Definition
A non-conformity is any deviation from a specified requirement or expected outcome in a manufacturing process. It covers defects, out-of-tolerance measurements, failed inspections and process drift, and triggers a CAPA cycle under ISO 9001.
Non-conformities are the entry point of every quality management system. ISO 9001:2015 clause 10.2 makes the response to a non-conformity a mandatory part of the standard, and ISO 13485 imposes the same requirement on medical device manufacturers. Detecting non-conformities is the easy part. Deciding which ones warrant investigation, and recording the response in a way that survives an audit, is where most quality systems lose ground.
A non-conformity can be detected at any point in the manufacturing process: incoming inspection of raw materials, in-process measurement, finished-product testing, internal audit, customer complaint, or supplier deviation report. Once recorded, the item or batch is segregated and classified by severity, then routed to the appropriate response: rework, scrap, concession (release with documented deviation), or full investigation through root cause analysis and CAPA.
Routine, low-severity events are typically corrected and closed in a single step. Systemic, recurring or high-risk non-conformities trigger the full CAPA cycle, with verification of effectiveness and follow-up until recurrence has stopped. ISO 9001:2015 clause 10.2 sets the documented expectation for both routes, and FDA 21 CFR Part 820.90 adds explicit segregation and disposition rules for medical device manufacturers.
Unrecorded or poorly investigated non-conformities are the most frequent finding in ISO 9001 audits and FDA inspections of medical device manufacturers. Inspectors look at the non-conformity register first because it shows whether the organisation can detect its own failures and respond to them systematically.
The financial side is equally direct. Every non-conformity carries a cost of poor quality, composed of internal failure costs (scrap, rework, downtime) and external failure costs (returns, warranty claims, recalls). Tracking non-conformities by frequency, severity and source converts those costs into actionable patterns rather than line-item write-offs absorbed in the variance report.
The three terms appear interchangeably in the same audit reports, with different precise meanings depending on the framework in use. Knowing which term applies to which finding is the difference between an audit response that lands and one that gets reopened.
Any failure to meet a specified requirement. The umbrella term used in ISO 9001 and across general quality management. Covers products, processes, documentation and management-system issues alike.
A planned or unplanned departure from an approved procedure or specification. Standard term in pharmaceutical and life-sciences quality systems under GMP and ISO 13485. Often subject to formal review and CAPA even when no defective product results.
A specific type of non-conformity: a product or component that fails to meet its quality criteria. Every defect is a non-conformity, but the reverse is not true. An outdated SOP, for example, is a non-conformity without being a defect.
References