10.2 Nonconformity in ISO 9001

What is nonconformity in ISO 9001?

Nonconformity in ISO 9001 is failure to meet a requirement, realizing and defining the problem, containing the problem, determining its cause and taking appropriate action to prevent it happening again.

When a company is ISO 9001 certified, there is a specific set of regulations that must be followed in order to conform with the guidelines. In the event that one of these mandatory requirements are not being followed, the company or individual will be considered noncompliant.

Keep reading to find out what is considered to be nonconformity in ISO 9001, as well as what happens after the violation has been recognized.

Stormtrooper nonconformity

Nonconformity In ISO 9001

Nonconformity in terms of ISO 9001 is defined as the failure to meet one or more requirements that are outlined throughout the mandatory clauses. To get more into detail on the topic, nonconformity can refer to the requirements of a regulatory body, the organization itself, or even the customers of the business.

ISO 9001 Nonconformity:

  1. Failure to meet one or more requirements
  2. Requirements of ISO, business procedures, or customers

Nonconformity can be anything from the company’s individual procedures to the quality standards that must be upheld in order to satisfy the customer base. In the event that there are any violations of ISO 9001, there are a few actions that should be taken thereafter.

What is Non-conformance?

There are two different types of nonconformity that can be identified, which are referred to as major and minor non-conformances.

A minor non-conformance is an event or action that is outside of the ISO 9001 requirements. However, this type of violation does not have any dire consequences to the way the business operates nor does it cause any major effects.

A major non-conformance, on the other hand, is identified when where is a huge violation of the business’ QMS, preventing the entire company from meeting the requirements outlined in ISO 9011 guidelines.

For example, if the company personnel failed to take corrective action on an area of the business that was not compliant with ISO regulations or just failed to implement the standards in the first place, this would be considered a major non-conformance

What Happens After Nonconformity is Identified:

  1. A non-conformance report (NCR) is filled out
  2. The auditee is informed of the contents of the report
  3. Plan of action is established to prevent nonconformity

When nonconformity is identified in a business, there are a few things that will take place in order to get the company back on track. First of all, a non-conformance report (NCR) will be filled out by the supervising personnel.

Once the person who is being audited has been informed of the contents of the report, a plan of action is establishes and carried out in order to prevent future nonconformity.

The details of the processes that go into reporting and correcting ISO nonconformity will be described in detail within the next few sections. Keep reading to get a better idea of what this looks like within an ISO 9001 certified company.

Reporting ISO 9001 Nonconformity

When nonconformity occurs within a business, there is something called a non-conformance report (NCR) that is filled out to notify the violator of the issue at hand in explicit detail in order to begin to repair the problem.

The NCR is created in the form of a document, and is meant to be constructive, allowing the person who is being notified to be able to make changes and move into the right direction.

In order to create a detailed and effective non-conformance report, there are four main points that need to be addressed, as outlined in the ISO 9001 Nonconformity clause. These NCR requirements are outlined below, and explained more in detail throughout the rest of this section.

Non-conformance Report:

  1. Requirement that is being violated by non-conformance
  2. Event/action that went wrong to cause the NCR
  3. Plan of action to prevent future problems
  4. Explanation of the action that will be taken to correct non-conformance

The first item that must be included in a non-conformance report is the specific requirement that is being violated by the non-conformance Basically, the report must indicate which rule or regulation from ISO 9001 is being broken, which will be the reason why it is being written in the first place.

Along with the requirement that is being violated, the actual event or act that went wrong to cause the NCR to be written up must also be indicated in the report to notify the company personnel of what they have done incorrectly to cause the violation.

Next, and most importantly, a plan of action to prevent future problems of similar nature must be written on the report. Since Non-conformance reports are meant to be solution-oriented, there must be some kind of positive action recorded on the document.

To be more specific, non-conformance reports are not a notification of an employee being fired, put on suspension, or otherwise placed on any kind of punishment per say. They are meant to help the business improve as a whole, by assisting every member of the company in becoming fully compliant with the ISO 9001 regulations.

The NCR could be considered a warning to the non-complaint employee, that outlines a detailed process on how they can correct their actions and avoid making the same mistakes in the future. The plan of action must be accompanied by a more in-depth explanation of the steps that will be taken to fix the non-conformance

Suggestions for Writing NCR:

  1. Write clearly
  2. Address everything that is required
  3. Keep the non-conformance statement general to highlight the specific issue
  4. Write the more specific details in the objective evidence area only

When it comes to writing an effective NCR, there are a few tips that you will want to keep in mind to get your point across clearly and gain the best results afterward.

First of all, you will want to write clearly so that the auditee will be aware of the issue that has occurred. Along with addressing everything that is required in the report as mentioned in the list above, you will want to keep the non-conformance statement as general as possible.

Even though the report itself should be very detailed, you should write the most specific information in the area that is designated for the objective evidence.

