Anyone responsible for quality in a manufacturing company will be familiar with the situation: an IATF audit is imminent, the process data is in three different systems and the question "Which part was screwed together with which torque?" takes 40 minutes and two phone calls. This is not an isolated case - it is part of everyday life in companies that use quality assurance software but have not selected it systematically.
The market for quality management software is blurred. Manufacturers use the same terms for fundamentally different products: CAQ system, QMS, MES module, process data platform - everything is supposed to be "digital quality assurance". What is missing is an honest selection logic: what does your company actually need, which requirements are mandatory and which systems can reliably meet these requirements?
This guide provides quality managers and production managers with a structured basis for software selection with specific evaluation criteria for test automation, traceability and audit-proof documentation. No feature lists, no product advertising. Just the questions you need to ask a software provider before making a purchase decision.
THE MOST IMPORTANT THINGS IN A NUTSHELL
|
BRIEFLY SUMMARIZED
|
What does quality assurance software really do in production?
The term is broader than it sounds. In practice, "quality assurance software" covers a wide variety of systems: small CAQ modules that manage inspection plans; full-blown QMS platforms that organize ISO documentation; MES-related process monitor tools that record machine transfer data; and archiving systems that store production data in an audit-proof manner. None of them are the same.
The decisive differentiation is not based on the range of functions, but on the data reference: Does the system work at component level (serial number or batch number) or does it only aggregate at shift or day level? The difference determines whether you can carry out a targeted partial recall in the event of a callback or have to block the entire production.
Typical mistake: A company buys a QMS system that manages documents, approvals and training certificates and discovers in the first serious audit that the inspection process on line 3 is not documented with component accuracy. The QMS is not a quality assurance system for production. It is a document management system.
|
System type |
Core function |
Data reference |
Suitable for |
|
CAQ system |
Inspection planning, SPC, complaints |
Batch / order |
QM department, inspection planning |
|
QMS platform |
Documentation, processes, audits |
Document / process |
ISO/IATF certification |
|
MES quality module |
Machine data, real-time monitoring |
Order / shift |
Production control |
|
Process data software |
Joining data, alarms, life cycle file |
Component / serial number |
Quality assurance Fert. |
|
Tool inspection software |
Process/machine capability test |
Tool / measuring point |
Screwdriving technology, joining technology |
|
Archiving system |
Audit-proof long-term archiving |
Component / batch / document |
Compliance, long-term proof |
Criterion 1: Test automation - What does this mean in concrete terms?
Automated quality inspection is not the same as digital quality inspection. Digital means that results are recorded in a system. Automated means that the system controls, monitors and documents the inspection process without any manual intermediate steps. The difference is practical: with true automation, no tool can be released if its calibration has expired and no component can leave the station before the mandatory tests have been documented.
In practice, this means for safety-relevant screw connections: The system plans the random samples in accordance with VDI/VDE 2862, controls the test cycles, records measured values directly from the test keys, evaluates IO / NOK against defined tolerances and writes the result with a time stamp to the component file. No manual export, no subsequent entry.
At Audi Neckarsulm, QST from CSP performs precisely this function: daily spot checks on screw connections in risk classes A and B are planned, carried out and archived completely automatically. According to the site, the automated documentation is particularly important, especially for the prescribed machine capability test for new systems.
| WHEN TEST AUTOMATION WORKS |
|
The critical questions for supplier discussions:
- Which joining technologies (screwing, riveting, gluing, pressing, welding) are natively supported?
- Can the system test tools from different manufacturers simultaneously?
- How are test plans updated when products are changed - manually or via an ERP connection?
- What happens if a test device measures NOK values - does the system automatically block the line?
PRACTICAL TIP | Tool testing and process capabilityThe QST software supports the planning, execution and evaluation of quality inspections over the entire product life cycle. Individually defined measuring points manage different measured variables regardless of the joining technology used. Over 60 expandable modules and manufacturer independence enable use in heterogeneous tool environments. |
Criterion 2: Traceability - more than just storing data
Traceability is one of the most misunderstood concepts in manufacturing quality. Many companies believe they are traceable because they store data. In fact, they are only traceable if this data is linked to a specific component or batch and can be queried system-wide. The data can be available in ERP, MES and paper archives, but if they are not linked to each other, this is not proof of traceability.
