When a process or system is established, it is the intention for it to run per the plan/specification. However, every process, irrespective of whether it is performed by humans or machinery, will show a certain degree of variation in its results/output. As part of process design and validation, the allowable variation is usually pre-established as tolerances.

Whilst it is acceptable for a process to deviate within its allowable tolerances if it exceeds these tolerances a non-conformity is said to have occurred. These tolerances could have been set in procedure, control plans, quality plans, design drawings or via other process/systems control tools. Sometimes a non-conformity does not necessarily always lead to a defective product or service, but the presence of a non-conformity suggests that the process/system is not running within its variation parameters intended.

A non-conformity can arise from the operations process as described above or the quality management system itself- when intended activities/processes fall out of the pre-planned tolerable limits eg. Internal audits not carried out as scheduled.

When a non-conformity occurs, it must be corrected. This might involve immediate removal of defective products and adjustment of settings or other interventions to restore to a state of conformity. However, this is not the end of the corrective action; for corrective action to be complete, an effort needs to be made to identify the root cause of the non-conformity and put in place action that will prevent the cause of the non-conformity from happening again.

These three key words form the basis of achieving continual improvement from data and information obtained from the measurements of product/service or the management system itself. Non-conformity, correction and corrective action.

P.S it is important to note that the old terminology of ‘preventive action’ has been removed from ISO systems as this was quite confusing in use.