ISO 9001:2015 Clause 10.2, titled "Nonconformity and Corrective Action," addresses the process an organization should follow when there is a deviation from the established requirements of its quality management system (QMS).
ISO 9001 Clause 10.2 Explained
Nonconformity Detection: The organization must have processes in place to detect and identify instances where its products, services, or processes do not conform to the specified requirements.
Evaluation and Decision: Upon detection of nonconformities, an evaluation is required to determine the significance and potential causes. The organization must immediately address and correct the nonconformity and then decide whether corrective action is necessary to prevent its continuation. Either way, the organization must manage any adverse effects or consequences resulting from the nonconformity.
Corrective Action: When nonconformities are identified and the organization decides to take corrective action, it must address the root cause of the issue and prevent its recurrence. This mean they must analyze the nonconformity to understand its nature and implications, investigate and identify the root causes of the nonconformity, and assess whether similar issues exist elsewhere in the system or could occur.
Review of Nonconformities: There is a requirement to review nonconformities, including their root causes, to ensure that the corrective actions taken are effective. If necessary, consider whether the occurrence of this nonconformity affects the organization's identified risks and opportunities.
Documentation: The organization needs to document information related to the nonconformities, actions taken, and the results of corrective actions at preventing its recurrence.
Clause 10.2 Example Software Development Company
Nonconformity Detection: During a routine software testing phase, a critical bug is identified that prevents the application from functioning as intended.
Evaluation and Decision: The severity of the bug is evaluated, and it is determined that it affects the core functionality of the software. A decision is made that corrective action is necessary.
Corrective Action: A cross-functional team is formed to investigate the root cause of the bug. They identify a coding error as the cause and develop a patch to fix the issue.
Review of Nonconformities: After implementing the patch, the organization reviews the entire software development process to ensure similar errors are not present in other modules.
Documentation: All information related to the identification of the bug, the root cause analysis, corrective actions taken, and the results of those actions are documented in the company's records.
ISO 9001 Clause 10.2 Example Manufacturing Company
Imagine a manufacturing company identifies a defect in a batch of products due to a machine malfunction. The organization would:
React to the Nonconformity: Immediately halt production, quarantine affected products, and address any immediate safety concerns.
Evaluate the Need for Action: Investigate the machine malfunction, determine the root cause, and assess whether similar issues could occur elsewhere.
Implement Corrective Actions: Repair the machine, conduct thorough testing, and implement changes in maintenance procedures.
Review Effectiveness: Monitor subsequent production to ensure the issue doesn't recur, and assess whether the corrective actions were successful.
Update Risks and Opportunities: Consider if there are new risks or opportunities related to machine maintenance and update the risk register.
Make Changes to the Quality Management System: If the issue points to a broader problem in maintenance procedures, update relevant processes in the quality management system.
Retain Documented Information: Keep records detailing the nature of the nonconformity, actions taken, and the results of corrective actions.
ISO 9001:2015 Clause 10.2 Nonconformity and Corrective Action
In summary, Clause 10.2 of ISO 9001:2015 establishes a systematic approach for dealing with nonconformities, emphasizing the need for thorough investigation, effective corrective actions, and ongoing monitoring to prevent recurrence. Clause 10.2 ensures a systematic and documented approach to addressing nonconformities, aiming not only to correct the immediate issue but to prevent its recurrence and improve the overall quality management system through corrective action. The goal is to maintain the integrity of the QMS and ensure continuous improvement in the organization's processes.