iatfaudit for organization checklist all

relevant)
28 07.1 Product Safety Testing Record
(Clause 4.4.1.2) (if relevant)
You must keep records/evidence of product safety validations, if
safety applies.
31 08.2 Appendix 2 – Registry of
Customer Complaints (Clause 8.2)
You need evidence/records of customer complaints; the
standard does require you track & handle them.
32 08.3 Appendix 3 – Feasibility Study
Report (Clause 8.2.3.1.1)
Documented feasibility study is required in IATF for new
product/changes.
33 09 Procedure for Design and
Development (Clause 8.3) (if design in
scope)
A documented process for D&D is mandatory if your
organization is responsible for design.
40 09.7 Appendix 7 – Control Plan
(Clause 8.5.1.1)
Control Plans are explicitly required in IATF 16949.
42 10 Production Part Approval Process
(PPAP) Procedure (Clause 8.3.4.4)**
IATF requires use of a recognized approval process (PPAP or
similar).
43 10.1 Appendix 1 – PPAP Record
(Clauses 8.3.4.4 & 8.3.6)
You must keep records of PPAP/product approval submissions.
47 11 Procedure for Purchasing &
Evaluation of Suppliers (Clause 8.4)
Must have a defined process for supplier selection,
performance, incoming control, etc.
49 11.2 List of Approved Suppliers
(Clause 8.4.1)
Need a record or list of suppliers that meet approval
requirements.

50 11.3 Registry of Complaints about
Suppliers (Clause 8.4)
Must track and address supplier-related issues.
53 12 Procedure for Production and
Service Provision (Clause 8.5)
You must define and control your manufacturing/service
processes; typically documented.
55 12.2 Production Change Review
Record (Clause 8.5.6, 8.6)
You need evidence/records of changes, including manufacturing
changes.
56 12.3 First and Last Part Approval
Form (Clause 8.5.1.3)
Must retain evidence of job set-up verifications.
57 12.4 Internal Failures Report
(Clause 8.7.1.1, 8.7.1.2)
Must keep records of nonconformities/failures.
59 12.6 Production Restart Checklist
(Clause 8.5.1.4)
IATF requires checks after extended downtime; record is typical
evidence.
62 12.9 Quality Plan (Clause 8.5)** Some organizations integrate the “Quality Plan” into the Control
Plan or separate. The standard requires planning.
67 15 Procedure for Mgmt of
Nonconformities & Corrective Actions
(8.7, 10.2)
Documented process for controlling nonconforming outputs &
corrective actions is explicitly required.
68 15.1 Nonconformity Record
(Clauses 8.7, 10.2.2)
Evidence/record of nonconformities is mandatory.
69 15.2 Registry & Status of Must track corrective actions to closure.

Nonconformities & Corrective Actions
(10.2.2)
72 15.5 Report of Warranty Failures
(Clause 10.2.5) (if warranty relevant)
IATF specifically requires analyzing warranty performance, if
applicable.
73 15.6 Warranty Incidents Analysis
Report (Clause 10.2.5) (if relevant)
Same as above—warranty analysis is needed.
75 16 Procedure for Equipment
Maintenance & Measuring Equipment
(7.1.5.2, 8.5.1.5)
IATF explicitly requires a documented “total productive
maintenance” system.
79 16.4 Maintenance and Calibration
Record (Clause 7.1.5.2)
Maintenance & calibration records are mandatory evidence.
81 17 Procedure for Control of Gauges
(Clause 7.1.5.1.1)
Documented process to control measuring equipment (MSA,
calibration) is required.
82 17.1 Appendix 1 – Measurement
System Analysis Plan (7.1.5.1.1)
MSA is explicitly required by IATF for relevant measurements.
85 18 Laboratory Management
Procedure (Clause 7.1.5.3) (if in-house
lab)
Documented process for internal labs is required if you perform
internal testing.
86 18.1 Internal Laboratory Scope
(Clause 7.1.5.3.1) (if in-house lab)
Must define scope & capability of the internal lab.
87 18.2 External Laboratory Acceptance Must have criteria for using external labs.

