Nonconformances are a common outcome of audits. Although no auditor should go into an audit looking to find fault, if delivered correctly nonconformances can provide opportunities for continuous improvement. However, if the nonconformance is not recorded or reported accurately, preventive or corrective actions may be difficult for the organization to perform. Let’s look at the elements of writing a nonconformance, starting with what a nonconformance is.

In basic terms, a nonconformance details what was found to be incorrect during the audit, and what needs to be acted upon, or corrected, once the auditor has left. A nonconformance could be found in a service, product, process, from a supplier, or in the system itself. They can be identified through customer complaints, internal and external audits, or during inspection activities.

The existence of a nonconformance means that some aspect of an organization’s standard operating procedures are not being followed. They are typically identified in the context of a global quality management system audit. The nonconformance is documented in a nonconformance report that is subsequently issued to a management representative who directs corrective action.

A nonconformance should be an exact observation of the facts and addresses what, where, why, and who. It should be retrievable and help to achieve corrective action. Nonconformances should be more than just written statements and should be of sufficient weight so they can have a positive impact on the quality of the product, process, and service. In order to achieve audit objectives, nonconformances must be presented to auditees in a concise and understandable manner.

Where to Start

Here are the steps to write a nonconformance:

  1. Establish that something is wrong and have clear evidence to back this up.
  2. Determine which part of the audit criteria/requirement is not met.
  3. Document the applicable part of the audit criteria/requirement.
  4. Detail the evidence that shows that the audit criteria/requirement is not being met.

What to Include in a Nonconformance Statement

The statement of nonconformance should be concise, self-explanatory, and related to the process. It should not restate the audit evidence. Instead, it should record the requirement against which the nonconformance was detected.

A nonconformance statement should include three distinct parts:

  • Nonconformance: Clearly define and document the systemic failure within the nonconformance.
  • Objective evidence: Quote the appropriate standard clause, work instruction, procedure or process requirement.
  • Stated requirement: What objective evidence is/was used to indicate a nonconformance existed? What record, document, procedure was used to verify existence of a nonconformance?

Common Mistakes

It’s important that nonconformances are clearly written, technically correct, and easy to understand. Common mistakes people make when writing nonconformances include:

  • Writing too much
  • Being “incident specific,” rather than addressing the systematic issue(s)
  • Not identifying the relevant requirement
  • Using non-standard terminology
  • Not identifying the supporting objective evidence
  • Repeating the same or similar nonconformances
  • Expressing their opinions


It’s important that you have a clear understanding of the process to verify conformance or nonconformance.

Here are some useful suggestions to consider when writing a nonconformance:

  • Write clearly.
  • Address the process/system that is deficient.
  • Keep the statement of nonconformance as generic as possible to help direct the auditee to the issue at hand.
  • Keep the “specific details” in the objective evidence area if possible.
  • Include enough detail so that the auditee can respond to exactly what you found.

The result should be a clear, easy-to-understand description of the problem that the auditee can easily identify and address with corrective actions.