Auditors may be thought of as the “referees” of compliance, but they’re more than that. They protect consistency, confidence, and capability across complex, global supply chains. Whether you’re operating in automotive, aerospace, healthcare, or beyond, your job as an auditor isn’t simply to check boxes. Your goal is to understand risk, evaluate systems with clarity, and help organizations grow stronger through insight. That’s where the Core Quality Tools come in. 

Originally developed through collaborative efforts between OEMs, suppliers, and industry groups like AIAG, the Core Tools form the structural backbone of quality planning and validation. For organizations certified to IATF 16949, they’re imperative. Their value goes far beyond compliance, though; they’re essential tools for real-world quality assurance and risk reduction. 

Let’s unpack the six Core Tools and what they mean for you as an auditor by looking at them in three ways  

• A brief summary of what they are  
• How you can begin to audit them through the lens of an auditor  
• Red flags that should tell you to look deeper 

APQP & Control Plan: The Roadmap for Product Realization

Advanced Product Quality Planning (APQP) is a phased approach designed to align product development with customer expectations. It ensures proactive quality planning and drives alignment between engineering, manufacturing, and the customer voice. In a way, this is how the automotive industry wants you to bring a project from concept to the market.  

Audit Lens:

Are all phases documented? Does each phase have inputs and outputs? Are customer-specific requirements considered? 

Red Flag:

An APQP process that does not have incremental checks, a clear line of sight between inputs between phases, and no gates is more than just a formality issue; t’s a risk multiplier. 

FMEA: Catching Failures Before They Happen

Failure Mode and Effects Analysis (FMEA) is a structured approach to anticipating failure and prioritizing mitigation. It’s about asking, “What could go wrong?” before it ever does. 

Audit Lens:

Is there traceability between DFMEA, PFMEA, and Control Plan? Are high-risk items acted on? Is the document alive or archived? 

Red Flag:

If an FMEA shows high RPNs with no corrective actions (or worse, hasn’t been touched in years) it’s not a preventive tool, it’s a liability. 

Control Plan (Treated Separately): Precision in Execution

When treated as its own tool, the Control Plan becomes the living link between risk analysis and real-time controls. It is the guidebook on how to execute the risk strategy you performed in the FMEA.  

Audit Lens:

Is it actively used on the floor? Are methods and frequency aligned with the PFMEA? Is it reviewed when changes occur? 

Red Flag:

If the Control Plan specifies “hourly checks,” but records show they’re only done once per day, that’s more than just a documentation error. It’s a clear signal that the process isn’t being followed, and a hidden risk is going unchecked. 

MSA: Trust in Measurement

Measurement Systems Analysis (MSA) ensures your measurement tools are truly measuring what you think they do. If your gauges lie, then your data can’t be trusted. 

Audit Lens:

Are Gage R&Rs performed on critical characteristics? Are calibration and traceability in place? The bottom-line question is, “Do they know about the accuracy and precision of their measurement methods?”  

Red Flag:

High percent variation gages still in use, or no MSA for critical equipment, this undermines your entire data strategy and means you cannot trust the data coming off the process. 

SPC: The Pulse of Process Stability

Statistical Process Control (SPC) tracks variation to spot trends, shifts, and instabilities before they become defects. 

Audit Lens:

Are key characteristics being monitored in real-time? Are operators trained to interpret and respond? 

Red Flag:

Control charts filled out after the fact, or worse, ignored when showing trends, indicate a reactive rather than a preventative culture. 

PPAP: Proof of Readiness

The Production Part Approval Process (PPAP) confirms that parts meet spec while ensuring that the process consistently produces them. 

Audit Lens:

Do the 18 PPAP elements reflect real conditions? Is the PSW signed, dated, and traceable? Are submission levels in sync with customer requirements? 

Red Flag:

Discrepancies between documents and actual outputs are signs of systemic disconnects. 

Why These Tools Should Matter to Auditors 

When used correctly, the Core Tools aren’t simply compliance documents; they’re a real-time X-ray into process health, systemic risk, and continuous improvement. A competent auditor won’t only ensure these tools exist but will also make sure they ask the right questions to verify the tools are used, effective, and current. 

By understanding the interaction between APQP, FMEA, Control Plans, MSA, SPC, and PPAP, auditors expose more than nonconformities. They reveal opportunities for resilience, traceability, and confidence. 

In today’s environment of global compliance and complex supplier networks, quality tools are the common language. This means that auditors are the “translators” who ensure that language is spoken clearly at every level of the organization. 

Final Thought: Audit for Use, Not Just Presence 

The Core Tools are only as effective as the people using them. Don’t audit for documentation: audit for integration. When the Control Plan lives on the floor, when the FMEA triggers action, when SPC drives real-time decisions, is when quality transforms from a requirement to a competitive advantage. 

At Plexus International, we’ve helped thousands of professionals go beyond the checklist and embrace these tools as a mindset. Our training is built on decades of industry collaboration and tailored to real-world application, not just classroom theory.