The Non-Compliance and CAPA area of the system can operate as a stand-alone tool or in conjunction with the audit module in iPassport, which allows for non compliances to be raised directly from within an audit area.
Raising a Non-Compliance within iPassport allows follow up actions to be created to correct this non-compliance and hopefully prevent its reoccurrence.
The Non-Compliance module can be found in: Quality Management > Non-Compliances.
Access to the Non-Compliance module is controlled by permissions. Each non-compliance is placed within an OU so the permissions only apply in the OUs where the user has them.
Non-compliances are created and live within an OU so settings can be assigned for non-compliances in each OU.
To assign a distribution list of users that should be informed when a non-compliance is reported externally:
A comprehensive set of permissions is available to tailor access and authority in the Non Compliance area.
The Global Viewer system roles include these:
- Non Compliance:Create Reports
- Non Compliance:Search Non Compliances
- Non Compliance:View History
- Non Compliance:View Non Compliance
- Non Compliance:View Root Causes
Most of the following permissions are additionally included in each of the Global Editor system roles and the role, Audit Editor, in slightly different configurations:
- Non Compliance:Change Compliance
- Non Compliance:Change OU
- Non Compliance:Change Status
- Non Compliance:Create Non Compliances
- Non Compliance:Delete Corrective Types
- Non Compliance:Delete Levels
- Non Compliance:Delete Preventative Types
- Non Compliance:Delete Remedial Types
- Non Compliance:Delete Root Causes
- Non Compliance:Edit Corrective Types
- Non Compliance:Edit Levels
- Non Compliance:Edit Preventative Types
- Non Compliance:Edit Remedial Types
- Non Compliance:Edit Root Causes
- Non Compliance:Link To Records
- Non Compliance:Manage Action Statuses
- Non Compliance:Manage Action Types
- Non Compliance:Manage Actions
- Non Compliance:Manage Non Compliance Categories
- Non Compliance:Manage Review Tasks
- Non Compliance:Schedule Reviews
- Non Compliance:View Deleted Actions
- Non Compliance:View History
- Non Compliance:View Non Compliance
- Non Compliance:View Root Causes
To create a new non-compliance, navigate to: Quality Management > Non-Compliances > New Non-Compliance.
Enter a Name for the Non-Compliance (NC), this is a required field. The Name should be descriptive (although not too long) as this is the item displayed when searching and reporting.
The Index can be auto generated by the system. Alternatively user can click on the cog icon to turn off auto generate and enter a unique combination of numbers, letters or both.
The Non Compliance Number is a free text field. This field is not validated by iPassport.
It’s recommended the user performs a search for the number prior to creating a new NC.
Category is a customisable field. A user with the appropriate permissions can add a new Non Compliance Category by clicking on the spanner icon. The permission, Non Compliance:Manage Non Compliance Categories is required to add, edit or delete non-compliance categories.
The Organisational Unit (OU) is the OU that the NC record will belong to.
Once the NC record has been created it is possible to move it to another OU assuming the user has the permission to do so.
Discovery Date and Resolve By Date fields use the English date format of 01-12-2017, clicking on the field will display calendar allowing date selection. The Discovery Date field is used to say when the NC was discovered (this works in conjunction with the Resolve By Date field).
The Resolve by Date tells the system when the NC needs to be resolved by.
Once a Discovery Date has been set it is possible to set the Discovery Time. This is not a required field and if it is not used it will display 00:00. It works as a drop down menu for both the hours (H) and minutes (M).
User can select the Level of the non compliance by selecting one of the options from the select field. This is a user definable field and custom options can be added to it.
If the dropdown has no entries then this is because none have been created at this point. User can add levels by clicking on the spanner icon.
This light box will display:
The example shown has three entries. Two of these entries are in use; the first entry (Critical) is presently not used in any NC record, which can be seen, as there is a delete option in the Actions column. If any item is in use then it cannot be deleted. New level can be added by clicking on ‘Add Non Compliance Levels’ option and providing an unique Name, and clicking on ‘Create Non Compliance Level’ button to save it.
