Search

ISO 9001 Clause 10.2 Nonconformity and corrective action

wilkshireconsulting
2 days ago
3 min read

Updated: 24 hours ago

In ISO 9001 10.2 Nonconformity and corrective action focuses on ensuring that organizations not only fix problems when they occur but also identify the root causes and prevent recurrence, which is critical for maintaining a strong and reliable QMS.

When something goes wrong (a nonconformity) it needs more than a quick fix. Clause 10.2 outlines a structured approach for addressing nonconformities and implementing corrective actions that go beyond symptoms.

In this blog post we will be discussing the following:

What to do when a nonconformity occurs

Retain documented information

Key concepts of 10.2

International Organization for Standardization. ISO 9001:2015 Quality Management Systems – Requirements

10.2 Nonconformity and corrective action

10.2.1 When a nonconformity occurs, including any arising from complaints, the organization shall:

a) react to the nonconformity and, as applicable:

1) take action to control and correct it;

2) deal with the consequences;

b) evaluate the need for action to eliminate the cause(s) of the nonconformity, in order that it does not recur or occur elsewhere, by:

1) reviewing and analysing the nonconformity;

2) determining the causes of the nonconformity;

3) determining if similar nonconformities exist, or could potentially occur;

c) implement any action needed;

d) review the effectiveness of any corrective action taken;

e) update risks and opportunities determined during planning, if necessary;

f) make changes to the quality management system, if necessary.

Corrective actions shall be appropriate to the effects of the nonconformities encountered.

10.2.2 The organization shall retain documented information as evidence of:

a) the nature of the nonconformities and any subsequent actions taken;

b) the results of any corrective action.

What to do when a nonconformity occurs

When a nonconformity is identified either internally or externally, the organization must:

1. React to the nonconformity

· Take immediate action to control and correct it.

· Contain the problem, if necessary (stop production, quarantine defective products).

· Adress the consequences, such as informing customers or replacing defective items.

2. Evaluate the need for corrective action

· Determine why the nonconformity happened.

· Perform root cause analysis (using the 5 Whys, fishbone diagram, etc).

· Assess whether similar issues might exist or could arise.

3. Implement corrective action

· Eliminate the root cause(s).

· Apply actions that prevent recurrence.

· Ensure actions are appropriate to the effects and risks of the nonconformity.

4. Review the effectiveness of the corrective action

· Monitor and verify that the corrective action has worked.

· Ensure the same or similar problem does not happen again.

5. Update risks and opportunities (if needed)

· Consider whether this nonconformity affects the organization’s assessments.

· Update the risk register or quality objectives accordingly.

6. Make necessary changes to the QMS

· Adjust processes, procedures, documentation, training, etc., to reflect the lessons learned.

Retain documented information

The organization must retain records (documented information) as evidence of:

· The nature of the nonconformity

· Actions taken

· The results of the corrective actions

This ensures transparency and enables continual learning.

Key concepts of 10.2

Concept – Description

Nonconformity – Failure to meet a requirement (customer specs, ISO clause, internal procedure).

Correction – an immediate fix (reworking a defective product).

Corrective action – a deeper, preventive fix – removing the root cause.

Root cause analysis – investigation to find the actual origin of the issue, not just its symptom.

Effectiveness review – Ensuring the corrective action really solved the issue long-term.

In conclusion, clause 10.2 Nonconformity and corrective action emphasizes organizations to not just fix problems but preventing them from happening again by identifying and eliminating root causes. It promotes a disciplined, evidence-based approach to problem-solving that strengthens the QMS and protects customer trust. Documenting these activities ensures accountability and enables organizational learning over time. In the next blog post we will be discussing 10.3 Continual improvement.