“Nonconformances (also known as nonconformities) are outputs that do not meet requirements.”

If your company produces/ makes dolls, then the requirement is that each doll has 2 arms, 2 eyes, 2 legs, etc. Correct?

What if you are packing the doll in a box right after it being made and notice that it is missing half a leg?

Does this doll meet your expectations?

This is definitely a non-conformance (NC1).

Depending on the company and the production manager they could call these different things: rejects, issues, NCR (non-conformance report), DMR (defective material review), defects, etcetera.

At the end of the day, they all are the same, an item that did not meet expectations.

Moreover, this is a product nonconformity.

You can read more about this type of nonconformity and the ISO requirements around it in clause 8.7 of the ISO 9001:2015 standard. It will detail all requirements on how to deal with this operations nonconformance.

But don’t worry, we will explain how to handle it a bit later.

Production or manufacturing nonconformities are probably the easiest to spot but now let’s talk about nonconformances for service companies.

Imagine you worked at a logistics company (3rd party logistics / 3PL). Your customers want you to send their products out to their customers when they communicate it to you. What if they told you to send “Doll A”, UPS ground to customer X in Miami and instead you sent the package to customer Y in Washington. This a service non conformance (NC2).

Just for clarification, service provision should follow clause 8.7 as if it was a manufacturing rejection. This is something that a lot of people are not able to identify properly. In general if there’s a service that a company provides to a customer, then they need to meet many operation requirements in section 8 of the standard so do not forget 8.6.

But wait! Things could go wrong anywhere. Non conformances could happen in any department, not only in operations, service or production. In any department something can go awry and impact the final quality of your service or product.

For example, the purchasing department in the doll company buys blonde & brown hair for the dolls. They purchase 100 lbs of each hair color hair.

When the items arrive, the receiving department notices that a portion (60 lbs) of the blonde hair was blue. Is this what they expected?

Can they use it? Should they use it?

What they have here is a non conformance, and more specifically, a supplier non conformance (NC3). They did not meet your requirements and thus, you will need to contact them for a credit or replacement.

In the logistics company they have an order management team and a shipping team that rely on each other. What if the order management team makes a mistake in communicating order information. If they missed the shipping method or the product detail, that would be an order management team nonconformance (NC4). The expectation is that order management provides correct order information to the shipping department so that it does not impact the system or a customer’s experience.

Finally, let’s imagine your company wants to become ISO 9001 certified (wink-wink). No matter if you are a service or manufacturing company, there are certain requirements (from the standard) you will need to meet. For example, you will need to demonstrate that you deal with nonconformities adequately, that you monitor these nonconformances and that if necessary “open” a corrective action to eradicate the underlying cause. (Refer to Clause 10.2, in the Improvement section).

But let’s say during your audit you say to the auditor have not had any nonconformances. The auditor will doubt it, but will need to take your word for it. As the auditor continues digging a little deeper, they find out that you do have supplier issues (things you purchased do not come in as expected). He finds you have returned several items to your supplier.

The auditor asks you, “why is this not considered a nonconformance?” Probably because you did not know this is a nonconformance. Therefore, when you receive the audit report it will state you have a nonconformance because you did not meet the requirements of the standard in clause 10.2, to identify nonconformities and handle them. This is a quality management system’s – QMS – nonconformance (NC5).

To summarize, nonconformances are:

Instances where something your company does not meet requirements. Further,requirements could be set by: a customer, a regulatory agency, a standard or your own process.

Found anywhere in the life-cycle of a company- service or manufacturing

Identified during audits

To be clearly identified and controlled

Will need to be resolved adequately (ie: by replacing, returning, crediting, etc.)

Now that we understand what nonconformances are, remember you will need to prove to your auditors that you are identifying them and if possible monitoring nonconformances. We suggest keeping a log or having these recorded somewhere.

TIP: you will have to report NC’s to your management team so keeping it in a log/ database will be easiest.

Corrective Actions

We always ask our teams: “Why do you think ISO wants you to keep records for these nonconformances?” We get different responses. The reason we highlight is that when monitoring and analyzing nonconformance data it provides your business insight on how and where there are areas for improvement.

Further, you will be able to discuss these during management review meetings which will point to specific areas for improvements. (Which you already value because all quality management systems are committed to continuous improvement anyways, right?)