IATF 16949 section 8.5.2 requires component-specific traceability for Class A safety-relevant components. This means that for each individual component, the material batch, process parameters, test results and release decisions must be linked to the same serial number or batch number and be retrievable within minutes in the event of an emergency.
According to practical experience from production projects, the difference between a targeted partial recall and a full recall often lies in the question of whether the traceability data can be queried system-wide. If you only track at batch level, you may have to block more than necessary. Savings in the six-figure range are possible if the recall can be limited to the components actually affected.
|
Level |
What is linked |
Sufficient for IATF Class A? |
Data source |
|
Shift level |
Production data aggregated to shift |
No |
ERP, MES |
|
Order level |
Production order with inspection results |
Partially |
MES, QMS |
|
Batch level |
Material batch with process parameters |
Partial |
MES, ERP |
|
Component level |
Serial no. with all process/test data |
Yes |
IPM, QST, MES |
Critical test questions for system comparison:
- Can the software generate a component-accurate verification across all production stages in under 5 minutes?
- Are process parameters (torque, press-fit value, temperature) automatically linked to the component ID?
- Can the system perform a forward and backward batch query?
- Can the component file still be retrieved after a system change or database upgrade?
|
PRACTICAL TIP | Process data accurate to the component in the life cycle file The IPM software records all data from the production process - torque, press-fit values, welding and bonding protocols - and saves them in a life cycle file for each component. In the event of deviations, the system issues an alarm in real time. Supported processes include screwing, riveting, welding, gluing, filling, forming and testing. Thanks to the native OPC UA connection and REST API interface to the ERP, IPM can be integrated without stand-alone logic. |
Criterion 3: Audit-proof documentation - what standards actually require
Audit-proof is not a marketing term, it is a technical and legal requirement. A database is audit-proof if four conditions are met: The data is stored unalterably (audit trail without gaps), it is complete (all events relevant to the obligation are present), it can be found (targeted search without specialist IT knowledge) and it is permanently readable (open formats even after a system change in 15 to 25 years).
The retention periods that manufacturing companies must adhere to are longer than most expect: IATF 16949 requires at least 15 years for quality data, while the EU Product Liability Directive 2024 (2024/2853/EU) stipulates up to 25 years for latent damage to safety-relevant products.
The critical problem: many quality assurance systems in manufacturing archive data in proprietary formats or in databases that are tied to the continued operation of the original software. Anyone who buys QA software today implicitly buys its archiving model for the next two decades. This commitment must be explicitly checked during the selection process.
|
Standard / set of rules |
Relevant requirement |
Retention period |
Core requirement |
|
IATF 16949 section 7.5 |
Documentation of quality data |
At least 15 years |
Immutability, retrievability |
|
ISO 9001:2015 Section 9.1 |
Performance monitoring, evidence |
Customer requirement |
Systematic evaluation |
|
EU Product Liability Directive 2024 |
Proof of discharge per component |
Up to 25 years |
Component reference, audit trail |
|
GoBD / § 147 AO |
Tax-relevant accounting documents |
10 years |
Legibility, completeness |
|
DSGVO |
Personal data |
Obligation to erase according to purpose |
Selective erasability |
|
PRACTICAL TIP | Audit-proof long-term archiving CHRONOS archives quality and production data in an audit-proof manner for IATF 16949, GoBD and the EU Product Liability Directive - in open formats (PDF/A, CSV, XML), with a seamless audit trail, targeted component search without IT support and a separate archive database that does not burden the production database. Departments can access archived component files directly - without an IT ticket. |
System comparison: What types of software are available and what can they do?
The market does not offer a standardized category of "production quality assurance software". Instead, there are system types with different functional focuses. The right decision depends on which requirements are dominant in your company.
|
System type |
Strengths |
Limitations |
Typical target group |
|
ERP QM module (SAP, MS Dynamics) |
Commerc. Integration, supplier evaluation, controlling |
Usually no component-specific process data acquisition |
GF, controlling, purchasing |
|
CAQ system (Babtec, CASQ-it) |
Inspection planning, SPC, complaint management |
Rarely direct machine connection |
QM department |
|
MES with QA module |
Real-time production control, OEE |
Archiving often proprietary, limited traceability depth |
Production, IT |
|
Manufacturing OS (CSP) |
Component-specific process data, tool inspection, real-time alarm, life cycle file and audit-proof 25-year archiving in a modular platform |
Not an ERP replacement for commercial processes |
Quality, production, IT, compliance |
Step-by-step: How to choose the right QA software
The selection of quality assurance systems often fails not because of the wrong product, but because of an incomplete requirements analysis. If you go into a discussion with a provider without first having defined your own mandatory requirements, you will look at feature demos and end up deciding on the best price.
