- 1 -
日期:2005年 2月 10日
ISO 9001 审核实践组指南
对审查和关闭不符合项的指南
介绍
审核员对组织对不符合项的答复和组织对不符合项采用的“关闭”
过程进行审查,有可能增加审核为组织提供的价值,也可能降低这一价
值。如果审核员确保组织已经令人满意的进行了纠正,分析了不符合的
原因,并采取了纠正措施,那么就会增加审核的价值,因为这样将增大
组织赢得顾客满意的可能性。
本文件针对审核中发现的不符合项的审查和关闭过程提供了指南,
以帮助审核员。
审查对不符合项的答复和措施
管理体系审核员负责审查对不符合项的答复,并验证所采取措施的
有效性。
组织对不符合项的答复应当包含三个部分:
• 纠正 或 • 原因分析
• 原因分析 • 纠正
• 纠正措施 • 纠正措施
(注:上面给出了两种不同的排列顺序,这是因为需要根据产品的类型或者不符合的
具体情况选择正确的顺序。但是,在每种情况下,不符合的解决的这三个部分都是一
样的。例如,对于软件,直到找到了原因再去进行纠正是失策的做法。相反,再举个
硬件产品的例子,如果汽车里“刹车片不足”的警示灯亮了,你没有先去看看是不是
警示灯的传感器出了问题,就立即通过更换刹车片进行纠正,那么你可能解决不了问
题,而且还会浪费时间和资源)
ISO 9000: 2000 对不符合、纠正和纠正措施作出了权威的定义:
不符合:未满足要求(ISO 9000:2000 条款 3.6.2)
- 2 -
纠正:为消除发现的不符合采取的行动(ISO 9000:2000 条款
3.6.6)
纠正措施:为消除发现的不符合或其他不期望情况的原因而采
取的行动(ISO 9000: 2000 条款 clause 3.6.5)
在发现不符合时,既需要进行纠正,也需要采取纠正措施。
“纠正”是消除发现的不符合的行动。例如,纠正可能包括用合格
产品替换掉不合格产品,或者用程序的当前版本替换过期的版本,等等。
“纠正措施”的定义是“消除发现的不符合的原因的行动”。要采
取纠正措施,就必须先确定不符合的原因。一个组织可以采用很多
方法
快递客服问题件处理详细方法山木方法pdf计算方法pdf华与华方法下载八字理论方法下载
和工具来确定不符合的原因,从简单的头脑风暴到更为复杂的解决问题
的系统方法(例如根本原因分析、鱼刺图、“五个为什么”等等)。审
核员应当熟悉如何正确使用这些工具。纠正措施的程度和有效性取决于
是否能找到真正的原因。在一些情况下,这将帮助组织找到另一区域的
相似的不符合,并使之最小化。
在审查组织对不符合的答复时,审核员在接受组织的答复前,应当
确认组织对所有三个部分——纠正/原因分析和纠正措施——都提供了
相关的文件和客观证据,并且这些文件和证据是适宜的。审查过程中要
验证的重要方面包括:
• 对措施的说明;是否清晰和简练?
• 对措施的描述;是否详尽,并且准确引用了相应的具体文件或程
序等?
• 使用过去时态(was, has or have been, were)来
表
关于同志近三年现实表现材料材料类招标技术评分表图表与交易pdf视力表打印pdf用图表说话 pdf
示所采取的
行动已经完成。
• 完成纠正措施的日期;应当查看纠正措施的日期是否是过去的一
个时间,表明已经采取了纠正措施(在将来的日期采取纠正措施
- 3 -
不是好的做法)。
• 为已完全和有效地实施了纠正措施,并按照所描述的方式实施了
纠正措施的声明提供支持的证据。
此外,审核员应当验证组织已确保纠正措施本身不造成产品质量或
QMS实施方面的进一步的问题。
应当注意,既采取纠正又采取纠正措施并非总是适宜的,可能仅进
行纠正或者仅采取纠正措施本身就已经足够了。可能发生这样的情况的
例子如,不符合项被证明纯粹是偶然发生的,再发生的概率非常低。
有效的纠正措施应当通过消除不符合的原因防止不符合的再发生。
但是,纠正措施不应当与预防措施混淆。预防措施的定义是:
预防措施:消除潜在的不符合或其他不期望情况的原因的行动
(ISO 9000:2000 条款 3.6.4)
应当注意,预防措施,就像其定义描述的那样,不适用于已经发现
的不符合。但是,通过分析已经发现的不符合的原因,有可能找到组织
其他区域更大范围内的潜在不符合,并为预防措施提供输入。
关闭不符合
由于不符合在性质上倾向于是个别的,可以使用不同方法或活动来
关闭不符合。例如,有些需要到现场直接进行检查(可能要求再追加现
场访问),而其他可以远程关闭(通过审查所提交的文件化证据)。
在做出同意关闭不符合的决定之前,审核组长(如果仅有一个审核
员,则指该审核员)应当审查组织在纠正/原因分析方面做了哪些工作,
以及纠正措施取得了什么结果。审核组长/审核员需要确保有客观证据
(包括支持性文件)证实所描述的纠正措施已得到了完全的实施,并有
效防止了不符合的再发生。只有在这些方面令人满意后,才应当关闭不
符合。
- 4 -
Date: 10 February 2005
ISO 9001 Auditing Practices Group
Guidance for reviewing and closing nonconformities :
Introduction
The value that can be provided to an organization can be enhanced or diminished by the
review that an auditor conducts of the organization’s response to a nonconformity, as well
as by the "close-out" process that is applied. An auditor will add value by ensuring that the
organization has satisfactorily addressed correction/ analysis of the cause, and corrective
action, as this will increase the likelihood of the organization achieving customer
satisfaction.
