A Guide to IATF 16949

06 June 2017

The IATF 16949 technical standard, formerly known as ISO/TS 16949 or simply TS 16949, governs several aspects of quality management within the automotive industry. Learn more about IATF 16949.

What Is IATF 16949?

what is iatf 16949

The IATF 16949 technical standard, formerly known as ISO/TS 16949 or simply TS 16949, governs several aspects of quality management within the automotive industry. Originally published by the International Organization for Standardization (ISO) in 1999, the most recent revision of IATF 16949 was adopted and published in 2016 by the International Automotive Task Force (IATF).

IATF 16949 specifically addresses the following aspects of quality management systems in the automotive industry:

Process efficiency and effectiveness
Customer satisfaction
Continuous improvement
Defect prevention
Supply chain optimization

IATF 16949 is not a stand-alone quality management standard, but is implemented as a supplement to, and is to be used in conjunction with, ISO 9001:2015, a quality management standard applied to businesses across several industries. However, the generality of ISO 9001 combined with the specialized considerations of the automotive industry meant that a more automotive-specific standard had to be created to bridge the gap. TS 16949 was created in response to that need.

Since its initial development in 1999, the Automotive Standard has steadily grown into an international standard for the automotive industry. In the years following its establishment, TS 16949 has undergone several changes and iterations, adapting to the constantly changing automotive industry. The latest of these revisions was developed and published in October 2016 by the IATF with approval by a quality committee of the ISO. As a result of the change in publisher, this latest revision is formally called IATF 16949:2016, or simply IATF 16949.

Like all certification standards, the publication of the new IATF 16949 standard means automotive manufacturers certified in the 2009 iteration will need to transition to meet the new requirements of the 2016 revision. The deadline for this transition is September 14, 2018, which is the date all TS 16949 certifications will expire and will no longer be available for renewal.

As automotive businesses prepare for the transition from TS 16949:2009 to IATF 16949:2016, it is crucial for both certified and uncertified organizations to understand the key differences between the 2009 and 2016 revisions, the benefits of IATF 16949 certification and how to appropriately prepare for either the transition or for first time certification.

About the IATF

One of the first things most will notice about the new IATF 16949:2016 standard is the change in name.

purpose of iatf

The IATF is a quality control group consisting of manufacturers and trade groups associated with the automotive industry. The purpose of the IATF is to control the quality of products within the automotive industry on behalf of their customers. Just a few manufacturer members include the BMW Group, FCA Italy S.p.A. (formerly Fiat Group Automobile), Daimler AG, the FCA USA LLC (formerly the Chrysler Group), General Motors Company, Ford Motor Company, PSA Peugeot Citroen, Volkswagen AG and Renault SA. Trade groups involved in the IATF include the AIAG of the United States, ANFIA of Italy, FIEV of France, VDA of Germany and SMMT of the United Kingdom.

Previously, the standard was called ISO/TS 16949, indicating that the standard had been published by the International Organization of Standards (ISO) and received the two-thirds vote necessary to be approved as a technical specification, denoted by the TS in the name. The 2016 publication however, was developed by the IATF and approved by the ISO, leading to the new revision being called IATF 16949 instead.

IATF 16949 and ISO 9001

Like many industry quality management system standards, IATF 16949 is designed to work in conjunction with the most recent version of ISO 9001, just as TS 16949:2009 was designed to work with ISO 9001:2008. Together, these two standards define the requirements of quality management systems along with the development, production and installation of automotive parts. This supplementary quality of IATF 16949 means organizations seeking certification must comply with both IATF 16949:2016 and ISO 9001:2015 standards.

