Correction vs. Corrective Action vs. Preventive Action

Group of online auditing trainees discussing an online lesson

We get asked frequently for corrective action examples but to respond directly is to ignore the possibility of a Correction alone being enough to address a nonconformity. 

The example given below will clarify the matter for you by exploring all three expressions in our title, above.

These expressions can cause confusion when it comes to addressing nonconformances/noncompliances with ISO Management System Standards. Some are unaware of their existence, thinking that corrective action is the only option. Others have Management System documents that frequently mention CAPAs even though Preventive Action is no longer a formal part of their system. Well, there are differences between these expressions.

It is unfortunate that ISO Standards don't give more prominence to Corrections. Popular tools like 8-D highlight Corrections, which are so often essential to retaining a Customer. In this post,  we'll help you differentiate the three and teach you how you can take useful advantage of them.

Table of Contents


What is a Correction?

We’ll start with the definitions of these terms.

According to ISO 9001:2015, the standard that defines terms that apply to all of the ISO 9000 family of standards, Correction is defined as the action to eliminate a detected nonconformity.

The definition includes 2 explanatory notes: 1) A correction can be made in advance of, in conjunction with or after a corrective action and 2) A correction can be, for example, rework or regrade.

Example of a Correction

Goods dispatched to a customer were damaged in transit. Action to immediately replace the damaged goods is a Correction.


View our ISO 13485 Courses


What is a Corrective Action?

‘Corrective action’ constitutes one of the common terms and core definitions for ISO management system standards given in Annex SL of the Consolidated ISO Supplement to the ISO/IEC Directives, Part 1. Consequently, the definition applies throughout the ISO 9000 family of management system standards.

ISO 9000:2015 defines Corrective action as the action to eliminate the cause of a nonconformity and to prevent a recurrence

The definition includes explanatory notes: 1) There can be more than one cause for a nonconformity and 2) Corrective action is taken to prevent recurrence whereas preventive action is taken to prevent occurrence.

Also, note that it is the inclusion of action to prevent recurrence that differentiates a Corrective Action from a Correction

Example of a Corrective Action

To continue with the damaged goods example, the question of why the goods were damaged in transit needs to be addressed. Were deficient outer packaging identified as the cause of the damage, a change to a stronger carton, say, would be a Corrective Action. For the Corrective Action to be considered effective (and the Corrective Action ‘closed’) you would need to successfully complete several deliveries without damage occurring.


Choice of ISO 19011 Auditing Skills Courses


What is a Preventive Action?

ISO 9000:2015 defines preventive action as action taken to eliminate the cause of a potential nonconformity or other potential undesirable situation

The definition includes 2 explanatory notes: 1) There can be more than one cause for a potential nonconformity and 2) Preventive action is taken to prevent occurrence whereas corrective action is taken to prevent a recurrence.

Note: Preventive Action has been removed for all of the ISO 9001 family of standards with the exception of ISO 13485:2016.  The standards now expect the application of a risk-based approach and continual improvement to achieve the same results as formerly achieved through proventive action.  See Points to Ponder below for more.

Example of a Preventive Action

Again, continuing with the damaged goods example, since we have one instance where packaging proved inadequate where else is that packaging used and for what products? Could the non-conformance occur in these other instances? If so, we need to take preventive action. As we are dealing here with potential non-conformities, it can prove difficult in practice to collect evidence to prove the effectiveness of the action(s) taken.

The CCAPA Process for dealing with Nonconformances or Noncompliances

To remind ourselves of the frequently needed Correction, let’s talk of CCAPA rather than the traditional CAPA. Here is a graphic of the overall CCAPA Process for treating a nonconformance…

The Correction, Corrective Action, and Preventive Action (CCAPA) Process for dealing with NonConformances or Noncompliances

Click here for a Copy

Some Points to Ponder

  1. Where are they hiding Corrections?

It is indeed difficult to find mention of Correction of ISO Management Systems (MS) Standards. One place it is mentioned is in ISO 13485 Clause 8.2.2 Complaint Handling where we find Corrections in ‘f) determining the need to initiate corrections or corrective actions’ and goes on to require that Corrections be documented.

  1. Where has Preventive Action gone?

Preventive action was omitted from the first HLS (High-Level Structure) document issued in 2010 as a guide to the ISO Committees drafting new and revised MS Standards. It was considered that improvement action, as required in part 10 of all HLS Based Standards, would adequately address the need for Preventive Action.

  1. One ISO Standard retains Preventive Action

ISO 13485:2016 did not adopt the HLS Structure but retained the previous ISO 9001:2008 structure. This Standard began a revision process in 2019 and it has already been announced that the new revision will move to the HLS Structure, which itself is under revision.


New call-to-action

  1. And Preventive Action is hidden in HLS-based ISO MS Standards!

Preventive Action has not, in reality, been removed from ISO Standards as many persons working in the field claim. It is there if you look hard enough. Take ISO 9001:2015 Clause 10.2.1 b) 3) - yes, you have to drill down a bit! – wherein evaluating the need for action to eliminate the cause(s) of the nonconformity (so that it does not recur or occur elsewhere) requires…

‘determining if similar nonconformities exist, or could potentially occur’

‘Or could potentially occur’ = preventive action.

  1. And if you like Preventive Action, why not keep it?

Some organizations that have been certified for many years are comfortable with Preventive Action retain it as part of their Management System even though it is not included in MS Standard to which they are certified. No problem; nothing in any of the HSL-based Standards says that you can’t retain it.

Our recommendations

We have two…

  1. Make sure your Management System Documentation clearly distinguishes Corrections from Corrective Action, and
  2. If you like the concept of Preventive Action, and your colleagues find it useful, then use it.

Best of luck!

New call-to-action

Related Courses

Related Articles

deGRANDSON Global is an ISO Certified Educational Organization

In October 2021 we secured certification to three education-related ISO Standards.  We now have a university-grade management system in place conforming to the requirements of  …

  • ISO 21001, Educational Organizational Management System,
  • ISO 29993, Learning Services outside formal Education,  and
  • ISO 29994, Learning Services – additional requirements for Distance Learning.

We have chosen ISO 21001 certification because, unlike IRCA and Exemplar badges (which in our opinion are commercially compromised), it is based on independent third-party assessment.  It is a ‘university grade’ standard in use globally by schools, colleges, and universities to demonstrate their competence.


Written by Dr John FitzGerald

Director & Founder of deGRANDSON Global. Spent 15 years in the manufacturing industry and 25 years training, consulting & auditing management systems
Find me on:

Subscribe to Email Updates

Recent Posts