• Consulting

    ISO 22000 Certification

    Getting certified with the world's leading food safety management standard.

    ISO 13485 Certification

    Getting certified with the global standard used by healthcare industry.

    ISO 27001 Certification

    Getting certified with a globally accepted indication of security effectiveness.

    Medical Device Regulatory

    Establish a complete and effective medical device regulatory strategy.

    ISO Consulting

    Increase product and service quality with Stendard's ISO consulting.

  • Software

    Stendard Solution™

    Summary of our product and features that may help your business process even greater and possibly solve your difficulties in business process.

    ISO Template

    Use our document generator to generate each Manual, Procedure, Form Templates and etc. Define the step-by-step instructions needed for each operation within the Work Instructions.

    Dashboard

    A powerful tool that streamlines the monitoring process and helps users make informed decisions based on the data that is most relevant to their needs.

    Library

    A simple but powerful module for you to store, organise and edit your files seamlessly without any hassle.

    Document Management System

    With Document Control, never worry about inaccuracy and non-compliance of documentation files and processes ever again.

    Workflow

    An effective way to reduce paperwork related hindrance within the workplace and improve organisational efficiency.

    Data Table

    With the ability to add, edit, and delete data, import data from external sources, and search and sort data, you can easily organize, analyze, and report on data in a more efficient manner.

    Form Builder

    Create any form that you need to support your daily activities. As the name suggests, building a form is now a breeze as you drag & drop components in.

    Academy

    Our aim at Stendard is not only to provide you with quality consulting services. We want to empower our clients such as yourself by providing a wide range of ISO related courses.

    Training Plan

    Create your training plan to group your training courses. By setting up these plan, you can set multiple items to be trained by several team members at once.

    Evidence Submission

    Compile and organise essential documents required for audits. With this module, you will be able to breeze through any up and coming audits without fearing missing or incorrect documents!

    Artificial Intelligence

    Our AI engine for Document Classification will help you significantly speed up the document classification process and allow less room for human error when handling these vast amounts of documents.

    Change Log

    Changelog will list all the updates and patches we have made to every software update to ensure that you know the new features or updates introduced to the system.

    Audit Trail

    You can ensure that accountability is incorporated into your organisation’s document management system with a robust audit trail system.

    Search (OCR)

    A simple but powerful tool to locate every single document you need.

  • Academy
  • About
Stendard Solution™
Contact Us
Search
Close this search box.

A Standard Guide to Preventive Action

Preventive Action guide

“If anything can go wrong, it will”.

Many of you may be familiar with this expression. Yes, you are right! It’s Murphy’s Law.

While many may take this expression pessimistically, we should focus on the positive side of this expression, for instance, to help us avoid potential problems, especially in our business processes and management systems.

International Organization for Standardization (ISO) encourages companies and organisations to put preventive action or control to eliminate potential issues in business processes and management systems.

Through this article, we will help you understand the definition of preventive action, the difference between corrective action vs preventive action, why it is essential and beneficial, examples of preventive action, and last but not least, how to write an effective preventive action plan.

What is Preventive Action?

Preventive action is a proactive measure to eliminate any factor causing our processes and quality management systems to deviate from requirements and to implement controls minimising risks of its occurrence and negative impact.

Preventive actions aim to correct a potential problem which may occur in the future if left uncontrolled. ISO promotes implementing preventive actions through risk-based thinking, incorporated in the Plan-Do-Check-Act (PDCA) cycle.

Plan-Do-Check-Act (PDCA) cycle

In a quality management system, preventive action is usually associated with corrective action, known as the corrective action and preventive action (CAPA) system.

In Good Manufacturing Practice (GMP), Hazard Analysis & Critical Control Points (HACCP), Hazard Analysis & Risk-based Preventive Controls (HARPC) and ISO standard, the CAPA system is used to identify the root cause of nonconformities, plan corrective action to prevent the recurrence of the nonconformities. It addresses similar potential nonconformities which require preventive action.

CAPA system

CAPA is usually issued to address nonconformities found during external and internal audits or issues that negatively impact quality.

Corrective Action vs Preventive Action

The difference between corrective and preventive actions lies in their purpose. Corrective action prevents recurrence by aiming to correct problems or nonconformities that may have occurred before. Therefore corrective actions focus on providing a solution or correction to a current issue and preventing the recurrence of that particular problem.

In contrast, preventive action prevents occurrence by aiming to avoid problems or nonconformities that may happen in the future and, thus, focusing on eliminating risks of the occurrence of the issues. In short, we could say that corrective action prevents the recurrence of nonconformities, while preventive action prevents the occurrence of nonconformities.

Although the purpose of corrective and preventive actions is different, both corrective and preventive actions require risk analysis to identify the causes of the nonconformities and determine the corrective and preventive actions needed.

root cause analysis

When nonconformities are identified, an immediate solution must be implemented. This action is known as a correction. To prevent the recurrence of nonconformities, corrective actions have to be planned and taken.