The user will then be returned to the NC creation screen; the new level should have been added.
Escalated To is a user customisable field that allows a user to record that the Non-Compliance has been escalated to an outside body. The list can be customised by clicking on the spanner icon.
Validation on Close By allows to select a user to have a final sign-off when a Non-Compliance is ready to be closed. This can also be set up when the Non-Compliance is marked as Compliant (open a Non-Compliance and select ‘Set as Compliant’ in the dropdown box). If a verifier is selected a light-box will show with the ‘Request Validation From’ populated with the persons name. Clicking ‘Request Verification’ will change the Non-Compliance state to ‘Pending Verification’ and the verifier will be tasked to confirm that the Non-Compliance can be closed.
The Observation is used to add a brief (or extended) account of the NC, this can be edited once the NC record has been created.
New locations cannot be created from the Non-Compliance record, so user can add a new location after creating the Non-Compliance. Instructions on how to create new location can be found here.
Non-Compliance Responsibility field is designed to set which user is to review and/or make correction on this NC. The field allows to search and select the user responsible.
Origin field allows a user to specify how the Non-Compliance was raised. This is fully customisable but if a Non-Compliance is raised via the external form (xxx.ipassportqms.com/report_non_compliance) the origin will be listed as ‘External Form’.
Immediate or Corrective Action Taken? once checked will allow a user to enter immediate or corrective action at the point where the Non-Compliance is created, under the fields:
Action Taken By is a required field and a user needs to be selected from the drop down.
Action Description is also a required field and some instructions for user need to be provided.
A Non Compliance Impact can be added by selecting one of the options from the select field. This is also a user definable field and custom options can be added to it.
If the dropdown has no entries then this is because none have been created at this point. The user can add Impacts by clicking on the spanner icon.
This lightbox will display:
If any of the entries is not in use, a delete (trash) icon will be visible under the Actions column. If any item is in use then it cannot be deleted. A new Impact can be added by clicking [+] Add Non Compliance Impact, providing a unique Name and clicking the Create Non Compliance Impact button to save it. The new Impact should appear on the list in the lightbox. Click the close (X) icon on the top right to return to the New Non Compliance page.
Once all the details have been added, the user needs to click the Create button in the lower right corner to submit the Non-Compliance.
Once the NC has been created it’s possible to assign actions and tasks to this NC to ensure it can be closed.
To create a new location a user is required to have access to the Administration menu (Administration Editor role or a similar custom role).
Location is added via Administration -> Locations -> New Location menu. Short and Long name fields are required. Once those are filled, location is saved by clicking on ‘Create Location’ button. The location has now been created, however the location needs to be associated with an OU.
To make the location available in an OU user needs to select one from the Organisational Units in the ‘OUs & Tags’ tab in the location record.
Once the location has been associated with an OU or OUs iPassport needs to know what the location is to be used for. For a location to be available in the Non-Compliance area the ‘General’ tag needs to be selected.
The location would now be selectable in the NC; this process can be repeated to create as many locations as needed. It is also possible to share locations over a number of OUs by selecting multiple OUs in the ‘OUs & Tags’ tab.
Searching for a Non-Compliance record is done via:
Quality Management -> Non-Compliances -> Search Non-Compliances and entering the required search criteria.
The Search field can search for details in the ‘Name’, ‘Index’ and ‘Number’ fields. When a user starts to type in the ‘Search’ field, the results should filter down and highlight the area searched for.
Any combination of search criteria can be applied to filter the results. If the ‘Was escalated?’ field is checked, the ‘Escalated To’ field will display. The checkbox allows the user to filter on all NCs which will require sign off (by anybody).
Clicking on the Non-Compliance row, or the magnifying glass icon in the Actions columns, will open the NC record.
The ‘Actions’ tab allows a user to assign multiple actions to help clear the NC.
The ‘Action Categories’ allow a user to categorise the different actions they create, while ‘Action Types’ are effectively the type of action record such as Corrective or Preventative.
