NCRs (Auditor)
Non-Conformance Reports
Last updated
Non-Conformance Reports
Last updated
The Non-Conformance Report (NCR) serves as a tool to identify issues discovered during the review of a control's evidences.
It categorizes problems as either major or minor, thereby facilitating a more efficient resolution process and contributing to a more effective audit.
Here's how to add Non-Conformance Reports (NCRs) to an Auditor's framework review, let's streamline the process to enhance the efficiency of the auditing experience.
When select the NCR tab (marked with an arrow below).
Click on the 'Create NCR' button. Now, you can designate it as either Major or Minor, based on your assessment as an Auditor.
In the text box, provide a description of the reason for the Non-Conformity.
After filling in the Type and text box, the 'Create NCR' button will turn blue, as indicated by the arrow below.
Click on it once again, and the NCR will be successfully added to the Report's Control.
Upon creating the NCR, locate it in the NCR tab, accompanied by its creation date.
On the right side, you will find options to edit it (pencil icon), delete it (trash bin icon), or view it (arrow-down icon).
The icons are circled below for reference.
If you click on the edit button, you can modify the NCR.
To save the changes, click the save icon, as marked by the arrow below.
To discard the changes, click the X button next to it.
Clicking on the arrow-down icon reveals the content of the NCR.
Clicking it again will minimize the content, as indicated by the arrow below.
After creating NCRs for a control, the NCR status in the control list will be labeled as 'Open.'
It remains in this state until the report is submitted, providing the organization's collaborators with the opportunity to address the issues.
Subsequently, the changes are reviewed and accepted.
In the image below, an NCR status is circled, indicating it as 'Open' on a control.
This signals that you need to review the changes made based on your NCR notes (marked with an arrow below).
To review changes or fixes made to the NCR, enter the control and navigate to the NCR tab. Here, you will encounter three blue buttons, circled below:
Approve: If the changes are accepted, and the control is deemed complete, click on 'Approve.'
Reject: If the changes are not accepted, click 'Reject.' This action publishes the report back to the collaborators for addressing the issues.
Revoke: In the scenario where the Auditor receives an irrelevant response regarding an NCR, choosing 'Revoke' nullifies the NCR. This allows the Auditor to complete the report and serves as a counterpart to 'Approve,' offering flexibility when revisiting reported issues. The three options are circled below.
After containing NCRs and receiving it back with remarks or fixes, you'll notice that the NCR status is now indicated in orange as 'Review.'
To return to the
To return to the