The beginning of the report where you explain the regulation that has been violated should be written in generic terms in order to highlight the specific issue at hand, instead of confusing them with big words and distracting from the main idea of the report.

man writing document

How to Correct a Nonconformity

While it is important to avoid nonconformity in a business at all costs, there will be some instances where mistakes can happen and rules can be broken for whatever reason.

Instead of dwelling on the fact that an employee or certain area of the business is not currently conforming to ISO 9001 regulations, it is important to immediately come up with a plan and take action to fix the issue.

In this section, we will go over the process that should take place in the event that nonconformity occurs anywhere within a company.

Corrective Action:

  1. Review efficiency of corrective actions taken
  2. Completing a review of actions
  3. Meeting, observing, or following up with auditees
  4. Documenting all nonconformities, actions, and results

As mentioned previously, a report must be written up in the event of any nonconformities within the business. In this report, there are detailed steps of how the problem will be solved.

While correcting the non-conformance, the efficiency of the corrective actions outlined in the report should be reviewed. Additionally, the auditees should be met with, observed, or followed up with to make sure the problem does not persist.

Throughout this entire process, everything should be documented for accuracy, effectiveness, and future reference.

As you can see, nonconformity of ISO 9001 is something that occurs when regulations are not being followed, however there are plenty of actions to take in order to fix the problem and prevent any future ones.

Related Information You Might Find Useful

Next ISO 9001 Clause

Each ISO 9001 Clause Explained

Updated: 26th February 2022
Author: Richard Keen

Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard

ISO templates

Don’t Try to Manage It All Alone!

Our ISO Auditors and Quality Manager Trainers have been in this industry for years, and since 2002 we’ve been providing thousands of small businesses and large corporations with the tools they need to get certified.

Instead of trying to create everything you need to follow this process from scratch, use ours. We have procedures, templates, checklists, process maps, forms and gap analysis tools to help you control your documented information without missing a single input or output.

Before you invest all the hours reinventing the wheel, before you spend countless dollars outsourcing the task — try our templates.

ISO 9001
ISO 14001
ISO 45001

Nonconformity & Corrective Action Procedure

The purpose of this procedure is to establish the process for identifying, documenting and analyzing nonconformities and mitigating their impacts by implementing appropriate corrective actions. Your organization’s quality management system is geared toward the proactive elimination of actual and potential deficiencies.

Nonconformities in products, services, processes and our management system are investigated and action implemented to prevent their occurrence.

Forms & Reports also included:

  • Control of nonconformity & Corrective Action Process Activity Map
  • Authority Matrix
  • Corrective Action Process Map
  • CAR & SCAR Log
  • Corrective Action Request
  • Supplier Corrective Action Request

>> Free Download - Control of Calibrated Equipment Procedure - this will give you a good idea of what to expect when you purchase the procedure.

>> I'm looking for more Procedures

$19 USD

add to cart

$19 USD

add to cart

$19 USD

add to cart

ISO 9001 + ISO 14001 IMS Corrective Action Template, Procedure + Tools + Guidance

  • Nonconformity & Corrective Action Procedure - view sample
  • Nonconformity & Corrective Action Process Overview (Turtle Diagram) - view sample
  • Corrective Action Process Map
  • Corrective Action Report
  • 3W (Who, What, When) Action Plan
  • Corrective Action Tracker - view sample
  • 5-Whys Worksheet
  • 8D Worksheet
  • Action Items Log
  • Improvement Activity Form
  • In-depth Guidance; including Root-cause Analysis Process - view sample

Everything you need to prepare for, manage and tighten up your Corrective Action documentation.

$35 USD

add to cart

  • Written in International English
  • Fully-editable MS Word or Excel files, compatible with Google Docs and Apple Pages
  • All the templates use styles – making reformatting and rebranding a breeze
  • Immediate download

Pay by Credit Card, Debit Card, PayPal or Apple Pay.
Credit card, PayPal or ApplePay

money back guarantee

We are 100% confident in the quality and contents of our products. Used by thousands of organizations around the world, our templates have been sold online since 2002.

Please read our Money Back Guarantee.


Are The Templates Suitable For You?

Bought by Small Businesses and Large Corporations our templates have been sold online and CD since 2002.

Used by:

  • Small Businesses – dentists, accountants, engineers
  • Large organizations – hospitals, power plants, aircraft manufacturers

The Templates are used by first-timers following our step-by-step, clause-by-clause guidance documents; and experienced Quality Managers wishing to streamline and improve their existing documentation.

The application of our templates is scalable and generic; regardless of the size and type of organization. The elements that form the quality management system are the same.


Five Reasons To Choose Our Templates

1. Our customizable templates save you time and money by offering a streamlined process to create your quality documentation

2. They’ve got everything you need in one simple template

3. Proven to work our templates have helped thousands of businesses big and small achieve certification

4. Documents use styles to make reformatting and rebranding a breeze

5. Our templates are generalizable for any industry or sector. The application of our templates is scalable and generic; regardless of the size and type of organization.


FAQs About Our Templates

Ask Us a Question

More Information


ISO 9001 Client images