In clauses 4 through 10 of the ISO 9001:2015 revision, there’s no mention of preventive action.
Does this mean that you don’t need to do preventive actions any more? Or that you can throw away your Corrective Action/Preventive Action (CAPA) software? Of course not!
The philosophy underlying the change is that the quality management system (QMS) itself provides preventive actions - every time you revisit risks and opportunities, or make adjustments to continually improve your QMS, you’re engaging in preventive action.
Why was this change made? First, the ISO push to align all management standards using Annex SL structure required that a more risk-based approach be baked-in to the standard. Although clause 8.5.3 from ISO 9001:2008 indirectly mentioned risk, it was not a driver for identifying and executing preventive actions. In addition, all preventive actions tended to be allocated similar effort, rather than investing proportionately based on the severity of the potential impacts. Finally, auditors reported that organizations consistently found opportunities for corrective actions but far fewer examples of preventive actions -- in many cases, the preventive actions seemed to be undertaken just to check off a box on the auditing checklist.
How should you adjust to these changes? Our advice is: Let risk lead your continuous improvement process. Prioritize potential preventive actions based on risk, and identify which ones are the most critical. Then launch a preventive action to reduce the severity, likelihood, or potential impacts of that risk.
John, E., & Cianfrani, C. A. (2016). Where Is Preventive Action?. Quality Progress, 49(3), 56. Retrieved from http://asq.org/quality-progress/2016/03/standards-outlook/where-is-preventive-action.html and https://search.proquest.com/docview/1774763783/fulltextPDF/C893D375DBD740C4PQ/1?accountid=11667
Nicole Radziwill is the Quality Practice Lead at Intelex Tecnologies Inc. You can follow her on LinkedIn by clicking HERE.