Some of the big changes to the ISO 9001:2015 that directly relate to IATF 16949 include:

Altered formatting using an Annex SL model with a 10-clause structure
More comprehensive approaches to external processes, products and services
Increased focuses on interested parties, stakeholders and company performance
Expanded focus on risk-based thinking and risk mitigation
Clarification of organizational concepts like organizational context and knowledge

Key Differences Between ISO/TS 16949 and IATF 16949

Unlike its predecessors, IATF 16949 follows the structure of ISO 9001:2015 without containing the text. This is primarily because IATF 16949 requires complete conformance with ISO 9001:2015 requirements and is specifically designed to be used in conjunction with ISO 9001. IATF 16949 accomplishes these goals by mimicking the 10-part structure used in ISO 9001:2015 and sharing similar headings and section content with the new ISO 9001 standard. This makes the standards easier to use together, while simultaneously ensuring all ISO 9001 requirements are associated with the correct IATF 16949 text.

iatf key changes

Beyond this structural difference, there are numerous key updates to the ISO/TS 16949 text that are apparent in the 2016 revision. Most of these changes reflect the changes in the automotive industry and marketplace that have occurred between 2009 and 2016. Some of these changes are listed below, while more extensive changes are explained further on in this text:

Incorporation of product safety requirements and considerations throughout the manufacturing process and product lifespan
Addition of corporate responsibility policies and standards, including but not limited to codes of conduct and “whistle blowing” policies
Expansion of risk analysis considerations and processes beyond ISO 9001 requirements
Clarification of requirements pertaining to nonconforming, reworked or repaired products
Enhancement of manufacturing feasibility analysis requirements to cover a wider range of processes, products and procedural changes
Defined explanations of first, second and third party auditor requirements and duties, specifically pertaining to competency assurance
and documentation
Additional requirements and considerations related to the management of embedded software within automotive products
Expanded process requirements for assessing and selecting suppliers
Enhancement and expansion of requirements related to product identification and traceability
Incorporation of alternative process controls, including protocols relating to temporary process alterations
Clarification of Customer Specific Requirements (CSRs) and incorporation of traditional CSRs into normal processes to reduce the number of specialty CSRs manufacturers and suppliers are expected to implement
Inclusion of warranty management process requirements, specifically in businesses where warranties are expected by customers
Elaboration of expectations related to Total Productive Maintenance, contingency planning, management reviews and the frequency of internal audits
Addition of requirements pertaining to documentation of organizational compliance and error-proofing

Applications of IATF 16949

IATF 16949 specifically pertains to quality management for automotive manufacturers and organizations related to the automotive industry. This covers a spectrum of companies working in and around the automotive industry and supply chain, including the following organization types:

Manufacturers of automobiles
Manufacturers of specialized automotive parts
Material suppliers for automotive and part manufacturers
Quality management organizations working with automotive manufacturers
Automotive design centers
Automotive distribution centers
Other organizations that work in and around the automotive industry

The IATF 16949 Timeline

The transition to the IATF 16949 standard involves a timeline, starting from the publication of the new standard and ending with the completion of the transition. This timeline is explained in more detail below:

October 2016 – IATF 16949:2016 Publication: IATF 16949:2016 was published in October 2016, initiating the transition process from ISO/TS 16949:2009.
November 2016 – Rules 5th Edition Publication: The 5th edition of “Rules for Achieving and Maintaining IATF Recognition”, alternatively known as Rules 5th Edition, was published soon after IATF 16949, in November 2016. This is used by auditors in conjunction with IATF 16949 and ISO 9001 to assess the compliance of organizations seeking certification.
January 2017 – Transition Audits Begin: Organizations seeking to transition to IATF 16949 early can conduct a transition audit as early as January 1, 2017.
June 2017 – Auditor Registration Completion: As of June 30, 2017, all third party auditors registered in the IATF ADP have to pass training and quiz modules specifically designed for IATF 16949 and the new Rules 5th Edition. Those that do not pass with a grade of at least 80 per cent will be deactivated as auditors.
October 2017 - IATF 16949 Auditing Transition: As of October 1, 2017, any audits will be performed using the new IATF 16949 standards according to the Rules 5th Edition. Organizations can no longer seek certification under ISO/TS 16949:2009 as of this date.
September 2018 – IATF 16949 Transition Completion: As of September 14, 2018, all ISO/TS 16949 certificates will be void. All companies with this certification must have fully transitioned over to IATF 16949 by this date in order to remain certified.

iatf standard transition

Within this schedule, companies looking to transition into the IATF 16949 standard must do so between January 2017 and September 2018. Companies must complete their transition with a transition audit, preferably scheduled in place of the company’s regular recertification audit.

