8.

7 Nonconforming outputs
« Previous | Next »
The quality management system should have clear control mechanisms and
processes in place to implement corrective actions that address poor-quality
and nonconforming (defective) outputs, including products and services; when
identified internally by the organization, or reported externally by the
customer and other stakeholders.

The intent of ISO 9001 Clause 8.7 is to prevent the unintended delivery or
use of nonconforming outputs (outputs should be considered
as products and/or services) and that any nonconformity is controlled and
corrected to prevent its unintended use by or delivery to the customer. Clause
8.7 only requires an organization to deal with outputs that fail to conform to
specified requirements.
Where as, ISO 9001 Clause 10.2 requires your organization to evaluate the
need for actions that will prevent recurrence of nonconformities. As the
first step in the process, the root-cause of the nonconformity should be
determined and the effectiveness of the subsequent corrective action should
be monitored and evaluated.
Corrective actions can be triggered through nonconforming tests or other
work, customer complaints, internal or external audits, management reviews,
and observations by staff. If you need a procedure and forms to help control
your business's defect management process, click here.
Definition of correction
Correction (also referred to as immediate correction) is action taken to
eliminate a detected nonconformity or defect (adapted from ISO 9000). A
correction can be made in conjunction with undertaking corrective action. For
a product nonconformity, correction might include reworking the part,
accepting the nonconformance through the concession process, replacing the
product, or scrapping the product.

Definition of corrective action

Action implemented to address the root-cause(s) and contributing cause(s) of
the undesirable condition, situation, nonconformity, or failure; action taken to
prevent recurrence. As part of the corrective action process you must identify
all the causes (root-cause and contributing causes) that have or may have
generated an undesirable condition, situation, nonconformity, or failure.

When to apply corrective action

The decision to apply or not apply the corrective action process should be
made by the appropriate level of management within the company, based on
the level of risk. Many factors that can trigger the corrective action process,
examples include:
1. A safety impact that affects the product or personal;
2. Product performance and/or reliability issues;
3. High impact on production and/or maintenance operations;
4. Repetitive problems to one part of the activity/process, or similar
problems across many activities/processes;
5. Difficulty in detecting the nonconformity;
6. By customer request;
7. Significant quality or management system issues;
8. Complex problem that cannot be solved without assistance of
others not located where the problem occurred.
The root-cause must address the nonconformity and the corrective action
must address the root-cause.

Controlling and documenting nonconforming outputs

The requirements of ISO 9001 Clause 8.7 also include the establishment of
controls to ensure that nonconforming outputs, including products and
services are not delivered to the customer or that their unintended use is
prevented and that action is taken to contain the effect of the nonconformity
detected after delivery by the timely reporting of the nonconformity to any
relevant interested parties of products or services already delivered.

It should be noted that Clause 8.7 does not require you to maintain a
documented procedure. However, we strongly recommended that businesses
implement a documented procedure that describes how nonconforming
outputs, including products and services, are identified, captured, how they are
rectified, analyzed, who is responsible for the corrective action process, what
action should be taken, and what records should be kept:
1. Descriptions of each nonconforming output, including products
and services:
o Verbal statements;
o Illustrations, photos, schematics;
o Audit reports;
o Defect codes;
o Other, suitable objective evidence.
2. Descriptions of each action taken
o Containment;
o Labelling;
o Segregation;
o Return or suspension of product delivery;
o Dispositions/scrap;
o Re-work;
o Concession applications;
o Use-as-is.
3. Descriptions of any concessions
o Accepted concessions;
o Concessions logs;
o Waivers;
o Derogations;
o Deviations;
o Permits;
4. Confirmation of authorized signatories
o Approved by person(s) with appropriate delegated
technical authority;
o Authorized by design responsible representative;
o Nonconformance control authorities;
o Authorized by the customer.

