The Unsung Heroes of NATO Quality Assurance: Ensuring Safety and Performance from the Depot to the Front Line

When a munition fails to function as specified, the consequences are measured in operational failure, equipment loss, or casualties. The Allied Quality Assurance Publication 2110 (AQAP-2110) and the Government Quality Assurance Representatives (GQARs) who enforce it are the system designed to prevent that outcome. But the competence framework holding it together has a gap that nobody has formally closed.

Why Quality Assurance Failures Are an Operational Problem

Defence procurement failures rarely begin on the battlefield. They begin years earlier, in a manufacturing facility, where a process deviated from specification, a subcomponent was accepted without adequate verification, or a quality management system existed on paper but not in practice. AQAP-2110 Edition D (June 2016) — NATO’s Quality Assurance Requirements for Design, Development and Production — is the Alliance’s primary instrument for preventing those failures from reaching the end user.

The publication is not self-executing. Between the written standard and a conforming munition on a front-line platform sits a human layer: the Government Quality Assurance Representative (GQAR), the individual with unrestricted access to supplier facilities, the authority to reject nonconforming product, and the responsibility to verify that what a supplier claims to have produced is what was actually produced.

Understanding how that system functions — and where it fails — matters for anyone involved in NATO procurement, Weapons, Ordnance, Munitions, and Explosives (WOME) safety, or Allied interoperability.

The AQAP Architecture: Eight Publications, One Governance Body

AQAP-2110 does not stand alone. It sits within a suite of eight Allied Quality Assurance Publications (AQAPs), all governed by the same body and all mandated by the same treaty instrument.

The mandate flows from STANAG 4107 Edition 11 (15 January 2019), which requires Allied nations to use AQAPs in defence contracts where Government Quality Assurance (GQA) is specified. All AQAPs are aligned to ISO 9001:2015. The governing body is AC/327 — the Life Cycle Management Group (LCMG) within the Conference of National Armaments Directors (CNAD). It is critical not to confuse AC/327 with AC/326 (the Conference on Ammunition Safety Group, CASG), which governs a separate body of ammunition safety standards. These committees operate in parallel; no STANAG formally bridges their remits.

The GQAR: Mandate, Authority, and Daily Function

The GQAR is the Alliance’s on-site assurance mechanism. Under AQAP-2110 §4.3, the supplier is required to grant the GQAR unrestricted access to all facilities, processes, records and personnel associated with the contract. That access is not a courtesy — it is a contractual obligation. The GQAR’s primary duties, as explicitly mandated in AQAP-2110 Edition D, are:

1. 01Review, approve or reject the supplier’s Quality Management System (QMS), Quality Plans (QP), Risk Management Plans, and Configuration Management Plans as they apply to the contract.
2. 02Plan and execute risk-based Government Quality Assurance Surveillance (GQAS), including process audits, product verification, and sub-supplier oversight across the supply chain.
3. 03Review and disposition nonconforming products, concessions, and corrective actions. The GQAR reserves the right to reject rework, repair, or “use as is” decisions.
4. 04Witness final inspection and acceptance activities. Support issuance of Certificates of Conformity and the “Certificate of Quality and Completeness” when contractual requirements are met.
5. 05Liaise with the supplier’s appointed GQA Management Representative. Require notification of any organisational changes affecting quality and attend Post-Award GQA meetings.
6. 06Coordinate cross-border surveillance through Mutual Government Quality Assurance (MGQA) procedures under AQAP-2070 when the supplier or sub-suppliers are located in other Allied nations.

“Surveillance activities should only be undertaken by a registered GQAR.” — UK MoD Government Quality Assurance: A Functional Framework for Acquisition, Edition 2, December 2017

The Mutual GQA Mechanism

When a UK prime contractor sources from a German sub-supplier, or a Dutch GQAR needs to conduct surveillance at a Belgian facility, the bilateral machinery of AQAP-2070 Edition B activates. The Mutual Government Quality Assurance (MGQA) process allows one nation’s GQAR to act on behalf of another, reducing duplication and leveraging in-country expertise.

For WOME procurement in particular, MGQA has significant operational value. Ammunition production is geographically distributed across the Alliance. The ability to delegate surveillance to a host-nation GQAR — one physically proximate to the facility and familiar with the national regulatory environment — is not merely efficient; in some cases it is the only practical option. The legal and procedural framework is well established. The competence assurance dimension of MGQA, however, is less developed.

How the UK Trains and Licenses Its GQARs

The UK’s approach to GQAR competence is governed by a three-tier hierarchy: Joint Service Publication 940 (JSP 940, MoD Policy for Quality) sets the policy requirement; the Government Quality Assurance: A Functional Framework for Acquisition, Edition 2 (December 2017) provides the operational framework and is formally aligned with JSP 940 Part 2 Chapter 4 (updated March 2025); and the MOD Quality Practitioner Licensing Scheme is the mechanism through which competence is formally assessed, recorded, and authorised.

The SQEP Baseline

Para 9.1 of the GQA Framework establishes that all GQA staff must be Suitably Qualified and Experienced People (SQEP). This is a standing MoD requirement across all technical domains; GQA is not exempt. SQEP is the floor, not the ceiling. The Licensing Scheme is what sits above it.

