Corrective and Preventive Action (aka Capa corrective and preventive action) is the most widely misunderstood part of ISO 9001, and it’s the most powerful tool available to companies and industries of all types. The intent of this paper is to help people understand it as a tool, so that it is used to the fullest, and benefit from the business aspect of having a Quality Management System. This paper will therefore help you understand how to avoid harmful misunderstandings, and how to get the most business benefits from the CAPA process.
Common Misunderstandings
- It is common for people to mix Corrections with Corrective Actions.
- Corrections are actions you take to make a defective product good enough to be able to sell to a customer. The steps are detection (of a defective product- nonconformance) and disposition of the defective or non-conforming product. The point is that the manufacturer is focused only on the number of defective products on hand. Common methods for dispositioning are Scrap, Rework, Repair, Return to Vendor, use as is (with special approval from product specialists or customers).
Often Rework and repair requires additional process steps to remove the defect, and Best Practice is to document these steps for help in future incidents, and in calculating the Cost of Poor Quality.
It is a requirement to document incidents of nonconformance. These are called Records of Nonconformance. It is Best Practice to record all incidents of nonconformance, no matter how easy or simple or fast it is to dispose of the nonconforming product. The reason is that over time Nonconformances (NCs) provide valuable understanding of the manufacturing process.
-
- Corrective Actions. The terms “Corrective Action” and “Preventive Actions” (CAPA) are special terms in Quality Assurance Technology to define actions that are taken to prevent Nonconformances in the future. The normal English usage of the term does not assume any time boundaries, and therefore some people mistakenly think that they have taken CAPA when they have performed actions such as rework, scrap, return to vendor, etc. These, of course, are Dispositions as described above.
To understand this special terminology- CAPA, we need to consider an axiom: “Product is the Result of a Process”. Just like a commonly known axiom: “A straight line is the shortest distance between two points”. It’s self-evident and does not need any proof.
Just remembering this axiom, it is easy to understand the magnitude of the difference between Corrections and CAPA. It is easy to understand that for doing CAPA, you must change the process that produced the NC. In other words, you work on the product to dispose of the NC, and you must work on the process to perform CAPA.
Also, you should note that CA generally PA is focused on negative triggers, such as nonconformances, findings, etc—aka Problems. There is difference, however, between Corrective Actions and Preventive Actions. Although they both prevent future problems, in the first case, the problems have already occurred. In the second case the problems are forecast to occur.
Another point to remember but usually considered are “Opportunities”, as the opposite of “Risk”. Mathematically speaking, the difference is only in the – or + sign. The work-flow are all the same--- because you are always focused on the process that needs to be changed to effectuate the risk or the opportunity. A good term for the process of enjoying an opportunity could be Opportunity Capture.
The above may be referred to as Capa corrective and preventive action.
- When you are in the realm of disposing of a Nonconforming Product, you are working on the product. For Capa Corrective Action, you must be working on the Process that produced the product. A good way to differentiate is to think about Health Care. When you have an illness, such as high-sugar condition, and trying to cure it—you are disposing of the illness—such as taking medication for high sugar. However, when you are changing your life style like reducing sugar intake, reduction of weight, doing regular exercise, you are trying to prevent the condition. If done right, and are successful , you may stop taking the medication. This is the capa meaning.
The Role of Risk Based Thinking (RBT) in CAPA.
Thinking about Risk in decision-making of all sorts is good way to determine the type of actions you need to be taking to continuously improve the Quality of your product and the effectiveness of all your work processes.
The decision to take Disposition Action for a Nonconforming product is easy. You MUST dispose of the NC product. Ignoring detected NCs is not a choice. Not doing so is the fastest path to a rapid downfall.
Whether or not you take Capa Corrective Action steps is a decision in which you have a choice. It should be based on your assessment of the risk of not taking CAPA action. The use of RBT in CAPA is an essential part of the system, and is called Risk Based Corrective Action, Do not fall into the trap of doing CAPA for all NCs. Many people do that. The result is a poor CAPA system, taking short-cuts, and diluting the power of a Good CAPA.