|
STEP 1 | Define mandatory requirements |
|
► Which standards apply to your company? (IATF 16949, ISO 9001, ISO 13485, VDA?) ► Which connection technologies are in the line - and are they safety-relevant (class A/B)? ► Which retention periods apply to your production data? (Check OEM specifications) ► Which existing systems (ERP, MES) need to be connected? |
|
STEP 2 | Prioritize evaluation criteria |
|
► Test automation: Does the system need to control test cycles or is results recording sufficient? ► Depth of traceability: Batch level or component-specific serial number tracking? ► Archiving format: Open formats (PDF/A, CSV, XML) or proprietary? ► Manufacturer independence: Can the system manage tools from different manufacturers? |
|
STEP 3 | Qualify provider - ask minimum questions |
|
► How is a component verification for a part from 2019 generated in your system today? ► In what format is data archived after 15 years and can it be read without your software? ► Show me how an NOK check on a line is processed and escalated in the system. ► What open interfaces does the system have (OPC-UA, REST-API)? |
|
STEP 4 | Pilot project before broad rollout |
|
► Select a pilot line or a pilot process and roll it out completely in 8 to 12 weeks ► Minimum requirement: First IATF audit proof possible with new software? ► Validate IT integration before rolling out to other lines ► Define decision criteria for rollout in writing beforehand |
|
Frequently underestimated cost factors when selecting QA software |
|
► Migration costs: Who bears the costs if old data has to be transferred to the new system? ► License model for scaling: Will the license become more expensive if more lines are connected? ► Proprietary archive format: If the provider disappears from the market - who will guarantee readability in 2040? ► IT costs for access: How many IT tickets are created each year when specialist departments want to access archive data? ► Retraining for staff changes: How much training is required for new employees? |
Frequently asked questions
Which standard prescribes quality assurance software in production?
No standard prescribes a specific software. IATF 16949 section 7.5 requires traceable documents and records; section 8.5.2 requires traceability for safety-related parts. ISO 9001:2015 clause 9.1 requires data-driven monitoring and measurement. What these standards require are results - complete proof, component-specific traceability - and these can only be reliably achieved with suitable software.
Does quality assurance software have to be manufacturer-independent?
Technically, manufacturer independence is not mandatory, but it is an important criterion in practice: anyone who buys a system that can only inspect tools from one manufacturer is tied down in the event of technology changes or supplier consolidations. Manufacturer-independent systems such as Manufacturing OS from CSP support different tool manufacturers at the same time and are therefore more flexible and more cost-effective in the long term.
Can I integrate quality assurance software into my existing ERP system?
Yes, modern QA systems offer open interfaces (OPC-UA for the machine level, REST-API for the ERP connection). The integration enables production orders from the ERP to be automatically transferred to the QA system as inspection specifications and inspection results to be reported back. Typical integration projects take 6 to 12 weeks and cost 30,000 to 80,000 euros, depending on complexity and master data quality.
How long must quality data from production be stored?
The retention periods vary depending on the standard and industry: IATF 16949 requires at least 15 years after the last delivery, while the new EU Product Liability Directive 2024 stipulates up to 25 years for latent defects. OEM specifications (BMW, VW, Mercedes-Benz) may stipulate longer periods. For safety-relevant production data, 25 years is therefore recommended as a planning parameter. The selected archiving system must guarantee these periods without a system change.
From what size of company is a specialized QMS system worthwhile?
There is no fixed lower limit, but companies with at least 50 to 100 manufacturing jobs and an IATF certification requirement or OEM supplier relationship are a sensible starting point. The manual effort required for a complete quality assurance system is often greater than the benefits. Modular systems such as Manufacturing OS from CSP enable a step-by-step introduction with individual modules without having to introduce the entire suite at once.
Can artificial intelligence in quality assurance software make autonomous approval decisions?
No. In safety-critical production areas, fully autonomous approval by AI systems is not permitted by regulation. The EU AI Act classifies AI systems in safety-relevant production processes as high-risk systems with mandatory human supervision. AI can provide valuable support in quality assurance - anomaly detection, predictive error warning, evaluation automation - but the approval decision must always be made and documented by a qualified employee.
