Common Nonconformities

Have you ever wondered what are the most common nonconformities found by third party auditors?

A third party auditor’s role is to examine your system and if necessary identify any nonconformances.

In ISO 17021, a nonconformity is defined as:

failure to fulfill one or more requirements of the management system standard, or a situation that raises significant doubt about the ability of the client’s management system to achieve its intended outputs.

A nonconformity can be identified as a “minor” meaning failure to comply with a requirement which is not likely to result in management system failure, in many cases a single observed lapse or isolated incident. A nonconformity identified as a “major” meaning an absence or total breakdown of a system to meet a requirement, in some cases a number of minors related to the same clause or requirement.

A training session we recently attended by a major global registrar identified sample data from the year 2009 from over 18,000 minor nonconformities found.

The top 5 ISO 9001 minor nonconformities found were:

7.6 Control of Monitoring and Measurement Equipment- 32%
4.2.4 Control of Records – 20%
5.6 Management Review – 20%
4.2.3 Control of Documents – 16%
6.3 Infrastructure – 12%

The top 5 AS9100 Aerospace, 9110 Maintenance , and 9120 Distributors minor nonconformities found were:

7.5.1 Control of Production and Service Provision – 36%
4.2.3 Control of Documents – 26%
8.5.2 Corrective Action – 14%
8.2.2 Internal Audit – 13%
4.2.4 Control of Records – 11%

The top 5 27001 Information Security Management System (ISMS) minor nonconformities found were:

Clause 6 – ISMS Internal Audit – 32%
8.2 Corrective Action – 26%
4.2.1 Establish the ISMS – 22%
4.3.2 Control of Documents – 11%
4.3.3 Control of Records – 9%

The top 5 14001 Environmental Management System (EMS) minor nonconformities found were:

4.3.2 Legal and Other Requirements – 30%
4.4.6 Operational Control – 24%
4.5.2 Evaluation of Compliance – 23%
4.5.3 Corrective and Preventive Action -12%
4.5.5 Internal Audit – 10%

The results show that control of documents and control of records are, and have been for a long time an issue. Another common thread is corrective action and internal audit results.

The Quality Guru asks: What are your organizations most common audit nonconfromities, and what is working for you to eliminate them?

Looking to improve your audit results? Contact us – we deliver process based internal auditor training for all these management systems.

Leave a Reply