Transitioning to IATF 16949

transition to iatf september

At the most recent estimate, over 68,000 TS 16949 certified companies will have to transition to IATF 16949 before September 2018. The implementation of IATF 16949:2016 will require extensive effort on the part of automotive companies. Learning and altering processes to more closely fit with IATF 16949 standards takes time and labour, often with the help of an internal auditing resource.

Organizations transitioning from ISO/TS 16949:2009 to IATF 16949:2016 can prepare for their transition with an appropriate action plan. A sample action plan is listed below:

Learn About the Requirements: As soon as possible, become familiar with both ISO 9001:2015 and IATF 16949:2016 and their requirements. Organizations interested in certification may also want to start looking at training organizations or internal auditing resources.
Perform a Gap Analysis: Compare current organizational standards and processes to those defined in ISO 9001:2015 and IATF 16949. This should allow the organization to pinpoint any gaps in their current processes so they can appropriately address them. Internal auditing resources can usually provide a checklist for this step.
Plan for Implementation: Using the results of the gap analysis, develop a detailed plan for implementing the new ISO 9001:2015 and IATF 16949 standards. Provide specific and quantifiable goals that are appropriate for the organization.
Train Key Personnel: Identify the individuals involved in the implementation process and provide them with comprehensive training on ISO 9001:2015 and IATF 16949:2016 standards. This training should also include the implementation plan, how it applies to the new standards and their roles within the framework of the plan.
Implement the Update: Complete all the necessary updates to bring the organization’s system up to the new standards, using the implementation plan. Be sure to double-check all systems and processes for appropriate implementation. If any problems arise during implementation, they should be addressed immediately and appropriately. All evidence and documentation of the changes made should be collected and kept, as these are required for a transition audit.
Audit and Certify: Complete an organizational audit under the new standard. This last step of the transition process will have to be scheduled with an official third party auditor. The process is explained in more detail below.

Auditing for IATF 16949

The auditing process is the last and final step of the transition process, and it can be a nerve-wracking process. Under the IATF 16949 requirements, some changes have been made to the auditing process, specifically with regard to auditor certifications. Most of these changes will not have an effect on automotive businesses. However, it is crucial that organizations be prepared for their audit. Part of this preparedness involves understanding the process.

Transition audits will typically follow the following basic structure:

expectations and checklist

Audit Expectations and Checklist: Certification Bodies will usually send their clients documents or checklists to run through before their audit. These will generally list the big changes in the revision and what the company is expected to have done to comply with the new requirements. Auditors will also usually make known the kind of documentation they will be looking for during the document review step of the auditing process.
Document Review: According to IATF requirements, the transition audit requires a document-auditing event before the on-site audit. This document review covers all documentation or proof provided that a company has made the changes necessary to comply with the new IATF standards. Insufficient documentation must be rectified as quickly as possible to avoid audit deferment.
On-Site Transition Audits: The support locations for an organization are usually the first to be audited under IATF rules, followed by the organization site(s), however if the sites are not ready, as long as a GAP analysis and implementation/action plan has been developed, then the main site may still gain certification. Once the audit is completed, the organization can follow through with nonconformity management as needed. Once that is finished and proven, the organization receives a three-year certificate verifying their conformance to IATF 16949 requirements.

If desired, organizations can seek internal auditing resources to run an unofficial audit before their scheduled audit for certification. This will familiarize the organization’s management and staff with the audit process and identify any potential problems before the official audit takes place. However, this pre-assessment cannot be performed by an IATF recognized Certification Body.

