← Back to Clause Explorer
10.2ISO 9001:2015 (IATF applies — see related)

Nonconformity & corrective action

Plain-language summary

When something goes wrong, contain it, fix it, find the real cause, and stop it coming back — then check the fix actually worked.

What the clause is really asking

The clause separates correction (deal with the bad part/situation now) from corrective action (kill the root cause so it doesn't recur). It asks for a documented trail: what happened, what you did immediately, why it really happened, what you changed, and evidence that the change was effective. It also expects you to ask whether the same cause lurks elsewhere.

What auditors look for

Auditors sample NCRs and customer complaints, then test the chain: was containment recorded? Is the 'root cause' genuine (a five-why that ends at 'operator error' is a red flag)? Was the action a system change or just retraining? Months later, did the problem recur — and did anyone formally verify effectiveness before closing? They cross-check that recurring audit findings get escalated into corrective action.

Typical evidence

NCR/CAR register; 8D or A3 reports; root cause analyses (5-why, fishbone); evidence of implemented actions (revised instruction, poka-yoke, changed process); effectiveness verification records; links into FMEA/risk register updates.

How to comply — recommendations

Use a simple one-page CAR form: problem, containment, root cause, action, who/when, effectiveness check date. Force a 30-90 day effectiveness review before closure — calendar it. Ban 'operator error' as a final root cause; ask why the system allowed the error. Feed every closed CAR back into the FMEA or risk assessment.

Common nonconformities

CARs closed the same day they're opened; root cause = 'told the operator'; no effectiveness verification; the same finding appearing audit after audit with a new CAR each time; complaint trends never analysed for systemic causes.

Related clauses

IATF 10.2.3-10.2.6; ISO 14001 10.2; ISO 45001 10.2

Qlause provides interpretive guidance only and is not a substitute for the standard. Refer to your licensed copy of ISO 9001 / IATF 16949 for the authoritative text.