10.2 What is Non-Conformance? [ISO 9001, with Procedure]

What Is Non-Conformance In Terms of ISO?

Nonconformity is the failure to meet one or more of the existing requirements in ISO 9001. When an organization finds itself outside of regulatory boundaries, it must get the problem under control before continuing business.


ISO 9001 is the international standard that underlines the requirements for a quality management system (QMS). It ensures that an organization continues to offer quality products and operates correctly under its regulatory measures. If an organization isn’t operating up to standard, it’s called non-conformance.

ISO 9001:2015 ISO 9001:2008 Summary of Changes
10.2 nonconformity And Corrective Action 8.3 Control Of Nonconforming Product

This requirement is comparable to Clause 8.3 - Control of Non-conforming Product and Clause 8.5.2 - Corrective Action. There is an additional requirement for organizations to determine whether other similar non-conformances exist or have the potential to exist.

There is also a new requirement for an organization to determine whether changes are required to the QMS in order to prevent a re-occurrence.

Note the new requirement to record the nature of non-conformities as well as the subsequent action(s) undertaken.

8.5.2 Corrective Action

Nonconformity can be found at any level of an organization’s operations from quality control and manufacturing to personnel procedures. If Non-conformance persists, it can lead to the company’s overall demise, as these standards are in place to ensure everyone is playing by the same rules.

Within the ISO 9001 standards, two different types of nonconformity (major and minor) exist. We will delve more deeply into these types later on in this discussion. Keep reading to find out more about ISO 9001 nonconformity, what to do if it occurs, and how to correct the issue.

Stormtrooper non-conformance

What is ISO 9001 Non-Conformance?

First of all, non-conformance is ubiquitous. It can happen anywhere in a business. It isn’t limited to one area of production or management.

For example, nonconformity can occur when a manufacturing procedure results in a reduction of quality and does not get immediately addressed.

Conversely, a nonconformity issue can arise if personnel step out of line of the readily available standards regarding employees. Thus creating more issues down the chain of production and quality management.

The goal of the ISO 9001 standards is to ensure quality and safety for employees and the customer.

By entering the realm of non-conformance, a company risks the health of their employees and possibly of their customer base. That is why it is important to recognize nonconformities early.

Non-conformance should first be recognized by coworkers or supervisors before the issue reaches the audit stage. If an auditor notices nonconformity to the standards, it is the job of the audited organization to fix this issue promptly before it affects the greater goal of the company.

Many companies have a goal to satisfy their customer base, and the ISO 9001 standards are there to ensure that this goal is met.

Therefore, nonconformity to these standards may result in unhappy customers. Another main goal is to keep employee morale high, and these standards also help to do just that.

Without these standards, organizations would not be held accountable for their actions and business practices.

Auditors recognize nonconformities to the requirements in order to check the power of companies and make sure they are complying to the necessary regulations that exist within their field.

ISO 9001 Nonconformity: What to Watch Out For

  1. One or more failures to meet the regulatory requirements 
  2. One or more failures to meet quality standards
  3. Personnel noncompliance
  4. Production chain noncompliance or irregularity

It is important to remain knowledgeable as standards change to ensure your business is on par with the correct requirements.

If a nonconformity is noted, immediate action is required to set the business back on the best course.


Minor vs. Major Non-Conformance

The difference between minor and major non-conformance is normally the amount of corrective resources needed to get the business back on the right track.

An auditor will determine the level of nonconformity by analyzing the infraction and the steps needed to correct it.

Minor non-conformance includes happenings or actions that are not listed in the ISO 9001 requirements, but it does not detrimentally affect the operation or quality control of the entire business.

This may include a single event or a low-risk situation, like a momentary lapse in managerial judgment.

An auditor will likely deem a situation minor non-conformance if there is no noted effect on later processes or operations.

Minor nonconformities include a missing training record, a single unauthorized document alteration, or one machine past its calibration date.

Anything that can easily be fixed by noting the violation is usually considered minor. The less time it takes to fix the issue, the more time can be spent operating efficiently and safely.

