Connect981 – Content Dev

RSC Cluster: Nonconformance, MRB and CAPA (NCR)

The Nonconformance, MRB and CAPA Cluster explains how quality issues should flow through execution instead of living in parallel systems. It covers how nonconformances are detected, contained, dispositioned, corrected, and prevented, with clear ownership and timing expectations. The content makes pause, quarantine, rework, and resume mechanics explicit so quality actions are operationally enforceable. This cluster connects quality events directly back to work instructions, traceability, and prevention rather than treating them as paperwork exercises.

  • deviation

    Core meaning

    In regulated industrial and manufacturing environments, **deviation** commonly refers to a documented and controlled departure from an approved requirement, procedure, or specification.

    It is typically used when an operation, batch, material, piece of equipment, or data point does not follow what has been formally defined in:

    – standard operating procedures (SOPs)
    – validated or approved process instructions
    – specifications, limits, or recipes
    – regulatory or internal quality requirements

    A deviation is not just the nonconformity itself; it also encompasses the formal record that describes the event, its impact, and how it is handled.

    How deviations are used in operations and quality systems

    In day-to-day manufacturing, deviations are usually managed through structured quality or compliance workflows. These may be implemented in a QMS, MES, ERP, or a combination of systems. Typical elements of a deviation record include:

    – **Description of the departure**: what was supposed to happen versus what actually happened.
    – **Classification**: such as critical, major, or minor, based on potential impact.
    – **Impact assessment**: evaluation of possible effects on product quality, patient or user safety, compliance, or supply.
    – **Root cause analysis**: investigation into why the deviation occurred (when required by procedure).
    – **Disposition and decisions**: decisions about use, rework, quarantine, or rejection of affected material or batches.
    – **Corrective and preventive actions (CAPA linkage)**: when appropriate, deviations may link to or trigger CAPA records.
    – **Approvals and documentation**: dated sign-offs by authorized roles, including quality and operations.

    Deviations are a key input to continuous improvement, risk management, and regulatory inspections, because they provide evidence of how the organization identifies and handles departures from its own defined controls.

    Authorized versus unauthorized deviations

    Many sites distinguish between:

    – **Authorized deviations**: A planned or consciously accepted departure that is formally assessed and approved before or during execution (for example, using alternate equipment, temporarily relaxing a sampling frequency, or bypassing a system step under controlled conditions).
    – **Unauthorized deviations**: An unplanned or unintended departure that is discovered after it occurs (for example, a missed step, incorrect parameter, or unexpected equipment behavior). These typically require investigation and may lead to corrective actions.

    In both cases, the term “deviation” refers to the recorded event and its management within the quality system.

    Boundaries and exclusions

    In this site context, **deviation** usually refers to:

    – departures from **documented, approved** procedures and requirements
    – events managed under **formal quality, compliance, or change-control frameworks**

    It usually does **not** refer to:

    – informal day-to-day variation within defined tolerances (e.g., normal process variability within control limits)
    – continuous numeric differences without quality or compliance significance (e.g., statistical deviation alone)

    When the intent is purely statistical, terms like *standard deviation* or *variance* are typically used instead.

    Common confusion and related terms

    Deviations are often discussed alongside other quality and compliance terms:

    – **Nonconformance / nonconformity**: Often used for product- or material-level failures to meet specifications. In some organizations, nonconformance records handle product disposition, while deviation records handle process or procedural departures. In others, the terms overlap or are used interchangeably.
    – **Incident**: A broader term that may include safety, environmental, IT/OT, or security events. A deviation is usually specific to process or quality requirements.
    – **Change control / change request**: A planned, prospective change to a procedure, specification, or system. Deviations generally document departures from the current approved state, not the process of defining a new approved state.
    – **CAPA (corrective and preventive action)**: Actions taken to address root causes of deviations or nonconformances. A deviation may lead to a CAPA, but the two records serve different roles.

    Usage and boundaries between these terms can vary by company and industry, so local procedures and quality system definitions are typically authoritative.

