In regulated manufacturing environments, a non-conformance (often abbreviated as NC or NCR for non-conformance report/record) is a documented failure to meet a defined requirement.
The requirement can come from many sources, for example:
- Product requirements: drawings, models, material specifications, tolerances, test limits
- Process requirements: work instructions, validated process parameters, control plans
- System and documentation requirements: procedures (SOPs), forms, records, approvals
- External requirements: customer contracts, standards (e.g., ISO 9001, AS9100), regulatory commitments
Whenever actual results, conditions, or behavior deviate from these approved requirements, you have a non-conformance. This includes, but is not limited to:
- Defective or out-of-tolerance parts
- Use of unapproved or expired material or tooling
- Skipping or partially completing required process steps, checks, or sign-offs
- Incorrect, missing, or late records in MES/ERP/QMS or on paper travelers
- Software or system behavior that leads to incorrect or incomplete execution or documentation
How non-conformance is handled in practice
In most regulated operations, identifying a non-conformance triggers a controlled process, typically within a QMS or a mix of QMS, MES, and paper systems. Common elements include:
- Containment: isolating affected product, lots, or data to prevent unintended use or shipment.
- Disposition: deciding how to handle the non-conforming product or situation (e.g., use-as-is, rework, repair, scrap, return to supplier), with appropriate approvals.
- Root cause and corrective actions: for significant or repetitive non-conformances, performing structured root cause analysis and implementing corrective and sometimes preventive actions (often via CAPA).
- Traceability: ensuring the non-conformance, its impact, and all decisions are documented and linked to parts, lots, work orders, and relevant systems.
In brownfield environments, non-conformances often touch multiple systems (e.g., inspection in one tool, disposition in a QMS, execution data in MES, inventory in ERP). Inconsistent integration and data quality can make it difficult to reliably identify all affected product or to show a complete history during audits, which is why disciplined documentation and change control are important.
What non-conformance does not mean
- It is not a guarantee of a safety issue or regulatory non-compliance, but it can contribute to both if not properly controlled.
- It is not limited to physical defects; process, documentation, and system gaps can also be non-conformances.
- Raising a non-conformance does not imply that any certification or audit status is lost; it is part of normal, expected quality management in regulated industries.
Ultimately, non-conformance is the formal mechanism by which an organization recognizes that the operation has deviated from defined requirements and must respond in a controlled, traceable way.
