Purpose

This piece is written to resolve the confusion around when root cause analysis must be applied to non-conformances.

For the purposes of referencing, BRCGS Food Safety Standard Issue 9 has been used as a reference in this article, as the requirements on this topic across the BRCGS standards tend to be similar.

Background

It’s generally accepted that root cause analysis isn’t needed for all non-conformances, but there’s little clarity available that explains which non-conformances it must be applied to, and which don’t need it is. In this piece, we look to explain how to determine when root cause analysis must be applied, and when it’s not necessary.

To allow us to understand when root cause analysis must be applied, we need to first understand why this topic is confusing, and challenge the current theories.

Contents

Contents

Clause 3.7.1

Section 3.7 Corrective and preventive actions refers to when root cause analysis must be applied, it says:

“3.7.1

The site shall have a procedure for handling and correcting issues identified in the food safety and quality management system.

The site procedures shall include the completion of root cause analysis and implementation of preventive action.”

Here, the standard firstly refers to corrective actions, which are designed to resolve the immediate problem. It then goes on to explain that root cause analysis must be used to create preventive actions. All good so far.

However, when you then get into the interpretation of this clause, it states:

“An important part of an effective corrective action process is the identification of the root or underlying cause of the non-conformity and the implementation of suitable action to prevent recurrence.”

In this statement the standard confuses the requirements, by using the term corrective action, root (cause) and prevent(ive action) all in the same sentence.

Accepted theory 1

There’s an accepted theory that any non-conformances that are raised against the food safety and quality management system (referenced in 3.7.1), for example in an internal audit – require root cause analysis. This is because the second sentence in the clause says:

“The site procedures shall include the completion of root cause analysis and implementation of preventive action.”

 

Because 3.7.1 is sited within the section 3.7 corrective and preventive actions, this means that the procedure referred to in this clause, is the corrective and preventive action procedure.

The glossary within the BRCGS Food Safety Standard, provides us with definitions for corrective and preventive action:

“Corrective action (correction): Action to eliminate a detected non-conformity or non-conforming product.”

“Preventive action: Action to eliminate the fundamental underlying cause (root cause) of a detected nonconformity and prevent recurrence.”

It makes sense, that clause 3.7.1 states that procedure must include a process to complete root cause analysis, as this would be needed to determine preventive actions. However, we can see from the above definition that corrective action doesn’t need root cause analysis, so the clause can’t be stating that root cause analysis is needed for all non-conformances.

Clause 3.7.2

If we look at 3.7.2, this clause explains how to manage a non-conformity. It states:

“Where a non-conformity places the safety, authenticity, or legality of a product at risk, or where there is an adverse trend in quality, this shall be investigated and recorded including:

 

  • clear documentation of the non-conformity
  • assessment of consequences by a suitably competent and authorised person
  • the corrective action to address the immediate issue
  • completion of root cause analysis to identify the fundamental cause (root cause) of the non-conformity
  • appropriate timescales for corrective and preventive actions
  • the person(s) responsible for corrective and preventive actions
  • verification that the corrective and preventive actions have been implemented and are effective.”

 

The first statement says that all product related issues, with the exception of one-off quality problems must be treated following a set process. This process includes (point 2) the assessment of consequences. Let’s pause here and think about what the assessment of consequence is and why we’re doing it.

Assessment of consequence is where you determine what impact this non-conformance would have:

  • Directly on the product if the problem wasn’t resolved.
  • Indirectly on the product, if a system related problem wasn’t resolved.

To meet this requirement, typically we use a grading system which determines if the non-conformance is minor, major or critical. Understanding the purpose of grading the non-conformance commonly gets overlooked.

The grading determines the risk to product, and is therefore a risk assessment. A risk assessment has a purpose. It has an input (evidence of severity and likelihood) and it has an output (minor, major and critical). The purpose of this is to use that output in the next part of the process.

Here, we’re assessing the risk to the product and determining the grading of minor, major or critical. The grading is then used to determine how that non-conformance must be managed, i.e. whether root cause analysis must be applied.

The problem is that the standard doesn’t explain that the result of the assessment of consequence, should be used to provide a grade. Even though it does grade non-conformances resulting from certification audits this way.

Accepted theory 2

The next accepted theory is that the only non-conformances that don’t require root cause analysis, are those that don’t put the product at risk – due to the requirements defined in 3.7.2.

However, this contradicts the accepted theory from 3.7.1, where all non-conformances that relate to the food safety and quality management system, do require root cause analysis.

This means that only non-conformances, which don’t require root cause analysis are those that:

  • Don’t put the product at risk,
  • AND, don’t relate to the food safety and quality management system,

We would be willing to challenge anyone to provide an example of a non-conformance that meets the above criteria.

Challenge 1

If all non-conformances require corrective action, root cause analysis and preventive action, then why assess the consequence of the non-conformity? What’s the purpose of the minor, major or critical grading? It would seem that there isn’t one…

Let’s say that we assess the consequence of the following non-conformances:

  1. A burnt product complaint.
  2. High-level cleaning of the warehouse, not being carried out at the required frequency.

Both don’t put the product at risk from food safety, authenticity, or legality. However, non-conformance 2 was raised on an internal audit, therefore due to the accepted theory of clause 3.7.1 it would require root cause analysis.

What makes the non-conformance from the system audit more critical, than the consumer complaint?