    Application in MES and shop-floor systems (site context)

    In manufacturing execution system (MES) and related OT/IT integrations, **deviation** typically refers to exceptions to the normal, validated electronic workflow, captured and processed under defined rules. Examples include:

    – recording when an operator cannot follow the exact MES step and uses an alternate path approved by quality
    – documenting temporary bypasses of MES checks (for example, due to equipment malfunction or connectivity issues) with full traceability to batch, operator, and equipment
    – linking deviation records in MES or an integrated QMS to specific electronic batch records, work orders, or equipment logs

    In this context, deviations are often routed through pre-defined electronic workflows that enforce:

    – standardized deviation types and categories
    – required impact assessments and justifications
    – electronic approvals by responsible functions (e.g., production and quality)
    – traceability across MES, QMS, and ERP where applicable

    Where hybrid electronic–paper processes exist, deviations also capture when and how MES was legitimately bypassed, and how that bypass is reconciled and reviewed within the quality system.

  • non-conformance report

    A non-conformance report (NCR) is a formal record used to document and manage any product, process, service, document, or supplier output that does not meet a defined requirement. It is a core quality and compliance artifact in regulated manufacturing, providing traceable evidence that nonconforming conditions were identified, evaluated, and addressed under controlled procedures.

    What a non-conformance report includes

    While formats vary by organization and system, an NCR commonly includes:

    • Identification details such as NCR number, date, originator, and affected site or line
    • Description of the nonconformance, including what failed, how it was detected, and observed condition
    • Reference requirements such as drawings, specifications, procedures, contracts, standards, or control plans
    • Scope and impact, for example affected batches, serial numbers, lots, or time windows
    • Initial containment actions, such as segregation, status labeling, and holds in MES/ERP
    • Disposition decision, for example rework, repair, use-as-is under deviation, scrap, or return to supplier
    • Approvals from authorized roles such as quality, engineering, production, or customer representatives
    • Links to follow-on actions such as root cause analysis, CAPA records, or change controls when required

    Operational use in manufacturing environments

    In industrial operations, NCRs are typically triggered when a nonconformity cannot be corrected immediately without risking traceability, compliance, or consistent treatment. NCRs may be generated from:

    • In-process or final inspection results that do not meet acceptance criteria
    • Deviations from work instructions, validated processes, or standard operating procedures
    • Supplier nonconforming material, certificates, or documentation
    • Audit findings related to execution of manufacturing or quality processes

    NCR workflows are often implemented in MES, QMS, or ERP systems, with defined rules for initiation, review, disposition, and closure. These workflows support segregation and release of material, documentation of rework instructions, and visibility of open nonconformances across sites and functions.

    Relationship to CAPA and other quality records

    An NCR documents the occurrence and handling of a specific nonconforming condition. It does not necessarily include full root cause analysis or long-term corrective and preventive actions. When a pattern of similar NCRs is observed, or when risk or impact is high, an organization may initiate a separate CAPA record and link it to one or more NCRs.

    Other related records can include:

    • Deviations or concessions, which may authorize temporary use or rework of nonconforming items under defined conditions
    • Rework instructions, which specify controlled steps to bring nonconforming items back into conformance
    • Supplier corrective actions, which may be requested based on supplier-related NCRs

    Common confusion

    • NCR vs. nonconforming product: The product or process condition is the nonconformance; the NCR is the documented record of it.
    • NCR vs. CAPA: An NCR captures and dispositions a specific nonconformance. A CAPA addresses underlying causes to prevent recurrence or occurrence and may reference multiple NCRs.
    • NCR vs. audit nonconformity: Audit nonconformities may be recorded in separate audit tools. Some organizations convert relevant audit findings into NCRs when they affect product, process, or documentation requirements.

    Link to the provided context

    In practice, organizations define in procedures when a non-conformance report must be issued, how thresholds are applied across products and sites, and how NCRs interface with MES, QMS, and ERP. This supports consistent treatment of nonconformances, traceable decision-making, and alignment with customer and regulatory expectations.

  • Key Characteristic (KC)

    A Key Characteristic (KC) is a specific feature of a part, assembly, or manufacturing process whose variation has a significant impact on product performance, safety, reliability, fit, or compliance with requirements. KCs are identified so that they receive focused control, verification, and documentation throughout design, manufacturing, and inspection.