Major Changes to ISO/TS 16949

Like many modern industries, the automotive industry has undergone considerable changes since 2009. These changes impact the needs of customers and manufacturers alike, and have led to many of the major changes seen in the new IATF 16949 standard. Just a few of the changes affecting the needs of customers and organizational management systems include:

Evolving risks in the supply chain
Changing customer-specific requirements, customer requirements and expectations
New product safety and manufacturing concerns
Advancing technology in automotive manufacturing, such as embedded software
Expanded needs for specification auditing

IATF 16949 changed to meet these new industry needs, which are explained in further detail below. In combination, these changes ensure all organizations working under the IATF standard work toward the same level of quality management:

1. Risk Mitigation

iatf risk mitigation
Risk mitigation is one of the most extensive additions to both IATF 16949 and ISO 9001:2015. With the sources of risk ever expanding with the extent of technology and automation in manufacturing, creating safer and more stable work places is one of the top concerns of automotive manufacturing organizations worldwide. In response to these industry trends, IATF 16949 includes several risk-related requirements to its content. These requirements act together to improve program planning and development, reducing the likelihood of program failure and mitigating risk.

Risk- based thinking is one of the top priorities of IATF 16949, especially among industry managerial personnel. Ensuring the engagement of these personnel in the risk mitigation process requires involving them in several risk-management responsibilities, including:

Engagement in organizational contingency planning reviews
Identification and support of employees and coworkers involved in new processes
Participation in product safety discussions
Management of goals, such as quality objectives and customer or product performance targets
Recognition and implementation of corporate responsibility initiatives, including but not limited to anti-bribery policies, employee codes of conduct, whistle-blowing policies and other ethical initiatives.

Risk mitigation also applies to system management as it relates to the reduction of nonconforming products. IATF 16949 requires organizations to ensure all their products and processes, including outsourced products and processes, conform to a set standard. This requirement means that organizations must establish and maintain systems that minimize nonconformance as much as possible. Such requirements of conformity apply to all levels of an organization’s supply chain, from raw materials sourcing to the manufacturing process itself.

This risk-based thinking also applies to design and development activities under the new IATF 16949 standard. New additions to IATF 16949 include several controls, such as new requirements for managing the project development process and clarifying the product approval process.

These requirements extend to the development of new manufacturing processes — while these new manufacturing processes may result in the same product, the change in procedure comes with risk. New products and processes are all part of the industry, however. Keeping up with the constantly changing automotive market means automotive organizations need to implement new products and processes, while simultaneously minimising risk. To bridge the gap between these two needs, IATF 16949 requires organizations to manage changes by:

Assessing the manufacturing feasibility of operational changes before implementing them
Tracking and reevaluating changes to a products design after initial product approval
Reviewing, developing and implementing control plans for any changes that may potentially affect production, manufacturing, measurement, logistics, supply sourcing or risk analysis processes.
Managing all changes, permanent or temporary, that impact production, including those made by the organization, customer or supplier.
Scheduling and adjusting the frequency of internal audits around process changes

There are other sources of risk covered in detail in the new IATF 16949 to ensure quality production, including the handling of nonconforming outputs. The revision goes into detail, discussing how to handle these nonconforming outputs and when reworked or repaired parts can be reintegrated into the production process, if at all.

2. Customer-Specific Requirements

Customer-specific requirements are another topic handled in more detail by the new IATF 16949. The revision integrates common industry practices regarding customer-specific requirements into standardized requirements, encouraging a higher level of industry consistency.

customer specific requirements

One of the most important changes to IATF 16949 is the clarification of customer-specific requirements, which are often confused with customer requirements. The definitions of these two terms are as follows:

This clarification of these two terms helps reduce misunderstandings as well as helps organizations implement customer-specific quality management systems. Some customer-specific requirements that have been further detailed in IATF 16949 include the following:

Assessment of manufacturing feasibility
Warranty management processes
Managing temporary process control changes
Development of quality management systems for suppliers
Second-party auditing
Control and contingency planning
Total productive maintenance
Product and process standardization

Warranty management is a particularly important CSR that has been expanded upon in IATF 16949. The increasing importance of warranty management over the past few years has resulted in new requirements being added to the 2016 revision. This includes the requirement that organizations must provide a warranty for their product, as well as the requirement that the organization must have a warranty management process. IATF 16949 further details this management process to ensure product quality through assessing all pertinent CSRs. Using detailed warranty party analysis, the warranty management process must validate No Trouble Found (NTF) for each product. When possible, these assessments should be discussed and agreed upon with the customer.

