10.2 Nonconformity and Corrective Action: Previous Next 8.7 Nonconforming Outputs

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 12

10.

2 Nonconformity and corrective action


« Previous | Next »
There is a clear link between ISO 9001:2015 Clause 8.7 Nonconforming
Outputs and Clause 10.2 Nonconformity and Corrective Action. ISO 9001
Clause 10.2 requires your organization to evaluate the need for actions that
will prevent recurrence of nonconformities. A nonconformity might arise
via customer compliants, poor or adverse results and trends from monitoring,
reviews, assessments or inspections, non-fulfilment of legal or regulatory
requirements, or procedures not being followed.
Where as, the intent of ISO 9001 Clause 8.7 is to prevent the unintended
delivery or use of nonconforming outputs (outputs should be considered
as products and/or services) and that any nonconformity is controlled and
corrected to prevent its unintended use by or delivery to the customer. Clause
8.7 only requires an organization to deal
with outputs (products and/or services) that fail to conform to specified
requirements.
As the first step in the nonconformity and corrective action process, the root-
cause of the nonconformity should be determined and the effectiveness of the
subsequent corrective action should be monitored and evaluated. Corrective
actions can be triggered through nonconforming tests or other work,
customer complaints, internal or external audits, management reviews, and
observations by staff.

Definition of correction
Correction (also referred to as immediate correction) is action taken to
eliminate a detected nonconformity or defect (adapted from ISO 9000). A
correction can be made in conjunction with undertaking corrective action. For
a product nonconformity, correction might include reworking the part,
accepting the nonconformance through the concession process, replacing the
product, or scrapping the product.

Definition of corrective action


Action implemented to address the root-cause(s) and contributing cause(s) of
the undesirable condition, situation, nonconformity, or failure; action taken to
prevent recurrence. As part of the corrective action process you must identify
all the causes (root-cause and contributing causes) that have or may have
generated an undesirable condition, situation, nonconformity, or failure.

When to apply corrective action


The decision to apply or not apply the corrective action process should be
made by the appropriate level of management within the company, based on
the level of risk. This guidance provides a 6-step methodology for applying
corrective action and meeting the requirements in each of these clauses. Many
factors that can trigger the corrective action process, examples include:
1. A safety impact that affects the product or personal;
2. Product performance and/or reliability issues;
3. High impact on production and/or maintenance operations;
4. Repetitive problems to one part of the activity/process, or similar
problems across many activities/processes;
5. Difficulty in detecting the nonconformity;
6. By customer request;
7. Significant quality or management system issues;
8. Complex problem that cannot be solved without assistance of
others not located where the problem occurred.
These clauses state the requirements for the occurrence of a nonconformity
and include actions to prevent a similar nonconformity or problems occurring.
The analysis of nonconformities should not look for someone to blame, or a
department that is 'more responsible than another', but rather for
understanding and improving the organizational weaknesses that made them
possible.

Where your internal audits identify that your organization's policy, objectives,
standards and other requirements as outlined within their management
system are either not implemented, or are improperly implemented, a
nonconformance report should be raised and entered into the nonconformity
log as appropriate. This should require an agreed response from the relevant
Line Manager prior to closure.
The root-cause must address the nonconformity and the corrective action
must address the root-cause. Any nonconformities and subsequent actions to
prevent their reoccurrence and the effectiveness of the corrective action(s),
should be duly documented and retained. If you need a procedure and forms
to help your business control its nonconformity and corrective action process,
click here.
Our new range of audit checklists include the tools needed for corrective action
management in accordance with ISO 9001.

