Skip to content

IATF 16949

Prüfzeichen IATF 16949

IATF 16949: quality standard for suppliers in the automotive industry

Compliance with the IATF 16949 quality management standard is often a prerequisite for supplying automotive manufacturers. A valid IATF 16949 certificate enables you, as a supplier, to work with leading automotive manufacturers such as Ford, GM, PSA, BMW, Daimler and/or VW. These and other manufacturers and suppliers require proof of compliance with the requirements of IATF 16949. Consequently, certification to IATF 16949 not only boosts your customers’ confidence but also enhances your market opportunities.

Get in touch

Target group

The IATF standard is aimed at all suppliers in the automotive industry: from sub-tier suppliers to first-tier suppliers. This includes companies involved in the production of production parts and spare parts, as well as service providers for value-adding processes, such as heat treatment, surface treatment and similar services.

Your benefits from a IATF 16949 certification

  • Internationally recognised quality management standard in the automotive industry
  • IATF 16949 promotes and requires continuous improvement in system, process and product quality within the automotive industry, as well as the provision of evidence of such improvement. This is supported by certification.
  • Global market access to leading car manufacturers and suppliers
  • Enhanced reputation and increased trust among customers and partner organisations

What IATF 16949 delivers

The aim of the IATF is to ensure that companies’ products and processes in development and manufacturing meet the relevant requirements. Implementing the requirements of IATF 16949 helps to prevent errors in development and production processes. Through certification, you demonstrate compliance with industry-specific requirements for your quality management system, are required to commit to a process of continuous improvement, and thereby increase customer satisfaction.

Customer information on the “Rules for Achieving and Maintaining IATF Recognition, 6th edition, 2025” (copy 1)

As announced in January 2024 via the “IATF Stakeholder Communiqué” on the “Release of Rules, 6th Edition” on the IATF Global Oversight website, the IATF has revised its certification rules and has now published them. IATF Global Oversight is now granting a period of up to nine months from 31 March 2024 to implement the changes required by the “Rules for Achieving and Maintaining IATF Recognition, 6th edition, 2025” (hereinafter “Rules 6th Edition”), both for IATF-recognised certification bodies and for their clients.

The IATF Rules 6th Edition will come into force and must be fully implemented by 1 January 2025. From 1 January 2025, the IATF Rules 5th Edition and all authorised interpretations and frequently asked questions relating to the IATF Rules 5th Edition will become obsolete.

Since 31 March 2024, the IATF Rules 6th edition have been available to interested parties via IATF Oversight Offices. Editions are available in various languages. The German-language version will be available from May 2024. 

  • The Stage 1 audit is conducted in two parts (including an assessment of the applicability of IATF 16949, the certification structure and the planned scope, followed by an evaluation of readiness for certification via an on-site audit using the ‘Gemba’ method).
  • The certification body will decide on readiness for the Stage 2 audit or a repeat of the Stage 1 audit within a maximum of 15 days.
  • If readiness is not demonstrated, a repeat of the Stage 1 audit may be carried out within a maximum of 6 months with the same auditor.
  • If necessary, at least one additional hour is required to review outstanding issues from a previous Stage 1 audit.

  • This involves a comprehensive system audit (all requirements of IATF 16949 must be audited and assessed for effective implementation).
  • The Stage 2 audit must take place no earlier than 20 days and no later than 90 days after the closing meeting of the Stage 1 audit, subject to a positive readiness assessment by the certification body.

  • The final day of a recertification audit must be completed no later than 3 years, 3 months and 0 days after the final day of the last Stage 2, recertification or transfer audit. Failure to do so will result in immediate withdrawal of the certificate.
  • The final day of a surveillance audit must be completed within -3/+3 months of the last initial Stage 2, recertification or transfer audit (‘ARD’). Otherwise, the certificate will also be withdrawn immediately.

  • This can be applied to production sites to be included, reducing on-site audit time per site by up to 15%. Depending on the scope of the group structure, reductions of up to 40% per site were previously permitted.

  • The total reduction in on-site audit time can now be up to 30%, compared with up to 50% previously.

  • These must be located no more than 10 miles / 16 km and no more than one hour’s drive from the main site. If this is not the case, former “Extended Manufacturing Sites” must be regarded as sites and subjected to an initial certification process (within the group scheme, where applicable). This may take place during the underlying audit cycle.

  • In the event of a relocation of the production site, an initial certification audit must be carried out, involving the supporting sites.

  • The client must confirm the audit date to the certification body no later than 90 days before the start of the audit (First Audit Day, ‘FAD’).
  • A later postponement is only possible with a documented, verifiable justification.
  • Additional requirements regarding the content and deadline for providing information to the certification body for audit preparation / the readiness assessment.

  • The certification body’s audit planning must demonstrably comprise at least 0.50 person-days. An entry in the IATF database is required for this purpose.
  • The client must provide the certification body with the information required for audit preparation at least 30 days before the first day of the audit. Otherwise, the certification body may postpone the audit, which may result in the loss of the certificate if the specified audit dates within the cycle cannot then be met.
  • If evidence of the client’s management review is not available to the certification body 30 days prior to the audit, or can only be verified on-site, at least two additional hours must be scheduled for assessment prior to the start of the audit.
  • The review of customer performance data must be carried out during the opening meeting / introductory discussion; in other words, the previously mandatory additional hour prior to the start of the audit is no longer required.
  • The audits must cover all production processes, and these must be operational at the time of the audit. There must therefore be no production processes that are not in operation at the time of the audit. Otherwise, the certification body may postpone the audit, which may also lead to the loss of the certificate if the specified audit dates in the cycle cannot then be met. - The audit plan must be submitted to the client by the certification body at least 14 days before the audit begins.

