Reporting Non-conformances

Audits are the mechanisms of ensuring the integrity of the product as well as process. During audits a number of deviations may be revealed. It is extremely important to ensure that the deviations are documented or reported properly. Deviations can be of specific or generic in nature. If it is a generic one, the auditor needs to report multiple instances of the issue. A well-documented deviation should be self-explanatory and should address the following questions.

  • What is the issue?
  • What is the importance of the issue?
  • What is the impact of the issue?
  • When was the issue observed?
  • Where was the issue observed?

A non-conformance could be stated simply as

‘Planned review of a work product is not done ‘.

This statement is not self-explanatory; instead it triggers few other questions like whether any alternative methods were adopted in the absence of review or what could be the impact etc. So a non-conformance needs to be reported completely and correctly.

The above deviation could be made much more self-explanatory if written as below,

“In a Project ‘A’ implementation is done by average skilled resources. Even though independent review was planned, it didn’t happen. Review practices are required as per organizational policies to produce high quality work products. The project team didn’t take any additional measures or alternative mechanism to overcome the issue. In this scenario, absence of review will lead to more testing bugs and thereby causing schedule slippage or poor quality product.