Non-conformance Register vs Corrective Action Register

[malasuerte]

Hi All,

I know there are a few threads on this and I have gone through them but I'm still not 100% clear on the process. I have been tasked with project lead on achieving ISO 9001 certification for my organisation (health services but back office - don't deal with medical issues, we process claims and pay health service providers). I have no previous experience in ISO or Quality. We have our Stage 1 audit in November this year.

Our current process is as follows:
We have 9 completely separate processing units each headed up by a unit manager. On a day-to-day basis managers / staff keep an eye on the running of the unit and can raise a non-conformance at any point that it is required. They request a NCR (non-conformance register) unique number from me, then they complete a non-conformance report which includes the following headings:
- Issue description
- Actions taken to fix
- Corrective verification
- Root cause analysis (if required)
- Corrective actions (if required)

Once the form is completed it is submitted to me and I put a summary of the information provided onto a non-conformance register (excel sheet), listed by NCR unique reference number. I will then follow up with the unit to ensure that the non-conformance is closed and signed off within 30 days of it being raised.

My question is: we are about to start with our internal audits, which may find an opportunity for improvement, minor or major non-conformance. How do I deal with those and ensure I’m recording the correct information?
- Does a non-conformance report have to be completed for each one raised from internal audit?
- If not, can I assign an NCR number and just include the summary information on my register without having a backing report as the IA report will be sufficient?
- Do I need to have a separate corrective actions register, or can this all be included on the Non-conformance register?

Sorry for the essay and all the questions – I’m hoping it makes sense to someone out there!
Thanks
Hannah

Checking to see if you got your query answered or still have questions?

 

[333Hannahh]

Checking to see if you got your query answered or still have questions?

I did, thanks

 

[Guest]

My question is: we are about to start with our internal audits, which may find an opportunity for improvement, minor or major non-conformance. How do I deal with those and ensure I’m recording the correct information?
- Does a non-conformance report have to be completed for each one raised from internal audit?
- If not, can I assign an NCR number and just include the summary information on my register without having a backing report as the IA report will be sufficient?
- Do I need to have a separate corrective actions register, or can this all be included on the Non-conformance register?

Can I ask why you feel the need for grading? How do the auditors justify one grade over another? What criteria are used? Do management agree with those criteria? Are they meaningful to them and to the achievement of quality objectives, for example?

A nonconformity report can detail what you like. Don't forget that there are several options open on how to deal with non-conformities from audits, just as there are with product/service nonconformities. Forcing a (root cause) corrective action on every NC is going to backfire on everyone.

Who "owns" the Corrective/Correction Process? If not you, then let them decide about the format of registers. If you "own" both, do whatever you need to do to ensure that a) it's effective and b) it's efficient.

 

[TRob2525]

Hannahh,


The question is what is fit for purpose for your organization. There are an infinite number of ways to construct a process that will meet the requirements for managing nonconforming outputs and also corrective action. You will see answers in this thread that broadly fall into two categories:
1) Build a system around the standard and make it fit your business OR
2) Build a system around your business and make it fit the standard

I have always done the latter. Are there times I get an audit nonconformance or two that I otherwise would not have. Yup. But, in my mind, that is a small price to pay for a system that is much more fit for purpose in our business. As an aside, following the business-first approach, I probably get several less audit nonconformances than I would by following the standard-first approach because it is more likely to be consistently followed by the business.

 

[Ricardo]

Hi All, im new there, but my queries ar e old ones to explain.

Im raising a new NCR template and would like to use best standards from THE ISO9001/IATF16949.
I am adding a Containment request inside the NCR template, my seniors are asking me why and the need to have a containment as a part of the deviation .

What can you suggest helping me to answer the need of a Containment when a deviations pumps up?

 

[Bev D]

The best place to start is why you think containment should be part an NCR register…

 

[Tagin]

Hi All, im new there, but my queries ar e old ones to explain.

Im raising a new NCR template and would like to use best standards from THE ISO9001/IATF16949.
I am adding a Containment request inside the NCR template, my seniors are asking me why and the need to have a containment as a part of the deviation .

What can you suggest helping me to answer the need of a Containment when a deviations pumps up?

TS9002/2016 mentions this in its discussion of 10.2.1:

The organization should take action to control or correct any nonconformity. This can be achieved by containing the problem while investigations continue.

So containment can be performed before the extent of a nonconformance is known (e.g., "hold this shipment until we know which ones were affected by the defective tool we just found"), and containment is also typically used to segregate N/C product (e.g., move bad product to a NC location).

Separating containment and correction as two separate entries on the NC form makes sense to me, since it mirrors the two actions required in 10.2.1.a.1 ("take action to control and correct it"). I also think it is a helpful reminder to keep people in the mindset that containment is as important as fixing the issue. Note that it is not increasing the work required to fill out the form, since it is just separating what would have been written in one combined field into two separate fields.

 

[optomist1]

I found and have used with good success the 8D although imperfect (some Covers may contest) provides a solid framework to address problems/defects/issues, choose your adjective. It does provide for "interim steps until analysis is conducted "Temporary actions to contain the problem and “fix” until permanent correction is in place..." Attached a sample of one such 8D...

Hope this helps a bit...
Optomist1

 

[Big Jim]

Hi All, im new there, but my queries ar e old ones to explain.

Im raising a new NCR template and would like to use best standards from THE ISO9001/IATF16949.
I am adding a Containment request inside the NCR template, my seniors are asking me why and the need to have a containment as a part of the deviation .

What can you suggest helping me to answer the need of a Containment when a deviations pumps up?

1. Because it is a good business practice to completely clean up a problem instead of waiting for it to pop up again a short time later.

2. Because it is required by 10.2. 10.2.1 a 1-2 react to the nonconformity and, as applicable, take action to control and correct it; deal with the consequences. 10.2.1 b evaluate the need for action to eliminate the cause of the nonconformity, in order that it does not need recur or occur elsewhere . . .

Personally, I believe that it really lies mostly in the first part (10.2.1 a 1-2) as part of the control and correct.

Both of these deal with extent analysis. You really do need to determine how bad the problem is to properly resolve it.