    What a Key Characteristic includes

    In industrial and regulated manufacturing, a KC commonly refers to:

    • A dimensional feature, geometric tolerance, surface condition, or material property that is critical to product function or safety.
    • A process parameter (such as torque, temperature, pressure, or cure time) whose stability is essential to achieving the required product characteristics.
    • Characteristics that drive risk in areas such as airworthiness, patient safety, structural integrity, or regulatory compliance.

    KCs are usually called out on engineering drawings, models, specifications, or control plans and often link to specific inspection or process-control requirements.

    What a Key Characteristic is not

    • It is not every dimension or requirement on a drawing. Only those with a defined high impact on function, safety, or compliance are treated as KCs.
    • It is not limited to aerospace or one standard, even though the term is heavily used in those sectors.
    • It is not the same as a general quality metric; it is tied to a concrete, measurable feature or parameter.

    Operational use in manufacturing systems

    In day-to-day operations, KCs influence how work is planned, executed, and documented:

    • Design & process planning: Engineering identifies KCs during design reviews and risk analyses, then defines how they will be manufactured and controlled.
    • Drawings & ballooning: KCs are often marked with specific symbols or flags on drawings and in ballooned inspection documents, including for first article inspection (FAI).
    • Inspection & measurement: KCs usually receive higher inspection frequency, tighter gage selection, and sometimes statistical process control (SPC) or capability studies.
    • MES/ERP/QMS integration: Execution systems may track KCs separately, enforce mandatory data collection at KC checkpoints, and maintain traceable records for audits.
    • Supplier management: Purchase orders and supplier quality requirements may explicitly call out KCs and required inspection or reporting for those features.

    Relationship to standards and FAI

    In aerospace and other regulated industries, KCs are often defined and managed with reference to sector standards and customer flowdowns. In contexts such as first article inspection (FAI), KCs are identified among all drawing characteristics and may be linked to additional evidence requirements, capability analysis, or ongoing monitoring. Digital FAI tools and MES commonly treat KCs as a distinct data category to support traceability and audit readiness.

    Common confusion

    • Key Characteristic vs. Critical-to-Quality (CTQ): CTQ is a broader quality term that may encompass performance expectations or customer needs that are not directly tied to a single measurable feature. A KC is always a specific, measurable characteristic or parameter.
    • Key Characteristic vs. Critical Characteristic: Some organizations use “critical characteristic” or “safety critical characteristic” with definitions specific to their standard or customer. These terms overlap heavily with KCs but may have different symbols, approval steps, or documentation rules. It is important to follow the definitions in the applicable customer or industry standard.
    • Key Characteristic vs. Key Process Input: A key process input (such as a machine setting) may be controlled because it affects a KC. The KC is the resulting product or process characteristic being assured.

    Context in regulated manufacturing

    In regulated environments, identifying and controlling Key Characteristics supports risk-based thinking, inspection planning, and traceable evidence that critical features are consistently produced within specified limits. Digital systems often tag KCs to ensure required measurements are collected, contextualized (e.g., lot, serial number, operation), and retrievable for investigations, nonconformance analysis, and customer or regulatory audits.

  • MRB

    Core meaning

    MRB commonly refers to the **Material Review Board**: a formal, cross‑functional team and process used to evaluate and disposition nonconforming material, parts, or product.

    In industrial and especially regulated manufacturing environments, MRB is both:

    – **An organizational body** (the board or team)
    – **A controlled process** (the workflow and records used to review and disposition nonconformances)

    Typical composition and scope

    An MRB typically includes representatives from:

    – Quality assurance / quality engineering
    – Manufacturing or operations engineering
    – Production / shop floor supervision
    – Design or product engineering (for form/fit/function decisions)
    – Supply chain or purchasing (for supplier‑related issues)

    The MRB process generally covers:

    – Review of nonconformances or defects
    – Technical assessment of risk to safety, performance, or compliance
    – Determination of allowed **dispositions** (e.g., rework, repair, use‑as‑is with justification, scrap, return to supplier)
    – Documentation and approval of the decision with traceability
    – Feedback into corrective and preventive actions (CAPA), change control, or supplier management

    MRB process in operations

    Within day‑to‑day operations, MRB is typically triggered when a part, assembly, batch, or document:

    – Fails inspection or test
    – Deviates from drawing, specification, or defined process
    – Is suspected to be nonconforming due to supplier notification or internal investigation

    In many plants, an MRB record or ticket is created in a quality management system (QMS), MES, or ERP, then routed for review. The MRB team evaluates:

    – Nonconformance description and classification
    – Affected configuration or serial numbers
    – Applicable requirements (drawings, specifications, procedures)
    – Historical occurrences and similar MRB cases

    The outcome is a documented disposition and, when appropriate, linkage to:

    – Deviation/waiver requests
    – Engineering change requests
    – Root cause analysis and CAPA
    – Supplier corrective action

    Boundaries and exclusions

    When used in this manufacturing context, **MRB does not refer to**:

    – General quality review meetings that do not include formal nonconformance disposition authority
    – Safety review boards or risk committees, unless they are explicitly chartered as the MRB for nonconforming material
    – Financial or budgeting “review boards” unrelated to material nonconformances

    Some organizations also use “MRB” informally to describe the **physical location** where nonconforming material is quarantined and held for review. Strictly speaking, this is shorthand; the core concept is the **governed review and disposition process**.

    Common confusion

    MRB is often confused with or conflated with related concepts:

    – **NCR (Nonconformance Report)**: the record that describes a nonconformance. The NCR is usually **input** to MRB; the MRB decision is the **output**.
    – **CAPA (Corrective and Preventive Action)**: the structured problem‑solving process. MRB may **trigger** CAPA but is not itself a full CAPA process.
    – **Deviation / concession / waiver**: a controlled permission to depart from requirements. MRB decisions frequently rely on or create these, but they are distinct artifacts.

    In regulated industries, MRB authority and membership are often defined in procedures. Misuse of the term to describe ad‑hoc decisions without formal authority or documentation can cause confusion during internal or external reviews.

    Site context: MRB in MES, analytics, and risk

    In environments using MES and integrated quality systems, MRB events and records commonly appear as:

    – Nonconformance or quality hold transactions
    – Disposition codes (rework, repair, scrap, use‑as‑is)
    – Links between work‑in‑process, inspection results, and MRB decisions

    For operations intelligence and risk analysis (for example, analyzing aircraft availability or AOG risk), MRB data can be used to:

    – Quantify the frequency and severity of nonconforming material
    – Analyze typical rework and repair cycle times driven by MRB
    – Identify patterns where MRB decisions correlate with schedule slippage or downstream defects

    In such usage, MRB remains the formal decision process around nonconforming material; analytics consume its data but do not change its definition.

  • repair

    Operational meaning in manufacturing

    In regulated manufacturing, **repair** commonly refers to actions taken on a nonconforming product or component to make it usable, **without fully restoring it to the original design intent, specification, or performance level**.

    Typical characteristics include:
    – The item remains **non-ideal** relative to the original specification, even if it is safe and functional for a defined use.
    – The action may involve **adding, patching, reinforcing, or modifying** the item.
    – The result often has **restrictions or limitations** on use, lifetime, environment, or performance compared with the original design.
    – Additional **documentation, justification, and approvals** are usually required, especially in regulated environments.

    In many quality systems, repairs are controlled via **nonconformance, deviation, or concession** processes and may require engineering review, risk assessment, and customer or regulatory notification, depending on impact.

    How repair is used in real workflows

    In industrial and regulated contexts, repair activities may include:

    – **Patching or reinforcing** a damaged area (e.g., adding a sleeve, bracket, or filler material) rather than replacing the whole part.
    – **Adding a modification** (e.g., a shim, spacer, or overlay) to make an assembly fit or function when it does not meet the original tolerance.
    – **Limiting use** after repair (e.g., reduced pressure rating, shorter service life, restricted operating range) documented on the traveler, label, or asset record.
    – **Repairing returned products** (field returns, warranty claims) where the solution does not completely return the unit to “as-new” specification but makes it acceptable for specific service or downgraded use.

    These repairs are typically captured in:
    – The **QMS** (nonconformance and CAPA records),
    – The **MES** or shop-floor system (routing steps, holds, approvals), and
    – **Asset or maintenance systems** for equipment and tooling repairs.