Define how your organization verifies conformance where process outputs,

products and services are corrected following nonconformance. What are the
arrangements for defining corrective actions for nonconforming outputs
detected after delivery (see Clause 10.2) e.g. reaction to the nonconformity,
evaluation of necessary action(s), implementation and monitoring of identified
action(s), review of effectiveness and sustainment of action(s) taken.
By keeping records of your nonconformities, it is easier to spot negative trends
and examine the root cause, and eliminate the cause of your problems. This, in
turn, should result in fewer defective products or process outputs and could
lead to more satisfied customers.

Capturing nonconforming outputs

The manner in which nonconformities are captured and documented within
your quality management system is key to complying with clause. The Sales
Manager often acts as the customer representative and is in charge of
capturing customer feedback and complaints. The Quality Manager is often in
charge of initiating an investigation of the root-cause and for implementing
the corrective action plan.

This is done by considering whether any further action is required to prevent a

similar nonconformity arising at the same place or occurring somewhere else,
at some point in the future and by determining if similar nonconformities have
occurred elsewhere; and consequently, whether it needs to take similar
corrective action.

Manufacturing problems should be brought to the attention of the Quality

Manager via the initial sample inspection reports carried out by an Inspector
who in turn reviews the problem and implements any process changes
necessary using any as specialists required.

It is recommended that you retain and update a nonconformity log as

appropriate, in conjunction with the above mentioned documented procedure,
this is a vital tool for informing staff about nonconformities, their status, and
the respective reaction to them. All such entries must be reviewed by the
Departmental Managers affected. This can also help to identify recurring
problems and reveal data that can be analyzed.
Top management should on a bi-annual basis, review the progress on
outstanding recommendations and take the necessary action to expedite
completion.

Dealing with nonconforming outputs internally

Taking appropriate action to address the effects of the problem may require a
simple correction by the process owner or operator where it was discovered,
or, if a major failure or defect exists, more significant levels of resource would
be needed for problem solving and corrective action.

Top management and the Quality Manager should, in close consultation with
the staff form each work area, establish what is considered as conforming, an
opportunity for improvement, or a minor, or major nonconformity; on the
basis of known risk levels, remedial actions should be defined, implemented
and documented. We suggest the following defintions and actions:

All
performance
indicators,
metrics,
objectives,
audit results,
etc. show Continue
Conformi stability and to monitor
ng consistently trends and
achieve indicators.
targets.
Process is
fully
documented
and
implemented.

Opportu Minor Review

nity for problems and
improve exist, implement
ment otherwise actions to
conforming, improve
minor process the
 process(s).
or product
Monitor
changes
trends/indi
planned. Post
cators to
audit follow
determine
up and review
if
is required to
improvem
assess new
ent was
opportunities.
achieved.

Poor
performance/
Investigate
adverse
root
trends,
cause(s)
expected
and
results not
implement
achieved.
corrective
Minor Current
action by
nonconf practices
next
ormity conform but
reporting
are not
period or
documented.
next
Process
scheduled
partially
audit or
documented
inspection.
or partially
implemented.

Major Practices are Implement

nonconf nonconformi immediate
ormity ng, likely to containme
cause safety nt action,
or regulatory investigate
compliance root
issues. Likely cause(s)
to have a and apply
significant corrective
adverse effect action. Re-
on customer audit in 4
satisfaction, weeks to
product verify
quality, the correction.
environment,
health and
 safety,
delivery, or
profitability.
Process not
implemented,
no resources,
not
documented.

Senior management should be actively involved in any major corrective

actions making sure that all actions agreed by any multi-functional teams are
carried out fully. Major corrective actions and improvements can be placed to
your continual improvement programme and reported at management review
meetings.

Nonconformities do not need to be tackled all in the same way, ensure that
appropriate action is taken according to the nature (scale and seriousness) of
the nonconformity. There may be a formal process for dealing with major
nonconformities but there should also be another process for dealing with less
serious, minor nonconformities.