Major non-conformance is quite different. This would be a procedure-altering violation that entirely prevents the business from operating at QMS or ISO 9001 standards. These mistakes can result in loss of productivity and a major decrease in customer satisfaction.

Major nonconformities that an auditor might look for are multiple unauthorized document alterations, unauthorized purchases from unknown suppliers, and absence of important legal documents.

When minor infractions happen continuously, this can also be considered a major nonconformity.

Both minor and major non-conformance issues must be addressed immediately if the business is to continue running.

It is important to remember that minor infractions can become major problems in the long-term. Don’t let minor problems compound into major nonconformities.

Minor Nonconformities

  • Single events and small slip-ups that can be easily corrected
  • One unauthorized document alteration
  • Isolated personnel incident
  • One missing document

Major Nonconformities

  • Multiple and/or huge violations of requirements
  • Many unauthorized alterations to documents
  • Multiple missing or unsigned documents
  • Problems that negatively affect operations and processes

Maintaining organized and detailed documentation will help you avoid these nonconformities. However, if your company is having trouble with the requirements, there are ways to address the problem promptly so that no further issues occur.

non conformance audit checklist

How to Correct Nonconformity

If a nonconformity has been identified, a non-conformance report (NCR) can be filled out by supervising personnel. NCR’s will help keep the problem under control and are the first step toward fixing the infraction.

A non-conformance report should notify the violator of the ISO 9001 requirement that is being violated, detail the infraction, and outline a plan of action for fixing the violation.

NCR’s should be constructive rather than reprimanding. They should be thorough so that the violator knows exactly what went wrong and how to fix the problem. This will ensure that the nonconformity does not happen again. Here is a list of information to include when filing an NCR.

Non-Conformance Report

  1. ISO 9001 requirement that is being violated
  2. Circumstances surrounding the violation (what went wrong)
  3. Plan of action to correct the problem
  4. Details on how to prevent the problem in the future

The first step in correcting nonconformity is identifying what went wrong in the first place. You must be specific when noting the exact ISO 9001 regulation that is being violated. By identifying the issue more specifically, the corrective action can then be targeted more precisely.

The second step will show the violator exactly what went wrong on their part. This way there is no question of how the requirement is violated. Also, by telling the person what went wrong, this ensures it won’t happen again.

The third step is to create a plan of action. This is arguably the most important step and doing it correctly will hopefully fix the violation so that minor problems don’t become major nonconformities. The plan of action details how to fix the problem and outlines a positive outcome for the employee.

However, if the employee fails to carry out the regulatory plan of action, this can result in disciplinary action on behalf of the supervisory team. If the employee successfully fixes the problem and returns the business to compliance, the NCR should also outline how to maintain compliance for the future.

A well-written NCR foresees that this problem can happen again and takes measures to inform and ensure that the same mistake is not made twice. A good supervisory team will make note of violations to ISO 9001 and how they overcame them, rather than hiding their mistakes for them to grow larger.

The keys to a great NCR are not just what goes into the report but how it is presented. If you happen to be the one noting the violation, it is important to present the report thoroughly with good grammar and concision. Remember that someone will be following your instruction to fix the issue.

You must also have a good grasp on ISO 9001 yourself in order to know how the violator is out of line and how to get them back on track. Also, you must remain up to date, as this information can change frequently.

The call to action must be just that, a call to get the violator moving back toward the original standard. Time is often money and even safety in these circumstances, so your instructions must be clear and concise.

As you can see, it is important to be on top of your regulatory standards. It can be easy to focus too closely on the day-to-day and lose sight of what is best for the company in the long-term. Here is a list of the most important takeaways from this article, in case you need a quick refresher on all things ISO.

Non-Conformance Important Information

  1. Know your ISO 9001 regulations
  2. Be aware of violations and report them as soon as they occur
  3. Don’t let minor violations compound into major ones
  4. If a major violation does occur, file an NCR to correct the problem

With these steps in mind, you and your business can flourish rather than flounder. ISO 9001, when used as a guideline for best practices, can help your business gain better productivity, quality assurance, and a satisfied customer base.

