Chapter 19: Fault Tree Analysis (FTA) for High-Risk or Repeat Nonconformances
Fault Tree Analysis is the heavyweight method. It's less frequently needed in typical ISO 9001 environments, but when it is needed, it's invaluable. FTA maps how individual failures combine (using AND/OR logic) to cause a critical failure. It's the method aerospace and medical device manufacturers rely on, though we see Canadian food, automotive, and industrial equipment makers deploying it for safety-critical or repeat issues.
Here's the situation: A plastics injection molder in the Greater Toronto Area had a contamination escape—a foreign plastic pellet (a competitor's material, somehow mixed in) reached a customer producing beverage containers. The customer caught it during in-process inspection, but the risk was serious: a foreign pellet could have degraded the container's structural integrity.
This wasn't a one-off mistake. The plant had experienced pellet mix-ups twice before in the last 18 months. The safety and regulatory stakes demanded more rigor than 5-Why. They built a simplified fault tree.
The top event: "Competitor plastic pellet reaches customer."
For this to happen, what must be true?
- The wrong pellet must be in inventory (procurement or receiving failure)
- AND it must be stored in a position accessible to production (storage/handling failure)
- AND it must be selected during the material load sequence (operator/procedure failure)
- AND the in-house quality check must fail to detect it (inspection failure)
Each of these branches breaks down further. "Wrong pellet in inventory" requires either a supplier error or an internal receiving error. "Stored accessibly" requires either improper labeling or inadequate segregation. Using Boolean logic (AND/OR gates), the tree maps every path to the top-level failure.
The power here: FTA forces you to identify *all* the barriers that failed, not just the last one. Many RCA methods would have stopped at "operator loaded the wrong material." FTA reveals that operator error was the final point of failure, but the real system breakdown involved receiving, storage, labeling, and inspection—all of which should have caught the problem earlier.
The corrective actions were correspondingly broad:
- Receiving: Add a material identification step requiring visual and documentation cross-check for all new-to-plant suppliers.
- Storage: Implement color-coded bins and segregated storage racks for materials from different suppliers.
- Operator: Create a pre-load material verification checklist with a photograph of the correct pellet appearance.
- Inspection: Add a material identification spot-check to the in-process inspection routine (visual inspection of a sample pellet).
When FTA is warranted:
- Use FTA when safety is involved (any escape that could injure a user).
- Use it when a customer demands it—especially automotive (IATF 16949) or aerospace and defence (AS9100) suppliers where OEM supplementary requirements often mandate it for high-risk nonconformances.
- Use it when the same type of failure has recurred; repeat nonconformances signal systemic, multi-barrier breakdown.
- Use it when the consequences are severe: customer loss, regulatory non-compliance, liability exposure.
How to keep FTA manageable: Start with a clear, specific top event. Don't try to map "everything that could go wrong." Focus the tree on the actual failure that occurred. Use three to four levels of detail maximum (if you're deeper than that, you're creating a tool that's too complex to use). A simple FTA takes 4–6 hours of cross-functional team time; a detailed one can take 10–15. For most manufacturing scenarios, simple FTA is sufficient.
Need guidance on your certification journey?
Our consultants have prepared more than 250 manufacturers globally — from growing businesses to large enterprises — for successful certification. Get a free, no-obligation consultation tailored to your industry.
| **RCA Method** | **Best For** | **Complexity Level** | **Resource Demand** | **Timeline** |
|---|---|---|---|---|
| **5-Why** | Single-thread failures, obvious cause | Low | 1 person or small pair | 15–30 min |
| **Fishbone** | Multi-cause, team input needed | Medium | 5–8 people | 90 min |
| **Is/Is Not** | Variable/intermittent failures, pattern recognition | Medium | 2–3 people | 30–45 min |
| **Fault Tree** | High-risk, repeat nonconformances, regulatory requirement | High | 4–6 people + SMEs | 4–6 hours |
Did You Know? A common trap is using Fault Tree Analysis for every problem and burning out your team. The decision matrix above guides your method selection. A dimensional out-of-spec on a low-risk part? 5-Why gets you there. A safety escape or an auditor-required investigation? FTA or fishbone. The method must match the risk and complexity, not the other way around.
You now have four proven RCA methods and clear guidance on when each delivers maximum value. In the next chapter, we'll move into the documentation side: how to write a corrective action request that's clear, complete, and audit-ready.
Chapter 18: Is/Is Not Analysis: The Underused Tool That Impresses Auditors
Here's a method that auditors notice—and respect—when they see it done right: **Is/Is Not analysis**. It's forensically precise. It narrows the problem definiti
Chapter 20: What 8D Is, Why Automotive and Aerospace Customers Demand It, and How It Maps to ISO 9001
The 8D (or "Eight Disciplines") methodology originated in the automotive sector and has been refined by Ford, GM, Daimler, and other global OEMs over decades. E
Request a Consultation
Fill in your details and we'll get back to you.