Checklist (7.1.5.3.2) (if external labs)
89 19 Procedure for Measuring
Customer Satisfaction (Clause 9.1.2)**
While ISO 9001/IATF do not say “you must have a separate
procedure,” you must show how you monitor satisfaction. Many
treat it as a required process.
91 19.2 Report of Customer Satisfaction
(9.1.2)
Evidence of measuring & analyzing customer satisfaction is
required.
92 19.3 Monitoring of Customer
Satisfaction (9.1.2)
More required evidence.
94 20 Procedure for Internal Audit
(Clause 9.2)
A documented internal audit process is explicitly required.
95 20.1 Internal Audit Program (9.2.2.2)You must maintain an audit program/plan.
10020.6 Internal Audit Report for QMS
Audits (9.2.2)
Records of the audits performed are mandatory.
10120.7 List of Qualified Internal
Auditors (7.2.3)
Must keep evidence of auditor competence.
10822.3 Management Review Minutes
(9.3)
Must retain documented evidence of management reviews.
Note – Some of the above are “Records” rather than procedures. They appear here under “Mandatory” only
because IATF requires their content be maintained (even if the exact template or appendix name is not
mandatory).

2. Non-mandatory Documents / Appendices / Forms
All other items in your master list—especially supporting appendices (e.g. “List of Internal Documents,” “Training
Attendance Sheet,” “5S Audit Form,” “Red Rabbits List,” etc.)—are not explicitly required by the standard by name.
They may be very useful or even part of your own system requirements, but IATF 16949 does not demand them as
separate documents. Examples:
(2) 00.1 Appendix 1 – List of Internal Documents
(3) 00.2 Appendix 2 – List of External Documents
(5) 00.4 Appendix 4 – Registry of Records…
(6) 01 Project Plan
(11) 04 Procedure for Determining Context (helpful, but not strictly required as a separate procedure)
(16) 05.1 Appendix 1 – Training Program and other training forms (helpful evidence, but the standard does
not say each must exist separately).
(21) 06 Procedure for Addressing Risks and Opportunities (the standard does not require a documented
“risk procedure;” only evidence that risks/opportunities are determined & addressed).
(24) 06.3 Appendix 3 – Procedure for FMEA Risk Assessment (FMEA is mandatory if relevant, but the exact
“procedure” or “form” names can vary).
(29) 08 Sales Procedure (useful, but IATF/ISO only require you define and control the customer-related
process, not necessarily a standalone “Sales Procedure”).

(34) 09.1 Appendix 1 – Project Task
(45) 10.3 Appendix 3 – Rework Instruction Template
(60) 12.7 Appendix 7 – Inventory Form
(63) 13 Workplace Organization (5S) Procedure
(64) 13.1 Appendix 1 – 5S Audit Form
(65) 14 Warehousing Procedure
(66) 14.1 Appendix 1 – Record of Warehousing Parameters
(70) 15.3 Appendix 3 – Problem Solving 8D Template
(71) 15.4 Lesson Learned Template
(74) 15.7 Product User Instruction Template
(78) 16.3 MTBF and MTTR Downtime Dashboard
(84) 17.3 Red Rabbits List
(88) 18.3 Test Schedule Form
(90) 19.1 Customer Satisfaction Questionnaire
(93) 19.4 Customer Satisfaction Dashboard
(96) 20.2 Internal QMS Audit Checklist, etc.
(97) 20.3 Manufacturing Process Audit Checklist

(98) 20.4 Product Audit Checklist
(99) 20.5 Second Party Audit Checklist
(102) 21 Procedure for Continual Improvement (good practice, but not strictly mandated as a separate
procedure; Clause 10.1 only says “opportunities for improvement” must be determined).
(103) 21.1 SPC Form / (104) 21.2 Capability Form
(105) 22 Procedure for Management Review (Clause 9.3 requires records/evidence, not necessarily a
separate “procedure”).
(106) 22.1 Matrix of Key Performance Indicators, (107) 22.2 Data Analysis Report, etc.
These “non-mandatory” documents can certainly support compliance. In many organizations, they become “locally
mandatory” (as part of your own QMS rules), but the standard itself does not require them in that exact
standalone format.
Final Summary
Mandatory: A relatively small set of procedures/policies/records explicitly called out in IATF 16949 (e.g.,
Document Control, Quality Policy & Objectives, Quality Manual, Product Safety (if applicable), Design &
Development (if applicable), Control Plans, PPAP, Control of Nonconforming Product & Corrective Action,
Internal Audit, Contingency Plan, etc.).
Non-mandatory: All other forms, appendices, lists, and templates are not explicitly demanded by the
standard in that exact format—though they may be very useful or become “required” by your own internal
QMS rules.

Important: Some clauses in IATF 16949 use “shall maintain documented information” without the word
“procedure.” That still makes the information mandatory but does not strictly require a separate, titled “procedure.”
Organizations often create a formal SOP anyway, but from a purist standpoint, the standard only requires
“evidence” or “documented info,” not always a stand-alone procedure document.