For example there is a non-standard reference material used, so a user creates a Preventative action to ensure this does not happen again, as such Action Type is Preventative. To break this down further a user might have the Action Category of Training, to ensure they do not have this problem again so they are going to conduct further training.
New categories can be added by clicking on ‘Action Categories’ button.
This will open the ‘Manage Non Compliance Action’s Categories’ light-box.
‘Name’ is a required field and needs to be unique. Once name is provided the category is saved by clicking on ‘Add Category’ button. The new category should be displayed in the list and available for selection.
New action types can be also customised by clicking on ‘Action Types’ button.
This will open the ‘Manage Non Compliance Action’s Types’ light-box.
iPassport has three system Action Types that can be used, these are:
These are on the system permanently and cannot be removed or edited. A user can create additional types on their account by entering the ‘Name’ of the new type and clicking the ‘Add Type’ button.
The light-box is closed by clicking the ‘X’ button in the top right corner.
An Action Status can be used to help identify the status of each action within an NC. It is not a required field when creating the Action though. The status would be updated manually as each action has work undertaken on it.
New statuses are added by clicking on the ‘Action Statuses’ button.
This will open the ‘Manage Non Compliance Action’s Statuses’ light-box.
There are six system statuses (shown below).
Status’ ‘Name’ is required and needs to be an unique value. Once provided, it’s saved by clicking on the ‘Add Status’ button.
Once the basics have been applied it is possible to create a new Action and assign this to a user. An Action allows a user to say what needs to be done, by whom and by when. This is all recorded within iPassport as part of the audit trail.
New Actions area added by clicking on the ‘Add Action’ button.
This will open the ‘Add Action to Non Compliance’ light-box.
It is important to note that the Add Action light-box requires the user to scroll to see all details.
There are a number of fields available when adding a new action:
Send Action Updates to field allows a user to choose one, or multiple Distribution Lists to send update on the action to. Each time the action is updated everyone that is a member of the selected group(s) would receive an email update of the change (provided their personal preference was activated). This field can be used on its own or in conjunction with the ‘Send Action Updates’ to field.
The second Send Action Updates to field allows a user to choose individual user or users to send updates to.
Associate Action to field allows a user to say if this action is directly associated with any other actions in the NC. This is just a reference between the two (or more) actions.
The Action Details portion of the light-box contains all the critical information on the action itself.
Action Category allows a user to categorise their Non-Compliance actions.
Action Type allows a user to say what type of action this is; this is populated from the Action Type light-box list.
Assign Action To, when creating an Action it is advisable to assign this to a user. An action can only be assigned to one user so if there are multiple items to be completed it is advisable to create multiple actions and assign them to different users.
When an action is created there is the possibility to say that it requires verification. This is done via the Action Needs Verification? check box. This means that once the action has been completed it then needs to be verified, this is not required. If used then a ‘Verification Status’ will be displayed. This is not to be confused with the ‘Action Status’. For example, the ‘Action Status’ could show as Complete and the ‘Verification Status’ could show as Awaiting Verification.
Within iPassport it is possible to add actions that are already completed. This is done by selecting the Is Action Completed? check box. By default actions are not complete when adding them.
Initial Status allows a user to set the status of the action as it is being added. This status is populated from the Action Status light-box. If no statuses are used then this field will remain empty.
The Complete(ed) By Date field allows a user to say when the action needs to be completed, or when it was completed if the action is checked as Is Action Completed?.
The system will automatically create a task for the user assigned to complete the action. This means there is no requirement for a user to create a task as well as an action.
When the fields have been completed the user can click the ‘Create Action’ button. The user will be returned to the ‘Actions’ tab and the new action will be displayed.
Now that the action has been created and the task issued the system relies on the assigned user to either complete the action or complete the task. Completing the task closes/ completes the action but completing the action means that task still needs to be closed.
