Blog
Career Advice

Your Complete Guide to NC, CC, CAPA, and TDA in ISO-Based QMS

Ofir Yulish
Product Manager

In organizations that comply with Quality Management Systems (QMS) - whether under ISO 9001, ISO 13485, or other regulated frameworks - there’s an ongoing debate: When do you log an NC, when do you initiate a CC, and when do you escalate to a CAPA?

While NC (None-conformity), CC (Change Control), and CAPA (Corrective and Preventive Action) are core tools in QMS, their proper use is not always clear in daily operations. Misusing them can lead to wasted effort, delayed product releases, or missed systemic fixes. This post breaks down each concept, compares them, and explains where TDA (Temporary Deviation Approval) fits in.

Let’s Review the meaning of each one:

NC (Nonconformity)

A Nonconformity is any failure to meet a requirement - whether it’s a product specification, process standard, regulatory obligation, or customer expectation.

  • Purpose: Identify and document that something went wrong.
  • Example: Dimensions out of tolerance, missing inspection records, or an audit finding.

CC (Change Control / Change Request)

A Change Control (sometimes called a Change Request) is a formal process to propose, review, approve, and implement changes to controlled product, process, or documentation.

Purpose: Ensure changes are evaluated for their impact on quality, safety, compliance, and customer requirements before they’re implemented.

Typical Steps:

  • Submit change request form.
  • Impact assessment (quality, regulatory, cost, timing).
  • Approval by authorized stakeholders.
  • Implementation and verification.

Example: Updating a device drawing to change a material, modifying a production process to add an inspection step, or revising a QMS procedure.

CAPA (Corrective and Preventive Action)

A CAPA is a structured process to eliminate the root cause of an existing nonconformity (Corrective Action) and/or prevent a potential nonconformity (Preventive Action).

Purpose: Solve systemic issues and prevent recurrence/occurrence.

Example: Updating supplier requirements and training programs after repeated audit failures, adding a fail-safe feature to a part to prevent assembly errors, like a USB that can be inserted only in one way.

Use Case Example

A medical device company receives a supplier notification that a critical part will no longer be manufactured in its current form due to raw material changes.

NC: If parts are received and don’t meet the current specification, it’s logged as a nonconformity.

CC: A formal Change Control is opened to update the specification, drawings, and validation documents to accommodate the new material.

CAPA: If the change was driven by recurring failures in the old design or supplier quality issues, a CAPA may be triggered to address the root cause and prevent similar issues.

Differences Between NC, CC, and CAPA

NC, CC, and CAPA are all essential in QMS, but they serve different purposes. NC deals with what went wrong, CC manages planned changes, and CAPA addresses why something went wrong and how to prevent it. We’ve placed all these differences in a table below to bring clarity and order to the different processes names.

Aspect NC CC CAPA
Definition Failure to meet a requirement. Formal process to review and approve a change to product, process, or documentation. Process to eliminate root cause and prevent recurrence/occurrence of an issue.
Goal Identify and document the problem. Manage changes in a controlled, approved manner. Solve systemic problems and prevent them in the future.
Trigger Audit finding, inspection, customer complaint, process failure. Planned change to improve, update, or replace something in the QMS, product, or process. Significant, recurring, or high-risk nonconformities, or identified risks.
Analysis No root cause required (but can trigger CAPA). Impact and risk analysis required before approval. Root cause analysis required.
Timing After detection of a deviation. Before implementing a change. After identifying an issue or risk.
Outcome CC, TDA, or CAPA. Updated specs, processes, documents, and records. Systemic corrective or preventive measures with verification.

What ISO 9001:2015 and ISO 13485:2016 Say About NC, CC, and CAPA?

Element ISO 9001:2015 ISO 13485:2016
NC (Nonconformity) Clause 8.7 – Requires nonconforming outputs to be identified, controlled, and not used/delivered until approved disposition. Options include correction, segregation, return to supplier, or acceptance under concession. Clause 8.3 – Similar intent but stricter for medical devices. Requires documented procedures for identification, documentation, evaluation, segregation, and disposition of nonconforming products.
CC (Change Control) Not explicitly called “Change Control,” but covered under:
  • 8.3.6 – Design and development changes must be reviewed, verified, validated (as appropriate), and approved before implementation.
  • 7.5 – Control of documented information to ensure changes are reviewed and approved.
 Explicitly addressed:
  • 7.3.9 – Design and development changes require review, verification, validation (as appropriate), and approval before implementation.
  • 4.2.4 – Control of documents, ensuring changes are reviewed, approved, and communicated. Stronger linkage to regulatory compliance (e.g., FDA design control).
CAPA (Corrective and Preventive Action) Clause 10.2 – When a nonconformity occurs, the organization must react, evaluate the need for action to eliminate its cause, implement actions, and review effectiveness. Clause 8.5.2 – Requires a documented procedure for investigating nonconformities, implementing corrective actions, recording results, and verifying effectiveness.

