Corrective and preventive action for Non Conformance on PFMEA

[kuyakut]

Hi Covers,

The former process engr drafted an PFMEA with all Severity and Detection numbers on all process at 7 and detection at 2.
The IQA raised an NC for this.
The NC they raised is PFMEA rating table was not correctly applied.
Now the task is given to me to answer the corrective and preventive action.
I'm not sure what corrective and preventive action should I write.

Thank you in advance

 

[PaulJSmith]

Well, first off, you will write either a Corrective Action or a Preventive Action, but not both. Since you already have a Non-Conformance, you should be writing it as a Corrective Action.

 

[Golfman25]

Hi Covers,

The former process engr drafted an PFMEA with all Severity and Detection numbers on all process at 7 and detection at 2.
The IQA raised an NC for this.
The NC they raised is PFMEA rating table was not correctly applied.
Now the task is given to me to answer the corrective and preventive action.
I'm not sure what corrective and preventive action should I write.

Thank you in advance

Did they give any indication as to how the rating table was not correctly applied? How do they know more about your process than you?

 

[Bev D]

If this was a 'normal' pfmea with many steps the odds of each failure mode having exactly the same severity and detection are extremely remote - time to buy a lottery ticket...any auditor should be suspicious of this.

The OP should look at the ratings of course and try to understand why this happened.

some questions as to get you thinking about cause - and corrective action to prevent recurrence:

- were there others who helped put this together
- did anyone review the output
- were the people trained on fmea
- how much time was allowed to perform the fmea
- are fmeas generally perceived to be useful or does your organization do them because they have to

these are the types of things to consider...

in my organization we have spent considerable effort making fmeas effective and valued. we spend a lot of time training (with examples to be worked out).
we require a cross-functional team to put them together. we have a senior engineering group that reviews the fmeas to ensure that people haven't forgotten critical things and that the form isn't just pencil whipped. we use and reuse and update them continuously. they from the basis for our validation testing of changes, they help us identify CTQs, etc.

 

[kuyakut]

To answers Bev question

some questions as to get you thinking about cause - and corrective action to prevent recurrence:

- were there others who helped put this together - NO , it was drafted solely by the PE
- did anyone review the output - there is a review column but the reviewer just signed with out reviewing it
- were the people trained on fmea - all of the members are trained in Risk management and FMEA
- how much time was allowed to perform the fmea - As far as I know it was wriiten with in a day
- are fmeas generally perceived to be useful or does your organization do them because they have to - it is just for documentation purposes. All FMEA's that was drafted by the former PE are all the same. And it was audited by 3rd party , CB and IQA, only this time that they raised an NC.
This kind of FMEA's existed before I joined this company.

Now my question is , if the rating table was use inappropriately , does this considers as n NC or just an observation only. Is there any clause in the RM that if the rating table was use inappropriately , it is considered as non conformance?

 

[QAengineer13]

To answers Bev question

some questions as to get you thinking about cause - and corrective action to prevent recurrence:

- were there others who helped put this together - NO , it was drafted solely by the PE
- did anyone review the output - there is a review column but the reviewer just signed with out reviewing it
- were the people trained on fmea - all of the members are trained in Risk management and FMEA
- how much time was allowed to perform the fmea - As far as I know it was wriiten with in a day
- are fmeas generally perceived to be useful or does your organization do them because they have to - it is just for documentation purposes. All FMEA's that was drafted by the former PE are all the same. And it was audited by 3rd party , CB and IQA, only this time that they raised an NC.
This kind of FMEA's existed before I joined this company.

Now my question is , if the rating table was use inappropriately , does this considers as n NC or just an observation only. Is there any clause in the RM that if the rating table was use inappropriately , it is considered as non conformance?

FMEA activity is a cross-functional team exercise with SME's and RA/QA rep, in your case where the Process engineer completing it by himself is a grave mistake, and on top of that the reviewer signing without review is a recipe made for disaster.
To answer your question if the scores are appropriate for the different risk/impact scenario situation only if there is a proper control and mitigation strategy , then you have a way out for justification otherwise its a trap. Hope it helps!

 

[Bev D]

Now my question is , if the rating table was use inappropriately , does this considers as n NC or just an observation only. Is there any clause in the RM that if the rating table was use inappropriately , it is considered as non conformance?

the finding isn't about inappropriate use of the rating table. its really about not performing risk assessment properly. It is obvious that your organization is just pencil whipping the FMEA form. and yes this is a non-conformance. my organization received a major for a risk assessment on a glue process that was very poorly done - the change posed a substantial risk to product performance and was in violation of the ISO standard. you don't state your industry, but if it is medical device this behavior is one that could get you in serious trouble with your customer(s) in a very short time. if you are in other industries, this will eventually wear away your ability to be a good supplier.

you are in a pickle: clearly your organization doesn't understand the value and importance of FMEA/risk assessment. Your auditor does. I could suggest some weak ways to answer the finding but I won't. I am one of those who believes very strongly in solid FMEA/risk processes: as a Customer I can't tell you how many times one of our suppliers has made a change and not notified us and didn't perform a risk assessment and the result was catastrophic. we have had suppliers who did a 'documentation' exercise on new parts and processes and - wham! - we get major quality problems that are extremely costly, effect delivery (revenue) and create problems for our Customers...FMEA/risk assessment is not a paperwork exercise. it is YOUR best method for ensuring a quality product to your customer...

 

[Golfman25]

I'll take a different tact. I am not at all comfortable with an auditor auditing the content of FMEA. That assumes the auditor would have an expertise about the company's manufacturing processes many just don't have.

The tables in the blue AIAG books are passenger auto based and difficult at best to translate into other situations. The numbers are relative anyway. Higher numbers = more risk, lower numbers low. So whether something is a 6 or 7 according to the "table" isn't relevant as long as the company is consistent. In other words, we have certain things that are a "7" (higher risk) every time they appear. Others are a "2" (lower risk). If your consistent in evaluating risk, you'll end up ok. At the end of the day, you'll have higher and lower RPNs to look at. As long as the high RPNs are actually the higher risk items and the low RPN are the lower risk items, the actual numbers don't matter that much. Frankly, it is on the customer and supplier to develop together -- which rarely happens.

In the instant case, I agree that there is a suspect FMEA. That would lead me to review how the thing was done, who was involved, training, etc. But to say that a table wasn't correctly applied is shaky ground, imo.

 

[Bev D]

I'm not sure where the phrase "rating table was not correctly applied" came from - the OP or the auditor.

if it came from the auditor then the non-conformance is not written up very well. Although if the engineer did place 7 and 2 for all items then I can see the finding that the engineer couldn't possibly have tried to apply the guidelines. In essence, the engineer faked the document. there was no risk assessment, he only entered numbers in the from...

if it came from the OP - he/she is misinterpreting or misunderstanding the nature of the non-conformance.

it would be helpful if the OP could post the exact wording of the finding...this may provide a 'technical' out but their organization is clearly not in compliance with the intent of a critical part of the standard (any standard)

 

[kuyakut]

The PFMEA is on Injection molding process , We supply medical plastic components to our customer. As for the PE he is more knowledheable with molding process because he has been in that industry for over 20 years. As for the rating that he use , can the auditor question why he put 7 or 2 on the severity? Below is the NC that the raised - 7.1 in ISO13485 and reason is rating table not properly applied.
The organisation shall establish documented requirements for risk management throughout product realization