“There is no such thing as a perfect system.”

There are always gaps and areas for improvement within systems and business processes. It is essential to understand their business process, identify gaps and implement improvement initiatives to position them in the competitive market better. Businesses should establish an improvement process to identify, capture and take appropriate actions to:

  • Recognize potential non-conformances and prevent its occurrence
  • Eliminate detected non-conformances
  • Improve processes and customer service

So what is a non-conformance?

According to ISO 9001:2015 – Quality Management System, non-conformance occurs when something does not meet the specification or requirement of a process, system, internal policies & procedures, customer requirements and regulatory body. Non-conformance can be found in service, product, process, supplier, or in the management system.

Example of few non-conformances

  • An element of ISO 9001:2015 standard not implemented
  • Procedures not developed or not implemented
  • Failure to take corrective or preventive action
  • Customer requirements are not met
  • Product defects and customer complaints
  • One or a few individuals (out of many) do not use a procedure correctly
  • Lack of records and documentation

The above non-conformances can be identified through internal audits, external audits, product recalls, incoming goods inspection, inspection activity, test results, customer complaints and legal compliance.


Key steps in a non-conformance management process:

Whenever a non-conformance is identified the following three actions should be taken:

  1. Correction – the first course of action to immediately rectify and stabilise. As a first aid measure
  2. Corrective action – action to eliminate the cause of a detected non-conformity and prevent its recurrence.
  3. Preventive action – action to remove the cause of potential non-conformity and prevent its occurrence.

It is strongly recommended that companies use business improvement methodologies such as PDCA (Plan, Do, Check, Act) or DMAIC (Define, Measure, Analyse, Improve, Control). These tools will enable the business to unpack the non-conformance to determine the cause and implement appropriate measures. Now let’s take a deep dive into corrective and preventive actions.


Corrective action:

As mentioned earlier, it is an action to eliminate non-conformity and prevent its recurrence.

However, how can we do that?

In the event of non-conformance, business managers should investigate the non-conformance and identify the potential root cause of the incident. Businesses are encouraged tools such as 5Why methodology and Fishbone Analysis to identify and determine the root cause of the non-conformance. It is critical to identify the root cause and take corrective action to address the identified root cause. Otherwise, the corrective action will fail, and the incident will most likely reoccur.


Preventive action:

Unlike ISO 9001:2008, the current standard ISO 9001:2015, there is no need for documenting the preventing action.  Preventive actions are taken with an objective to eliminate potential non-conformance and prevent the occurrence. This is where risk management comes into play; all preventive actions are a part of the risk management system (refer blog post on risk management).  Preventive action plays a major in the continual improvement the business, its system and processes.

The below flowchart provides a snapshot of the non-conformance management process


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>