Correction, Corrective Action and Preventive Action

 

• ISO 9000 Definition
• Expanded Definitions
• Differences between CA/PA and Correction
• Simple Example of Correction, CA, and PA
• Buy Corrective/Preventive Action Procedures & Forms

A critical requirement of ISO 9001 is corrective & preventive action (Sec. 8.5.2-3), and we are often asked the difference. Here is a quick evaluation and example to help you:

ISO 9000:2005 Sec. 3.6 defines them as follows:

• Correction - Action to eliminate a detected nonconformity
• Corrective action - Action to eliminate the cause of a detected nonconformity
• Preventive action - Action to eliminate the casue of a potential nonconformity

To expand on these definitions a bit

1. Correction: When a problem occurs, you need to keep several aspects in mind.

• Determine the magnitude of the problem.
• Determine how to prevent it from getting bigger.
• How to address current situation.

You could call this – Damage Control.  Although this correction takes steps to correct the problem it has no bearing on cause.

1. Corrective Action: Now determine if the importance of the situation requires further action:

• Was it a big deal?
• What’s the chance it will happen again?
• Estimate of any future threat

The causes need to be looked into to prevent recurrence if it was a big deal.

1. Preventive Action: First you need to assess the risk and mitigate it based upon severity. The following tools are helpful: Source: Carnegie Mellon University

• Checklists
• FMEA - Failure mode & effects analysis
• Hazard and operability analysis (HAZOP)
• Fault tree analysis (FTA)

Difference between:

• Correction & Corrective Action –
  • HIGH risk/impact/frequency - Correction fixes the CURRENT set of issues while Corrective action prevents it from happening again by looking at causes
  • LOW risk/impact actions are similar since likelihood of reoccurrence is low
• Corrective & Preventive Action - the damage is already done in corrective action

Simple Example to demonstrate the differences

A customer orders 500 parts, but only 450 are delivered.

• Correction –  Fix the current issue
  • get the customer 50 more parts
• Corrective Action – Why were we short?
  • Operator miscounted 9 boxes of 50 as 10 boxes of 50
• Preventive Action – make sure it doesn’t happen again
  • Weigh products on scale so you know if quantity is met

ISO 9001 requires the organization to have a documented procedure for corrective an preventive action.

Note: The combination of corrective action and preventive action documented procedures into a single QMS document is acceptable, but is not recommended. If these are combined, then it is important to verify that the organization understands clearly the difference between the intent of corrective and preventive actions.

ISO9001 AUDIT - Corrective Action Acceptance Guidelines

TÜV SÜD Hong Kong Corrective Action Acceptance Guidelines:

Objective: The intent of this section is to provide a consistent set of criteria for the development and acceptance of corrective action responses. These guidelines apply to all standards (QMS and EMS). They are intended for both TÜV auditors and audited organizations to help them understand how nonconformities must be addressed.

1. Was Correction to eliminate existing nonconformity completed?

Describe actions taken under “Correction of Nonconformity.” (for example, Completed missing internal audits; Conducted supplier evaluations; Segregated nonconforming material, etc.)Provide evidence that actions were taken.


2. Have the appropriate causes been identified?
Consider the following:
·  what caused the actual nonconformity
·  what allowed the problem to occur without being detected internally
·  what part of the organization’s processes failed to address this issue or is the organization lacking a specific process, method, etc.
The cause shall not be a repeat or rewording of the nonconformity statement or the objective evidence.

3. Has corrective action been determined for each identified cause?
Each cause must have an identified action that eliminates / addresses the specific cause(s) and prevents recurrence of the nonconformity.

4. Has appropriate evidence been provided to verify that actions taken have been implemented and are effective?
It is the responsibility of the organization to provide evidence of internal verification of the corrective action(s), or a plan to do so.


The Lead Auditor will provide due dates for submitting evidence of implementation. This could vary depending on the circumstances and standards involved.