The PFMEA session flagged 34 failure modes on the new welding line. The team knows error-proofing belongs somewhere in that list—but where? Applying poka-yoke everywhere is not feasible; applying it nowhere leaves severity-9 failures at the mercy of operator attention. The decision has to come from the FMEA itself, not from who makes the loudest argument in the review meeting.

This guide covers how to use your PFMEA’s Action Priority ratings and failure mode structure to make defensible poka-yoke investment decisions: which failure modes warrant error-proofing, what type to apply, and how to document it so re-rating survives an IATF audit.

Step 1: Filter by Action Priority, Not RPN

If your PFMEA still uses RPN rather than Action Priority, you are working from a metric that can mislead poka-yoke decisions. An RPN of 80 can come from S=10, O=4, D=2 (a catastrophic failure happening several times per year with near-automatic detection) or from S=4, O=5, D=4 (a minor defect with mediocre controls). These require completely different responses.

The AIAG-VDA 2019 Action Priority matrix removes that ambiguity. High AP failures—specifically Severity 9–10 paired with Occurrence ≥4—are mandatory poka-yoke candidates. Medium AP failures with Severity 7–8 and Occurrence ≥5 are strong candidates. Low AP failures generally do not justify engineering cost unless the error-proofing is incidentally simple to implement.

Tip For any failure mode with Severity 9–10, investigate whether the cause is error-proofable before concluding detection alone is sufficient. Severity 9–10 designates the characteristic as Critical—enhanced controls are expected by auditors and OEM customers regardless of Occurrence or Detection ratings.

Step 2: Assess Whether the Cause Is Error-Proofable

Not every failure mode has a cause that poka-yoke can address. Work through this question against each High and Medium AP failure mode before committing engineering resources:

Human assembly error (wrong orientation, missing component, insufficient torque): almost always error-proofable. Pin patterns, asymmetric fixture guides, torque shut-off wrenches, presence sensors, and vision systems all prevent the cause from occurring.
Process parameter drift (temperature, pressure, cycle time): often error-proofable with setpoint enforcement interlocks. Control-type if you can lock the parameter in range; warning-type if you can only alert after the cycle completes.
Material variation from supplier: rarely error-proofable at the manufacturing process level. You are detecting incoming material variation or working the problem upstream at the supplier. Document this as a detection control reality—poka-yoke at your process is not the right tool.
Tool wear and degradation: tool life counters that lock the machine before the wear limit is exceeded are a valid prevention control, but they are a maintenance-program solution, not traditional poka-yoke. Treat them accordingly in the control column.
Design-induced variation (tight tolerance stack-up, ambiguous assembly sequence): address in DFMEA first. PFMEA poka-yoke on a design sensitivity gives you expensive mitigation of a root cause that engineering owns. If design change is frozen, document the constraint and accept residual risk with management sign-off.

For causes that are error-proofable, move to choosing the type. For causes that are not, document in the control column what detection mechanism is in place and why prevention was not feasible. Auditors want evidence the team considered prevention and made a deliberate decision—not that prevention was skipped because nobody asked.

Step 3: Choose Between Control-Type and Warning-Type

The fundamental distinction in poka-yoke type determines how you rate the failure chain after implementation:

Control-type (preventive/shutdown): the process physically cannot proceed past the error state. The fixture does not close unless the part is correctly oriented. The weld cycle does not start until the presence sensor confirms the component. The torque wrench does not release until the setpoint is reached. No non-conforming product proceeds.
Warning-type (alert): the error condition is detected and signaled—light, alarm, counter trip—but production can continue if the operator ignores the signal. A missing-component indicator on the operator panel. An audible alarm when a parameter exceeds threshold. Lower implementation cost; significantly lower reliability when operators are under production pressure.

AIAG-VDA explicitly prioritizes prevention over detection. For Severity 9–10 failure modes with High AP: control-type is the default target. Warning-type is acceptable for Severity 7–8 failures where the engineering cost of a physical interlock is disproportionate to the risk, or where the process geometry does not permit an interlock (continuous-flow operations, for example).

Common Mistake Installing a warning-type device and documenting it as a prevention control. If the operator can proceed without responding to the warning, the Occurrence rating does not improve—you still have a human decision point between the error condition and the product reaching the customer. Document warning-type devices in the Detection Control column and re-rate Detection, not Occurrence.

Step 4: Document in the PFMEA Control Columns Correctly

Control-type poka-yoke devices reduce Occurrence because they prevent the failure mode from proceeding. Document them in the Prevention Control column. The description must specify the mechanism: “Fixture pin pattern prevents reversed-part assembly by blocking fixture closure” is auditable; “Error-proofing device installed” is not.

Warning-type devices belong in the Detection Control column with the same specificity: “Presence sensor detects missing gasket before cycle initiation; red indicator activates on operator panel.”

In both cases, the control description should answer: what condition does the device sense, what does it do when that condition is detected, and at what point in the process does it act? A description that cannot answer all three is incomplete for audit purposes.

Step 5: Re-Rate the Failure Chain in Revised State

After documenting the control, re-rate the failure chain in the Revised State columns. The logic matters for audit credibility:

Control-type device installed: the cause cannot lead to the failure mode proceeding. Occurrence drops to 1 or 2 (nearly impossible given the physical constraint). Detection rating stays unchanged—the device prevents the defect; it does not detect it after the fact.
Warning-type device installed: Detection typically improves 2–4 levels depending on operator response consistency and station conditions. A loud alarm in a low-noise station is more reliable than a visual indicator on a busy panel. Occurrence does not change unless you have also made a process change that independently affects cause frequency.

An auditor reviewing a PFMEA with a documented prevention poka-yoke and an unchanged Occurrence of 6 will ask why the control did not reduce occurrence. If you cannot explain the reasoning—“this is warning-type, so Detection was re-rated instead”—the FMEA does not survive scrutiny. The FMEA risk priority calculator lets you model before-and-after AP and RPN impact of different control scenarios before committing to the implementation.

When Error-Proofing Is Not the Right Response

Three scenarios where poka-yoke is the wrong answer to a high-AP failure mode:

The cause is in the design. PFMEA error-proofing on a tolerance stack-up failure mode addresses symptoms, not root cause. The correct action is a DFMEA recommended action to change the design tolerance or assembly sequence. If the design is frozen, the PFMEA should document the constraint and reflect realistic residual risk—not a poka-yoke that obscures the underlying design issue.
The process is highly capable and AP is severity-driven. A severity-10 failure mode with Occurrence 1 (demonstrated by Cpk >1.67) may be better handled with a detection control than a prevention device, especially if the prevention device introduces its own failure mode (false rejects that shut down the line). Model both options before deciding; the goal is net risk reduction, not checking the error-proofing box.
The failure mode is revealed at this station but caused upstream. Implementing poka-yoke at the detection station while ignoring the generating station addresses the wrong failure chain. Find the upstream cause, fix it there, and update the upstream FMEA. The post on prevention vs. detection control strategy in FMEA covers how to trace cause chains across process steps. For prioritizing across multiple high-AP failure modes with limited resources, the FMEA action prioritization guide covers the AP matrix approach with constrained budgets.

Translating FMEA Failure Modes Into Poka-Yoke Decisions: Which Risks Warrant Error-Proofing