Search This Blog

Monday, March 6, 2017

Misleading NCR (non conformance report) Formats


Source: ISO 9001 Li group



Question asked by
Bibin Koshy, Sr. QA Engineer:

I have observed that 90% of all (NCR) format indicate corrective and preventive action. As we know that ISO 9001 defines corrective action as " action taken to prevent it's recurrence" Whereas preventive action as " action taken to prevent it's occurrence".
NCR is issued by the customer following the occurrence of a non conformance, so it beats me why would their formats require us to mention preventive action. 
Preventive action is required for potential non conformance and should have no role in NCR formats. Do you agree?.



Answers/Opinions:
Christopher Paris:
It's a common confusion. The term "preventive action" has two simultaneous meanings.
When reacting to an NCR that reports an existing problem (requiring CORRECTIVE action), you also have to take action to "prevent" it from happening again, in the future. That's one form or "preventive action."
When you encounter a possible problem, it requires PREVENTIVE action so that it never occurs in the first place. This is the second form of preventive action.
So all corrective action results have a preventive action component, but you may also find "pure" preventive action issues that are not in response to an NCR or existing problem, but are used to stop a problem from happening in the first place.
This has confused everyone for decades.

M.B:
Just to add that when we complete the corrective actions needed to address the NC, and considering root causes X Y Z that led to the NC, we might find that preventive action(s) lead to an improved product (i.e. design changes ).
Preventive Actions are Improvements.

Dr. M. Rouzbeh:
Bibin, to add to what Margarethe says, every CA aimed at eliminating a targeted root cause may also bring about change in a process or a system, that in turn may trigger new problems that would need to be prevented. A CAPA is aimed at not only taking CA to eliminate recurrence of the targeted NC, but concurrently trying to bring about any PA that may be necessary in view of the changes to a system or process. That's how I see it.

Deborah Andrea Kannemeyer:
Disagree.
Non Conformance Report (NCR) - I the client want to see you have identified what caused the deviation of my product / service (which I pay you for) to my requirements.
Corrective Action - You have taken action to correct the areas that caused my product / service to not met my requirements.
Preventive Action - You have implemented controls based on what you have identified as the problem, what you defined as the solution and now will implement to ensure and assure me that my products / services i buy from you will not deviate from my requirements again.
Personally if you haven't a dossier of your NCR investigation to give me that includes a detailed root cause analysis and supporting documents I feel you have breached our mutually beneficial relationship. Why should I continue paying for something I have no assurance on..?

Bibin Koshy:
To quote your words " You will not deviate from my requirements again" meaning does not happen again - Recurrence. That is nothing but corrective action.
Raimo Lewing:
The terms are extremely widely not understood. Often it is difficult to get anything reported beyond an IMMEDIATE CORRECTION. "We send you a new part", says the supplier.
We don't ask for preventive actions, but sometimes you see that the supplier has really thought of things - and supplies a solution which prevents more than just that mode of failure.
Richard Shearwood-Porter:
I'm with Christopher on this. Harking back to my "Zero Defects" training with Crosby Associates you can think of Corrective Action in terms of a quick fix, to get out of a problem, and of Preventive Action as a permanent fix that prevents an issue happening again. Preventive Action also includes control measures that stop something from happening in the first place, in other words get-it-right-first-time.
Anyway - shouldn't we now be thinking about risk management and forgetting "preventive action"?

Raimo Lewing:
Let me quote some FDA slides:
Definition: Correction
“Correction” action to eliminate a detected nonconformity.
1. A correction can be made in conjunction with a corrective action.
2. A correction can be, for example, rework or regrade
Definition: Corrective Action
“Corrective action” action to eliminate the cause of a detected non-conformity or other undesirable situation.
1. There can be more than one cause for a nonconformity.
2. Corrective action is taken to prevent recurrence.
3. There is a difference between correction and corrective action.
Definition: Preventive Action
“Preventive action” action to eliminate the cause of a potential non-conformity or other undesirable situation
1. There can be more than one cause for a potential nonconformity.
2. Preventive action is taken to prevent occurrence.
SO
The quick fix out of problem is called "Correction".
To prevent the SAME issue is called Corrective Action".
To prevent SIMILAR issue is "Preventive Action".

Qsm Mughal:
for me! Its simple as per ISO 9000:
Corrective action is taken to prevent re-occurence, means the thing which happened to ua already.
Preventive actions is to prevent potential non compliance which is not happened yet but have potential of happening.
Now the thing is if NCR is raised again a particular product, and after root cause analysis we come to know that it was nothing but negligence of 1 operator.
correction will be to take action against the particular person and may be replace the product etc.
Corrective action is to take action against whole process that may be includes to give training, supervisions, proper monitoring double checks etc etc etc .
And luckily if a person just change the company and in his new company he implenet these actions before any complain, this these will be preventive actions for them..... standard already changed the terminology as preventive action is nothing but risk assessment.
Dr. Jon Ingle:
Sorry Bibin but you are looking at this from the wrong perspective, you almost answered your own question when you said it was your CUSTOMERS form but then i gaspt when i read on to see you say why should you use their forms - 2 answers jump to mind
1. its your customers form because your customer is following their procedure
2. if you dont like them as your customer and dont wish to follow their procedure for NC / CAPA then tell your sales director ( personally i wouldn't advise that as between the choice of your customer or you being dropped i think you may lose)
Al Smith:
The concept that all corrective actions result in prevention of existence or creation of the subject anomaly is often proven false. The anomaly often is not eliminated but, is often reduced in frequency by the actions taken. This requires methods and tools to address another face of prevention, Prevention of escape and this need should be viewed as a known opportunity for improvement when new corrective actions via process control, process design or product design are discovered [ ex. new technology].
LUAI AL-JAYOUSI, ACQM/CBM/CQA/JSQ PMP:
When a non conformity occurs and corrective actions taken, the investigation behind the root cause might reveal related weaknesses in any other related area. Taking actions to improve other processes and overcome weaknesses is prevention.

