Correction vs. Corrective Action vs. Preventive Action

    Group of online auditing trainees discussing an online lesson

    Correction, Corrective Action and Preventive Action are important components of management systems that help organizations identify, address, and prevent issues to ensure ongoing process improvement; however, Corrective Action is not always needed; sometimes, a Correction alone is enough to address a Nonconformity. 

    The examples below will help explain the matter by exploring all three expressions in the title above.

    These expressions need clarification regarding addressing nonconformances/noncompliances with ISO Management System Standards. Some are unaware of their existence, thinking corrective action is the only option. Others have Management System documents that frequently mention CAPAs even though Preventive Action is no longer a formal part of their system. Well, there are differences between these expressions.

    Unfortunately, ISO Standards don't give more prominence to Corrections. Popular tools like 8-D highlight Corrections, which are so often essential to retaining a Customer. This post will help you differentiate the three and teach you how to use them.


    Table of Contents

    New call-to-action

    What is a Correction?

    We’ll start with the definitions of these terms.

    According to ISO 9001:2015, the standard that defines terms that apply to all of the ISO 9000 family of standards, Correction is defined as the action to eliminate a detected nonconformity.

    The definition includes two explanatory notes:

    1. A correction can be made in advance of, in conjunction with, or after corrective action and
    2. A correction can be, for example, rework or regrade.

    Example of a Correction

    Goods dispatched to a customer were damaged in transit. Action to immediately replace the damaged goods is a Correction.

    What is a Corrective Action?

    ‘Corrective action’ constitutes one of the common terms and core definitions for ISO management system standards given in Annex SL of the Consolidated ISO Supplement to the ISO/IEC Directives, Part 1. Consequently, the definition applies throughout the ISO 9000 family of management system standards.

    ISO 9000:2015 defines Corrective action as the action to eliminate the cause of nonconformity and to prevent a recurrence

    The definition includes explanatory notes: 1) There can be more than one cause for a nonconformity, and 2) Corrective action is taken to prevent recurrence, whereas preventive action is taken to prevent occurrence.

    Also, I'd like to point out that the inclusion of action to prevent recurrence differentiates a Corrective Action from a Correction.

    Example of a Corrective Action

    To continue with the damaged goods example, why the goods were damaged in transit needs to be addressed. If deficient outer packaging were identified as the cause of the damage, a change to a more robust carton would be a Corrective Action. For the Corrective Action to be considered effective (and the Corrective Action ‘closed’), you must successfully complete several deliveries without damage occurring.

    What is a Preventive Action?

    ISO 9000:2015 defines preventive action as action taken to eliminate the cause of a potential nonconformity or other potential undesirable situation

    The definition includes two explanatory notes: 1) There can be more than one cause for a potential nonconformity, and 2) Preventive action is taken to prevent occurrence, whereas corrective action is taken to prevent a recurrence.

    Note: Preventive Action has been removed for all of the ISO 9001 family of standards except ISO 13485:2016.  The standards now expect the application of a risk-based approach and continual improvement to achieve the same results as formerly achieved through preventive action.  See Points to Ponder below for more.

    Example of a Preventive Action

    Again, continuing with the damaged goods example, since we have one instance where packaging proved inadequate, where else is that packaging used, and for what products? Could the non-conformance occur in these other instances? If so, we need to take preventive action. As we are dealing with potential non-conformities, it can prove difficult in practice to collect evidence to prove the effectiveness of the action(s).

    The CCAPA Process for Dealing with Nonconformances or Noncompliances

    Let’s talk of CCAPA rather than the traditional CAPA to remind ourselves of the frequently needed Correction. Here is a graphic of the overall CCAPA Process for treating a nonconformance…

    The Correction, Corrective Action, and Preventive Action (CCAPA) Process for dealing with NonConformances or Noncompliances

    Click the image for a copy of the infographic.

    Some Points to Ponder

    1. Where are they hiding Corrections?

    It is indeed difficult to find mention of the Correction of ISO Management Systems (MS) Standards. One place it is mentioned is in ISO 13485 Clause 8.2.2 Complaint Handling, where we find Corrections in ‘f) determining the need to initiate corrections or corrective actions’ and goes on to require that Corrections be documented.

    1. Where has Preventive Action gone?

    Preventive action was omitted from the first HLS (High-Level Structure) document issued in 2010 as a guide to the ISO Committees drafting new and revised MS Standards. It was considered that improvement action, as required in part 10 of all HLS Based Standards, would adequately address the need for Preventive Action.

    1. One ISO Standard retains Preventive Action.

    ISO 13485:2016 did not adopt the HLS Structure but retained the previous ISO 9001:2008 structure. This Standard began a revision process in 2019, and it has already been announced that the new revision will move to the HLS Structure.  No progress with the revision has been reported, so it will be 2028 or later before Preventive Action is dropped from this Standard.


    New call-to-action

    1. And Preventive Action is hidden in HLS-based ISO MS Standards!

    Preventive Action has not, in reality, been removed from ISO Standards, as many persons working in the field claim. It is there if you look hard enough. Take ISO 9001:2015 Clause 10.2.1 b) 3) - yes, you have to drill down a bit! – wherein evaluating the need for action to eliminate the cause(s) of the nonconformity (so that it does not recur or occur elsewhere) requires…

    ‘determining if similar nonconformities exist or could potentially occur.’

    ‘Or could potentially occur’ = preventive action.

    1. And if you like Preventive Action, why not keep it?

    Some organizations that have been certified for many years are comfortable with Preventive Action and retain it as part of their Management System even though it is not included in the MS Standard to which they are certified. No problem; nothing in any HSL-based Standards says you can’t retain it.

    Our recommendations

    We have two…

    1. Make sure your Management System Documentation clearly distinguishes Corrections from Corrective Action and
    2. If you like the concept of Preventive Action and your colleagues find it useful, use it.

    Best of luck!



    Available ISO 13485 Courses image map. Click on any course you are interested in to learn more about, including the course content, learning materials, etc.


    Related Courses

    Related Articles

    deGRANDSON Global is an ISO Certified Educational Organization

    In In October 2021, we secured certification to three education-related ISO Standards.  We now have a university-grade management system in place conforming to the requirements of  …

    • ISO 21001, Educational Organizational Management System,
    • ISO 29993, Learning Services outside formal Education,  and
    • ISO 29994, Learning Services – additional requirements for Distance Learning.

    We have chosen ISO 21001 certification because, unlike IRCA and Exemplar badges (which, in our opinion, are commercially compromised), it is based on independent third-party assessment.  It is a ‘university grade’ standard in use globally by schools, colleges, and universities to demonstrate their competence.


    Written by Dr John FitzGerald

    Director & Founder of deGRANDSON Global. Spent 15 years in the manufacturing industry and 25 years training, consulting & auditing management systems
    Find me on:

    Subscribe to Email Updates

    Recent Posts