This document provides guidance to help auditors in the process of reviewing and closing
nonconformities arising from audits.
Review of actions in response to a Nonconformity
Management system auditors are responsible for reviewing the response to nonconformity
and verifying the effectiveness of actions taken.
There should be three parts to the response of an organization to nonconformity:
• correction, or • analysis of cause,
• analysis of cause, and • correction, and
• corrective action. • corrective action.
(Note; two different sequences are given as it may depend on the product type, or the
situation of the nonconformity, as to which is the correct one to be followed. However, the
three parts to resolving the nonconformity are the same in each case. For example, for
software, it is inadvisable to implement a correction until the cause is known. Alternately,
as a hardware example, if a "Low Brake-pad" warning light were to illuminate in a vehicle
and you immediately implemented the correction of replacing the brake pads before
examining if the sensor was faulty, you might fail to resolve the problem and would have
wasted time and resources.)
The authoritative source for making the opening statement are some pertinent definitions
in ISO 9000: 2000.
Nonconformity: non-fulfillment of a requirement (ISO 9000:2000, clause
3.6.2)
Correction: action to eliminate a detected nonconformity (ISO 9000:2000,
clause 3.6.6)
Corrective action: action to eliminate the cause of a detected
nonconformity or other undesirable situation (ISO 9000: 2000, clause 3.6.5)
- 5 -
Both correction and corrective action should be expected when there is a detected
nonconformity.
"Correction" is action to eliminate a detected nonconformity. For example, correction may
involve replacing nonconforming product with conforming product or replacing an obsolete
procedure with the current issue, etc.
The definition of "corrective action" is “action to eliminate the cause of a detected
nonconformity.” Corrective action cannot be taken without first making a determination of
the cause of nonconformity. There are many methods and tools available to an
organization for determining the cause of a nonconformity, from simple brainstorming to
more complex, systematic problem solving techniques (e.g. root cause analysis, fish-bone
diagrams, “five whys", etc). An auditor should be familiar with the appropriate use of
these tools. The extent and effectiveness of the corrective actions depends upon
identifying the true cause. In some cases this will assist an organization to identify and
minimize similar nonconformities in another areas.
In reviewing the response of an organization to a nonconformity, the auditor should confirm
that documentation and objective evidence for all three parts—correction/ analysis of the
cause, and corrective action—are provided by the organization, and are appropriate,
before accepting the response. Important elements to verify in the review process include:
• statements of actions; are they clear and concise ?
• descriptions of actions; are they thorough and do they accurately reference
specific documents, procedures etc., as appropriate?
• the use of the past tense (was, has or have been, were), as an indicator that the
actions taken have been completed.
• the date of completion of the corrective actions; past dates should be found that
indicate that the actions have been taken (dates indicating future action are not
good practice).
• evidence supporting the claim that a corrective action has been fully and
effectively implemented and that the corrective action has been performed in the
way that it was described.
Additionally, the auditor should verify that the organization has ensured that the corrective
action taken does not itself create further problems relating to product quality or to
implementation of the QMS.
It should be noted that both correction and corrective action are not always appropriate and
that either correction or corrective action may be sufficient on their own. This may happen,
for example, in cases in which it can be demonstrated that the nonconformity was
absolutely accidental, and the probability of re-occurrence is very low.
Effective corrective action should prevent the recurrence of the nonconformity, by
eliminating the cause. However, corrective action should not be confused with preventive
action. The definition for preventive action is as follows:
Preventive action: action to eliminate the cause of a potential
nonconformity or other undesirable situation (ISO 9000:2000, clause 3.6.4)
- 6 -
It should be noted that preventive action, by the nature of its definition, is not applicable to
already detected nonconformities. However, an analysis of the causes of detected
nonconformities may identify potential nonconformities on a wider scale in other areas of
the organization and provide input for preventive action.
Closing nonconformities
As nonconformities tend to be individual in their nature, a variety of methods or activities
may be used to close them off. For example, some will require direct examination on site
(which may require the need for additional site visits), while others may be closed-off
remotely (by review of submitted documentary evidence).
Before deciding to agree to close-off a nonconformity, an Audit Team Leader (or the
Auditor, in sole auditor situations) should review what the organization did in respect of
correction/analysis of the cause, and the results it achieved through corrective action. The
Audit Team Leader/Auditor needs to ensure that there is objective evidence (including
supporting documentation) to demonstrate that the described corrective action has been
fully implemented and is effective in preventing the nonconformity from re-occurring. Only
once the situation is satisfactory, should the nonconformity be closed-off.