Primer Module for Audit Program Management

Previous Topic
Next Lesson

Nonconformities

Primer Module for Audit Program Management Anatomy of an Audit Nonconformities

Nonconformities, sometimes referred to as findings, or even observations are objectively evidenced instances of the quality system or its performance being in noncompliance with its established criteria.

Remember, a nonconformance is simply the ‘nonfulfillment of a requirement’.

ISO 19011:2018 defines ‘audit finding’, ‘conformity’ and ‘nonconformity’. Meaning that technically every element of an audit report outside of boilerplate scope, criteria, etc., should be in relation to a finding.

Then every finding references objective evidence of that finding being conforming or nonconforming.

Nonconformities will be objectively evidenced and documented separately within the audit report and often will require a CAPA and audit follow-up. Some of that follow-up may even be a re-audit as part of a CA/PA effectiveness check.

Grading

Nonconformities are graded. In the past the standard practice for grading was either a Major Nonconformity, or Minor Nonconformity.

The general understanding was that a Minor Nonconformity was a single lapse in the fulfillment of a requirement.

A Major Nonconformity was a complete absence of fulfilling a requirement, repeating a previous nonconformity, failing to address a previous nonconformity, or shipping nonconforming product.

This method of grading nonconformities is still used by some audit programs today. Their are other grading methods such as the GHTF/MDSAP scale. This may play a factor in your audit grading because if you are doing an MDSAP audit, you should probably be using the MDSAP scale.

This grading method applies a systematic way to assign a numerical grade to all nonconformities between 1-6 based on ISO 13485:2016. The higher the number, the more ‘major’ the nonconformity.

First Nonconformities are categorized by whether they have a direct, or indirect impact on the QMS, then whether this is a first occurrence of this nonconformity. This provides a grading of 1-4.

Once you have the initial 1-4 grading number assigned you move on to the ‘escalation rules’, which will add 0-2 points to the grading of that nonconformity with a simple yes/no decision tree.

diagram of mdsap scale for grading ncs

Escalation Rules

  • Rule 1. Is there an absence of a documented process or procedure?
  • Rule 2. Has there been a release of a Nonconforming Medical Device?

Add an additional point to the grade of the nonconformity for each time you answer ‘YES’ to a question.

For example, in order to get a Nonconformity rating of ‘6’, it would have to be graded as a repeat occurrence of a direct impact finding with both escalation rules applied. Meaning that there is no evidence of a process control and nonconforming devices have been released to market.

Previous Topic
Back to Lesson
Next Lesson