The MOD Quality Practitioner Licensing Scheme

Para 9.2 establishes that competence is formally assessed through the Licensing Scheme. The aim is for every practitioner to attain a GQA Licence. To obtain one, a practitioner must demonstrate competence across the majority of activities in all six stages of the acquisition lifecycle:

1. Planning
2. Requirements Preparation
3. Supplier Selection & Contract Award
4. Contract Execution
5. Delivery
6. Acquisition Conclusion

The assessment tool is the Skills Footprint, a document describing in granular terms what a competent GQA practitioner looks like at each level. Skills Footprints are published on the QCM-Policy Licensing Website — a Defence Intranet resource. They are not publicly accessible, which limits external scrutiny of the competence standards being applied.

Two elements described in the 2017 Framework were planned but not confirmed as implemented: Certificates of Competence mapped to individual acquisition phases (allowing staged qualification), and alignment with the MOD Managing Quality Competence Framework. Whether either has been fully realised remains unclear from open-source material.

Training Providers

The primary training provider is the Defence Academy, which offers a suite of practitioner-level GQA courses. External training providers supplement this offer. Before any practitioner-level course, two prerequisites apply: Introduction to Defence Acquisition (IDA) and QA Awareness On-Line Training (QAAOLT). These are entry gates; completing them does not constitute qualification.

GQAR Registration: A Distinct Gate

This is the detail the Framework buries in Stage 4 (Contract Execution) but which carries significant operational weight. The text is unambiguous: “Surveillance activities should only be undertaken by a registered GQAR.” The registration process is documented in the “Managing Quality” topic within the Acquisition Safety and Environmental Management System (ASEMS) — another Defence Intranet resource, not publicly available.

In practice this means two distinct authorisation hurdles exist: the GQA Licence (broad competence across the acquisition lifecycle) and GQAR Registration (specific authorisation for surveillance activity). They are not the same thing. A licensed practitioner who is not registered cannot lawfully conduct supplier surveillance. Conflating the two in commentary or in contract management introduces risk.

The Competence Gap: What the Framework Does Not Address

The GQA Framework Edition 2 does not contain the word “ammunition.” “Ordnance,” “explosives,” and “WOME” are absent. The Licensing Scheme assesses competence in GQA process — surveillance techniques, contract requirements management, supplier performance evaluation — but says nothing about the technical knowledge required to evaluate quality in a high-hazard energetic materials environment. This is the most significant finding from the 2017 document.

The structural origins of this gap are straightforward. AQAP-2110 and the AQAP suite are owned by AC/327 (LCMG). AC/327 demands GQAR competence but does not define it for any specific product domain. Ammunition safety governance — the technical knowledge base that would define what a GQAR needs to know about energetic materials — belongs to AC/326 (CASG), which publishes STANAGs 4440, 4442, 4657, and the Allied Ammunition Storage and Transport Publication (AASTP) series. Neither committee has responsibility for the other’s domain, and no STANAG formally connects them for the purpose of procurement personnel competence.

Two existing frameworks could bridge this gap. At the international level, IATG 01.90 Version 3 (2021) — the UN’s International Ammunition Technical Guidelines framework on competence — defines seven personnel competence levels for ammunition personnel and could provide the technical competence architecture that the AQAP suite lacks. At the UK national level, ESA National Occupational Standard (NOS) Key Role 6 (Procurement) defines nine units of explosives sector procurement competence and is mandated for relevant personnel under DSA 02.OME Version 3.0 (July 2024). Incorporating either or both into the AQAP framework, or into the MoD’s Skills Footprint for WOME-relevant contracts, would represent a proportionate and evidence-based response.

References

1. NATO Standardization Office, AQAP-2110 Edition D Version 1: NATO Quality Assurance Requirements for Design, Development and Production, NSO/0043(2019)WG2/4107, June 2016. [Available via Allied nations’ procurement portals and some national defence ministries.]
2. NATO Standardization Office, STANAG 4107 Edition 11: Mutual Acceptance of Government Quality Assurance, 15 January 2019.
3. NATO Standardization Office, AQAP-2070 Edition B: NATO Mutual Government Quality Assurance Process. Tasking Authority: AC/327 LCMG WG/2.
4. UK Ministry of Defence, Government Quality Assurance: A Functional Framework for Acquisition, Edition 2, December 2017. Published by Quality & CM Policy, DE&S, Abbey Wood, Bristol. Foreword: AVM Michael Quigley, Defence Authority for Technical & Quality Assurance.
5. United Nations Office for Disarmament Affairs, International Ammunition Technical Guidelines (IATG) 01.90: Competence, Version 3, 2021. un.org/disarmament
6. Defence and Security Accelerator (DSA), DSA 02.OME: On-site Manufacture of Explosives — Version 3.0, July 2024; incorporating reference to ESA NOS Key Role 6 (Procurement). gov.uk/guidance/explosives-regulations-and-guidance
7. UK Ministry of Defence, JSP 940: MOD Policy for Quality (main policy page). gov.uk/government/publications/mod-policy-for-quality-jsp-940 — parent policy to which the GQA Framework Edition 2 reports.
8. UK Ministry of Defence, JSP 940 Part 1: Directive. assets.publishing.service.gov.uk (PDF)
9. UK Ministry of Defence, JSP 940 Part 2: Guidance, updated March 2025. Chapter 4 (Government Quality Assurance) directly references and aligns with the 2017 GQA Framework for consistent application across procurement and support. assets.publishing.service.gov.uk (PDF)