“Nonfulfillment of a requirement.” That’s the clear and concise definition of a nonconformity offered up by ISO 9000:2005–“Quality management systems—Fundamentals and vocabulary.” The definition leaves little room for ambiguity. A nonconformity is the identification of an incident involving either an error or an omission. Something wasn’t done or was done incorrectly.

The challenge is for the auditor to describe what the nonconformity actually is so that the auditee comprehends what’s wrong. It’s important for auditors to take the lead. They must describe the nonconformity so that it’s fully understood and they must do so using language that avoids confrontation and diffuses any suggestion of blame.

Objectivity is the auditor’s best ally in the description of nonconformities. The statement of nonconformity shouldn’t ascribe blame, purport to identify the root cause, or presume to suggest a solution. How the nonconformity is expressed is almost as important as what it describes.

There are three constituent parts required for each statement of nonconformity:

1) Description of what is wrong

2) Reference to the applicable requirement

3) Evidence to substantiate the finding of nonconformity.

 …