SBS - The best value in QMS software

Non-Conformance vs OFI -- your best descriptions

Ed Panek

QA RA Small Med Dev Company
Trusted Information Resource
#11
Ed,

How do you avoid sharing a previous auditee’s intellectual property (aka holistic improvements) with future auditees?

And that the systems you audit are not reliant on your periodic suggested holistic improvements?

Thanks.
I dont provide specific advice. For example, "Management Review isnt limited to the definition of what ISO wants to be in it. It can be expanded and still comply" is advice I gave to a supplier wondering where to discuss technology trends in an inspection process.
 
Elsmar Forum Sponsor

Mike S.

Happy to be Alive
Trusted Information Resource
#12
As per the OP, we are talking internal audits here -- where we hopefully all share the common goal of making the company better in the most efficient way possible.

Personally, if I see an isolated, minor nonconformance that can be immediately fixed I will sometimes not write it up as a formal CAR. I do not feel that every single nonconformance "MUST" be treated via a formal CAR process.

IMO an opportunity for improvement is, for example, where you may see an inefficiency that could be improved. Maybe you see a certain department keeping a record via scanning it and keeping it electronically and also paying for hardcopies to be stored as well. I may suggest an OFI is to do one or the other, but not both. There is no nonconformance, but there is inefficiency.
 

Randy

Super Moderator
#13
Why not just use the ISO definition of non-conformance?

From the ISO 9001 Auditing Practices Group Guidance on: Nonconformity - Documenting

"What is a nonconformity? According to the definition in ISO 9000 a nonconformity is "non-fulfillment of a requirement". There are three parts to a well-documented nonconformity:
• the audit evidence to support auditor findings;
• a record of the requirement against which the nonconformity is detected;
• the statement of nonconformity. "


"If there is no audit evidence – there is no nonconformity. If there is evidence – it must be documented as a nonconformity, instead of being softened with another classification (e.g. “observations”, “opportunities for improvement”, “recommendations”, etc.). In the longer term, neither the organization, its customers, © ISO & IAF 2016 – All rights reserved www.iaf.nu; www.iso.org/tc176/ISO9001AuditingPracticesGroup 2 of 4 nor the CRB benefit by the use of softer classifications, as this risks the nonconformity being given a lower priority for corrective action. "
 

Jim Wynne

Staff member
Admin
#14
Tagin,

Is a conforming system not meant to invoke preventive action without any help from its auditors?

John
Do not bother with OFIs.

Report every system weaknesses as a nonconformity.

...including the systems that rely on auditors to initiate improvements.
A nonconformity, in ISO-Land, is simply non-fulfillment of a requirement. Requirements are documented. A "system weakness" that doesn't represent non-fulfillment of a documented requirement is not a nonconformity and should never be documented as such. The fact that an internal auditor initiates improvement is not necessarily evidence of a system that relies on internal auditors to initiate improvement. If internal auditors can't or shouldn't identify potential improvements, most of the value of internal auditing is lost. Internal auditors don't exist outside of the system--they're an integral part of it.
 

John Broomfield

Staff member
Super Moderator
#15
A failure to initiate preventive action to address a known system weakness would probably be agreed by auditee management to be a nonconformity.

The requirements (audit criteria) come from management as well as the standard.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#16
Even though most people are oblivious to ISO 19011, it contains some sound advice. When it comes to auditors personal behaviour, among other traits, it suggests:

acting with fortitude, i.e. able to act responsibly and ethically, even though these actions may not always be popular and may sometimes result in disagreement or confrontation;

As I asked before, why are internal auditors sofgrading the findings? Are they afraid of confrontation, retaliation, friction? Definitions will not make an iota of a change if people are allowed to misreport audit results.
 

Jim Wynne

Staff member
Admin
#18
A failure to initiate preventive action to address a known system weakness would probably be agreed by auditee management to be a nonconformity.

The requirements (audit criteria) come from management as well as the standard.
The documented requirements can come from the standard or from the organization's documented requirements. In my own view, there is no sense in doing internal audits against the standard, because the internal requirements should include the requirements of the standard. If you think it's a good idea to call something a nonconformity that doesn't violate a requirement, you're looking for trouble.
 

John Broomfield

Staff member
Super Moderator
#19
All the auditor has to do is ask management if they are happy to do nothing about a known system weaknesses.

Failure to take preventive action would be the nonconformity.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#20
A failure to initiate preventive action to address a known system weakness would probably be agreed by auditee management to be a nonconformity.
I don't think it would be wise to miscategorize all findings as nonconformities. ISO 19011, refers to OFI's, conformity and good practices and recommendations, IN ADDITION to nonconformities. Auditors who know how to properly report audit results should be able to properly categorize their findings so, the level of attention and reaction by the auditees, including top management would be commensurate with the severity of the issues at hand.
 