6-step methodology for applying corrective action


Step 1. Identify the Problem
Once a problem has been identified through inspection, customer complaints,
or audit results, it should be captured using non-conformity reports (NCRs) or
corrective action reports (CARs) in order to identify who is affected by the
problem and what the impact is. Considering the following:
1. What are the operations, products, materials, defects, malfunctions
that may characterise the problem? What is it about?
2. Who is concerned with the problem? Who is reporting the
problem? Who is rectifying the problem? Who is the problem
affecting?
3. Where are all the places where the event takes place; shop floor,
services, machine, process step?
4. Where is it seen? Where does it originate?
5. When does the event appear (time, date, when does it start, how
long does it last, how often)
6. When is the problem reported defective? When is the problem
repaired?
7. Has it occurred before? If yes, what is the history?
8. How do we know there’s a problem (how is it detected)?
9. How does the event appear, how does it stop?
10.How frequently is the problem experienced?
11.How is the effect of the problem being measured (costs, delays,
scrap rate, customer complaints, return rate, concessions, reliability
rate, etc)?
12.How is the problem currently addressed? How is it corrected?
This step helps to fully describe a situation, precisely analyse all its elements
and gain a common understanding of them, allowing the definition of an
action plan. Ensure that all team members agree about the definition of the
issue and resulting impact.

The problem description should describe the problems in terms of what,


where, when, and how big. On a flip chart, presentation board, or even paper;
write out a description of what you know about the problem. Try to document
the problem and describe it as completely as possible.

The description should contain facts; such as observations and documentary


evidence and not assumptions. All information must be gathered before
identifying the root-cause can begin.

Make sure both of the above factors are true before you move to the next
step. Consider any new information that the team may have gathered since
completing the initial problem description.

Describe the problem by identifying what is wrong and detail the problem in
quantifiable terms. Define, verify and implement the interim containment
action to isolate the effects of the problem from any internal/external
customer until Permanent Corrective Actions (PCA) are implemented.
Step 2. Establish a Response Team
Identify representatives from functions that may have an influence on the
corrective action process, including the identification of the root causes.
Remember to assign responsibilities and objectives to the team members.

Remember, those performing the job, such as operators, inspectors, drivers,


etc., are the best people to help identify the real causes, don’t leave them out
of the team!
The size and composition of the team should depend on the complexity and
the impact of the problem. The composition of the team is not fixed forever
and may evolve depending on the analysis results and the required actions.

New team members should join the team if analysis shows they are identified
as being in the scope, some others will leave if their area is definitely identified
as out of the scope.

However, consideration should be made that expending the size of the core
team over 6 to 8 members generally results in less efficiency. When more
members or special skills are required, sub teams should be considered. Don’t
forget, root-cause analysis must not be used for assigning blame or
transferring responsibility. In summary, you should establish an investigation
team with:
1. Process and/or product knowledge;
2. Allocated time and resources;
3. Authority to solve the problem and implement corrective actions;
4. Skill in the required technical disciplines;
5. A designated Team Leader.
Brainstorming sessions should be used to identify potential causes to
investigate each potential cause. Coordinate parallel activities with different
team members to help expedite the process of verification.

Once you have reviewed the problem description, you can undertake a
comparative analysis. A comparative analysis will help you identify relevant
changes in a change-induced situation. Then you can reduce the number of
possibilities that you must consider to determine root-cause. To complete a
comparative analysis:
1. Ask yourself; what is unique, peculiar, different, or unusual about
the symptoms?
2. Consider features such as people, processes, materials, machines
and the environment;
3. List all facts without prejudice as to the possible cause;
4. Consider each difference you listed, and look for changes, ask
yourself what has changed to give rise to this difference?
5. Keep in mind that each difference may not have a corresponding
change;
6. List the changes next to the difference;
7. Look at the dates each change occurred;
8. Eliminate some changes if they occurred after the problem started;
9. Consider categories of people, machines, processes or
measurements.
If the problem is change-induced, the root-cause must be the result of a
change relative to one or more of the identified changes. It is important to
remember that you have not yet moved from the ‘observations’ phase of the
process.

Any information you develop during the comparative analysis must be fact
based, not opinion based and must be true only for the symptom’s
information. Do not rule out any facts that might be valid answers. If it is a fact
and it answers the question, write it down.
Your organization should first contain the problem by taking immediate
corrective action (ICA) and then evaluating the need for initiating the formal
problem-solving process.

