ISO 9001:2015 requires organisations to ensure that outputs that do not conform to their requirements are identified and controlled to prevent their unintended use or delivery.
In addition, organisations must take appropriate action based on the nature of the nonconformity and its effect on the conformity of products and services.
This also applies to nonconforming products and services detected after delivery of products and during or after the provision of services.
Nonconforming outputs must be dealt with in one or more of the following ways:
Documented information (records) on the following must also be retained:
Although there is no longer a requirement for a documented procedure under the 2015 revision of the standard, records must still be retained in order to detail information on how any non-conformances have been dealt with. Note also that organisations are required to take appropriate action based on the nature of the nonconformity and its effect on the conformity of products and services. IE: risk-based thinking.
Another significant change in the update was the need to now identify the authority deciding the action to resolve the nonconformity.
This clause deals mostly with the “now” aspects of dealing with non-conforming products or services. IE Identification, containment / segregation / informing stakeholders (customers / regulatory bodies if appropriate) return of goods, correction of the problem, and (often overlooked) checking that these actions have been effective. There is a key link to the next logical step, actions to prevent recurrence of the non-conformity. IE Root Cause analysis and Preventive Actions which we will look into in greater depth in article 10.2 - Nonconformity and corrective action.
The physical manifestation of these requirements in many businesses dealing with manufactured products is the use of “quarantine” or “hold” labels and where practical, quarantine areas as a means of identification and segregation, and non-conformance forms or similar documents, to track the non-conformity though to resolution and verification.
Service based organisations may operate a procedural hold in the processing of affected services pending resolution. The effective implementation of these processes are therefore easily verified during an operations based audit.
Note that organisations must identify the authority deciding actions to be taken and this may be specifically targeted for review in an audit. It is important then that these requirements be built into the process and records retained.
This article is the property of David Barker Consulting © and is free for you to use. If you wish to reproduce elsewhere, please be so kind as to ask permission first and credit me as your source. If you need any further assistance, feel free to use my contacts page to get in touch and let me know how I can help!
David Barker CQP MCQI