CAPA (corrective and preventive action) is the quality-system process for fixing problems at their root cause so they stop recurring. Corrective action eliminates the cause of a nonconformity that already happened; preventive action eliminates the cause of a potential nonconformity before it happens. Both end with verified evidence that the fix worked.
Every plant already does something when product goes wrong. The difference between a plant with a working CAPA process and one without is what happens after the bad pallet is quarantined: does the same failure come back in six weeks, or is the cause actually gone? CAPA is the discipline that closes that gap, and it is also the part of the quality system regulators and auditors read first, because a weak CAPA process means every other weakness stays weak.
What is the difference between corrective and preventive action?
Corrective action reacts to a nonconformity that occurred; preventive action acts on one that has not occurred yet. If a labeler misprinted lot codes and you fix the cause of the misprint, that is corrective. If you then check the three other labelers that share the same setup procedure and fix them before they misprint, that is preventive.
There is a third term people mix in, and the distinction matters on the floor:
- Correction fixes the product: rework, re-label, scrap, sort. The defect is gone; the cause is untouched.
- Corrective action fixes the cause: the worn tooling, the ambiguous work instruction, the missing verification step. The next lot does not have the defect.
- Preventive action fixes the cause somewhere it has not bitten yet: sister lines, similar products, the same failure mode in a different department.
Worth knowing for audits: ISO 9001:2015 dropped preventive action as a standalone clause. Its intent moved into risk-based thinking (clause 6.1), and clause 10.2 now covers nonconformity and corrective action. The medical-device standard ISO 13485:2016 still carries separate corrective action and preventive action requirements, so device manufacturers keep both terms alive. Either way, the thinking is identical: find causes, remove them, prove it.
The 8-step CAPA framework
A CAPA that works walks through eight steps in order. Skipping steps is how plants end up with a folder of closed CAPAs and the same recurring defects.
- Identify and document the problem. Capture what happened, where, when, how much product is affected, and how it was detected. A non-conformance report is usually the trigger document. Vague inputs produce vague CAPAs.
- Contain it. Protect the customer first: hold suspect inventory, check stock in the warehouse and in transit, add temporary inspection. Containment is not the fix; write it down as a separate action so nobody mistakes it for one.
- Assess risk and decide the depth of response. Not every nonconformity deserves a full CAPA. Score severity and recurrence: a one-off cosmetic blemish gets a correction and a note; a repeating failure that can reach customers gets the full process. This triage step is what keeps the CAPA system fast enough to be taken seriously.
- Find the root cause. Use a structured method: 5 whys for straightforward problems, a fishbone diagram for messy multi-factor ones. The test of a real root cause: if you remove it, the problem cannot recur by that path. "Operator error" almost never passes that test; the reason the error was possible does. Our guide to root cause analysis covers the methods in depth.
- Plan the action. Define what will change, who owns it, and the completion date. Actions that change the process (fixtures, interlocks, revised standards, error-proofing) outlast actions that change people (retraining, reminders, "be careful" emails).
- Implement and document. Make the change, update the affected work instructions and training records, and record objective evidence of completion.
- Verify effectiveness. After a defined period, check with data that the problem has not recurred and the fix did not create a new one. This step gets its own section below because it is the one most plants skip.
- Close and standardize. Close the CAPA with evidence attached, then ask the preventive question: where else could this exact failure mode live? Extend the fix there.
What does FDA 21 CFR 820 require for CAPA?
For medical device manufacturers, CAPA is a regulatory requirement, and the rulebook changed recently. On February 2, 2026, FDA's Quality Management System Regulation (QMSR) took effect, amending 21 CFR Part 820 to incorporate ISO 13485:2016 by reference. The long-standing Quality System Regulation and its familiar 820.100 CAPA section were replaced by ISO 13485's corrective action (8.5.2) and preventive action (8.5.3) requirements, plus FDA-specific additions. If your procedures still cite the old QSR clause numbers, that is an update worth scheduling.
The substance did not get easier. Under either framework, you must document the nonconformity, investigate the cause, take action appropriate to the effect of the problem, verify the action was effective and did not introduce new problems, and keep records of all of it. Outside of devices, the same skeleton appears in ISO 9001 clause 10.2, IATF 16949 for automotive (see our IATF 16949 guide), and GFSI food-safety schemes.
The numbers behind the scrutiny
- CAPA has for years been among the most frequently cited areas in FDA device inspections; in fiscal year 2020, 21 CFR 820.100 was cited 197 times on Form 483 observations, more than any other section (FDA inspection observation data).
