Andy is right. This was clarified in the 2015 version of the standard. It is up to the organization to determine if it is necessary to go beyond "correction".
It helps to pay attention to the definitions of "correction" and "corrective action" as provided in ISO 9000 (not ISO 9001). Paraphrasing for emphasis. Correction - action taken to over come a nonconformance. Corrective action - action taken to overcome the CAUSE of a nonconformance.
Lets take a look at 9001:2015 10.2.1
When a nonconformity occurs, including any arising from complaints, the organization shall:
a) react to the nonconformity and, as applicable:
1) take action to control and correct it;
2) deal with the consequences;
The above, 10.2.1a is the correction.
back to the standard -
b) EVALUATE THE NEED FOR ACTION TO ELIMINATE THE CAUSE(S) OF THE NONCONFORMITY . . .
(emphasis added)
This should make it crystal clear that not all nonconformances need go further than correction. Since it says "evaluate the need" that puts the evaluation in the hands of the organization, NOT AUDITORS.
More, much more, could be said about handling of nonconformances but his much is pertinent to the current conversation.