    Boundaries and exclusions

    In this manufacturing and quality context, repair **does include**:
    – Actions on **nonconforming product** or equipment intended to restore **basic usability or safety**.
    – Modifications that create a **de-rated or restricted-use** condition compared to the original design.

    Repair **does not necessarily include**:
    – Routine, planned **preventive maintenance** on in-spec equipment (that is usually called maintenance, not repair).
    – Full restoration of a product or asset to its **original specification and performance** using approved processes (that is often treated as rework or refurbishment, depending on context).

    Common confusion with rework and related terms

    In regulated manufacturing, repair is often contrasted with **rework**:

    – **Rework**: Uses the **original, approved manufacturing process** (or a pre-validated variant) to bring a nonconforming product **fully back into specification**, consistent with the original design intent.
    – **Repair**: Uses **alternative or additional actions** to make the product **usable**, but it **does not fully restore** the original specification or design intent and may impose **limits on use or performance**.

    Related distinctions:
    – **Scrap**: Nonconforming material that is not reworked or repaired and is removed from use.
    – **Refurbish / overhaul**: Broader restoration of used equipment or products to a defined condition, which may be “like new” or a specified service state, often after time in service rather than initial manufacturing.

    Using the term **repair** precisely is important for:
    – Correct classification of nonconformance actions in QMS and MES,
    – Appropriate **risk analysis and documentation**, and
    – Ensuring that any **use limitations** or de-ratings are clearly tracked and communicated.

    Site context: repair in regulated operations

    Within regulated industrial operations, repair decisions intersect with:

    – **Quality management**: Nonconformance handling, deviations, and approvals prior to release.
    – **Validation and qualification**: Assessing whether the repair changes validated conditions, critical parameters, or requires additional testing.
    – **Traceability and record-keeping**: Recording what was repaired, how, by whom, and under what authorization, often linked to serial numbers or batch records.
    – **Risk and safety management**: Evaluating how the repair affects hazards, failure modes, and allowable service conditions.

    In integrated MES/ERP/CMMS environments, repair events are often visible as specific **work orders, service orders, or nonconformance dispositions**, with clear distinction from rework, scrap, and standard maintenance activities.

  • Moderate Impact

    Moderate impact is a classification level used to describe the expected consequence or severity of an event, change, failure, or risk. It indicates that the effect is noticeable and may disrupt operations, quality, safety, or compliance, but is generally considered controllable with planned responses and does not threaten the overall viability of the organization.

    How “moderate impact” is used in industrial and regulated environments

    In manufacturing, particularly in regulated sectors, the term appears in several contexts:

    • Risk assessments and FMEAs: A failure mode or hazard may be rated as moderate impact when it can cause scrap, rework, schedule slips, or local safety concerns, but is unlikely to lead to catastrophic injury, systemic quality escape, or major regulatory action.
    • Change control: Engineering changes, process changes, or software updates (such as to MES, ERP, or quality systems) may be labeled moderate impact when they affect multiple products, steps, or users but are still manageable through standard validation, training, and rollout plans.
    • Quality and nonconformance management: A nonconformance might be classified as moderate impact if it affects product fitness-for-use or yields, but can be contained, reworked, or dispositioned through normal MRB and CAPA workflows.
    • IT/OT and cybersecurity: In frameworks such as NIST, a moderate impact system or incident is one where loss of confidentiality, integrity, or availability could cause significant operational disruption or regulatory exposure, but not a complete shutdown or uncontrolled safety risk.

    Typical characteristics of moderate impact

    While each organization defines thresholds differently, moderate impact classifications commonly indicate:

    • Measurable cost, schedule, or yield impact, but within planned risk tolerance
    • Limited scope of effect (for example, one site, one line, or a defined part family)
    • Corrective and preventive actions are required, but handled within standard governance
    • Potential for regulatory or customer attention if not contained, but not an immediate severe breach

    Moderate impact is usually part of an ordered scale (for example, low / moderate / high, or minor / moderate / major). The exact criteria should be defined in the organization’s risk, quality, safety, and change-control procedures.

    Common confusion

    • Moderate impact vs. likelihood: Impact describes consequence severity if an event occurs, while likelihood (or probability) describes how often it is expected to occur. Risk scoring often combines both.
    • Moderate impact vs. priority: A moderate impact issue can still be treated with high priority if it is frequent, time-critical, or tied to key customers or regulators.