If you have manufactured a product, inspected it and found it to be out of

specification, it is most likely to be deemed nonconforming product. In some
instances, you will have to scrap the defective product but in other situations
you may be able to do some remedial work and bring it back into
specification.

Controlling nonconforming product outputs

No matter how you resolve a nonconformity, you must keep records of each
nonconformance or defect and how it was dealt with. Records of product
nonconformity should be periodically reviewed to determine if a chronic
problem exists with the production process, it’s all about improvement!

What the clause is telling us is that the product should then be subject to
further inspection to verify that it is now correct. As for records, if you
documented the nonconforming product there should normally be
somewhere to verify that you successfully (or not) cured the problem and that
it is now conforming.

1. Re-verification simply means that you cannot assume that because

someone tells you they have corrected the problem then it is ok.
The clause is asking you to re-verify by whatever means you
originally chose.

2. If you used inspection as a method of verification then re-inspect in

the same method. If not, use whatever method suits you (or your
customer). Just make sure it is ok before it leaves!

3. The re-verification after remedial work might involve testing as well

as inspection. The reason is not just to verify that the defect has
been removed, but also to assure that fresh defects have not been
introduced by the rework. Records would be as appropriate for the
re-inspection or re-testing performed.

4. Re-verification is equivalent to re-inspection and records could

include a signature of approval or a more formal test report.
Whichever format is chosen, it must be defined in the
nonconformity procedure.

You may need to supply new evidence of conformance to your customer

along with corrective action documentation if requested. The method that you
use in either of these situations should be defined in your procedures, that
way you relieve yourself and your auditor from guessing how you would
address them.

Where necessary, any product or process outputs that do not conform to

specified requirements should be properly identified and controlled to prevent
unintended use or delivery. Improvements are then implemented to ensure
the nonconformance does not reoccur. Control defective products by:
 1. Defining how nonconforming products and processes are
identified;
2. Defining how nonconforming products and processes are dealt
with;
3. Removing or correcting nonconformities;
4. Preventing the delivery or use of nonconforming products and
processes;
5. Verifying how nonconforming products and processes were
corrected;
6. Providing evidence that corrected products and processes now
conform to requirements;
7. Keeping records that catalogue nonconforming products and
processes.
There may be instances where it is impossible to completely eliminate the
cause of the nonconformity, so in these instances, the best you can do is to
reduce the likelihood or the consequences of a similar problem happening
again in order to reduce the risk to an acceptable level. Where applicable any
corrective action taken and controls implemented to eliminate the cause of
nonconformity should be applied to other similar processes and products.

Controlling nonconforming service-based outputs

Controlling nonconforming outputs can apply to services just as much as it
does to tangible goods. Reports, data, test results and intellectual property, to
name just a few service outputs, can all be potentially nonconforming, in
which case all the disciplines of the above processes apply.

In the case of service processes that directly involve the customer, the control
of nonconforming outputs is the way the organization deals with
nonconformities in the service provision until the appropriate corrective action
can be defined and implemented.

It should be any company’s policy to detect, control and rectify any aspect of
nonconformance as quickly and efficiently as possible. When nonconformities
are identified, you should examine whether the personnel involved are
sufficiently empowered with the authority to decide the disposition of the
service, for example:
1. To immediately terminate the service;
2. To replace the service provided;
3. To offer an alternative.
You should also examine:
1. Your organization's customer claims and complaints processes;
2. Any temporary corrections that are implemented to mitigate the
effect of the nonconformity (e.g. refund, credit, upgrade, etc.);
3. The identification, segregation and replacement of the service;
4. Equipment, service providers and environment.
This will enable you to judge whether the control of such nonconforming
services is effective. In such situations the processes should have provisions to
capture data on the nonconformities and to feedback information, at the
appropriate management level, for the effective definition and implementation
of corrective actions. Evidence will need to be sought to justify effective
implementation of these techniques.