3. Product Safety

One of the completely new sections of the IATF 16949 standard is product safety. As part of the new standard, transitioning organizations must document their management processes for handling product-safety related issues. Some of the new requirements for product safety include:

Special multi-level approval of new control plans and FMEAs
Product safety training for involved personnel as identified by the organization or customer for those associated with product safety and manufacturing processes
Transfer product safety requirements across the supply chain

product safety clause

This product-safety focused clause establishes the requirement that products should perform properly without causing injury or damage to users or associated equipment. This applies to products and materials throughout the lifecycle of the product. The goal of IATF 16949 in establishing this clause is to ensure all organizations recognize this and appropriately ensure product safety throughout the lifecycle of a product.

4. Manufacturing Feasibility

Manufacturing feasibility is the capability of an organization’s ability to achieve performance and timing targets as specified by a client. This is an area of expanded focus in the new IATF standard. While previous versions also required manufacturing feasibility assessments of one form or another, such requirements were not nearly as specific. Some of the requirements of the new IATF 16949 standard include:

A multidisciplinary approach to manufacturing feasibility assessments
Expansion of analyses to cover all new manufacturing processes and product technologies
Addition of changed manufacturing processes and product designs to assessment requirements
Proof of assessment validation with production runs, benchmark studies and other assessment methods used to support an organization’s ability to perform as requested

5. Embedded Software Considerations

Embedded software is becoming increasingly common in the automotive industry, and IATF 16949 has changed to account for this. The new standard requires products with embedded software to be acknowledged and accounted for in product validation processes, warranty management and troubleshooting, along with any customer requirements.

With embedded software expanding into multiple areas of automobile functionality, this additional assessment of parts with embedded software is as important to risk mitigation efforts as any other part of the manufacturing process.

6. First and Second Party Auditors

With all the new requirements associated with the new standard, proper assessment and auditing of organizational compliance with those standards is more important than ever. This is why IATF 16949 also includes several requirements for auditors. IATF 16949 specifically outlines the requirements of first and second-party auditors, or auditors directly employed by the organization or by a customer or supplier, respectively. A few of these requirements include:

Verification of internal auditors must involve a documented process kept by the organization to prove auditor competency
Documentation of internal auditor competency must include records pertaining to the auditor’s training process and progress
The competency of second-party auditors must also be proved by the organization, along with proof that these auditors meet all customer-specific requirements

The minimum competency of auditors in general is also outlined within the IATF 16949 standard. These competencies include:

Competency in an automotive process approach to auditing, specifically involving risk-based thinking
Competency in applicable core tools
Familiarity with applicable customer-specific requirements
Competency in software development assessment methodologies, when applicable

Reasons for the 2016 Updates

changes in automotive industry

All ISO standards are reviewed on a regular basis, usually every five years, to determine whether the standards are relevant to the current industry. With so many recent changes to the automotive industry of late, industry standards had to evolve to keep up. For this reason, the two standards most closely associated with the automotive industry, ISO 9001 and ISO/TS 16949 underwent significant changes.

The ISO 9001 standard changed in 2015, with the new revision meeting the more complex needs of the current market better than the previous 2008 version. Since ISO/TS 16949 heavily supports and adheres to ISO 9001 standards, the significant changes to ISO 9001 had to be met with significant changes to ISO/TS 16949.

Between the significant changes to the automotive market and the close associations between IATF 16949:2016 and ISO 9001:2015, several aspects of ISO/TS 16949 had to change. Some of these changes include:

Structural Changes: IATF 16949 is structured to more closely follow the flow of ISO 9001:2015. Since automotive businesses are required to follow both standards, similar structures between the two standards make them easier for organizations to understand and implement alongside one another.
Quality Standard Changes: Changes to the automotive industry over the past five years have been significant in terms of technology. With the sheer abundance of electronic parts in modern vehicles and changes in public concerns, quality standards within the automotive industry had to change to keep up. Of particular interest to these quality standards are safety-related parts and processes, product traceability, embedded software, corporate responsibility and warranty management.