Related Information You Might Find Useful

Next ISO 9001 Clause

Each ISO 9001 Clause Explained

Updated: 26th February 2022
Author: Richard Keen

Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard

ISO templates

Don’t Try to Manage It All Alone!

Our ISO Auditors and Quality Manager Trainers have been in this industry for years, and since 2002 we’ve been providing thousands of small businesses and large corporations with the tools they need to get certified.

Instead of trying to create everything you need to follow this process from scratch, use ours. We have procedures, templates, checklists, process maps, forms and gap analysis tools to help you control your documented information without missing a single input or output.

Before you invest all the hours reinventing the wheel, before you spend countless dollars outsourcing the task — try our templates.

ISO 9001
ISO 14001
ISO 45001

Nonconformity & Corrective Action Procedure

The purpose of this procedure is to establish the process for identifying, documenting and analyzing nonconformities and mitigating their impacts by implementing appropriate corrective actions. Your organization’s quality management system is geared toward the proactive elimination of actual and potential deficiencies.

Nonconformities in products, services, processes and our management system are investigated and action implemented to prevent their occurrence.

Forms & Reports also included:

  • Control of nonconformity & Corrective Action Process Activity Map
  • Authority Matrix
  • Corrective Action Process Map
  • CAR & SCAR Log
  • Corrective Action Request
  • Supplier Corrective Action Request

>> Free Download - Control of Calibrated Equipment Procedure - this will give you a good idea of what to expect when you purchase the procedure.

>> I'm looking for more Procedures

$19 USD

add to cart

$19 USD

add to cart

$19 USD

add to cart

ISO 9001 + ISO 14001 IMS Corrective Action Template, Procedure + Tools + Guidance

  • Nonconformity & Corrective Action Procedure - view sample
  • Nonconformity & Corrective Action Process Overview (Turtle Diagram) - view sample
  • Corrective Action Process Map
  • Corrective Action Report
  • 3W (Who, What, When) Action Plan
  • Corrective Action Tracker - view sample
  • 5-Whys Worksheet
  • 8D Worksheet
  • Action Items Log
  • Improvement Activity Form
  • In-depth Guidance; including Root-cause Analysis Process - view sample

Everything you need to prepare for, manage and tighten up your Corrective Action documentation.

$35 USD

add to cart

  • Written in International English
  • Fully-editable MS Word or Excel files, compatible with Google Docs and Apple Pages
  • All the templates use styles – making reformatting and rebranding a breeze
  • Immediate download

Pay by Credit Card, Debit Card, PayPal or Apple Pay.
Credit card, PayPal or ApplePay

money back guarantee

We are 100% confident in the quality and contents of our products. Used by thousands of organizations around the world, our templates have been sold online since 2002.

Please read our Money Back Guarantee.


Are The Templates Suitable For You?

Bought by Small Businesses and Large Corporations our templates have been sold online and CD since 2002.

Used by:

  • Small Businesses – dentists, accountants, engineers
  • Large organizations – hospitals, power plants, aircraft manufacturers

The Templates are used by first-timers following our step-by-step, clause-by-clause guidance documents; and experienced Quality Managers wishing to streamline and improve their existing documentation.

The application of our templates is scalable and generic; regardless of the size and type of organization. The elements that form the quality management system are the same.


Five Reasons To Choose Our Templates

1. Our customizable templates save you time and money by offering a streamlined process to create your quality documentation

2. They’ve got everything you need in one simple template

3. Proven to work our templates have helped thousands of businesses big and small achieve certification

4. Documents use styles to make reformatting and rebranding a breeze

5. Our templates are generalizable for any industry or sector. The application of our templates is scalable and generic; regardless of the size and type of organization.


FAQs About Our Templates

Ask Us a Question

More Information


ISO 9001 Client images