Preventive Action


Quite Involved in Discussions
Some PA:
contract review
preventive maintenance
new supplier evaluations
training on new hires

Bruce Wade

Now you people are getting me to question my rationale...

ARUMPLE: If you are responding to trends of nonconformances, would that not be corrective action? "We noticed a trend of bad stuff coming out, we took appropriate action and no more bad stuff came out." You may have prevented future occurrences, but did you not really identify and correct a condition which was already causing nonconformance...

gpainter: Are these actions not required by other clauses of ISO 9001:2000? For example, the organization is required to train new hires until they are deemed aware and competent. I would think it would be an undefendable position to suggest required training is preventive action. "They would have failed, if we had not trained them. Therefore, we prevented their presumed failure."

And contract review: How do you document the effectiveness of any individual contract review? "If we hadn't asked and confirmed the Clients requirements and our ability to fufill same, we probably would not have built a product that conformed to their needs."

Calibration is also required, to prove measurement is reliable and valid. Preventive maintenance is part of ensuring the infrastructure is adequate to ensure production of conforming product. New supplier evaluation is also required, although, in the new standard, less documentation seems to be indicated.

I know this reply probably comes off more "catty" than I intend. Sorry for that, in advance. I really am becoming confused. Please help me out...


Laura M

One of the test questions on my ISO auditor exam was regarding which clauses (old standard) provided for preventive action. So gpainter actually listed answers to that question.

I stand by my original answer. For a company who's primary focus is shipping, then anticipating the bad weather and training for it is preventive action. Once documented it becomes part of the training process.

But a further response is not to have a list of examples for an auditor. What process led you to decide on the training? A management review? An employee suggestion?

Develop a flow diagram that shows all the input to preventive action, how management decides which to implement, and who verifies it gets done. The actually preventive action may not be on any form - but evidenced in the various processes that generate it. You don't need a form. I've passed audits without a form, but showing how the inputs feed into management review, and management decides where to spend the resources.


M Greenaway

Well said Laura.

Lets remember that the ISO9001:1994 standard used to say in its pre-amble bits that the whole standard was devised to 'prevent' nonconformance. Hence everything you do in your ISO system is a preventive action.

The caluse in the standard I think relates to identifying new potential causes of nonconformance, and as has been previously discussed at great length in this forum it is a totally unauditable clause if we take the literal ISO definition of 'preventive action' because an auditor could not determine if preventive action was necessary during an audit.


Quite Involved in Discussions
Yes they are requirements of the standard as is PA.

training on new hires- we have orientation training which is mostly Safety,QMS, and general intro of the company and its policies. This is all to prevent problems ( they know they have to have safety glasses,they know about our QMS, they know what time the shift starts, how many days they can miss, etc. In OJT, they are made aware of our quality standards, so they can produce parts without problems.

contract review- we check several things before we accept a PO. Credit to make sure we get paid
Material Availibility so we have the material when it needs to be run
Current Revision so that we make sure we will produce what they want

calibration- we calibrate to make sure the instrument measures correctly and based on trends recorded during calibration adjustment of the interval to prevent instrument from being out of calibration

Hope this helps


No, To clarify this, if a machine is processing orders lets, say 100 parts per order. The machine also runs 1000 different part numbers. Using your monitoring of product techniques,the operator notices a quality trend between the lots of part, and after reviewing other groups, believes it's associated with a variable (rotary table). He completes the preventive form that starts the chain of events per ISO standard. since all parts are acceptable, it is not a correction! The process performer (operator) is aware of their capabilities and notices a poorer quality trend and believes it has potential to produce a nonconforming product or in the service industry dissatisfaction.
See ISO 9004-2000 section 8.5.2/8.5.3 which is under improvements
Have fun using the standards intent!

Bruce Wade


I see your point. However, what would the quality trend be that was noticed?

If you were monitoring increasing variation in the process that could lead to parts not conforming to a clearly defined standard if the trend continued, you are tightening process control. Monitoring and responding to process control is also required in the standard. I am still not sure this would be preventive action.

Just fishing here:
If you noticed a problem on one production line that might suggest a potential problem in a similar operation on another production line, addressing the problem on the second line before it occurred there would be preventive action.
Or if you noticed an item in accessible information which suggested a supplier may have had an unreported problem in product quality somewhere other than your facility, and used the information to go back and inspect, or inspect more fully, material the vendor had previously supplied for similar defects, this would also be preventive.
Or if the weather service predicted a major storm, moving work in process to a more secure facility would be preventive action.

And I also see the point that I might be expecting too much, here. I have heard from registrars and consultants that anything done to reduce/eliminate variation, including contract review and training is preventive.

I was only looking to describe those instances where a clearly definable action was explicitly taken, separate from the overall invocation of the QMS...


the monitoring activity itself in the standard states; carries out in accordance to planned arrangement they are met, stages, evidence of conformity, records product service release etc. plus some other in Aerospace industry. these are all "given" preventiveness. I do not see a proactive approach to this section other others that connects and involves people(owner/performer) to the quality efforts.
We like to keep it this simple.
Here's some more; reoccuring customer complaints, management review, other & audits. I'm sure you have some auditors (IQA) or (EQA) out there that feel a potential to improve the processes of the quality management system. I go into get dialog of learning from their values. If the weather changes example, management has the power to give authority and responsiblities to people that make the right decisions. The preventive action process is in the QMS too co does it not connect to the other requirements. The most important thing is what you do with the information.I use it to drive the system.
The registrar stated on report it was an excellent approach.


Carl Exter

C Emmons said:

Is there a reason that Training could not be considered a Preventive Action?

For instance: Transportatin Industry - Winter coming - want to try and prevent accidents - If we initiate a special "Defensive Driving in the Winter Month" training course for all of our drivers - could we document that as a preventive action??

FWIW, I believe that many things can fit into more than one category. Is it training? contract review? preventive action? or all three? ISO9004 equates preventive action with loss prevention. From what I gather, the idea behind the preventive action clause is to require companies to systematically plan for loss prevention. I think that anything that can be equated with loss prevention can be considered a PA whether or not it can also be considered as training or infrastructure or what have you.

But I've been wrong before....:smokin:
Top Bottom