Customer Requirements: These are the requirements and expectations specified by the customer. These can be technical, commercial, product or manufacturing process requirements, but they can also include general terms and conditions or specialized requirements. For example, an organization may not agree to a contract with a customer until they have outlined and reviewed the customer’s requirements, like their requested number of packaging manuals or specialized product manufacturing needs.

Customer-Specific Requirements: Also called CSRs, these requirements are interpretations of how an order will affect an organization’s Automotive QMS Standard or certain clauses of it. For example, a customer-specific requirement may involve an organization reviewing and agreeing to a contract with a customer after reviewing the impact that customer’s needs has on its quality management system.

Benefits of IATF 16949 Certification

Quality management has long made the automotive industry one of the most efficient sectors of worldwide industry. To express their dedication to a high standard of quality management, both international and local automotive manufacturers use certification as evidence of their quality. Certification in ISO/TS 16949 specifically has helped companies of all types and sizes improve in the following areas:

Customer Satisfaction: Improve customer relationships with products that consistently meet or exceed customer expectations and requirements.
Operational Efficiency: With each improved process, businesses start producing more product at a lower cost per part, saving them money.
Stakeholder Relationships: Demonstrating compliance with industry standards can help organizations improve their company’s image in the eyes of their staff, customers and suppliers.
Risk Management: IATF 16949 specifically focuses on risk management, helping businesses better understand and minimize organizational risks by improving product and service traceability and consistency.
Business Opportunities: Getting into wider markets often involves recognized certification. With IATF 16949, automotive businesses express the highest level of dedication to quality management, allowing them easier access to global markets and new business prospects.

global automotive market

Getting Certified to IATF 16949

As this text may suggest, certification to a management system standard is a long and potentially difficult process for organizations. However, the payoff of certification is substantial, and there are ways to make the process infinitely easier. Appropriate preparation, organization, training and auditing support can make certification a much less stressful process:

Preparation: The best place to start with certification is understanding the requirements of IATF 16949. Regardless of who you’re talking to about certification, whether it is your training team or your auditor, being able to refer to IATF 16949 standards comfortably will make the certification process much easier
Organization: IATF 16949 is a much more particular, more organized standard than its predecessors, and organizations have to follow suit. Documenting and organising quality management procedures, process changes and internal auditor competencies are all important parts of IATF 16949 compliance.
Training: Getting all employees and coworkers on the same page is another crucial part of proper IATF 16949 implementation. Ensure all employees and management individuals are aware of the organization’s quality management systems and the changes required by IATF 16949. This will help the audit and certification process go much more smoothly.
Auditing: Before you go about scheduling your official external certification audit, a good internal audit can help ease the tradition immensely. Internal audits help identify any potential problems or changes missed during the initial transition period. However, a quality internal audit needs to come from the right auditor. Look for a local auditor with extensive experience and positive customer feedback.

internal certification audit

If your organization is looking for an auditing resource experienced in ISO auditing procedures, NQA is one of the best auditing services in the world. NQA has conducted over 35,000 certifications across 70 different countries. Our extensive experience means our auditors can look into any questions you may have about the transition and auditing process.

With years of experience providing auditing services and accredited certifications, NQA is the ideal partner for any organization seeking certification in IATF 16949. We are involved in several industry committees and standards writing teams, allowing us to carefully track changes within the industry, such as industry strategies, industry regulations and standard requirements. Our attention to the industry means we can communicate potential management systems approach impacts to our clients as soon as possible.

customer service representatives

When you choose NQA auditing services, you choose a team of professionals who will work with your organization’s specific processes and procedures. No more worrying about adding useless processes to your procedures — our dedicated auditing professionals will make sure you only take the steps you need to meet certification requirements. What’s more, our customer service representatives are dedicated to ensuring our clients get the feedback they need throughout the registration process so you can worry less about your audit and focus on what you do best.

If you’re looking for help getting IATF 16949 certified, contact us at 800-649-5289 to speak to a certification specialist about your certification requirements.