Nonconformity, Nonconformance, Defect, Finding, or Observation?


Are you using the right term? What do you call it when a requirement is not met?

ISO 9000:2000 3.6.2 defines the non-fulfillment of a requirement as a “nonconformity”. As expected, “conformity” is defined in 3.6.1 as the fulfillment of a requirement.

Some auditors use “conformance” and “nonconformance”. Does it really matter? ISO 9000:2000 3.6.1 states that although conformance is synonymous with conformity, it is deprecated. What does that mean? Well, “deprecated” refers to a term that is considered obsolete and being phased out. That being the case, it is preferable to use the terms Conformity and Nonconformity.


If the nonconformity relates to the intended or specified use of the product, the correct term becomes “defect”. ISO 9000:2000 3.6.3 cautions that using the term “defect” has legal connotations and should be used with extreme caution.


When you hear about audit findings or observations, you probably think that problems or concerns are being reported. Is that always the correct interpretation?

ISO/DIS 19011, the draft auditing guideline standard, defines “finding” as the results of an evaluation of the collected audit evidence against audit criteria. It states that findings can indicate conformity or nonconformity with audit criteria, or opportunities for improvement. So, findings can also be good. It’s just that audit reports tend to focus on findings that are nonconformities.


ISO 10011, the current auditing guideline standard, defines “observation” as a statement of fact made during an audit and substantiated by objective evidence. Since some auditors identify concerns about weak practices as observations, the term has taken on a negative connotation. However, observations can relate to both conforming and nonconforming situations.

ISO/DIS 19011 has dropped the term “observation” and relies instead on “audit evidence”, which is defined as records, statements of fact or other information, which are relevant to the audit criteria and verifiable.

In summary, an auditor gathers facts (evidence) and draws conclusions (findings). The findings can indicate conformity or nonconformity. If an auditor wants to express a concern about a weak practice, it should be identified as an opportunity for improvement, not an observation.