Helmut Jilling
Auditor / Consultant
That's OK. The ISO definitions apply the same to TS-16949. They are the same definitions. It might be useful to review them.
Preventive Action (PA) and Corrective Action (CA) - One or Two Procedures?
- Thread starter CarolX
- Start date
- Status
That's OK. The ISO definitions apply the same to TS-16949. They are the same definitions. It might be useful to review them.
A
Art - 2008
Helmut is right.
Corrective action is action taken to eliminate the cause of a DETECTED nonconformity to prevent RECURRENCE, whereas preventive action is action taken to eliminate the cause of a POTENTIAL nonconformity or other undesirable situation, to prevent OCCURENCE.
Identify DETECTED nonconformities that relate to your - products; QMS processes; resources; suppliers and outsourced work; product shipped to customers; customer complaints; and exception or TGR (things gone wrong) reports.
Sources of information for finding POTENTIAL QMS nonconformities include – analyses of data (see clause 8.4); audit results; cost of quality reports; quality records; service reports; supplier performance; customer satisfaction feedback; management review records; lessons learned from past experience; SPC charts and analyses.
Your procedure(s) must document your controls relating to identification and evaluation of root cause, actions taken and follow up relating to:
1) Actual (detected) nonconformities to prevent re-currence.
2) Potential conformities to prevent occurence.
The decision to have one or two procedures is irrelevant as long as you address these two fundamental control requirements.
You'll notice the source of information for each is differwnt even though the methodology for addressing them may sometimes be the same.
Other factors that may impact your decision to have one versus two procedures may be the size and complexity of your company; variety of methods used; how decentralized and flexible the c/a or p/a process is, etc.
My experience both as an Certification Body Auditor and as a Consultant is that:
1. Most companies don't understand the difference between c/a and p/a.
2. Those that have both c/a and p/a in one procedure don't do much p/a. Rather they view taking action to prevent re-occurence as p/a.
For those interested, there are ISO interpretation publications on this topic. Just browse their website.
Corrective action is action taken to eliminate the cause of a DETECTED nonconformity to prevent RECURRENCE, whereas preventive action is action taken to eliminate the cause of a POTENTIAL nonconformity or other undesirable situation, to prevent OCCURENCE.
Identify DETECTED nonconformities that relate to your - products; QMS processes; resources; suppliers and outsourced work; product shipped to customers; customer complaints; and exception or TGR (things gone wrong) reports.
Sources of information for finding POTENTIAL QMS nonconformities include – analyses of data (see clause 8.4); audit results; cost of quality reports; quality records; service reports; supplier performance; customer satisfaction feedback; management review records; lessons learned from past experience; SPC charts and analyses.
Your procedure(s) must document your controls relating to identification and evaluation of root cause, actions taken and follow up relating to:
1) Actual (detected) nonconformities to prevent re-currence.
2) Potential conformities to prevent occurence.
The decision to have one or two procedures is irrelevant as long as you address these two fundamental control requirements.
You'll notice the source of information for each is differwnt even though the methodology for addressing them may sometimes be the same.
Other factors that may impact your decision to have one versus two procedures may be the size and complexity of your company; variety of methods used; how decentralized and flexible the c/a or p/a process is, etc.
My experience both as an Certification Body Auditor and as a Consultant is that:
1. Most companies don't understand the difference between c/a and p/a.
2. Those that have both c/a and p/a in one procedure don't do much p/a. Rather they view taking action to prevent re-occurence as p/a.
For those interested, there are ISO interpretation publications on this topic. Just browse their website.
C
cbhigdon3
Simple button click in our database between CA and PA. Easy list/query to show an auditor that we're not just reacting, but trying to be proactive.
A
Art - 2008
In my post yesterday there is a typo which I have corrected below:
Your procedure(s) must document your controls relating to identification and evaluation of root cause, actions taken and follow up relating to:
1) Actual (detected) nonconformities to prevent re-currence.
2) Potential nonconformities to prevent occurence.
The typo was in point 2 above. The original post said "conformities" instead of "nonconformities".
A nonconformity in my post, literally. LOL
Regards,
Art
Your procedure(s) must document your controls relating to identification and evaluation of root cause, actions taken and follow up relating to:
1) Actual (detected) nonconformities to prevent re-currence.
2) Potential nonconformities to prevent occurence.
The typo was in point 2 above. The original post said "conformities" instead of "nonconformities".
A nonconformity in my post, literally. LOL
Regards,
Art
C
cdagnan
Why all this discussion about 1 or 2 procedures the standard does NOT require 1 or 2 only that they are documented.
This could be in a variety of places: e.g. product fialure, project pre-planning, annual goal setting, anywhere where we think about what could go wrong - and put in place a preventative action to prevent it, or anywhere where some thing has already gone wrong, (overbudget, late, too many returns, staff leaving etc) and the corrective actions to get it back on track/tareget/spec.
Do not limit you thinking to widgets and whether they are correct or not.
This could be in a variety of places: e.g. product fialure, project pre-planning, annual goal setting, anywhere where we think about what could go wrong - and put in place a preventative action to prevent it, or anywhere where some thing has already gone wrong, (overbudget, late, too many returns, staff leaving etc) and the corrective actions to get it back on track/tareget/spec.
Do not limit you thinking to widgets and whether they are correct or not.
P
potdar
Just to introduce some new thought, there is no need to limit our thinking to one or two procedures. The standard does not stop anyone from writing more than two procedures if one feels like it.
W
winchm
:mg:more is not better - once a procedure is released it has to be maintained and that's not a easy task if re-organization is the norm. I'm attaching an ISO training piece I use in preparing groups for audits. 
J
JaneB
Yes, exactly so. Well said.
This argument about 1 or 2 (or 6 whatever number of mandatory procedures are required) keeps rearing its head over and over.
Hopefully this will die out. The revision to the forthcoming 2008 version of ISO 9001 has added the following clarifying note (Note added under 4.2.1, Documentation Requirements, General') bolding mine:
It should help keep the focus on outcomes where it belongs - what do you do to identify failures & prevent them? - rather than how many procedures one has. Documentation always, always, always depends (or should!) upon the size of the organisation, its activities, its processes, & the competence of personnel.
Oh yes, and there's a second Note added in (same place) to that effect, as well. Information to that effect is in 0.1 (Introduction) currently, but seemed to have been often overlooked.
Last edited by a moderator:
Peter Fraser
Trusted Information Resource
Jane
Thank goodness the message may be getting through at last! I would hope that most managers try to:
i) avoid problems / things going wrong
ii) help others in the company to do the same
iii) ensure operating consistency
iv) describe how things should be done so that i) - iii) can be achieved.
If they do that before they look at ISO9K, they shouldn't need to "make up" documents - the chances are that the way they recruit staff, take on new work, select suppliers etc already recognises potential problems and reduces the risk of something going wrong. You don't "do" preventive action every Friday afternoon, then get on with running the business the rest of the week. It should be built in to every day operations.
A
amitmisra4
hi this depends upon the requirement of your industry, if your present system is functioning well then y u r considering for 2nd .
Hello Friends,
Just curious as to what the rest of you are doing.
I currently have one procedure for both, and I am considering making two seperate procedures.
What are you doing?
Thanks,
CarolX
- Status
Similar threads