Richie Paschal
:
Corrective action is taken due to a particular process being "corrected" to prevent recurrence during a particular process. Preventive action is noting a particular action taken to "prevent" an error in the process from getting so bad that it needs "correcting" during an ongoing process already edtablished. Just like oiling and greasing machinery at a predetermined time and frequency is considered "preventive maintenance" as opposed to "reactive maintenance," where the part is simply replaced due to a lack of any lubrication. Or having the cows get out of the barn. The farmer sees the need to correct the situation by installing a latch on the door (corrective), rather than installing the latch on the door to begin with so the cows couldn't get out in the first place (preventive).
Suhaib Azaizeh, PMP
:
Corrective action is what you do to set things back on track meaning that it should be taken immediately once a non conformance has been identified to insure that subsequent activities will not be built on a wrong base then it becomes hard to rectify or may even act a rolling snow ball ( error becomes bigger as you move forward).

Preventive action, your client and you want to make sure that it won't happen again.
For example if an NCR was issued on bases of wrong material usage at site. your corrective action is to remove this material from site and replace it with the approved material but your preventive action is to make sure that wrong material will not find its way to site, by root cause analysis you found that it was wrongly loaded (example only) at the warehouse, so you would prevent this by inspection prior to load"
Christpen D. A. Bobb-Semple :
Correct. Those companies that have corrective and preventive action feature on one "NCR form" most times perhaps do it to have one form rather than two documents in their system. So the form becomes dual purpose while satisfying different scenarios
.

Sherri Gallagher:

In the ISO 9001:2008 there was corrective and preventive action. In the 2015 revision, preventive action is removed as you defined here. Many companies are not doing extensive revisions to their forms and for companies not familiar with the 2015 revision, most will follow along with a definition similar to the 2008 version.
Charanjit Singh
:
You are right Koshy. Preventive action (in 2008 version of ISO 9001) referred to "Potential NCs" and it caused quite a lot of confusion . That is why most people - clients, auditors or consultants - used the term CAPA (Corrective Action-Preventive Action) which effectively meant only CA. The 2015 version has rightly dropped the PA and changed it to Risk-Based-Thinking, though RBT has brought about some other problems.

Heather Bradley
:
Keep in mind that a corrective action, for preventing the recurrence of the root cause of a nonconformity, can also be identified as a preventive action for another process or facility which has not experienced a nonconformity but has the potential if the action is not fanned-out. 

Alaa batta:

The corrective action has two part:
Part 1: correction, where you fix the case you have found; however this part is not always applicable.
Part 2 corrective: where you analyze the root cause of the non conformity and take action to prevent reoccurrence of such case.
For example: in a project the project charter has not been signed and agreed upon before the project starts; however the project has already ended, in this case there is no correction but you need to take corrective action to ensure this does not happen in other projects.
Preventive action in ISO 9001:2015 does not exist any more as the risk assessment you are performing is the preventive action you are taking.

Tony Jack
:

@Bibin, there are occasions when you are not aware that a preventative action is required until an NCR arrives. You THINK you have a good process until something goes wrong. Sometimes, the corrective action is also the preventative, sometimes it isn't. So "Preventative Action" should be in the NCR format.
On a more relaxed note, the correct spelling is Preventative, there is no such word in the English Language as "Preventive".

Bibin Koshy
:
@Tony Jack - On a much more relaxed note, refer to ISO 9001 : 2008 - cl 8.5.3 ; "preventive' is infact an English word . Although the word 'preventative' is used quite often.
M.B.:

Bibin Koshy : In the 2015 flavor, A 4 :"The concept of preventive action is expressed through the use of Risk Based Thinking....." (Huh!!) They injected preventive action as being a concept.
Brett Sande
:
I find great humor with two topics in this post that have been the subject of debate since before I began my quality career. One that there cannot be preventive action once an occurrence has taken place and second being the "correct" spelling of preventive vs preventative. To the latter, both are correct- pick one and move on with life. To the former, I subscribe to correction first, then corrective action to prevent recurrence. Pure preventive action can be applied to many processes intended to prevent occurrences- trend analyses, preventive maintenance, work instructions, training- can all be interpreted as preventive actions. Basically the QMS is your preventive action plan so it no surprise that it was altered in 9001:2015; perhaps this change will bring clarity... doubtful, but hopefully.