Where necessary, provide an emergency response action to protect the


customer from the problem, protect the customer operations and the
organisation (to stop the problem getting worse) and verify that problem does
not degrade until the root-causes are known.

An interim containment action is kept in place until a verified permanent


corrective action can be implemented. In some cases, the interim containment
action may be the same as or similar to the emergency response action. An
interim containment action provides more opportunity for investigation.

Conduct trial runs whenever possible. However, in some situations, your


verification may simply be a matter of common sense. For example, if an
interim containment action involves stopping the shipment of all products,
you can be sure that customers will stop experiencing the problem.

An interim containment action can be any action that protects the customer
from the problem. However, before you implement an interim containment
action, you need to verify that the interim containment action will work. To
verify the interim containment action:
1. Prove before implementation it protects the customer from the
problem;
2. Provide a before-and-after comparison;
3. Prove that the interim containment action will not introduce any
new problems.
Methods of verification may include:
1. A test to determine the desired performance level;
2. A demonstration that changes eliminated the issue without creating
a new problem;
3. A comparison between the interim containment action and similar
proven actions;
4. A review to evaluate whether the interim containment action was
effective;
5. Assurance that the interim containment action did not introduce a
new problem.
Any interim containment action you implement must protect the customer
from the problem without the introduction any new problems. Also, a single
interim containment action may not be enough. You may need to implement
more than one interim containment action to fully protect the customer.
Step 3. Identify the Root-Cause(s)
Root-cause analysis (RCA) is a class of problem-solving methods aimed at
identifying the root-causes of problems or events. The practice of root-cause
analysis is predicated on the belief that the problems are best solved by
attempting to correct or eliminate root-causes, as opposed to merely
addressing the immediately obvious symptom.
Listed below are various root-cause analysis techniques, we recommend you
use the 5-Whys (1st Why, 2nd Why, 3rd Why, 4th Why, and 5th Why - and the
root-cause) technique to problem solving but you are free to undertake any of
the following depending on the complexity of the problem:
1. 3-Ws (what, where, when);
2. 8D Eight Dimensions;
3. Failure Mode and Effects Analysis (FMEA & DFEMA);
4. Fish-bone Analysis;
5. Pareto Analysis;
6. Fault-tree Analysis;
7. Cause Mapping - draws out, visually, the multiple chains of
interconnecting causes;
8. Barrier analysis - a technique often used in process industries;
9. Change analysis - an investigation technique often used for
problems or accidents.
The 5-Whys technique offers some real benefits to organizations with varying
degrees of management system maturity:
1. Simplicity. It is easy to use and requires no advanced mathematics
or tools that allows you to dig deep and find underlying issues
rather than using quick-fix solutions;
2. Effectiveness. It helps to separate the symptoms from the causes
and identifies the root-cause of a problem using evidence-based
analysis;
3. Comprehensiveness. It aids in determining the relationships
between various problem causes and allows you to proactively
eliminate problems for good;
4. Flexibility. It works well alone and when combined with other
quality improvement and troubleshooting techniques such as ones
listed above;
5. Engaging. By building a culture that embraces progress, by its very
nature, it fosters and produces teamwork within and outside of the
organization, encourages the reporting of issues without fear or
judgement;
6. Inexpensive. It is a guided, team focused exercise that seeks to
improve and adapt processes to ensure long-term success. There
are no additional costs.
Launching a formal root-cause analysis and problem-solving process should
always be considered when an issue; such as, undesirable conditions, defects
and failures are detected. The decision not to apply the process must be made
based on objective evidence of absence of risks!