Where TDA (Temporary Deviation Approval) Fits In

TDA (often called a concession in ISO) is a formal, time-limited approval to accept a product or process that does not fully meet requirements, under controlled conditions.

Standards References:
ISO 9001:2015 - Clause 8.7: “…authorized for use, release or acceptance under concession…”
ISO 13485:2016 - Clause 8.3.3: “…may be accepted by concession provided it has been authorized…”

Example: Supplier notifies you before shipment that parts are slightly out of tolerance; you approve them for a specific batch to prevent a production delay.

Key point: TDA is not the same as CC or NC - it’s an approval decision linked to an NC when you choose to accept the deviation rather than correct it.


NC, CC, CAPA, TDA - Decision-Making Guide

To make it easier to determine the right path when an event, deviation, or change arises, we’ve created this decision flow diagram. It visually guides you through the process of deciding whether the situation should be managed as a Nonconformity (NC), handled through Change Control (CC), escalated to a Corrective and Preventive Action (CAPA), or approved under a Temporary Deviation Approval (TDA). By following this flow, you can ensure that every decision is consistent, compliant with ISO requirements, and documented appropriately.

Our Take

Managing changes and nonconformities -  especially in medical devices and pharma -  is complex. At bananaz, we make it easier. We help you track model and drawing changes, enforce design protocols, and use checklists to stop human errors before they happen. With our AI-powered tools and advanced exports, you can create clear, audit-ready change documentation in minutes, maintain a complete audit trail, and communicate changes seamlessly.

Related posts

AI for Mechanical Engineers: The Complete Guide
Career Advice
August 31, 2025

AI for Mechanical Engineers: The Complete Guide

This comprehensive guide explores how artificial intelligence is transforming mechanical engineering workflows and product development processes. From general AI platforms like ChatGPT to specialized engineering solutions, we examine the current landscape of AI tools available to mechanical engineers. The article highlights three core components of engineering AI: intelligent automation, data-driven insights, and seamless integration. We dive deep into market solutions including collaboration platforms, generative design tools, and simulation AI, with special focus on bananaz - an AI copilot that integrates directly into CAD and PDM systems. The guide covers implementation strategies, future trends, and practical benefits like 90% faster revision cycles and proactive error prevention. Whether you're looking to automate design validation, accelerate reviews, or gain intelligent engineering insights, this guide provides the roadmap for successfully implementing AI in mechanical engineering workflows.
Why Rule Enforcement is a Game-Changer for Mechanical Design Teams
Feature Insights
August 29, 2025

Why Rule Enforcement is a Game-Changer for Mechanical Design Teams

Mechanical design teams face mounting pressure to deliver faster while maintaining compliance and quality. Manual reviews slow things down and introduce risk. This blog explores how bananaz Rule Enforcement, an AI-driven copilot for CAD, automates design reviews, enforces custom standards, adapts to dynamic workflows, and generates compliance-ready reports. The result? Smarter, faster, and safer product development.
DFM Session: The right approach to CNC
Career Advice
August 10, 2025

DFM Session: The right approach to CNC

DFM for CNC machining ensures parts are designed for efficient, cost-effective, and precise manufacturing. This guide by Naor Edry covers CNC processes like milling, turning, drilling, and grinding, material selection, tolerances, surface finishes, and geometry optimization. Learn how to improve manufacturability, reduce costs, and enhance quality through smart design choices, fixturing strategies, and collaboration with manufacturers.
View All Posts
Logo Bananaz

Change for the Better

Schedule a demo and discover how bananaz can accelerate your product development from concept to delivery

Book a Meeting
Logo Bananaz

Change for the Better

Schedule a demo and discover how bananaz can  accelerate your product development from concept to delivery

Book a Meeting