Corrective actions and non-conformities in ISO 9001

Corrective actions and non-conformities in ISO are the way that we track mistakes that happen within our organisation. In previous blog posts, I have mentioned multiple times that an ISO Certification does not mean that a company has perfect products and service and that no mistakes are done.

An ISO 9001 Certification means that a company has implemented a management system to monitor its processes, which therefore results in better visibility of the activities carried out within the business. Moreover, an ISO certification creates the basis to create systems for preventive care for people, equipment and other systems. And this idea of continual improvements renders the cost for ISO certification worthwhile. Here’s how.

Corrective actions and non-conformities in ISO
Corrective actions and non-conformities in ISO

Non-conformities in ISO

Non-conformity in ISO means that there was some kind of mistake, error, or defect – something didn’t go as planned. This can be caused within our organization, resulting in an internal defect. Should the defect go on undetected, eventually it would be detected by the client, resulting in a customer complaint. Another source of non-conformities might be internal audits when following the criteria set by the ISO 9001:2015 standard.

Naturally, the sooner we identify defects (non-conformities), the better it is – as less value-added activities would have been carried out on the defect – meaning that the mistake would be less costly. Another source of non-conformity could be our suppliers, as defined within the supplier management for ISO 9001. They could provide a defect product or service which would hinder us from doing our job correctly.

Whenever there is a non-conformity, the following 2 actions must be done:

  1. Handle the non-conformity there and then. Solve the mistake and ensure that the customer or supplier are handled in an appropriate manner.
  2. Ensure that the mistake does not happen again – this is done through corrective action (see below).

Corrective actions ISO

Corrective actions as per ISO standard refers to any actions that we take to prevent an error from (re)occurring. We are human and mistakes do happen – however we cannot let this stop us from continually striving for perfect – an ideal that will never be reached.

We must design systems, train people, change suppliers, and better inform our customers, to make sure that mistakes that were done in the past are not repeated.

Naturally, by taking a look at some examples of internal and external issues, we can find areas that can be improved before we make the mistake ourselves.

“Learn from the mistakes of others. You can’t live long enough to make them all yourself.”

Eleanor Roosevelt


Corrective actions and non-conformities in ISO are the basis for continual improvement and are one of the ISO 9001 certification requirements, and they are to be discussed during the management review meeting. The idea is to give some ideas and examples of what type of quality objectives the company should go for. You don’t need to get an ISO certification to implement these ideas. You start from where you are right now. Both in business and in life. Find a mistake that you recently did, and find ways to mitigate it. Ideally, you’d also have a system for organizational knowledge-based as per ISO 9001, to make sure that everyone within your team is informed about the important lessons being learnt. Let’s take a simple example:

Non-conformity: You’re stuck in traffic, and you’re running late for a meeting.

First of all, the first thing you should do it to mitigate the current issue. This is done by getting touch with the people you are meeting to advise them about your tardiness. That way, you wouldn’t keep them waiting – they’ll either start without you, or they’ll have to reschedule.

Then, when you are in a quiet place, think about the reason why you were late. You can use various lean principles to identify the problems, including DMAIC, 5Whys, Fish-bone diagrams, FMEAs etc. In this case we’ll use a simple 5Why.

  1. Why late? Stuck in traffic
  2. Why problem that stuck in traffic? Left home slightly late (not allowing room for traffic – which is a known factor in your area)
  3. Why left home late? Woke up late
  4. Why woke up late? Slept later than usual
  5. Why slept later than usual? Couldn’t stop watching Netflix

From the above, it is evident that the true reason for being late isn’t some external reason (traffic), but rather a totally internal reason (Netflix). By using the above methodologies to identify root causes for improvement, we are bound to start taking responsibility for our own actions and making sure that we don’t repeat mistakes.

Similar Posts