- The QMSR incorporating ISO 13485:2016 became effective February 2, 2026, ending the previous Quality System Regulation after nearly three decades (FDA QMSR).
- ASQ reports that quality costs commonly run 15-20% of sales revenue, which is the money a working CAPA process exists to claw back (ASQ, Cost of Quality). See our breakdown of the cost of quality.
How do you verify a CAPA actually worked?
An effectiveness check is a planned, dated look at evidence that the problem stopped recurring, done long enough after implementation for the problem to have had a fair chance to come back. It is the difference between "we closed the CAPA" and "we fixed the problem."
Three rules make effectiveness checks real instead of ceremonial:
- Define the pass criterion when you open the CAPA, not when you check. "Zero recurrences of defect code 14 on line 3 across 60 days of production" is checkable. "Operators retrained" is not an effectiveness criterion; it is an implementation record.
- Size the window to the failure frequency. A defect that appeared weekly needs 8-12 weeks of clean data to call the fix effective. A defect that appeared quarterly needs a longer window or a proxy measure you can read sooner, like a process parameter moving back into its expected range on a control chart.
- Check for side effects. Both ISO 13485 and good sense require verifying the action did not create new problems: the fix that slowed the line, the added inspection that created a bottleneck, the tightened parameter that started a different defect.
What makes a corrective action strong or weak?
The strength of a corrective action is how little it depends on humans remembering to do the right thing. The hierarchy runs from strong to weak:
- Eliminate the possibility. Design the failure out: a fixture that only accepts the part one way, a fill nozzle that physically cannot reach the wrong tank. This is poka-yoke territory, and it is the only category that survives turnover, night shift, and a bad Monday.
- Detect and stop automatically. Interlocks, sensors, automatic rejects. The defect can occur but cannot continue or escape.
- Make the right way the easy way. Revised setup sheets at the point of use, kitted parts, visual standards. Depends on the process being followed, but lowers the effort of following it.
- Warn and train. Alarms, signage, retraining, awareness talks. These are the weakest actions and the most common ones, because they are cheap and fast to close. A CAPA log where most actions are retraining is a log of problems that will come back.
When you review an open CAPA, ask one question of the proposed action: if the person who made this mistake leaves next month, does the fix still hold? If the answer is no, push the action up the hierarchy.
How do you do preventive action in practice?
Preventive action has a reputation for being abstract. In practice it comes from three concrete habits:
- Extend every closed CAPA sideways. The last step of the framework, standardize, is where prevention lives. If worn tooling caused a burr on line 2, the preventive action is checking tooling wear on lines 1, 3, and 4 this week, not waiting for their burrs.
- Trend the small stuff. Corrections that never earned a CAPA still carry signal. A monthly review of nonconformance and defect data by code, line, and shift surfaces the slow-building problems that no single incident justified investigating. A Pareto chart of the last 90 days of defect codes is the cheapest preventive-action tool in existence.
- Act on near-misses and audit findings. An internal audit finding or a caught-at-final-inspection defect is a customer complaint that hasn't happened yet. Treating those inputs with the same root-cause discipline as complaints is preventive action by definition.
None of this requires new theory. It requires the data to be visible, which is why plants that still run quality on paper do corrective action at best and preventive action never: you cannot trend what you cannot see.
Why do CAPA systems fail?
The failure modes are consistent across industries:
- Everything becomes a CAPA. Without triage, the system floods, due dates slip, and the plant learns that CAPAs are paperwork. Reserve the full process for problems whose risk justifies it; handle the rest as corrections with a trend watch.
- Root cause stops at the first plausible answer. "Retrain the operator" closes fast and fixes nothing. FDA inspectors are specifically trained to flag investigations that stop at symptoms.
- No effectiveness check, or a check with no criterion. The CAPA closes on implementation evidence and the defect returns after the file is cold.
- The data lives on paper. When nonconformances, holds, and scrap reasons are on clipboards, nobody can see that the same failure happened four times across two shifts, so nothing triggers. Trend visibility is the raw material of preventive action. This is exactly the gap Harmony's quality and downtime intelligence works on: quality checks and exceptions captured digitally at the station become records you can trend, search, and act on, without ripping out the QMS you already run alongside your QMS software.
Get those four right and CAPA stops being a compliance chore. It becomes the plant's memory: every serious problem gets investigated once, fixed once, and stays fixed.