6 Common Causes of Non conformance with ISO 9001:2015
If you’re aware of the common causes of nonconformance with ISO 9001:2015, you can help your organisation take steps to avoid them.
A nonconformance is the nonfulfillment of a specified requirement. Here are the six nonconformances most commonly uncovered in audits.
Common nonconformances by clause
These nonconformances are among those most often experienced by organisations as they transition to ISO 9001:2015. We break them down by clause.
Clause 4
Two of the most common ISO 9001 nonconformances relate to Clause 4 of the standard. They are:
- failing to identify and define interested parties
- failing to monitor and measure processes.
Clause 4 requires that an organisation assess the full context for its business and quality goals, and then map out the scope and processes for its quality management system (QMS).
Aspects of the organisation’s context to determine and monitor include:
- internal and external issues influencing quality objectives
- the needs and expectations of interested parties (those who influence and/or are affected by the QMS).
As of 2024, organisations are also required to consider whether climate change is a relevant issue – and to consider whether interested parties have requirements related to climate change.
Once issues and requirements have been determined, it’s possible to determine the scope for a QMS.
Then all processes, procedures and work instructions for meeting quality requirements must be properly defined, and the processes must be implemented, monitored, and reviewed.
Clause 6
Clause 6 of ISO 9001:2015 requires planning of risk management and the management of quality objectives.
The standard requires a risk evaluation across the entire organization – including its supply chain. Often, risk is not properly evaluated in parts of an organization’s operations, such as warehousing or third-party/supplier processes.
Clause 6 also requires planning for managing changes to the QMS. This should involve a clear set of actions. Auditors often find that this isn’t effectively implemented.
Clause 7
It’s mandatory to ensure accuracy with measuring devices. A frequently reported nonconformance involves using the inappropriate tool or measuring device for a particular measurement – causing the result to be inaccurate.
Also, ISO 9001:2015 introduced a requirement for organisations to improve their knowledge and document this. It’s essential to maintain records of acquired knowledge, training or education.
Auditors frequently find that this hasn’t occurred. An example is failing to retain training records.
Clause 8
Clause 8 focuses on the control of operations. This should be carefully examined when an organization is preparing for an audit.
Often, auditors find that first piece inspections are ineffective and not properly documented.
Receiving inspections are also cited as ineffective. The process for approving and disqualifying vendors that aren’t up to code often isn’t defined. Many organisations also aren’t clearly defining materials involved in their processes.
Clause 9
Clause 9 requires a system for monitoring, measuring and analysing new procedures. It also stipulates the need for audits and management reviews.
Nonconformances associated with this clause often relate to ineffective or incomplete internal audit systems.
Clause 10
This clause addresses the requirement for continuous improvement. It focuses especially on opportunities for improvement, corrective actions and management of nonconformances.
The most common audit failing that relates to Clause 10 is recording customer complaints but failing to define, document or fully implement corrective actions in response to these.
Minor versus major nonconformances with ISO 9001
A non-conformance is any failure to conform to an ISO 9001:2015 requirement.
Based on the severity of nonconformances, third-party auditors decide whether to recommend a QMS for initial certification, continued certification, or recertification.
So, what’s the difference? Primarily, the difference is based on how the non-conformance impacts the organisation’s QMS or product.
Definition of minor non-conformance
A minor nonconformance involves a single observed lapse or isolated incident. It’s unlikely to result in certification failure.
Examples of minor nonconformances are a single unauthorized change to a document, a missing training record, or an instrument that’s incorrectly calibrated.
Definition of major nonconformance
A major nonconformance is a total breakdown of the QMS or one of its processes, evidence of a significant failure in the QMS, or the failure to address a key ISO 9001 requirement.
This could threaten an organisation’s ability to assure controlled processes, achieve its goals, or protect its customers.
Examples of major nonconformances are a pattern of unauthorized document changes, critical purchases made from unapproved suppliers, or untested products being shipped.
Impact of ISO 9001 nonconformance
The average number of minor nonconformances revealed during an audit is four to six.
The discovery of a nonconformance with ISO 9001:2015 isn’t necessarily negative. It’s an opportunity for your organisation to take corrective actions and improve overall quality.
Discovering minor issues during an internal audit or management review can also prevent long-term significant problems and barriers to ISO 9001:2015 certification.
If an auditor finds one or more major nonconformances, certification won’t be recommended.
It’s worth investing time and energy to avoid both minor and major nonconformances.
