Understanding Sample Size in AS9100D Internal Audits
AS9100D does not dictate how many records, parts, or transactions to sample during an internal audit. Instead, auditors must select a size sufficient to achieve audit objectives while considering process risk, past performance, and available evidence. The goal is to gather enough objective evidence to confirm conformity or reveal systemic issues.
The Risk-Based Approach
Audit sampling under AS9100D Clause 9.2 should align with process risk, complexity, and past results.
- High-risk processes (product realization, special processes, inspection): 8–12 records, 3–5 interviews, and direct observation.
- Medium-risk processes (document control, calibration, training): 5–8 records, 2–3 interviews.
- Low-risk processes (administrative or mature QMS functions): 3–5 records, 1–2 interviews.
Auditors may expand sampling immediately if a single issue suggests wider nonconformity.
What to Sample
- Records from different shifts, operators, and equipment.
- Recent work within the last 6–12 months.
- Previously nonconforming processes or items with customer impact.
- Cross-referenced evidence: training, calibration, document control, approvals.
Expanding the Sample
Increase your sample when:
- Nonconformities repeat across multiple records.
- Work instructions do not match floor practices.
- Evidence is incomplete or inconsistent with clause requirements.
Best Practices for Internal Auditors
- Document the sampling rationale in your audit plan.
- Define acceptance criteria, such as “zero major and ≤1 minor per process.”
- Track all samples to clause references in your checklist.
- Include interviews and observations to complement record review.
Example Plan Summary
| Process Area | Risk Level | Sample Size | Evidence Type |
|---|---|---|---|
| Receiving Inspection | High | 10 records + 2 observations | Inspection reports, calibration logs |
| Document Control | Medium | 6 records | Revision history, approval signatures |
| Training | Low | 3 records | Competence records, training matrix |
Final Thoughts
A structured, risk-based sampling plan builds credibility and efficiency into internal audits. The right sample size balances effort with evidence quality. Under AS9100D, it’s not about quantity—it’s about drawing reliable conclusions from representative, verifiable data.
Ronnie Lee Roberts II has worked in the Department of Defense (DoD) quality environment since 2017, supporting programs at Patuxent River and Webster Field (NAWCAD/NAVAIR). A certified AS9100:2016 Rev D Lead Auditor (2022–2025), he brings deep knowledge of quality management systems, documentation control, and audit readiness across aerospace and defense operations. His background includes hands-on experience inspecting to specification per engineering drawings and customer requirements, verifying process conformity, and maintaining compliance with AS9100D clauses related to documented information, product realization, and risk management.
In addition to audit work, Ronnie has supported QMS development, technical writing, CAD-based documentation, and controlled record structures that ensure traceability and repeatability. He also holds ISO/IEC 20000-1:2018 Lead Auditor (TPECS, 2023) and Certified CMMI® Associate (2025) credentials, supporting CMMI-DEV Level 3 environments. His focus remains on aligning documentation and inspection practices with AS9100D standards to drive measurable quality performance and readiness for customer and regulatory audits.