The non-conformance from the consumer complaint:

  • Has not complied with the process checks in the process control procedure (within the food safety and management system).
  • Has not been picked up by the verification checks, set out in the product inspection and testing procedure (in the food safety and quality management system).
  • Which has resulted in the consumer receiving a product which doesn’t meet the specification (defined in the food safety and quality management system).

The non-conformance from the internal audit, means that:

  • The problem has been identified, following the internal audit procedure.
  • It can be resolved, before it impacts the product.

Therefore, the logic that the internal audit non-conformance is a higher risk, than the complaint non-conformance doesn’t make any sense.

Certification audit non-conformances

There is also an expectation that all non-conformances that are raised during internal audits must have root cause analysis, because all non-conformances that are raised during the certification audit require it.

However, a non-conformance raised during a certification audit is very different to one raised on an internal audit.

The aim of an internal audit is to find non-conformances, so that they can be resolved before they cause an issue.

The aim of a certification audit isn’t to find non-conformances, but rather to verify compliance with the standard. A non-conformance raised on a certification audit or any external audit, indicates a failure in the internal audit system – as it should have already been raised and resolved.

Clause 3.4.3

This is where the standard refers to the completion of non-conformances derived from system audits, it says:

 

“The internal audit programme shall be fully implemented. Internal audit reports shall identify conformity as well as non-conformity and include objective evidence of the findings.

The results shall be reported to the personnel responsible for the activity audited.

Corrective and preventive actions, and timescales for their implementation, shall be agreed and their completion verified. All non-conformities shall be handled as detailed in section 3.7. A summary of the results shall be reviewed in the management review meetings (see clause 1.1.4).”

 

This clause doesn’t say that root cause analysis must be applied to all non-conformances. It refers to section 3.7, which we’ve already discussed. If we then look at the interpretation of this clause it also states:

 

“The management review processes (see clause 1.1.4) must ensure that the internal audit programme operates effectively and that necessary corrective or preventive actions are appropriately completed. As a result, the internal audit process will often contain a number of steps. For example:

  • internal audit completed
  • corrective actions agreed
  • corrective actions completed and signed off
  • completion verified
  • root cause analysis used to identify any necessary preventive actions
  • preventive actions completed and reviewed
  • overall management review completed.”

Note, how it states ‘any necessary preventive actions’. It’s not saying that preventive actions must be applied. And, you wouldn’t carry out root cause analysis to possibly apply preventive actions. If you carry out root cause analysis, you must apply at least one preventive action.

A logical solution

The requirements of the standards can be complied with, using the following simple, yet effective process.

Every non-conformance is assessed for consequence, to determine the grading. Non-non-conformances are also monitored and where a trend is identified, a major non-conformance is created.

Grading – minor

A minor grading doesn’t put the product at risk and therefore, only corrective action is required.

Supporting evidence

This theory is supported by retailer standards, such as M&S, see extract from the M&S Food Safety Standard below:

“Corrective and Preventative Actions

  • The corrective/preventative actions required for each non-conformance and the timescale for completion should be agreed with the relevant manager. In order to ensure these actions are closed off in a timely manner, it is recommended that all corrective actions are allocated to Senior Managers, who are responsible for completing these actions within the agreed timescale. Suggested timescales for close out are:
  • Critical – immediately and before recommencing production
  • Major – within 8 weeks
  • Minor – within 12 weeks
  • The root cause of each critical, major non-conformance, repeat minor non-conformances, or series of minor non-conformances which have the same root causes, should be investigated and robust corrective action implemented to prevent reoccurrence and ensure actions are closed off in a timely manner. This may include using the site’s problem-solving tool to establish the practical and procedural root causes.”

Dated August 2023, Version 5

Want to be a root cause analysis ninja?

If you’re looking to gain in-depth knowledge on this subject, we’d recommend you purchase our eLearning course.

Continuous improvement

Completing root cause analysis

This eLearning course will teach you everything you need to know about root cause analysis. It’s designed for staff who are going to be accountable or responsible for managing the team or those who are members.

Root cause analysis when completed effectively is a time-consuming process, so it’s essential to be practical about when it should be applied. This course provides simple to follow and standard compliant instructions on which non-conformances must be assessed for root cause analysis.

Buy the completing root cause analysis mini training now

Have your say…

3 thoughts on “Why root cause analysis shouldn’t be applied to minor non-conformances

  1. RCA when applied to the correct instances is worth its weight in gold, however if you apply it to all scenarios, then this will quickly become a anchor around our feet, and we would most likely discover that the resources required to do this is simply would not exist, and then that takes away the much needed focus on more serious matters.

    The grading systems allows you the flexibility where to focus your time/resources to ensure a positive outcome, and a correct allocation of business/department funds.

    Reply

  2. Hello Kassy,
    Thank you for a very interesting article regarding RCA and minor non-conformances. This article explains in detail as to RCA shouldn’t be applied to minor non-conformances.

    Reply

  3. Root Cause Analysis can be a sledgehammer to crack a nut.
    I thoroughly agree with the title, RCA has its place as a tool to improve performance BUT to resort to it on every occasion is a total waste of time and effort.
    Like any tool, it should be used appropriately and a minor N/C is not the circumstance!!!!

    Reply

Share your thoughts…

Your email address will not be published. Required fields are marked *