Separate Steps

The two—corrective and preventive—are often combined because they are discussed in the same clauses of many regulations and standards (see the sidebar, "Brief History of Related Standards and Regulations"). Fundamentally, however, the two are very different.

Starting with nonconformance control

Corrective action and preventive action are responses to events that do not or might not meet stated requirements. Following the plan-do-check-act model, we know that sometimes our plans do not have the results that were intended. Mistakes and failures happen as part of life. Defective parts, incorrect decisions and sprained employee backs are all examples of things that were unintended.

To respond to these mistakes and failures, you must first recognize that they exist. Common tools for finding mistakes and failures include inspection, test, examination, review, evaluation and audit. The discovered mistake or failure is called a nonconformance.1 Something did not conform to the manufacturing drawing, safety plan, physician’s instruction, standard procedure, customer order or supervisor’s direction. It is captured on a nonconformance report (NCR) form.

The principles of nonconformance control have been around since the early days of manufacturing. Nonconformance control is a system consisting of four processes working in harmony (see Figure 1):
1. Tag or otherwise identify the item as nonconforming.
2. Isolate the nonconforming item.
3. Decide what to do with it. This is called disposition.
4. Carry out the disposition. This is called remedial action.

Risk management principles are used for the disposition decision. Basically, you must further determine whether the cost of proposed action is worth the anticipated benefit. Remedial action starts with the letter R. All four possible options start with R: rework, reject, repair or release. Yes, these possible dispositions have application in service environments, too. Those who still have material review boards for nonconforming supplier parts will recognize the four R options.

Notice that nonconformance control has nothing to do with problem statements, root causes or preventing recurrence. It deals only with the disposition of nonconforming items and actions.

Corrective action
Corrective action is backward looking: "A problem happened and we do not want it to happen again, here or anywhere else." It is an adverb-noun phrase and differs from correct, which can be a verb. To correct an adverse event (mistake, nonconformance or explosion, for example), something must be changed. We transform conditions from one state into another state, but what should we change?

The corrective action system is a series of processes—all working in harmony to achieve a desired outcome. The processes are captured on a corrective action request (CAR) form.
Corrective action consists of four steps (see Figure 2):

1. Identify an issue or event in need of correction. This is not as easy as you might imagine. All kinds of bad events occur frequently. If you attempt to correct them all, you will always fail. Each person and organization has a limited amount of energy to spend during a day. If you try to correct everything, you wind up wasting all of that energy, leaving none for the truly important—and generally more difficult—issues.

You must set a threshold level to determine when and where to spend your limited energy. Smart organizations will usually base their threshold levels on the three business drivers of cost, production and risk (CPR). If the effects of a particular adverse event exceed one of the CPR threshold levels, further action is required. If not, the remedial action you performed for nonconformance control is enough.
Unfortunately, it takes courage to tell an insecure boss that further action is not warranted. On the other hand, if your threshold levels are set too high, nothing gets changed. We sometimes see this in highly regulated industries, where the mere mention of a possible problem releases a flood of overreaction from executives and politicians.

2. Perform root cause analysis on the identified adverse event. This is where you apply problem-solving tools and use Six Sigma knowledge. The principles of accident investigation are also quite useful. Smart people have learned over the years that there are generally multiple causes and multiple initiators for an adverse event.2

Look at system design principles.3 Lack of training, inattention or human error are seldom the root cause of a problem; it is deeper than that. Rarely can root cause analysis be performed by one individual, and rarely can it be done in less than a day. It is difficult and takes a lot of energy.

3. Fix the underlying causes of the problem. This is action taken to remove underlying causes and initiators. The change must be systemic and substantive, such as installing new plant equipment, applying software solutions or redesigning process flow. The codes and standards refer to this as action taken to prevent recurrence.4, 5 It is also called correction.

Fixing underlying causes of a problem is not small incremental improvement. Approval for a budget variance might be needed from the organization’s board of directors. It is transformational and can seldom be completed in less than a month, often taking six months to a year (or longer) to fully implement. Correction also takes a lot of energy.

4. Verify the fixes were done and schedule follow-up. Correcting underlying causes is difficult. You cannot assume those changes will actually get done, so some form of checking and subsequent follow-up is necessary. This is not the same as verifying effectiveness. Standards and regulations rightfully require an effectiveness evaluation of the corrective action program, not each individual event.6

Logic tells us we cannot evaluate effectiveness by looking at a single data point. We must look for patterns within the entire system of corrective action. To do this requires a good deal of data to honestly proclaim, "The problem is fixed."
The ideal time to evaluate the data is in preparation for a scheduled (often quarterly) management review. Looking back over the past year, the CAR coordinator says, "These problems are new ones and need watching. These problems are not repeating in other locations and can be closed. These problems seem to be coming back in slightly different forms and we must reexamine them."
Notice the four corrective action steps do not deal with the single problem event. That was done by nonconformance control. Unless the consequences of a problem event are huge, such as an airplane crash, corrective action is looking at a pattern of similar events so its underlying cause can be removed. Corrective action addresses the disease, whereas nonconformance control addresses the symptoms of that disease.

Preventive action
Preventive action is forward looking: Analysis of precursor data tells us that the probability and consequences of an event happening exceeds our risk appetite. The adverse effects of the uncertainty are unacceptable, so resources are spent to reduce or mitigate that uncertainty.

Preventive action is risk management and should actually be termed predictive action. Unlike nonconformance control, which has existed since the 1940s, or corrective action, which appeared in the 1960s, predictive action has been around for only a few decades.
It is a relatively new concept, designed to deal with possible events that would be damaging if they occurred. Preventive maintenance of submarine motors is an example of predictive action. We do not want those motors failing when the submarine is underwater.

Predictive action uses probability analysis, organizational risk appetite, and failure mode and effects analysis. These are usually quite different from the way corrective action is approached. It is so new that a common predictive action form doesn’t exist yet.
Predictive action is also a system. Several processes work together to combat undesired risk. Predictive action has four steps (see Figure 3):

1. Gather and analyze precursor data. 

These come from a variety of sources. They can be near-miss events, equipment breakdowns and known failures in other applications. These data come from events that happened elsewhere. The turtle diagram works well for thinking about possible uncertainties within an organization.

The reliability, availability, maintainability and durability community has developed protocols to harvest precursor data. It looks at probabilities—called "likelihood" in risk management circles—of those or similar events happening here. If they were to happen, what would be the consequences? Consequences can affect cost, production, safety, the environment, security, business continuity and a host of other communities. Consequences might be small or they might be huge. Risk is the combination of likelihood and effects.
2. Determine the risk tolerance.
Low probability with high consequences might be unacceptable, whereas low probability with low consequences might be acceptable. Risk tolerance (often called appetite) will vary by business sector. Government and healthcare generally have smaller appetites than lumber mills. Ultimately, these are decisions that must be made by senior managers.
3. Apply resources to lower unacceptable risks.
Classic risk management calls this ATM: accept, transfer or mitigate. If the risk is acceptable, let it go and reevaluate later. If unacceptable, the risk should perhaps be transferred to an insurance carrier. For mitigation, you might increase the barriers or lower the consequences. Mitigation usually requires the application of change management principles, because many in the organization may not see the need for fixing something that is not (yet) broken.
4. Continue to gather and analyze data to minimize surprises.
Refresh your data by adjusting your harvesting scope and methods. Go back to step one.

Article Reference: QP