Thread starter Similar threads Forum Replies Date
G Team to analyze a non conformance Customer Complaints 26
R Non conformance (NC) or Corrective & Preventive action (CAPA) CE Marking (Conformité Européene) / CB Scheme 7
blile Increasing PFMEA occurrence ranking after non-conformance FMEA and Control Plans 4
S Non-Conformance and Deviations ISO 13485:2016 - Medical Device Quality Management Systems 4
C If it doesn't prevent a non-conformance, is it a preventive action? IATF 16949 - Automotive Quality Systems Standard 13
T Non conformance product identification and traceability 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
W Non-Conformance from recent Audit carried out on Purchasing AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 11
M What to do about Non Conformance forms that are deleted or missing? Nonconformance and Corrective Action 4
C Neglect or legitimate deferral? Is excessive workload or lack of resources in a department or a team a valid root cause for a non-conformance? Problem Solving, Root Cause Fault and Failure Analysis 12
G Non Conformance During ISO 9001 Audit - Not All Internal Audits Completed General Auditing Discussions 19
C Fact or fiction - Repeat minor becomes a major IATF non-conformance IATF 16949 - Automotive Quality Systems Standard 7
P Line accums as a non-conformance? Supplier Quality Assurance and other Supplier Issues 2
S Returned product due to Customers fault, is it a Non-Conformance? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
I AS9100D Non-conformance for 10.2.1 b 2 and 10.2.1. b 3 e and f - Corrective Action AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
P Are red non-conformance bins required anywhere in the ISO or IATF standards? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
I "We don't have enough resources" as an Audit Non-conformance Response General Auditing Discussions 14
G Informational Is Past due calibration a non-conformance if tagged "Do Not Use"? General Measurement Device and Calibration Topics 9
D Minor non-conformance for not receiving a CofC from a heat treater Manufacturing and Related Processes 10
P Minor Non-Conformance - Maintenance Records Not Fully Completed ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
qualprod Minor non-conformance for not controlling local regulation laws? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 20
GoSpeedRacer How to handle operator involvement in the non conformance ISO 13485:2016 - Medical Device Quality Management Systems 5
M Non-Conformance Report for Concession ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 15
qualprod An uncontrolled record is it a non-conformance? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
V Difference between Non-Conformance, Variance and Deviation ISO 13485:2016 - Medical Device Quality Management Systems 7
M Closing of a Non Conformance Nonconformance and Corrective Action 5
K Corrective and preventive action for Non Conformance on PFMEA FMEA and Control Plans 30
D Is Failure to achieve a Goal a Major Non-Conformance? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
W Can you have a Corrective Action without a Non-Conformance? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
K Bottle Labeling Machine Problems - Non conformance in FCMG industry Nonconformance and Corrective Action 8
M Procedure Non-Conformance=Corrective Action? Document Control Systems, Procedures, Forms and Templates 14
M Class II Medical Device Design Control Non Conformance 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 5
L Root Cause for Minor Non-conformance regarding Supplier Delegation Nonconformance and Corrective Action 5
D Calibration & Test Laboratory Non-Conformance Procedure Example wanted General Measurement Device and Calibration Topics 3
J Non-Conformance for Not Taking Exclusion AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
V Is non-conformance (incident) required for any observation in equipment qualification Nonconformance and Corrective Action 5
N Non conformance Report to Risk Management-Plan ISO 14971 - Medical Device Risk Management 16
C The prudence of combining non-conformance reports with corrective/preventive action Nonconformance and Corrective Action 10
P Definition Nonconformance or Non-Conformance? Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 4
T Non Conformance Report Training Suggestions Training - Internal, External, Online and Distance Learning 5
B Combining both Deviation and Non-Conformance Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
J Non Conformance Area Policies Misc. Quality Assurance and Business Systems Related Topics 8
P Non Conformance Reporting in GMP in the Control of Materials Nonconformance and Corrective Action 1
G Writing up BRC audit non-conformance Internal Auditing 9
M Definition Major vs. Minor Non Conformance Definitions Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 14
J Can An External Auditor Also Write The Same Non-Conformance As An Internal Auditor? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
G Management Review Non-Conformance - Meeting Measurable Goals and Objectives ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 14
T External Communications - Should this have been raised as a Minor Non-Conformance? Miscellaneous Environmental Standards and EMS Related Discussions 12
W Internal Audit Non Conformance Tracking Logs and NC Systems ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Q Non Conformance Closure by including it on another Corrective Action ISO 13485:2016 - Medical Device Quality Management Systems 8
B FDA Requirements for Retaining Non-Conformance Tags (Medical Device Manufacturers) 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2

Similar threads

Top Bottom