    Operational considerations

    In practice, labeling something as moderate impact typically triggers:

    • Documented assessment and justification of the rating
    • Defined review or approval paths (for example, quality, engineering, IT/OT, or compliance sign-off)
    • Tracking in risk registers, change logs, or nonconformance systems for future review

    Organizations should clearly document what constitutes moderate impact in their internal procedures so that teams apply the term consistently across sites, products, and functions.

  • Nonconformance Rate

    Core meaning

    Nonconformance rate is a quality metric that expresses how many units, features, or process outputs fail to meet specified requirements, relative to the total inspected population, over a defined period.

    It is typically calculated as a percentage or ratio, for example:

    – **By unit:** nonconforming units / total units inspected
    – **By characteristic or opportunity:** total nonconformances / total opportunities for nonconformance

    This metric focuses on outputs that do **not** comply with documented specifications, standards, or customer requirements, regardless of whether they are later reworked, scrapped, or accepted under concession.

    Use in manufacturing and regulated operations

    In industrial and regulated environments, nonconformance rate commonly refers to:

    – The proportion of produced units that fail inspection or test at any stage (incoming, in-process, final)
    – The frequency of recorded nonconformance events or records in a quality system
    – A tracked KPI on dashboards in MES, LIMS, QMS, or ERP systems

    Typical applications include:

    – Monitoring process stability and product quality over time
    – Comparing quality performance across lines, plants, or suppliers
    – Feeding problem-solving and corrective action activities
    – Supporting risk assessments and management reviews

    Nonconformance rate can be reported at multiple levels:

    – **Product level:** per SKU, batch, or lot
    – **Process level:** per operation, work center, or line
    – **Supplier level:** per vendor, material, or component

    What it includes and excludes

    **Includes:**

    – Units or outputs that fail to meet documented specifications during inspection or testing
    – Detected defects that lead to formal nonconformance, deviation, or defect records
    – Both major and minor nonconformances, when included by the defined counting rules

    **Common exclusions (depending on local definitions):**

    – Conforming units that pass inspection without deviation
    – Issues found before formal inspection if they are not logged as nonconformances
    – Administrative or documentation issues, when nonconformance rate is defined for product or process quality only

    Organizations typically define clear counting rules, such as whether reworked and successfully re-inspected units are counted as nonconforming and how multiple defects on the same unit are treated.

    Relationship to other quality metrics

    Nonconformance rate is related to, but distinct from:

    – **Defect rate / defect density:** Often counts each defect individually; nonconformance rate may count per unit or per record.
    – **Scrap rate:** Measures units or material discarded and not reworked; nonconformance rate can also include units that are reworked or accepted with concession.
    – **First pass yield (FPY):** Measures the proportion of units that pass a process step without rework; nonconformance rate often underpins FPY calculations but is expressed from a nonconformance perspective.
    – **Complaint rate / field failure rate:** Focus on issues after release to customers; nonconformance rate generally focuses on internal quality controls, though some organizations track external nonconformances separately.

    Common confusion and misuse

    – **Nonconformance rate vs. defect rate:** Some teams use the terms interchangeably, but nonconformance rate frequently refers to units or records, while defect rate may refer to the count of individual defects. Clear operational definitions are needed.
    – **Nonconformance rate vs. noncompliance rate:** “Noncompliance” is often used for regulatory or procedural violations, while “nonconformance” is more often used for product or process outputs against specifications. In some regulated sectors both terms are used with specific, distinct meanings.
    – **Counting rules:** Different plants or systems may include or exclude reworked units, minor deviations, or paperwork errors. Comparing nonconformance rates across sites requires aligned definitions.

    Use in OT, IT, and MES/QMS contexts

    In integrated manufacturing systems, nonconformance rate often appears as:

    – A KPI derived from nonconformance or deviation records in a QMS
    – A calculated metric in an MES based on inspection results and hold/reject transactions
    – A reported attribute in operations intelligence or shop-floor visibility dashboards

    These systems typically link nonconformance rate to product genealogy, work orders, equipment, and operators, enabling traceability and data-driven problem solving without implying any certification or regulatory outcome.