Jack Sehkon and Associates Inc.

What is NCR?

Learn about Corrective action & Preventive action & it’s risk assessment.

NCR/Correction:

This protocol applies when the process outputs do not conform to their requirements. Those non-conforming situations are identified, and the product/service is controlled to prevent their unintended use or delivery. This issue is applicable not only to the product non-conformities, but also to the outputs from all processes belonging to various ISO 9001 processes. Once the non-conforming outputs are identified, then the immediate actions/corrections are applied, subjected to original monitoring & measuring criteria, and then released. Various options for addressing the non-conforming outputs include correction, segregation/containment/return of products/services, informing the customer and obtaining authorization for any concessions.

Documented information required to be retained for non-conforming outputs includes non-conformity description, actions taken, concessions obtained, and the authority of the person deciding the actions for non-conformity. 

Upon identification of a non-conformity, it is required to control the non-conformity by applying a correction (immediate fix) and validate the conformity of the corrected product/service to the original criteria. The correction only fixes the symptoms and allows the non-conforming product after correction, to be delivered to the customer.

Corrective Action

At this point, the organization determines if it is necessary to investigate the non-conformity subject to the criteria such as dollars spent on correction, complexity of the product, and the risk levels of the process which led to non-conformity. If decided to investigate, a root cause methodology is determined based upon the nature of the non-conformity. This methodology is then executed to determine the root causes that

At this point, the organization determines if it is necessary to investigate the non-conformity subject to the criteria such as dollars spent on correction, complexity of the product, and the risk levels of the process which led to non-conformity. If decided to investigate, a root cause methodology is determined based upon the nature of the non-conformity. This methodology is then executed to determine the root causes that trigger the non-conformity in the first place. A caution is used not to stop halfway when looking for root causes; otherwise, the real root cause will not surface.

Based upon the identified root causes, corrective actions are developed, and a risk assessment is done to determine the impact of the proposed corrective action on any of the related processes. The proposed corrective action is implemented and documented with fiscal sanity in mind. The implemented corrective action is monitored for any repeat symptoms for a reasonable length of time. If corrective action is successful, then the corresponding risk register is revised and updated to reflect the implemented corrective action. Consequently, any changes resulting from the risk assessment are made to the processes of the QMS

This protocol requires retention of documented information to demonstrate the nature of non-conformities, correction, corrective action, and its effectiveness. 

NOTE: 2 tools for root cause analysis namely 5 Whys (below) and 6 M’s (above) are provided. However, a greater number of tools exist and are available depending upon the nature of the problem or non-conformance.  

NCR corrective action

Preventive Action/Risk Assessment:

The concept of preventive action has been eliminated from ISO 9001. Instead, a risk-based thinking has been introduced to use the risk/opportunity concept to fill in the void for a preventive action. To take advantage of the risk-based thinking, the following process is adopted:

  • Identify the processes for each functional group within the organization with all required information such as inputs, outputs, sequence, interaction, checks & balances, acceptance criteria, resources, and controls. 
  • Following the process identification, risk assessment is conducted on every process to prioritize processes based upon risk levels, and to provide a focus for management of processes. Such an approach is proactive and serves the purpose of a preventive action.
  • This has allowed us to eliminate the preventive action from ISO 9001:2015 standard.

Looking to certify your organization's QMS?

Contact JSA Inc. for questions related to your company’s QMS certification. Our proven and successful strategies can help you achieve QMS certification without any delays and hassles. Hire JSA for certification project!

QMS Resources

Courses
Blogs
Scroll to Top