How to Improve Work Processes with Corrective and Preventive Actions
Ask The Experts | By | 28 Feb 2023 | 5 minute read
Whether process improvement is focused on enhancing safety, quality, or productivity, there is one track it tends to take. When done correctly, it will follow the traditional Plan, Do, Check, Adjust (PDCA) cycle of continuous improvement. Companies who are more mature in their improvement journey realize that this cycle is just as much a culture and a way of thinking as it is a formal methodology.
Why Corrective and Preventive Action is Important for QMS
In simple terms, the PDCA cycle looks something like this:
- (Plan) Develop a hypothesis based on cause and effect, stated in terms such as “If I do X, the result will be Y.”
- (Do) Put your hypothesis to the test by taking the actions you laid out in the first step.
- (Check) Determine if you got the results you expected, checking for causality and correlation.
- (Act) Learn from the outcome by either confirming your hypothesis or determining why you didn’t get your expected result. Adjust your hypothesis and repeat the process.
During the Plan and Act phases, preventive actions and corrective actions are developed to prevent the occurrence or recurrence of process breakdowns and identify sources of variation.
The concept of corrective and preventive actions are closely linked to the idea of quality assurance and quality control. Quality assurance (QA) is a process-oriented activity that seeks to prevent problems from happening, whereas quality control (QC) is a product-oriented inspection seeking to detect them after the fact.
Although all these activities are critical components of a robust Quality Management System (QMS), whenever possible, priority should be placed on preventive action and quality assurance efforts rather than corrective actions and quality control.
I’ve seen firsthand too many companies with reactionary quality programs that rely on product defects and warranty claims as a trigger for process improvement. They hold the misperception that QA and time spent on preventive actions are unnecessary costs. But from a Return on Investment (ROI) standpoint it is far less costly, both in terms of profit and customer satisfaction, to prevent problems than it is to fix them.
ISO Provisions on CAPA
Corrective actions and preventive actions were once treated as two sides of the same coin until the latest revision of ISO 9001:2015. In conjunction with Clause 8.5.2 outlining requirements for corrective actions, Clause 8.5.3 of ISO 9001:2008 required companies to identify potential causes of nonconformance and implement preventive actions to prevent their occurrence, along with a documented preventive action procedure.
In the latest 2015 version, ISO 9001 did away with calling out preventive actions specifically and moved to an overarching risk-based thinking model where the entire QMS is geared towards risk prevention and opportunity optimization. This also shifted responsibility away from a mid-level quality manager and made preventive actions a strategic responsibility of upper management.
Instead of a preventive action policy, ISO 9001:2015 Clause 4.1 now requires companies to identify and assess all internal and external issues that could impact the management system’s ability to deliver its intended results. In addition, Clause 6.1 requires companies to provide evidence of identifying and mitigating risks to the QMS. How this is to be done is not prescribed, as it only specifies that it must happen. This allows companies to do it in a way that works best for them.
Challenges with ISO’s Holistic Approach
I don’t have any problem with the intent behind such a move. After all, every organization would benefit from having upper management bought into and playing an active role in the QMS. However, the level of leadership alignment and buy-in required for it to be successful is greater than I’ve had the pleasure of witnessing to date in my career. And when push comes to shove, short-term profits come at the expense of a long-term sustainable QMS.
Specifically, my fear with this holistic approach to risk management and preventive action is one of ownership. If risk prevention is everyone’s job, then whose job is it really? I understand that it’s the system itself that’s designed to function in this way, but what we’re talking about here is more of a cultural shift, which is much more difficult to implement and sustain than a process, policy, or procedure.
Asking a quality manager to work with a team to develop preventive measures is one thing. But it’s another thing to get an organization to manage in a way that risk is at the forefront of planning and actions are taken to avoid them when margins are being squeezed and costs are rising.
As stated at the beginning of this article, companies that are more mature on their continuous improvement journey should have little trouble making the transition towards a cultural mindset of PDCA, and most of them would gravitate towards it organically. It’s the less mature organizations that this will either be the motivating epiphany they need for positive change or discourage them from even trying.
Reducing Risks with Preventive Actions
Looking at things strategically, the ISO 31000 standard provides a framework, guidelines, principles and a process for organizational risk management. It can be used by an organization of any size to benchmark its QMS’ ability to manage risk against other world-class organizations.
If you need some guidance on where to start, there are a few practical, tried-and-tested tools you can use to identify risks and implement appropriate preventive actions accordingly:
1. Risk Register
Using a risk register, you will identify the possible risk and its result if it were to occur, along with your risk response strategy (Avoid, Accept, Mitigate, Transfer). A probability and financial impact score is sometimes applied to quantify its potential impact.
2. SWOT Analysis
Strengths, weaknesses, opportunities and threats are documented with this method. After thoroughly reviewing these factors, an action plan is developed to enhance strengths, capitalize on opportunities, mitigate threats, and overcome weaknesses.
3. Cause and Effect Diagram
This simple tool walks the team through a brainstorming session to identify actual or potential causes of a specific problem or risk. Standard categories are usually used to guide the participants through discussions around contributory causes stemming from:
- Machines and equipment
- Work environment
- Measurement devices and systems
Best Practices for Implementing CAPA
Enrich your risk management and preventive action strategy with the following tips:
- Keeping things simple is always good advice when discussing processes and management systems. The more practical and user-friendly your QMS, the more likely it will provide the desired results.
- Make sure leadership is deeply involved and bought into the importance of risk management and continual improvement.
- Ensure every level of the organization has a voice that is heard and considered.
- Most importantly, listen to your customers and design processes around meeting their expectations for the first time every time.
Implement Preventive Actions Effectively with SafetyCulture
Successfully carrying out corrective and preventive actions requires thorough and careful planning, process optimization, and a strong commitment from the management. To streamline this process, you can utilize digital solutions like SafetyCulture (formerly iAuditor).
The SafetyCulture platform allows you to assess process and output effectiveness through the use of inspections. It also features flagged items and actions to identify and correct deficiencies. Inspections can also be used to perform risk assessments. And when coupled with analytics, trends can be identified to prioritize continual improvement efforts.
Moreover, Issues are a powerful way to capture frontline feedback on problems that may otherwise go unnoticed by management. This feedback could identify corrective actions, preventive actions, and opportunities for improvement directly from the people doing the work.
The information contained in this article is general in nature and you should consider whether the information is appropriate to your specific needs. Legal and other matters referred to in this article are based on our interpretation of laws existing at the time and should not be relied on in place of professional advice. We are not responsible for the content of any site owned by a third party that may be linked to this article. SafetyCulture disclaims all liability (except for any liability which by law cannot be excluded) for any error, inaccuracy, or omission from the information contained in this article, any site linked to this article, and any loss or damage suffered by any person directly or indirectly through relying on this information.