Most of all, you may end up spending more resources than is necessary.
RBT can solve this problem for you. The method is to do a proper Risk Assessment to determine if you should take the path of Process Improvement, or stick with current manufacturing processes with a review of Detection (i.e. Inspection) and Disposition methods. A popular metric for Risk Assessment is the Risk Priority Number (RPN), with an usual range of 1-1000. So, a RPN of say 950 is a no brainer—you must follow the CAPA workflow.
A RPN of say 74 is an indication that it’s a good business decision to freshen up the Inspection and Containment processes, and deal with the Cost of Poor Quality.
The best part of RBT is that it provides numerical values to assess if the CAPA undertaken was successful. The way to do that is to do another Risk Assessment at the end of the CAPA. So in the example above (950 RPN), you assess that the RPN has fallen to say 85 you have fact based assessment of the Effectiveness of the CAPA. This is special power of Risk Based Corrective Action.
The CAPA Work-Flow or the Capa Process
A comprehensive work-flow for a CAPA would consist of the following steps. This will ensure capa quality. The work-flow is the Capa Management Process.
- Identification of a candidate for CAPA. The candidates can be chosen from a multitude of sources, such as product nonconformances at all stages of manufacturing, process nonconformances, audit findings, customer complaints, Risk Assessments and others.
-
- For most of these sources of candidates, it is a matter of escalation into the CAPA work flow. Examples: During the process of handling a NC, you would escalate to a CAPA. Similarly for Customer Complaints, HSE incidents, Audit findings, etc
- You should remember that the work-flow for CAPA and for Opportunity Capture is the same. Shifts in national economic activities, industry changes, keeping track of new technologies and markets are examples of sources of opportunities. Keeping an eye for opportunities provides a new set of candidates for the CAPA work-flow.
- Evaluating the Candidate. The evaluation of candidates is best done with Risk Assessment methodologies which simply stated keeps an eye the Magnitude of effect and the Probability of occurrence.
- In the case of negative impact candidates—which are by far the majority of candidates in a QMS, the term used for Magnitude is Severity, and the term for Probability is just Occurrence. Some people use another factor: Difficulty of Detection. The product of SXOXD- SOD is used. The most common method is called FMEA, and a common scale for each of the SOD is 1-10, thus giving an Risk Priority Number (RPN) ranging from 1 to 1000.
-
- In the case of positive impact candidates the calculation would be even simpler—Just MXO.
Most people do not use a formal approach to decide whether to proceed with a candidate for CAPA. The advantages of using a formal approach is that records are kept, and in a computerized data-base system such as QISS there is big advantage of Search Capabilities that help with evaluating historical data.
Regardless of which method you use, there must be a recognition that each candidate must be approved or rejected after due consideration of resources and other factors. Also, remember that all candidates do not need to proceed further. It needs to be a deliberate decision.
- Containment of the Problem. This step is necessary to ensure that the problem doesn’t spread, moves forward, all the way to the end point—such as Final Inspection or the customer. Remember that this step is related to the process of Correction, and not a direct part of the Prevention process.
- Root Cause Analysis. This step is the strongest factor behind Capa Quality. Lets reiterate the QA axiom of Product is the Result of a process. So, to do a CAPA, we need to know which process or part of a process needs to be modified or replaced. To find that answer, we need to know what is or would be the cause, and work on that. In the vast majority of cases, the intent would be to eliminate the root cause.
It should be noted that although the common term is Root Cause, the pursuit of a comprehensive one cause will likely show that there are several that can be classified as Direct, Contributing, and Root. To do a more effective CAPA, all of the different causes in the network should be considered examined.
- Solution Generation. This is a typical manufacturing engineering activity that yields a new process to modify the ineffective one or replace it with a new one. It should follow similar rigor and documentation.
- Solution Implementation. This again is a typical manufacturing engineering activity to ensure that the new process is implemented as designed.
- Check for Effectiveness. This is the second most important step for Capa Quality. This should be done to ensure that the CAPA was effective in preventing future occurrences of the problem that was identified. The following methods are recommended:
-
- Reassessment of the Risk Level (RPN). The CAPA should reduce the risk to the desired level.
