Types of ISO Audit Findings and Non-conformance
During ISO Certification assessments, the auditors are not only looking for conformity against requirements, but they are also looking for non-conformance against requirements. There is a possibility that several different findings can be raised and given different gradings of the finding, whatever the grading, there is no need to panic or worry. It’s very typical to have at least one issue during each assessment.
Auditors don’t get paid extra for each finding raised and do not have targets they should be hitting which are often assumed.
There are three different gradings for findings; Major non-conformance, minor non-conformance, observation/opportunity for improvement.
Any non-conformance needs to be addressed through corrective actions no matter what the grading, observations/opportunities for improvement are just suggestions and do not technically need to be corrected. It is advisable to review the “Observations”/”OFIs” as they can be a warning that progression may lead to future non-conformances.
A non-conformance will be raised against you if you are not adhering to a requirement of the standard or management system requirements. They can also be raised against you not complying with your own defined management system controls.
A “major” non-conformance is defined as a nonconformity that affects the capability of the management system to achieve the intended results.
Nonconformities could be classified as “major” in the following circumstances:
- if there is a significant doubt that effective process control is in place, or that products or services will meet specified requirements;
- several minor nonconformities associated with the same requirement or issue could demonstrate a systemic failure and thus constitute a major nonconformity.
- a finding against an item of legislation (typically within ISO 14001 and ISO 45001)
A minor non-conformance is defined as: A nonconformity that does not affect the capability of the management system to achieve the intended results.
Observation/Opportunity for Improvement
Each certification body will call these by different names but technically they are the same thing. They are merely suggestions that can help your management system or can potentially prevent a possible non-conformance in the future. At the time of raising they are not non-conformances as you would be meeting the standard or your management system requirements.
Auditors will visit a large number of different organisations and see many methods of achieving the same results, sometimes it is valuable to communicate these suggestions without breaking confidentiality. They may also be warnings for future development and growth, sometimes systems don’t change when organisations grow so something that is working fine now may not cope with the growth.
If you would like to understand more or have any specific questions you can give us a shout.