the timing of the roll-out is still unknown and one of the major questions within the defense industry. We will keep our customers updated with information and planned webinars.
The Countdown to the New AS9104 Changes
The new AS9104/1A includes some major revisions from the previous version. AS9104-1 provides the requirements for managing the aerospace quality management systems (AQMS) certification scheme or ICOP scheme. AS9014-2 and AS9014-3 give requirements for the oversight process and the AQMS auditor qualification and training requirements. Going forward, audit planning will require client participation and submission of QMS performance and change data in advance of any audit. This allows the lead auditor to analyze the data and determine the audit time. Part of the audit planning includes the OCAP process and risk assessment which considers:
  • Meeting customer requirements – on time delivery performance
  • Customer complaints and returns
  • KPI results
  • PEAR scores
  • Internal auditor competence
  • Size and complexity of the site
 
What impact will it have on Aerospace Suppliers?
  • Up to 30% can be conducted remotely
  • Going forward, only single and multiple sites will be recognized. Campus and several sites will be removed
  • Organization Certification Analysis Process (OCAP) will be utilized to determine audit duration and in some minimal instances allow for decreases
  • Audit planning time of 10% will also be added to the audit calculations.
  • Purchasing is no longer required to be audited annually
  • Audit time may be reduced up to a maximum of 50% (through PBS/RP – Performance Based Surveillance/RP Recertification Process)
  • Non-applicable processes shall result in reduced audit duration from the established minimum baseline.
  • Depending on risk, performance, improvement and other factors, audit time may be increased or reduced at each site.
  • Audit report writing will now be included in audit duration calculations with a minimum 10% addition.

How to prepare for changes?
  • Consider your site structure and if the changes impact your audit durations. We will be in contact with you to discuss any additions or reductions in audit time.
  • In the audit planning process, be sure to complete the data forms issued and ensure the data is true and accurate.
  • Seek additional training for your management rep or internal auditors
  • Understand your PEAR scores
  • More attention will be placed on audit and KPI performance which will impact audit time so it’s to your benefit to make these a key focus
  • Analyze your on-time delivery and quality performance
U.S. Department of Defense Approved ANAB as Accreditation Body for DoD Cyberspace Workforce Qualifications and Management Program
The ANSI National Accreditation Board (ANAB), a wholly owned subsidiary of the American National Standards Institute (ANSI), has been recognized by the U.S. Department of Defense (DoD) as the approved accreditation body for the DoD Manual (DoDM) 8140.03 Cyberspace Workforce Qualification and Management Program.

Issued on February 15, 2023, the DoDM guides users in leveraging the DoD Cyber Workforce Framework (DCWF) to provide a targeted, role-based approach to identify, develop, and qualify cyber personnel. It is the third issuance in the DoD 8140 policy series, offering a broad set of options to manage and achieve a qualified cyber workforce in the areas of information technology, cybersecurity, cyber effects, cyber intelligence, and cyber enablers.
Upcoming ANAB Training Courses in April 2023
If you’re seeking for opportunities to learn about accreditation-related requirements and processes, look no further! ANAB has a variety of upcoming training courses.
ISO/IEC 27001: What’s New In IT security?
To address global cybersecurity challenges and improve digital trust, a new and improved version of ISO/IEC 27001 has just been published. The world’s best-known standard on information security management helps organizations secure their information assets – vital in today’s increasingly digital world. 
IAPMO Group was established in 1926 and has offices in the USA, Canada, Australia, China, Indonesia, India, Mexico, Germany and Argentine. To learn more for the IAPMO Group complete services, please visit our website at www.iapmo.org.