Nonconformity, Nonconformance, Defect, Finding, or Observation?


Are you using the right term? What do you call it when a requirement is not met?

ISO 9000:2015 3.6.9 defines the non-fulfillment of a requirement as a “nonconformity”. As expected, “conformity” is defined in 3.6.11 as the fulfillment of a requirement.

Some auditors use “conformance” and “nonconformance”. Does it really matter? ISO 9000:2015 3.6.11 states that although conformance is synonymous with conformity, it is deprecated. What does that mean? Well, “deprecated” refers to a term that is considered obsolete and being phased out. That being the case, it is preferable to use the terms Conformity and Nonconformity.


If the nonconformity relates to the intended or specified use of a product or service, the correct term becomes “defect”. ISO 9000:2015, 3.6.10, cautions that using the term “defect” has legal connotations, particularly those associated with liability issues. 


When you hear about an audit finding or observation, you probably think that a problem or concern is being reported. Is that always the correct interpretation?

ISO 19011:2018, the auditing guideline standard, defines “audit findings” in 3.10 as the results of an evaluation of the collected audit evidence against audit criteria. It states that findings can indicate conformity or nonconformity, or be opportunities for improvement. So, findings can also be good. It’s just that audit reports tend to focus on findings that are nonconformities.


An “observation” is a statement of fact made during an audit and substantiated by objective evidence. Since some auditors identify concerns about weak practices as observations, the term has taken on a negative connotation. However, observations can relate to both conforming and nonconforming situations.

ISO 19011:2018, 3.8, states that “audit evidence” is obtained through observation, measurement, test, or by other means. 

In summary, an auditor gathers facts (evidence) and draws conclusions (findings). The findings can indicate conformity or nonconformity. If an auditor wants to express a concern about a weak practice, it should be identified as an opportunity for improvement, not an observation.