Customer & Industry Requirements
Process elements (P1–P7) evaluated per audit
Minimum score for A-rating (quality capable)
Points on one starred question can trigger automatic downgrade
Regulation Overview
VDA 6.3 is the German automotive industry's process audit standard and the most widely used supplier qualification tool in the European automotive supply chain. For supply chain and quality teams, VDA 6.3 process audit compliance means demonstrating documented, evidence-based process capability across every stage of the product lifecycle—from potential analysis and project management through serial production and customer care.
The standard structures its questionnaire across seven process elements (P1–P7) using a scoring model of 0/4/6/8/10 points per question, with starred questions (*-questions) carrying special risk weighting. Degradation rules mean a single zero on a starred question can downgrade the overall result regardless of average score. OEMs such as Volkswagen, BMW, Mercedes-Benz, Audi, and Porsche mandate VDA 6.3 audits for supplier approval, and a C-rating (below 80%) typically results in immediate escalation, business hold, or loss of approved supplier status.
VDA 6.3 operates alongside IATF 16949 as part of a broader automotive quality ecosystem. While IATF 16949 certifies the quality management system, VDA 6.3 audits the actual processes that produce parts. Suppliers to German OEMs must typically satisfy both, along with material compliance requirements under EU RoHS, REACH, and PFAS regulations that govern substance-level obligations for articles placed on the EU market.
Tier 1 suppliers delivering directly to German and European automotive OEMs
Tier 2 and Tier 3 suppliers within German OEM supply chains
Non-European suppliers manufacturing for Volkswagen, BMW, Mercedes-Benz, Audi, Porsche, or their Tier 1 partners
Contract manufacturers and assembly service providers in the automotive sector
Companies assembling complex products containing sub-supplier components for automotive applications
Internal quality teams conducting supplier development audits
Key Thresholds
Your company supplies three German OEMs from five manufacturing sites across three countries. Each site interprets VDA 6.3 questions differently, scores inconsistently, and stores audit evidence in local drives. When the OEM auditor arrives, your quality team scrambles to assemble a coherent picture from scattered spreadsheets, emails, and SharePoint folders. Centralized compliance data backbone across sites does not exist.
The audit is complete. Fourteen findings, six rated critical. The 8D reports are assigned—but follow-up sits in inboxes. Day 60: the OEM requests status. Three actions are overdue, two lack effectiveness evidence, and one supplier never responded. Without automated supplier data collection and tracking, corrective actions decay into audit liabilities.
P5 requires that you audit your own suppliers. But your Tier 2 suppliers operate across Asia with no standardized documentation. You need incoming inspection records, performance data, and qualification evidence—from 200 suppliers who speak different languages and use different systems. Multi-tier supply chain transparency is impossible with manual outreach.
The 2023 edition redistributed starred questions across process elements. A single zero on a starred question in P6.4 or P6.5 triggers automatic downgrade to B or C—regardless of an otherwise strong result. Without real-time monitoring of which starred questions carry the highest risk for your specific production processes, your team cannot prioritize audit preparation effectively.
Certivo In Action
Certivo in Action — VDA 6.3 Workflow
Features Tabs
Automotive Manufacturing
Your Pain Point
Direct OEM audit exposure; Formel Q requirements; multi-site consistency demands
Electronics Manufacturing
Your Pain Point
Embedded software scrutiny under 2023 edition; complex BOMs with sub-tier dependencies
Aerospace & Defense
Your Pain Point
Stringent documentation requirements; prime contractor flowdown to sub-tier suppliers
Industrial Machinery & Heavy Equipment
Your Pain Point
Global supply chains; legacy processes; multiple OEM customer requirements simultaneously
Chemical Manufacturing
Your Pain Point
Process parameter documentation; material traceability; intersection with substance regulations
Medical Devices & Equipment
Your Pain Point
Automotive-adjacent suppliers serving both sectors; overlapping process audit requirements
From Document Hunting to Exception Management
CORA collects and validates supplier evidence automatically through AI-native compliance automation. Your quality team focuses on high-risk findings that need human judgment—not manual document assembly across spreadsheets and shared drives.
OEM Audit Response Acceleration
Generate complete, traceable VDA 6.3 evidence packages organized by process element in hours—not the 4–6 weeks of manual compilation that leaves your team exposed to gaps.
Proactive Compliance Monitoring Replaces Reactive Scrambling
When an OEM schedules an audit, Certivo shows you exactly where your evidence stands across all seven process elements. Gaps are flagged and addressed before the auditor arrives—not discovered during the audit.
Frequently Asked Questions
What companies and suppliers are subject to VDA 6.3 process audit requirements?
Any supplier delivering components, assemblies, or services to German automotive OEMs—including Volkswagen, BMW, Mercedes-Benz, Audi, and Porsche—or their Tier 1 partners must be prepared for VDA 6.3 process audits. This applies to Tier 1, Tier 2, and Tier 3 suppliers globally, regardless of location. Non-European suppliers manufacturing for the European automotive supply chain are equally subject to these requirements. Certivo's automated supplier data collection and centralized supplier self-service portals enable suppliers at every tier to submit evidence efficiently, ensuring multi-tier supply chain transparency across your entire network.
What happens if a supplier receives a C-rating in a VDA 6.3 audit?
A C-rating (below 80% overall compliance) typically triggers immediate customer escalation, potential new business holds, and in severe cases, loss of approved supplier status. Degradation rules mean a single zero on a starred question can force a C-rating regardless of the average score. OEMs such as Volkswagen apply additional downgrade criteria through customer-specific requirements like Formel Q Capability. Certivo's continuous compliance monitoring and audit readiness capabilities ensure your team identifies and resolves risk areas before they become C-rating findings.
How does the VDA 6.3:2023 edition differ from the 2016 version?
The 2023 edition strengthened requirements for products with embedded software by linking hardware/software evaluation to Automotive SPICE. It explicitly prohibits adding or removing audit questions to ensure comparability. Starred question distributions were adjusted, affecting sub-element scoring balance. Service-related questions were removed and published separately as VDA 6.8. Remote audit guidance was formalized with a decision matrix. CORA's AI document parsing and certificate validation capabilities automatically align your evidence collection with the current 2023 edition requirements.
How does Certivo help manage corrective actions from VDA 6.3 audit findings?
Certivo provides a closed-loop corrective action workflow that assigns findings to owners with deadlines, tracks 8D report completion, and requires documented effectiveness verification before closure. Automated escalation ensures overdue actions are flagged before re-audit dates. Cross-site analytics identify systemic issues appearing across multiple audits, enabling supplier risk scoring and due diligence at a portfolio level rather than treating each finding in isolation.
Does Certivo support VDA 6.3 alongside other automotive and regulatory frameworks?
Yes. Certivo validates supplier submissions against VDA 6.3, IATF 16949, VDA MLA, EU RoHS, REACH, TSCA, PFAS regulations, and customer-specific requirements simultaneously. A single supplier evidence collection campaign feeds multiple framework validations through specialized substance reporting solutions and process audit documentation—eliminating duplicate requests and reducing supplier fatigue across your supply chain.