- Running the new process to verify that the problem does not occur over an appropriate period of time.
- Do tests to verify that there is reason to believe that the probability of occurrence is low enough
- Re-Evaluation: When appropriate, you might want to schedule a Re-Check of the effectiveness after a period of time.
- Ensure that related documents are updated. This is to ensure that new procedures are developed and existing ones updated as appropriate. Also that affected personnel are trained.
- Design and implement appropriate reports and analytics. This is the third most important factor for Capa Quality. There should be a number of reports and analytics designed and implemented to monitor the health of the CAPA process also known as (Capa Plan) as appropriate.
The following flow chart helps understand the flow, and interactions between the steps of the capa management process.
The Compliance Angle of Corrective and Preventive Action
QIA (Quality Institute of America) has developed a systematic method for interpreting and understanding ISO 9001 and other standards on a range of interpretations that can help calibrate how a company ensures compliance for certification to the standard. It is called the LAB method—acronym for Legal, Auditor, and Business. Please visit the Learning Center on QIA website for details. In short, noncompliance with the L level is sure to trigger not only a Finding in the audit, but may even be a Major finding. An example is a clear absence of a CAPA process in the QMS, or no evidence of use of the process. The A level adds some elaboration that can be called Generally Accepted interpretation by most auditors. The B level would be what would be expected by informed business owners who are interested in employing QMS a system to run the business at high levels of productivity and profitability. Most of this article is aimed at helping businesses run at the B level. The use of Risk Assessment as described above is an example of the B level of interpretation.
The L and the A levels are commonly at the same level.
The A level is the level that must be complied with to pass an audit. However, it is not very helpful in achieving higher productivity and profitability. It does give the business a foundation upon which to build up to the B level.
How CAPA interacts with other parts of a QMS
One of the tenets and requirements of the overall QMS is that it must follow a path of Continuous Improvement. The combined system of NC Control and CAPA is the part that provides the infrastructure for Continuous Improvement. Examples of such linkages are shown below:
- Product and Process Quality/ performance as measured in the Monitoring & Measurement part of the system—particularly for the Operations group of sub-systems. Repeated lower than expected performance must be dealt with an eye on improving the underlying processes.
- Competence of People. People are the most impactful part of the QMS. Competence of people in the Organization is key to its well-being and performance. Activities such as hiring, on-boarding, Training, Performance Evaluations, Job Design and Descriptions, etc involve processes that can be continuously improved by CAPA.
- Customer Related Processes. These are the processes that bring in the revenue. They start from Customer acquisition, Contract Review, Customer Relations and Service, Customer Satisfaction Measurement. CAPA again is the process that will help improve these processes.
- Measurement of QMS processes, Reports and Analytics. Most of the processes referenced in the Standards are best when accompanied by tools for Analytics. A good system of Analytics coupled with a Good CAPA system will go a long way for Continuous Improvement.
Using the Corrective and Preventive Action (CAPA) process for activities beyond minimum Compliance
It is common (and understandable) for most companies to limit the application of a QMS just to the obvious processes mentioned in the Standards. An example will be where companies have an “ISO” system and then another for doing the business.
A glaring example are companies that have a Corrective and Preventive Action management software (or Capa Plan) for the certification and Six Sigma for the actual system for robust improvements of profitability. A top-level side-by-side comparison of CAPA steps and DMAIC shows how strikingly similar the two are. The opportunity to combine the two should be investigated.
Most capital improvement projects start with the need for major improvements in manufacturing processes. A good QMS can be the source of the most comprehensive source of data to identify processes that need to be improved or replaced, and provide historical, fact based data for ROI and What-If analyses.
Once a Good CAPA system is in place, it can serve as a spring-board for designing other QMS processes. A good example would be Management of Change (MOC). The steps in the work-flow for a comprehensive MOC can be adapted from steps in the CAPA process.