TIP: create categories or summary descriptions for your nonconformances so you can sight a trend and report it easily.

When you start recording, monitoring and analyzing issues you could find trends or you might find a significant issue that your company will like to address immediately. When you spot these, you should consider opening a CORRECTIVE ACTION.

A corrective action is an activity (project) that aims to remove/eradicate an impactful issue that is affecting your company.
Further, ISO clarifies that a corrective action should address the root cause (underlying cause) to ensure it truly prevents the issue from happening again. Do not be confused by the word action in its name.

You might have more than 1 action or task for you to eliminate the issue.

Wait a second… a nonconformity is an issue and a corrective action is a project by which we deal with impactful issues. Do I need to have a corrective action for all nonconformities?

NO!!!!!!! Nobody has time or resources for that! This is why we tell you a Corrective Action is trying to eradicate an impactful issue not any issue.

A corrective action will take a bit more resources and analysis, that is why we call it a project. Use the nonconformance trend analysis so that you can decide what needs a corrective action. And always make sure that the actions taken eradicate the issue from your system, otherwise the corrective action is not effective and should be done again.

An effective corrective action will have the following parts:

Problem definition.
Resource assignment.

Root Cause analysis.

Actions taken.

Verification that actions taken are effective.

What to do with Nonconformances?

Handling nonconformities

Dealing with nonconformances

Now that we know what NC’s + CA’s are, let’s make sure we understand that identifying issues is not enough.

You need to resolve issues in order to continue improving. When a nonconformance does not impact your company too much and can be remedied quickly and swiftly instead of opening a corrective action you need to deal with it. ISO used to call this disposition now it states you deal with the nonconformities. ISO wants you to control, correct & deal with consequences of issues.

We call this the band-aid fix (quick & swift). A band-aid will cover a wound and help it heal but it does not prevent you from getting a wound again.

Let’s use the following examples to show you how you can handle nonconformances…

In the doll company issue (NC1) you can fix it by reworking the doll or scrapping the doll and replacing it. If all is well, then you can ship it out. As long as it meets your customer’s expectations when delivered, all will be okay.

In the logistics company issue (NC4) it is a matter of communicating correctly. If they catch the issue before it leaves their warehouse, they will have to make the necessary changes in the paperwork, and send it off. If they don’t catch the issue in-house, then they will have to bring back the package and re-send it.

NCR Handling

2 Things to Remember

Rules about nonconformances that ISO 9001 want to highlight are:

Nonconformances need to be identified & controlled (dealt with). I call it the “band-aid” fix.

You should monitor/analyze/evaluate your nonconformances to see if there is a bigger/ recurrent / impactful issue your company will need to deal with. Trend information and report to your leadership team.

Opening &

Handling Corrective Actions

What happens if the incident of the doll missing half a leg (NC1) reocurred 5520 times and you notice that this “rework” is costing the company to spend more money in resources and time. For all matters and purposes let’s say it costs the company 5$ per reworked item.

Essentially the company is now out $27,600. Each company will have a different threshold but if you decide this is too impactful to your business then this is something you need to correct immediately!!!

The best way to deal with a recurrent and impactful issue and ensure it never happens again is by opening a Corrective Action.

This is what we call a “forever fix”.

Is there a guide of when a Corrective Action should be open ?

When the impact to your business is too big to accept a recurrence. But we created this awesome list that we believe will help you “see it”.

Disclaimer: there will be more specific reasons when to open a corrective action in your business, but below will provide a sense of structure of when to open.

Open a Corrective Action when there is:

A severe delay in production or service provision (operations).

A recurrent supplier issue that is impacting your operations.

A quality issue with negative financial impact to the business.

A recurrent design failure.

A burden to the company’s resources.

A recurrent knowledge gap.

An impactful resource loss to the business that was not planned.

A nonconformance in a quality audit (internal or certification body).

Consensus from management team (normally in a management review meeting) that there is an issue that needs to be resolved by using a CAR.

5-Step Corrective Actions

An effective Corrective Action should follow the 5 steps below.

  1. Problem definition

Once you open a corrective action, you know the issue is but you will need to define the problem without adding any color commentaries. When you define a problem it should answer the: what, who, when & how the issue happened?

Let’s bring this to real-life situations:

Issues found:

Customers complained about constant delay in receiving products.

Incorrect materials received from supplier ABC.