  • If the client’s problem-solving process for identified non-conformities is ineffective, a major non-conformity must be recorded.
  • In the case of major non-conformities (‘NC1’), the client must, within 15 days of the completion of the on-site audit, submit the containment measures, evidence of the effectiveness of the containments, the root cause analysis, the corrective actions taken and a plan for systemic corrective actions.
  • If the certification body rejects the 15-day response, the client must carry out a revision and the auditor must conduct a re-examination/re-assessment by day 30 following the conclusion of the audit.
  • The 60-day deadline for non-conformity management, including verification of the effectiveness of the measures by the client, remains in force. Likewise, non-conformities must be assessed as ‘open but 100% resolved’ or closed within 90 days of the last audit day.
  • If the systemic corrective actions for non-conformities are not effectively implemented, the certificate must be withdrawn.

  • Minor deviations (“NC2”): 0.5–1.0 hours (during the next regular audit or during a special audit).
  • Major non-conformities (“NC1”): 1.0–3.0 hours each as part of a special audit.

  • Audit plans, reports, non-conformity reports and their status must be reviewed and documented for all Remote Support Locations (“RSLs”) that support the site to be audited. This also applies to remote support locations that are audited by other certification bodies.
  • IATF 16949 certificates may only list remote support sites where the effectiveness of the support functions at the plant (“Site”) has been verified.

  • These are permitted on a conditional basis for surveillance audits of remote support locations (Stand-Alone Remote Support Locations, ‘SA-RSL’) where no product or material handling takes place.
  • The definition of remote functions is set out in the table in Appendix 2 of the Rules, 6th edition.

  • The process begins with a customer complaint or a non-conformity identified during an audit
  • The duration of the decertification process is limited to a maximum of 120 days. Thereafter, the certificate is withdrawn – in the event of a major non-conformity (‘NC1’), the certificate is suspended with effect from the date of the certification body’s decision, no later than 15 days after completion of the on-site audit.
  • In the event of performance complaints from customers against the client: The client must respond within 20 days of being requested to do so by the certification body, where applicable, via the IATF Performance Complaint Management System (“PCMS”).
  • If a certificate is withdrawn, the client must remove all references to the company’s IATF certification from its external communications.

Easy integration into existing management systems

IATF 16949 is based on the ISO 9001 quality management standard and is structured in accordance with the high-level structure. Thanks to the consistent chapter numbering and use of terminology, the structure of this automotive industry standard can be integrated into existing management systems, provided that these are also structured in accordance with the high-level structure.

Audit process of IATF 16949 certification

1

Step 01

Enquiries, quotations & explanations

2

Step 02

Booking & personalised scheduling

3

Step 03

Audit: Understanding the organisation & assessing readiness for certification

4

Step 04

Identifying areas for improvement

5

Step 05

Quick dual-check & certificate generation

6

Step 06

TÜV certificate for external use

7

Step 07

Continuous improvement of the management system and competitiveness

Eine Vogelperspektive zeigt einen dichten Wald, der sich entlang eines Flusses erstreckt, mit grünen Bäumen

Climate change – additions to management system standards

In a joint statement issued in February 2024, the International Accreditation Forum (IAF) and the International Organisation for Standardisation (ISO) outlined the amendments to various management system standards. The statement emphasises the importance of addressing climate change within these management systems.

The amendments affect clauses 4.1 and 4.2 of the respective standard. The aim of the amendments is to ensure that organisations take climate change issues into account in relation to the effectiveness of management systems, in addition to all other aspects.

Find out more

Frequently asked questions

FAQ on IATF 16949

The IATF standard is aimed at all suppliers in the automotive industry: from sub-tier suppliers to first-tier suppliers. This includes companies involved in the production of production parts and spare parts, as well as service providers for value-adding processes, such as heat treatment, surface treatment and similar services.

By obtaining certification, suppliers demonstrate that they meet quality management requirements, are engaged in a continuous improvement process, and implement customer-specific quality management system requirements. Furthermore, many car manufacturers and suppliers require this certification as a prerequisite for collaboration.

No. IATF 16949 incorporates the requirements of ISO 9001, which must be taken into account during an audit. However, as a standalone quality management standard, IATF 16949 is certified independently of ISO 9001. The same applies to ISO 9001.

ISO/TS 16949, as the predecessor standard to IATF 16949, is no longer valid and was replaced by IATF 16949 on 15 September 2018.

We assess whether you meet the requirements of IATF 16949 by reviewing your documentation (both paper and digital) and conducting an on-site visit.

Expert, international, TÜV NORD CERT

TÜV NORD CERT GmbH

TÜV NORD CERT is an internationally recognised and reliable partner for testing and certification services. Our experts and auditors possess in-depth knowledge and are all permanently employed by TÜV NORD. This ensures independence, impartiality and continuity in the support we provide to our clients. The benefit for you is clear: our auditors accompany and support the development of your business and provide you with objective feedback.

Discover your next service

Certification

ISO 14001 and EMAS certification

Strong positioning through active environmental management
Find out more about ISO 14001/EMAS
Certification

ISO 50001

Certified energy management system
Find out more about ISO 50001
Certification

Compliance

Compliance management systems to promote compliance with regulations
Find out more about the compliance management system