How should a Nonconformity Report be structured?
Nonconformity Reports are an important tool for auditors working towards achieving and maintaining certification for their organisations against international standards such as ISO 9001, ISO 14001, ISO 45001 and ISO 27001. These reports make clear where nonconformances have been identified, and how they are being rectified.
A Nonconformity Report (NCR) should be structured to ensure that all necessary details are clearly recorded, enabling effective corrective actions and follow-up.
Example of a completed report
Here’s a worked example of a nonconformance report that we use for teaching on a Bywater ISO Lead Auditor training course
What information needs to be recorded?
Working through the report, this is the information that you need to collect and input.
- Header Information:
- NCR Number: Unique identifier for the report
- Audit Number: Reference to the specific audit
- Company/Process/Department Audited: Name of the company or specific process/department audited
- Address: Location of the audit
- Audit Date: Date when the audit was conducted
- Audit Criteria:
- Clause/Reference Number: Specific requirement that was not met
- Clause/Reference Number: Specific requirement that was not met
- Auditor and Auditee Information:
- Auditor: Name of the auditor who identified the nonconformity
- Auditee Representative: Name or job title of the individual representing the auditee
- Area Audited: Specific place, process, or department where the nonconformity was found
- Nonconformity Details:
- Major/Minor Classification: Indicate whether the nonconformity is major or minor
- Description of Nonconformity: Clear statement of the system failure identified
- Audit Evidence: Detailed references of the evidence obtained to support the finding
- Specific Requirement: Exact wording from the audit criteria that has not been fulfilled
- Reviewed and Prepared By:
- Reviewed by: Signature of the auditee representative
- Prepared by: Signature of the auditor
- Correction:
- Description: Plan of action by the auditee to correct the nonconformity. This includes immediate actions taken to rectify the issue.
- Description: Plan of action by the auditee to correct the nonconformity. This includes immediate actions taken to rectify the issue.
- Corrective Action:
- Description: Plan of action by the auditee to prevent recurrence of the nonconformity. This involves process and system improvement activities
- Description: Plan of action by the auditee to prevent recurrence of the nonconformity. This involves process and system improvement activities
- Follow-Up/Close Out:
- Follow-Up Details: Description of the objective evidence found during a follow-up audit
- Proposed Follow-Up Date: Date for the follow-up audit
- Signature: Signature of the auditor conducting the follow-up
- NCR Close Out Date: Date when the NCR is closed out
This structure ensures clarity and accountability while adhering to the requirements of international standards such as ISO 9001, ISO 14001, ISO 45001, and ISO 27001. Each section plays a vital role in documenting the issue, planning corrections, and ensuring continuous improvement.
Ready to get started?
- Download our free Nonconformity Report Template from our Resources Library.
- Take a look at our Lead Auditor and Internal Auditor training courses to further understand the context of Nonconformity Reports.