Step 4. Implement Corrective Action


When all root and contributing causes have been identified and their effects
understood, implement all selected corrective actions. Verify that the planned
actions were taken as scheduled and assess their effectiveness in permanently
preventing the undesirable condition, situation, non-conformity or failure from
recurring. Steps for permanent corrective action (PCA) implementation:
1. Implement the permanent corrective action (PCA);
2. Implement controls;
3. Evaluate the permanent corrective action (PCA) for escape point;
4. Remove the immediate containment action (ICA);
5. Perform validation;
6. Confirm with the customer that the symptom has been eliminated.
To ensure the most effective corrective actions to address the most likely, or
critical root causes are taken in consideration of operational and business
constraints such as costs, lead time, difficulty of implementation, and
resources. Select solutions that optimise value and effectiveness for all stake-
holders!

Implement the solutions that have been selected, verify that all actions have
been completed to schedule and that they have prevented the undesirable
condition, situation, non-conformity or failure from recurring. Plan and
implement selected permanent corrective actions. Remove the interim
containment action and monitor the long-term results.

Step 5. Prevent Recurrence


Modify the necessary systems, policies, practices and procedures to prevent
recurrence of this problem and similar ones. Make recommendations for
systemic improvements as necessary:
1. Review the history of the problem;
2. Analyze how the problem occurred and escaped;
3. Identify affected parties;
4. Identify opportunities for similar problems to occur and escape;
5. Identify practices and procedures that allowed the problem to
occur;
6. Identify practices/procedures that allowed the problem to escape
to the customer;
7. Analyze how similar problems could be addressed;
8. Identify and choose appropriate preventive actions;
9. Verify preventive action and its effectiveness;
10.Develop action plan;
11.Implement preventive actions;
12.Present systemic preventive recommendations to the process
owner.
Serious consequences may occur when the underlying symptoms are not
addressed, when the quick fix is accepted as a final, permanent solution.
Excessive reliance on containment or emergency response action will create a
repeating cycle. Problem containment is an addiction that will only get worse
until the root-causes are found and addressed.

Step 6. Monitor Effectiveness


Establish a review process to ensure corrective actions are completed
according to plan and that they continue to be effective over time by
confirming you have done what you have planned. Try adjusting the type and
number or frequency of additional checks and audits to check that the actions
remain effective.

When same problem has been identified or is suspected to occur on same or


similar products, processes or data, the same corrective actions must be
implemented and their effectiveness verified for all these additional products,
processes or data.

The owner of each corrective action, the team leader and all team members
should verify the effectiveness of the actions taken to date, and when relevant,
the customer. Examples of verification methods include:
1. Additional process monitoring until it is demonstrated that the
process is stable and capable of consistently meeting requirements
(recording and analysis of process parameters and/or product
characteristics, SPC, etc.);
2. Additional internal audits to specifically verify the effectiveness of
the corrective actions;
3. Associated metrics showing significant improvement resulting from
the corrective actions.
Examples of supporting evidence might include: updated procedures, work
instructions, control plans, etc. to show any changes were defined.
Additionally, evidence of effective implementation of the changes is also
required such as SPC data, inspection records, training records, audit records,
etc.

If the corrective actions are effective, evaluate which containment actions may
be eliminated (e.g. stop over inspection and over production, return to normal
transportation means, etc.) without adversely affecting the product and
process output. Record evidence of actions completed and associated results
(what works and what does not).

To document analysis results and changes to make the corrective action


permanent, capture and share learning with all the stakeholders to prevent
similar undesirable condition, situation, non-conformity or failure occurring on
other products, production lines, factories or suppliers.

Identify all that can be shared from the experience that can be transferred
across business units, production lines, factories or suppliers. Ensure that you
get agreement from appropriate levels of management and other process
owners and functions (internally and externally) to launch actions and verify
there are implemented and effective.

Keep lessons learned register which includes a summary of content and results
of analyses, flow charts, data bases, performance data, main actions and
decisions, location where detailed data can be retrieved, difficulties
encountered when managing the issue, etc.
When the decision is made to implement actions in another business areas,
such as; production lines, factories or suppliers, which are not under direct
control of the response team, implementation and the verification of
effectiveness is not necessarily the responsibility of the team.

Escalation to top management or transfer to another function (procurement,


engineering, etc.) may be required to ensure proper leverage and action
follow-up.

You might also like