Common Mistakes
- Lack of discipline. Another name for Corrective and Preventive Action is “Disciplined Problem Solving”. The CAPA process is detailed, and can seem to be onerous. Without discipline, and effective leadership, the process can deteriorate into an exercise in filling out the CAPA form with enough data to pass the audit. Passing the audit becomes the goal, and the company loses out on the benefits of a solid Improvement prorgram
- Incorrect Cause Analysis. By now, you should know that a good “Root Cause Analysis” is the most essential part of a good CAPA. The most common mistake is when people don’t spend the time to do a complete analysis of the Direct, Contributing, and Root causes. They just stop at the first or the Direct cause. Obviously, the solution will be weak, and the effectiveness will not be robust.
- Jumping into CAPA. This happens when there is a misunderstanding that all NCs require a Capa Corrective Action. Consequently, the effectiveness of the overall CAPA system gets overwhelmed, and becomes an exercise in “pencil whipping”
- Restricting CAPA to only Audit Findings. This is a clever way of meeting the L level of a QMS. Again, the Company loses out to laziness. To think that only audit findings from 3rd party matter, and the entire system over the entire year doesn’t is bewildering.
- Improper Effectiveness Check. This consists of just verifying that the Solution was implemented. Good start, but you need to verify that it was also effective in removing the “root cause”, and preventing the problem in future.
- Not updating the QMS. Not doing this makes the QMS itself weaker over time, and out of step with reality.
- Not training affected people. Equals having less than competent people to continue the new process.
- Lack of Automation. We are currently going through the Fourth Industrial Revolution (Industry 4.0- accompanied by Quality 4.0). The underlying theme in this is automation, which has been the case starting with first Industrial revolution. It is true that there needs to be discipline in the execution of the CAPA process. Automating the system through data-based computer systems (such as QISS) makes it much easier, economical, and effective.
FAQs:
What is Corrective and Preventive Action (CAPA)?
What does capa stand for?
CAPA stands for corrective and preventive action and consists of the rules and processes that deal with correcting and preventing systemic issues.
Why is it Important?
What is the purpose of this Corrective and preventive Action?
This is the A of the PDCA cycle, and therefore ¼ the value of the entire QMS that helps systematically improve the QMS.
What is the difference between corrective action and preventive action?
Corrective actions are those that deal with preventing recurring issues resulting from root causes. Preventive actions are those that prevent potential issues from risk calculations.
What is a Preventive Action Process?
It is a process for preventing problems that have not happened yet.
How to write or create a corrective action plan?
See CAPA process in the article
When do we use corrections?
Corrections (not to be confused with corrective actions) are taken as containment and damage control plans for discovered non-conformities and issues.
What is a non-conformance?
A non-conformance is any deviation in products and processes from standardized spec and requirements.
When do we use corrective actions?
We use corrective actions when there are systemic or significant non-conformities (such as in harm and destruction of property).
When do we use preventive actions?
We use preventive actions after qualitative and quantitative risk assessment to address the risks and prevent potential risks from happening.
Are corrections a part of corrective actions?
Correction can be a part of corrective action to rectify issues in the short term.
What is root cause analysis?
Root cause analysis (or RCA) is the analysis of non-conformances and different processes to infer the possible base cases that are the precursor to the non-conformities in the first place.
What is the use of CAPA software?
To handle all corrective and preventive requests and processes. It automates the CAPA system to enable humans to get the most out of it.
What is CAPA in ISO?
ISO is an international regulatory body that develops standards that companies can adhere to, for certification of consistent quality, reliability and safety. CAPA in ISO-9001:2015 indicates that the CAPA system being used is of satisfactory standards according to requirements set by ISO.
Are there other certifying or regulatory bodies for CAPA?
Yes, there can be other certifying bodies, such as the FDA for food and drug that have standardized rules, regulations and protocols that need to be maintained by companies to get certified.
How often should we start CAPAs?
Use CAPA only for systemic and serious issues. Use small corrections to handle minor non-conformances that will not recur.
What are systemic issues?
Systemic issues are non-conformances that have demonstrated a pattern of recurrence and can be attributed to some unaddressed root issue that causes them.
When do we initiate CAPA?
Whenever there is a systemic or significant issue.
