10.2 Nonconformity in ISO 9001 [with Template]

ISO 9001 Nonconformity

1. Failure to meet one or more requirements
2. Requirements of ISO, business procedures, or customers

Nonconformity can be anything from the company’s individual procedures to the quality standards that must be upheld in order to satisfy the customer base.

Types of Nonconformity - Major, Minor

There are two different types of nonconformity that can be identified, which are referred to as major and minor non-conformances.

A minor non-conformance is an event or action outside of the ISO 9001 requirements. However, this type of violation does not have dire consequences for the business's operations or cause major effects.

A major non-conformance, on the other hand, is identified when where is a huge violation of the business’ QMS, preventing the entire company from meeting the requirements outlined in ISO 9011 guidelines.

For example, if the company personnel failed to take corrective action on an area of the business that was not compliant with ISO regulations or just failed to implement the standards in the first place, this would be considered a major non-conformance.

What Happens After Nonconformity is Identified

1. A non-conformance report (NCR) is filled out
2. The auditee is informed of the contents of the report
3. Plan of action is established to prevent nonconformity

When nonconformity is identified in a business, there are a few things that will take place in order to get the company back on track. First of all, a non-conformance report (NCR) will be filled out by the supervising personnel.

Once the person being audited has been informed of the report's contents, a plan of action is established and carried out to prevent future nonconformity.

The next few sections will describe in detail the processes involved in reporting and correcting ISO nonconformity. Keep reading to get a better idea of what this looks like within an ISO 9001-certified company.

Non-conformance Report (NCR)

When a nonconformity occurs within a business, a non-conformance report (NCR) is filled out to notify the violator of the issue at hand in explicit detail in order to begin to repair the problem.

The NCR is a document meant to be constructive, allowing the person being notified to make changes and move in the right direction.

Four main points need to be addressed to create a detailed and effective non-conformance report.

The Non-conformance Report Contains:

1. The ISO requirement that is being violated by non-conformance
2. Event/action that went wrong to cause the NCR
3. Plan of action to prevent future problems
4. Explanation of the action that will be taken to correct non-conformance

The first item to include in a non-conformance report is the specific requirement being violated by the non-conformance. Basically, the report must indicate which rule or regulation from ISO 9001 is being broken, which is why it is being written in the first place.

Along with the requirement being violated, the actual event or act that caused the NCR to be written up must also be indicated in the report to notify the company personnel of what they have done incorrectly to cause the violation.

Next, and most importantly, the report must include a plan of action to prevent future problems of similar nature. Since Non-conformance reports are meant to be solution-oriented, some kind of positive action must be recorded on the document.

To be more specific, non-conformance reports are not a notification of an employee being fired, suspended, or otherwise punished per se. They are meant to help the business improve as a whole by assisting every member of the company in becoming fully compliant with the ISO 9001 regulations.

The NCR could be considered a warning to the non-compliant employee that outlines a detailed process for correcting their actions and avoiding making the same mistakes in the future. The plan of action must be accompanied by a more in-depth explanation of the steps that will be taken to fix the non-conformance

Suggestions for Writing NCR:

1. Write clearly
2. Address everything that is required
3. Keep the non-conformance statement general to highlight the specific issue
4. Write the more specific details in the objective evidence area only

When it comes to writing an effective NCR, there are a few tips that you should keep in mind to get your point across clearly and achieve the best results.

First, you will want to write clearly so that the auditee is aware of the issue that has occurred. Along with addressing everything that is required in the report, as mentioned in the list above, you will want to keep the non-conformance statement as general as possible.

Even though the report itself should be very detailed, you should write the most specific information in the area designated for the objective evidence.

The beginning of the report, where you explain the regulation that has been violated, should be written in generic terms to highlight the specific issue at hand instead of confusing readers with big words and distracting from the main idea of the report.

Corrective Action - How to Correct a Nonconformity

While it is important to avoid nonconformity in a business at all costs, there will be some instances where mistakes can happen, and rules can be broken for whatever reason.

Instead of dwelling on the fact that an employee or a certain area of the business is not currently conforming to ISO 9001 regulations, it is important to immediately take corrective action to fix the issue.

Corrective Action

1. Review the efficiency of corrective actions taken
2. Completing a review of actions
3. Meeting, observing, or following up with auditees
4. Documenting all nonconformities, actions, and results

While correcting the non-conformance, the efficiency of the corrective actions outlined in the report should be reviewed. Additionally, the auditees should be met with, observed, or followed up with to make sure the problem does not persist.

Everything should be documented throughout this process for accuracy, effectiveness, and future reference.