Issue 65 – Clause 10.2: Nonconformity and corrective action
Clause 10.2: Nonconformity and corrective action
What’s the intent of Clause 10.2?… In our last Newsletter (ISO 9001:2015 Newsletter Issue 64) we discussed the topic of “improvement”, and now here in Clause 10.2 we address the area of “problem solving” within your QMS. The intent of this Clause is have processes in place to immediately handle any problems that come up and also to permanently solve problems that the organization encounters.
Note A: This Clause DOES include requirements for “documented information”.
Note B: The content for these Newsletters comes from working in the field with my Clients, and with their ISO Certification Bodies. I gain a lot of hands-on experience from conducting training workshops, gap audits and internal audits, where the requirements of the Standard have to be interpreted and applied to each unique situation. A popular training request is our on-site Internal Process Auditor Training for ISO 9001:2015 since you will need to do a complete round of internal audits to the new Standard prior to your external upgrade audit. On that note, some organizations are opting to use an outside resource to assist with their internal audits in order to meet deadlines (…more details on this service, as well as the training sessions we offer, can be found below).
The new numbering format…
Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement
Clause 10.2: Nonconformity and corrective action consists of two (2) Sub-Clauses as listed below:
10.2.1 When a nonconformity occurs, including any arising from complaints…
10.2.2 The organization shall retain documented information…
Sub-Clause 10.2.1 When a nonconformity occurs, including any arising from complaints… I used the first few words of this sub-clause since it has no “title” to identify it. The first place where new requirements appear is in 10.2.1 (a-2) which says: “react to the conconformity and… deal with the consequences“. This implies that organizations will do more then just control a nonconformity, but that they will look downstream to see what impact it had and then handle the consequences that arise… in other the words the domino effect of the nonconformity.
Another place where new words have been added is found in Sub-clause 10.2.1 (b-3) which asks organizations to evaluate the need for corrective action by “…determining if similar nonconformities exist, or could potentially occur“. It makes sense to look at each nonconformity to assess whether it is an indicator of recurring issues or is a hint that another problem could indeed occur, so that a decision can be made whether to escalate it into a full blown corrective action.
Sub-clause 10.2.1 (e) is new, and it asks organizations to “…update risks and opportunities determined during planning, if necessary” as a result of nonconformities that arise (go back and re-read ISO 9001:2015 Newsletter Issue 18 for help on how to handle this requirement).
Sub-Clause 10.2.2 The organization shall retain documented information… Again, I used the first few words of this sub-clause since it has no “title” to identify it. There are no new requirements found within this sub-clause except for the new term “documented information”.
Be sure to watch for our next Newsletter issue where we will cover another section of ISO 9001:2015…
PS: Don’t forget to look at the Q&A section below for some final thoughts…
To view all of our past Newsletters or to sign up to receive them… click here
For cost effectiveness, the Internal Audit function can be outsourced to an external experienced auditor on a periodic basis. This will provide an independent and objective assessment to management, of where process issues may exist, along with identifying opportunities for improvement. It will also provide the evidence needed to satisfy the Internal Audit requirements in the ISO Standards. We have used two different approaches with this service: a) We conduct the entire audit ourselves, or b) We act as the lead auditor, and along with your Team of internal auditors, we complete the entire audit together. This latter approach allows your people to receive guidance and direction from an experienced lead auditor while at the same time maintaining significant involvement in the internal audit process.
The two (2) day Internal Process Auditing for ISO 9001:2015 Training Session is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.
Q: How do you perform an audit for Clause 10.2 of ISO 9001:2015?
A: For Clause 10.2, an Audit Checklist should cover these areas:
– How has the organization taken action to control and correct any nonconformities that have occurred? What about Customer complaints?
– How has the organization dealt with the consequences of any nonconformities that have occurred? What about Customer complaints?
– When evaluating the need for corrective action, does the organization review and analyse the nonconformity?
– When evaluating the need for corrective action, does the organization determining the causes of the nonconformity?
– When evaluating the need for corrective action, does the organization review if similar problems have occurred in the past, or could potentially occur?
– Does the organization implement any actions needed? Examples?
– Does the organization review the effectiveness of any corrective action taken? Examples?
– Does the organization update the risks and opportunities determined during planning, when necessary? Examples?
– Does the organization make changes to the quality management system, if necessary? Examples?
– Are corrective actions appropriate to the effects of the nonconformities encountered? Examples?
– Does the organization retain documented information as evidence of the nature of the nonconformities and any subsequent actions taken?
– Does the organization retain documented information as evidence of the results of any corrective action?
(Make sure to interview more than one person and obtain examples for the items listed above)
Until next time…
Helping Business Professionals Reduce Risk and Remove Waste!