Which areas employ CAPA?
CAPA can be used in products, processes and human resources to solve issues.
What is an Audit?
Audits are internal inspections held by companies or external bodies (external audit) to monitor and assess internal functions and processes within an organization.
What is a corrective action request (CAR)?
A corrective action request is a call for corrective actions to eliminate causes for discovered non-conformities and issues.
What is risk assessment?
Qualitative and quantitative methods for figuring out potential risks in a system.
What is a risk matrix?
A matrix that lists all potential risks in orders of consequence and likeliness. They are employed during risk assessment.
What is a risk priority number (RPN)?
A numeric value that helps categorize the possible risks and is calculated by multiplying numeric weights for severity of the issue, probability of occurrence and the likelihood of the failure being undetected. High risk priority numbers indicate high risk factors that need to be addressed as soon as possible.
What is the ishikawa diagram?
A pictorial assessment tool that is used in identification of causes during root cause analysis. Also called a Fishbone diagram
What are the “5 whys” ?
A tool that is used in the deduction of root cause during root cause analysis. It involves asking questions on the nature and causes of the non-conformities till the base case is successfully uncovered.
What is a corrective action plan?
A proposed set of actions and modifications to processes and/or design in products to eliminate recurring non-conformance and issues.
What is a Corrective Action process?
It is similar to a corrective action plan
What does corrective action mean ?
See under Common Misunderstandings in the article above
What is the difference between corrective action and preventive action ?
See under Common Misunderstandings in the article above
Why do I need to verify the corrective actions?
To ensure that the modifications and changes are bringing about compliance and efficiency once again.
What is a calibration control program?
A method of ensuring measurements from various processes and outputs do not deviate too much from reference values.
What is supplier management?
A set of processes and rules that encapsulate supplier governance rules, regulations, legal terms and expenses, supplier product performance and conformance.
What is Failure mode and effect analysis?
A risk assessment analysis that involves using data and logical reasoning to deduce the potential ways of failures in systems and products and their consequences and severity. It also includes preparing potential contingency plans to combat the issues and their root causes.
These constitute the A in the PDCA cycle—the core of a QMS, and the element that helps companies continuously improve all business processes. Without these two elements, a QMS would not have the power that it does—it will be an open-ended sprawling and growing bureaucracy.
Features of QISS Corrective and preventive Action (CAPA)
Please refer to the full article above. QISS automates nearly all aspects described in the article. Imagine that all the paper-work, drudgery, endless follow-ups, wasteful work, inefficient and non-effective work—on and on—is eliminated or minimized. That in a nutshell is what QISS does. Contact us to see how QISS works.
Benefits of QISS Corrective and preventive Action (CAPA)
Please do read the article above. It is exhaustive, and intended to be so--- your complete resource for all things CAPA. Imagine that you want to hire a super-human who will take care of all the hard work and bureaucracy, and give you all the benefit. That is what QISS-CAPA will do for you. Give us a half-hour, and one of our engineers will show you.
CONCLUSION
The purpose of having a Good Quality Management System (GQMS is to ensure High Customer Satisfaction as a tool for increasing Revenues. This begins with using your choice of a QMS Standard, such as ISO 9001, API Q1, IATF, AS, ISO 13485 and others. ISO 9001 serves as a basis for almost all QMS standards, and if you can, is a great way to start the QMS journey.
To be successful, you must start with a design of a system that suits your business. Use the Standard as a template for doing so. Start at a level that you are comfortable with—with the minimum level being Compliance with the Standard. But don’t stop there. Use the Shewhart’s principle of PDCA to systematically keep making your QMS more effective and efficient over time. Having a Good CAPA system is the way to comprehensively manage all your work processes on a steady path of Continuous Improvement. You may use the concept of having different levels—such as the Silver, Gold, Platinum to guide you.
You may consider reviewing our library of articles in the Learning Center of our website. We are continuously adding more and more articles. Please sign up at our website, and we will send you monthly updates on the content.
Choose suitable software for your business from QISS essential software list. We are always ready to provide you QMS services through QISS QMS software.