ISO 'major' vs 'minor'

John C. Abnet

Leader
Super Moderator
Good day all;
While this may appear to be an odd question....my experience tells me that this question may be valid.

IATF rules 6th edition (governance for 3rd party auditors...automotive exclusive standard) gives specific direction for issuing nonconformances as MAJOR vs MINOR.

However, when it comes to the rules governing ISO 3rd party auditors (ISO 17021) and even supporting guidelines (IAF), while there is description of "MAJOR" and "MINOR" nonconformances, there is no specific requirement for this distinction. It appears that the only specific 'requirement' is established by the CB (e.g. DQS, IAF, BSI, etc..etc..etc..etc..)

I am looking for an objective (no opinions please) mandate for ISO 3rd party auditors to identify a nonconformance as "MAJOR" or "MINOR". Thanks in advance for your help.
 

Ed Panek

QA RA Small Med Dev Company
Leader
Super Moderator
For my iso 13485 auditor training it’s :

Major: systemic failure. Eg. 30% of company has no training

Minor: very limited failure. Eg one person had no training on part of their job.
 

Big Jim

Admin
Major would also include a requirement of the standard that is just plain missing.

I must add that definition between major and minor varies according to the certification body an sometimes from standard to standard. For example, the definition for ISO 9001 varies slightly with AS9100.

I have noticed a trend for internal audits to not determine minor and major, only calling them a nonconformance.

I have a belief that the main reason for certification bodies to differentiate is so that the more sever ones are called in to the office, so they get more scrutiny during review.
 

John C. Abnet

Leader
Super Moderator
Apologies that I did not make my question more clear. Following is the question …

“I am looking for a documented (no opinions please) mandate for ISO 3rd party auditors to identify a nonconformance as "MAJOR" or "MINOR’ “

Thank you
 

Golfman25

Trusted Information Resource
Interesting because s
Apologies that I did not make my question more clear. Following is the question …

“I am looking for a documented (no opinions please) mandate for ISO 3rd party auditors to identify a nonconformance as "MAJOR" or "MINOR’ “

Thank you
It's a good and fair question. What is the source of the authorization for the distinction? All I know, since the beginning of my time 30ish years ago, everyone has been talking Major/Minor with apparently no idea where it comes from. :) Seems like it's a concoction of the Registrars????
 

qualitymanagerTT

Involved In Discussions
Apologies that I did not make my question more clear. Following is the question …

“I am looking for a documented (no opinions please) mandate for ISO 3rd party auditors to identify a nonconformance as "MAJOR" or "MINOR’ “

Thank you
I can do it the other way - ISO 19011:2018 6.4.8 states "Nonconformities can be graded depending on the context of the organization and its risks. This grading can be quantitative (e.g. 1 to 5) and qualitative (e.g. minor, major)."

ISO/IEC Directives Part 2, 7.5 states:
Table 6 — Possibility and capability

Preferred verbal formEquivalent phrases or expressions for use in certain cases
canbe able to
there is a possibility of
it is possible to
 

jmech

Trusted Information Resource
ANAB Accreditation Rule 20 references the ANAB Management Systems Accreditation Manual, which defines major and minor nonconformities as follows for CBs. Note that these definitions are applicable to CBs and not ISO 9001-registered organizations, so this does not appear to be what was requested.

ANAB definitions:
Major nonconformity: Absence of or failure to implement and maintain one or more requirements for accreditation or requirements of the CB’s certification system or the CB’s management system, which would on the basis of available objective evidence raise significant doubt as to the credibility of the certificates issued by the CB; or a number of minor nonconformities to one or more requirements, which when combined represent a breakdown of the CB’s systems; or a minor nonconformity previously issued and not addressed effectively.

Minor nonconformity: Observed lapse in the CB’s systems that does not represent a breakdown of the CB’s systems and does not raise significant doubt with regard to the credibility of any certificates issued by the CB.


CBs appear to define major and minor themselves, and I could not find a publicly-available definition from most of the CBs that I checked. However, SRI does have the below definitions and "should" statement in their QP 5.0 On-Site Audit Procedure:

1.4.3 Major (Hold) Nonconformity: any or all of the following:
A. A nonconformity that impacts the capability of the management system to achieve the intended results.
B. The absence of or total breakdown of a system to meet a management system requirement. A number of minor nonconformities against one requirement can represent a total breakdown of the system.
C. Any noncompliance that would result in the probable shipment of nonconforming product. A condition that may result in the failure or materially reduce the usability of the products or services for their intended purpose.
D. A noncompliance that judgement and experience indicate is likely either to result in the failure of the management system or to materially reduce its ability to assure controlled processes and products.
E. There is significant doubt as to the capability of the management system to achieve the policy and objectives of the organization.

1.4.4 Minor Nonconformity: A nonconformity that DOES NOT impact the capability of the management system to achieve the intended results. Nonsystemic nonconformance that does not fall clearly into a Major nonconformity category and has minimal impact and significance on the system.


2.5.8 ... Nonconformities should be classified into Hold (major) or Minor. ...

I haven't found any requirement for CBs to make a major/minor differentiation, but they seem to be allowed to do it by ISO 17021 and choose to do so (maybe because they find it helpful for their processing and because it is the norm).

If the CB writes major and minor definitions (and requirements for auditors to classify nonconformances as such) in their procedures, then that is the mandate for the auditor to identify a nonconformance as major or minor.

It appears that the only specific 'requirement' is established by the CB (e.g. DQS, IAF, BSI, etc..etc..etc..etc..)
I think this is correct.


ANAB Accreditation Rule 20

ANAB Management Systems Accreditation Manual

SRI Procedures
 

ChrisM

Quite Involved in Discussions
I think you will find that as far as the QMS Standards go, either an organization is found to be in compliance or it's not (nonconformance); there is no category or grade of "non being in compliance".
 
Top Bottom