Corrective Action vs. Preventive (Predictive) Action (CAPA) - A Definitive Discussion


Johan Gahnstrom

We are a little stuck in our work with iso 9001 concerning 4.14. All help is greatfully accepted.

Leslie Garon

What exactly are you stuck on?
do you have any kind of corrective or preventive action system?
How are problems reported and fixed? How about what you do after finding and dispositioning nonconforming product? is there a next step researching a cause? investigating/tracking how often the problem occurs or if it reoccurs, similiar problems in the same place?
Do you have a supplier corrective action system?

I'd love to help, but help me out with a few more details.

Kevin Mader

One of THE Original Covers!

I wrote something about a week ago in the QS9000 forum under the topic of Continuous Improvement Techniques that may help you out. I am assuming that you are having difficulty understanding the element and not having difficulty deploying CA & PA. Give that a look for greater detail and for a crude case example. Otherwise, here is a thought or two.

Corrective Action: Actions taken to eliminate the root cause of an existing nonconformance and to prevent its reoccurrence.

Preventive Action: Actions taken to eliminate a 'potential root cause' to a potential problem that has not occurred.

The element (4.14) requires that you identify areas for both within your organization. The CA portion deals with items such as customer complaints received, nonconformances uncovered as part of internal quality audits, or received incoming materials not meeting specifications for example. These problems exist in the here and now and require corrective action to prevent their reoccurrence. What do you do to correct the issues and how do you document what you did? Did it work (close the loop)? Do you review this as part of Management Review?

Preventive Action is a more difficult idea to grasp for most (maybe because we tend to put out fires rather than prevent them) and can be accomplished in various ways. I like to think of it this way. If a process or system is in a state of statistical control, does a problem exist? Sometimes but not always. There is natural variation in any process or system, but their output may not meet our desired expectations. A process not meeting our expectations may need refining, bu not necessarily correcting. We often think something 'must' be wrong when we don't get the results we hoped for. There is a significant difference in a process not meeting expectations and a process not producing to specification. This misunderstanding of system output usually leads to a landslide of issuing Corrective Action for every problem encountered. Does your organization make defective products occasionally? Mine does. Should I create a Corrective Action Report for each defective product especially if some level of defects is to be expected (the system will never produce zero defects)? No. Doing so would bog down the CA process and creates another set of problems (missing CA reports, CA reports not filled correctly, duplicate CAR for the same problem). Not all problems are Corrective Action opportunities. Some are Preventive Action opportunities. This example is more typical of a Continuous Improvement process with Preventive Action ties. Give thought to which situation you have and take actions commensurate with risks encountered. I hope this helped.

Don Winton

Inactive Registered Visitor

You have covered the aspects very well. I generally use this when describing the difference between CA and PA.

Corrective Action: Putting out a house fire after it has started.

Preventive Action: Observing conditions that may start a house fire and removing them from the system.


Leslie Garon

I've come to explaine the difference this way:

Corrective Action: Resolving an actual cause that exists in direct relation to the problem.

Preventive Action: Resolving potential causes that exist as a symptom of the problem.

With corrective action the cause is known and addressed directly, with preventive action only the potential is known, so you address somthing that could occur rather than that which is occuring.


I would agree with what Leslie said. Taking it further, I would put it thus:

Putting out the fire in the house is action on disposal of non-conformity.

Ensuring that safety systems are installed in the house such that the house does not catch fire in future is Corrective action.

Ensuring that the barn or the car or the office does not catch fire like the house did, and taking suitable steps for that is Preventive action. Ensuring that flooding or electrocution or such hazards do not take place in the hose even though they have not occured, is Preventive action.

Bangalore, India

John LeBlanc

Corrective & Preventive

This is my first posting, as I just "stumbled" upon your site this week. Knowing that you probably have covered this in the past, I am looking for help in drawing the distinction between corrective action and preventive action. Our organization (engineering in the telephony industry) uses process documents and thus has flow charts within each of our process documents. We have just been advised that we need to insert a (new) Corrective & Preventive section into each of our processes.I want to take the approach that tells them to look at the flow chart. What can go wrong? What do you do to "fix" it when it does? (Corrective) Once you have "fixed" it, what measures do you take to stop it from happening again? (Preventive)
Does this make sense? Is it consistent with the ISO9000 standard? (We are registered to 9001) Is it too simple an approach?


Don Winton

Inactive Registered Visitor

First of all, welcome to the Cove.

Your observations regarding the flowchart approach seem relatively straightforward and should not present a problem. Your definitions seem within the intent of 4.14.



Why do you need to insert corrective and preventive action into each of your processes? Can you document it on an as needed basis through your corrective action process?
I, too, am still confused with preventive action. I understand the concepts but have trouble deciphering between the two and don't know how I am going to have documented proof of preventive action when registration time comes. I know we do it. Maybe I need to analyze things we do for preventive actions and keep a separate file?