Does your organization encounter these issues?
Of course it does. It's part of the reason so many management system standards have been developed over the past three decades. Such standards are designed to provide a minimum set of controls that will help ensure that business processes produce the intended results.
But those controls are high level only, and more detailed requirements are difficult to impose since each organization needs the flexibility to implement business processes that are designed for their specific context (e.g., products/services, degree of technological complexity, regulatory environment, etc.). It is then up to each organization to identify the deeper levels of controls required for their situation.
And while try they might, most people are better at executing processes than designing them. Process weaknesses therefore often show up only after the processes (including the products, equipment, people, etc.) have been in operation for a sufficient amount of time for the laws of probability to have an impact.
The purpose of the corrective action process is then to find out why the system failed, and take action to prevent recurrence.
Time and time again organizations are found to be ineffective at problem solving and corrective action. Examples of data that support this statement include the number of warning letters issued by the FDA for poor corrective action, and the number of audit findings among automotive suppliers who were audited to the IATF 16949:2016 standard.
There are many reasons for this, but primary is a lack of ability of how to carry out a root cause analysis at the level of detail necessary to provide high confidence in findings of the investigation. So while significant organizational resources are being used to try to address a problem, there are no clear rules for what needs to be done in order to prevent simply applying a "best guess"patch. People are then surprised when the problem recurs (but shouldn’t be)!