Once an action has been created it is possible to edit it. To do this a user needs to select the action to be edited from the select box on the left and click the ‘Edit Action’ button.
This will open the ‘Edit Action’ light-box.
Here the user can change any of the displayed fields. When a user have made change(s), they need to save the changes by clicking the ‘Save’ button at the bottom of the form in the light-box.
All edit events are stored in the ‘Actions History’ area.
If a user has created an action that is no longer required then it is possible to delete the action. To do this a user would select the action to be deleted and click the ‘Delete Action’ button.
This will open the ‘Delete Action’ light-box.
To delete an action user needs to enter a reason for deletion and click the ‘Delete Action(s)’ button. Alternatively user can click on the ‘X’ in the top right corner to exit without deleting selected actions.
All delete events are stored in the ‘Actions History’ area.
Should a user wish to view a deleted action(s) then they can use the ‘Display Deleted’ check box filter in the Actions search area. This will list all deleted actions and can be used in conjunction with the other search items.
To complete an action a user should select an action and click the ‘Complete Action’ button. It’s possible to complete more than one action at once.
This will open the ‘Complete Action’ light-box.
All actions will be listed here, so if a user has selected to complete multiple actions they should all be selected in the ‘Actions to Complete’ field. ‘Action Completed By’ allows to specify which user completed the action. The filter area at the top allows a search for a specific user.
A completion date is required, this can be added via the ‘Completed On’ field. It is recommended that the user uses the calendar by clicking in the field.
‘Completion Details’ can be added as free text, the field allows for pasting details but formatting may be lost.
When all the fields have been completed the user needs to click on the ‘Complete Action(s)’ button.
The light-box will close and return the user to the ‘Actions’ tab with the action updated. If verification was required the status will now be ‘Awaiting Verification’.
Once an action has been completed it is no longer possible to edit the action, however it is still possible to delete the action.
If verification was required for an action it is possible to do this once the action has been completed. To verify the action select the action to be verified from the select box on the left and click the ‘Verify Action’ button.
This will open the ‘Verify Action’ light-box.
All actions will be listed here, so if the user has selected to verify multiple actions they should all be selected in the ‘Actions to Verify’ field. ‘Action Verified By’ field allows to select a user that verified the action. The filter area at the top allows a search for a specific user.
A verification date is required, this can be added via the ‘Verified On’ field. It is recommended that the user uses the calendar by clicking in the field.
‘Verification Details’ can be added as free text, the field also allows for pasting details but formatting may be lost.
Should the action need to rejected then a user would click the ‘Reject Action’ button and complete the other details as normal, these will then be stored against the rejection.
The light-box will close and return the user to the ‘Actions’ tab with the action updated.
Once all actions and assigned tasks have been closed it is possible to close (set as compliant) the NC (although it can be closed with outstanding tasks and actions).
To close the NC a user needs to open the Non-Compliance record and select ‘Set As Compliant’ from the drop down menu and click ‘Go’. This opens the ‘Confirm Action’ light-box
The ‘Closed On’ field allows a NC to be closed at any time within iPassport, meaning it does not have to closed immediately. It can be closed from a previous period, it simply defaults to today’s date.
Should the NC be closed (or completed) before all tasks have been completed then iPassport will ask the user to justify this in the ‘Reason’ field, this is required.
Once this has been completed the user can add additional information supporting the closure of the NC in the Observation field. Then the user needs to click on the ‘Set as Corrected’ button.
The NC will be closed (although it can be opened again) and the banner header will change from red to blue.
It is possible to reopen a NC once it has been closed (set as compliant). To do this a user needs to select the ‘Set as Non Compliant’ action from the drop down menu in the NC record and click ‘Go’. This reopens the NC record and allows additional actions to be added.
All events associated with the ‘Actions’ tab are recorded within the ‘Action History’.
All other events associated with general NC are stored within the ‘Changelog’ tab.
Within the ‘Action History’ light-box it is possible to search for specific events using the search field. This searches for all details within the Changes column such as description and comments added during the creation, editing and deletion process.