During audit we found 4 testing equipment expired. 2 were scales and 2 were micrometers.

Problems defined:

Production is having constant delays and therefore we have a $$$ backorder.

Supplier ABC is frequently sending incorrect product tying up our resources in receiving and impacting our ability to deliver product to customers.

Calibration of several items were overdue and therefore product tested with them during the last 2 months might not meet requirements.

  1. Resource assignment
    Once you know what the problem is, you will need to identify key players & important equipment/ software/ tools needed to help solve the issue. Normally, you start by inviting the leader of a department but they might in turn add a different resource for the activity. At the end remember what Robert South said: “Problems can become opportunities when the right people come together”. So, “be the bridge”…

be the bridge

  1. Root Cause Analysis (RCA)
    Most quality professionals believe that all events have a cause & effect. Understanding the root cause will help us determine why the issue happened. Previously we told you that corrective actions need to address the underlying/root cause. The reason behind it is that if you remove the cause then the effect won’t happen.

There are several quality management tools that help you find a root cause but no matter what you use, it needs to be a systematic objective analysis. Some tools you could use are: scatter plot, Ishikawa (fish-bone) diagram, Pareto chart or 5-why’s analysis.

The most common tool and probably the simplest one to perform is the 5-why analysis.

3 steps to performing a proper 5-why analysis:

Ensure your problem is well defined.

A symptom (simple issue) is not a problem, instead you want to diagnose the problem properly.

You cannot address the problem well if you have not defined it.

Ask your 5-whys

Make sure you interview the people with most practical knowledge on the subject matter.

Cross-functional teams will provide a broader perspective in the analysis.

Don’t overdo it with why’s, you might end up with forced information but use a minimum of 5 why’s.

The 5 why responses do not have to be a cascade. The answer of one does not lead to the next why in every case. Instead think of different factors/ issues/ reasons of why something did not work.

Make sure the root cause is a clear statement

The statement should depict the underlying cause

Don’t add any color commentary.

TIP: We use 4 main categories of root cause to help us stay objective.

These are:

1) Process was not understood


Process was not capable
3) Process had obstacles

4) External factors caused the issue

  1. Action(s) to address Root Cause:
    After you have performed the RCA, you probably know there are different tasks to be performed. It is deceiving that this is called a Corrective Action but it could have several tasks (actions) to eliminate the issue. That is why, we defined a corrective action as an activity (project) to eliminate an underlying issue.

For example, in the doll situation (NC1) let’s say the root cause was that the process had obstacles. The machine is not working and controls were not in place during the production phase.

Some actions you could plan are:

Update leg manufacturing process, add specification/ expectations to the procedure.

Add In-process QC visual checks (step) after legs are built.

Review Management Review process to see if NC’s can be monitored/ trended quarterly instead of every 6 months.

Once processes are defined train all operators on new process.

Don’t forget to record each action/ task performed on your form. Make sure that there is objective evidence to show how you fixed an issue.

TIP: make sure you have a form, people call it a CAR (corrective action report), and record for each Corrective Action opened.*

If you need for us to review your corrective action process, let us know, we are here to help. Contact us

  1. Effectiveness check
    Once the actions have been completed, someone needs to perform a verification process. They need to check that the actions taken were effective and will eliminate the issue from the system.

Essentially this person “certifies” that this won’t happen again. When they do, they need to state the reasons why they believe this won’t happen again. This step is what closes / completes the corrective action report (process).

For example going back to the doll leg issue (NC1).

Check that all operators had a training record for new process.

Review the NCR log after a month, to see if the issue happened again.

Determine if the process is well defined, easy to understand and that knowledge transfer has been effective.

**Tip: It would be beneficial to have an ongoing list of all the CAR’s you have opened and closed.

This way you are organized and structured when it comes to continually improving.**

Tip 2: Effective Corrective Action system = no repeat issues

Center of Continuous Improvement:
Non-conformance & Corrective Actions

If you have performed the items above as analytically as possible then you will end up with an improved system.

For example in NC1: Before, you were bleeding money due to a doll manufacturing issue, but going forward your process has improved and will not let you down.

This essentially is a powerful tool for you to “attack” any issue and ensure it is gone from your company. The more complex an issue, the better the corrective action will be.

Leave a Reply

Your email address will not be published. Required fields are marked *