To determine the proper corrective actions, an investigation of the nonconformities causes needs to be initiated, and this process is called root cause analysis. Corrective actions should be proportionate to the root cause of the nonconformities.

Risk analysis is also performed to plan preventative actions in the form of risk assessment. Usually, process owners will do a risk assessment of their processes. A proactive and preventive action should be applied to the identified risk considered a recurrence issue.

Why is Preventive Action important?

Preventive action, as well as corrective action, is essential for our business processes and quality systems. Not only is it required by regulatory requirements, but also necessary to continue to meet customer satisfaction by correcting the existing problems and implementing controls to prevent potential problems.

What are the benefits of Preventive Action?

Implementing preventive actions is also beneficial business practice, as it helps companies and organisations to avoid quality problems, reduce product defects, and even avoid work incidents. Preventive action does not stop at putting control to eliminate potential nonconformities; it is also helpful for the continuous improvement of quality systems and processes.

What is an example of Preventive Action?

Preventive action could be implemented in the form of regular activities held by the management to maintain the effectiveness of business processes and management systems. For example, a company or organisation would create training programs for employees to ensure they can fulfil their responsibilities.

The training programs may include induction or refreshment training of standard operating procedures intended for employees to avoid deviation from procedures and create any future nonconformities. Another example is routine equipment maintenance on the shop floor to ensure the equipment is calibrated correctly and runs as intended.

It could also be in the form of a change implemented to a current process or system. A system or process change should address weaknesses and potential issues not covered by the current system or process. In addition, doing internal audits is also part of preventive actions.

How do you write a Preventive Action Plan?

Creating a preventive action plan starts with understanding your business process.

Once you know your process, it will be easier to identify any possible problems or nonconformities which may occur in the future and determine an action to eliminate their occurrence, as well as to identify any opportunity for improvement to your quality management system. Preventative action defined should be proportionate to the effect of the potential nonconformities.

preventive action plan process

Depending on your company and the standards implemented, a preventive action plan may be created as part of your corrective and preventive action plan or risk management process. The following examples are ways that your company may create a preventive action plan.

ISO 13485:2016 – Medical Devices Quality Management Systems — Requirements for regulatory purposes

ISO 13485 describes the steps to create a preventive action as follows:

  1. Determine any possibility of nonconformities and their causes
  2. Evaluate the appropriate actions to prevent the occurrence of the nonconformities
  3. Plan, document, and implement the proposed preventive actions    
  4. Verify that the effect of the proposed actions will not adversely affect the ability of a company or organisation to meet applicable regulatory and product/service requirements
  5. Review the result of the preventive actions applied

The preventive action plan is usually incorporated as part of the corrective and preventive action procedure.

ISO 9001:2015 – Quality Management Systems — Requirements

ISO 9001 does not specifically have a separate clause or sub-clause on preventive action like ISO 13485. This is because the concept of preventive action is expressed through risk-based thinking in formulating quality management system requirements.

risk assessment chart

This means that preventive action is determined during your organisation’s risk assessment process as part of the efforts to implement risk controls to mitigate risks identified from various sources, such as nonconformities that have occurred or possible hazards that are considered.

Finally, your company or organisation can create a procedure that documents the steps and record the result of implementing the preventive actions. The result of how effective the implemented action would be is one of the inputs of management review, which should be done at least once a year by the management.

Conclusion

To summarise, preventive action is a proactive plan to prevent the occurrence of nonconformities that have not happened, and some examples include process changes, training plans, internal audits, and maintenance activities.

What differentiates it from corrective action is that corrective action prevents the recurrence of nonconformities, whereas preventive action prevents the occurrence of nonconformities in the future.

A preventive action process is essential so a company or organisation can meet regulatory requirements and customer expectations. It is also beneficial for the continuous improvement of quality management systems.

A preventive action plan should include risk analysis and monitoring activity toward the proposed action and its result and should also be adequately documented. Management is responsible for reviewing the impact of the proposed action once it is applied during the management review.

References

1.  ISO 9001 : 2015 – Quality management systems — Requirements

2. ISO 13485 : 2016 – Medical devices Quality management systems — Requirements for regulatory purposes

Stendard's ISO Consulting Services

Learn More

our Academy e-learning course:

See more info
Show me all available courses
See more info

Do you have any questions?

Drop us an inquiry now!

Get In Touch

REGULATION

ISO Consulting

RESOURCES

COMPANY

SOFTWARE

CONNECT WITH US

Facebook Twitter Linkedin

© 2016-2024 YNL 360 Pte Ltd d.b.a Stendard. All rights reserved.

TERMS OF SERVICEPRIVACY POLICY.