There are three ways to control quality related documents to be in compliance with the ISO 9001 standard:
1) Create an operational procedure that describes the control form;
2) Describe the control form of each document in its attachment;
3) By control evidence, without documentation.
We’ll explain each item listed above, and you will find a quote from the ISO 9001:2015 standard regarding control of documented information (188.8.131.52 requirement). The organization should address the following activities as applicable:
a) distribution, access, retrieval and use;
b) storage and preservation, including preservation of readability;
c) change control (version control, for instance);
d) retention and disposition.”
We interviewed different consultants, auditors, and checked supporting documents from ISO itself and companies that have already certified in the new version of the standard. As a result of this interview, we list the 3 most common ways to control documented quality information. Maybe one of them is helpful for your business. Here they are:
1) Create an Operational Procedure
The most basic, traditional and least controversial way to demonstrate that you meet the 184.108.40.206 requirement of the standard is to make a single OP that describes how QMS documents are controlled. Some experts argue that each term described in the requirement should be individually considered:
- Change Tracking
Other professionals prefer a lighter approach by grouping everything into macro items, for example:
2) Describe the control form of each document
There are companies that prefer to keep this information described within each document as part of the footer or have a document session just for that purpose. This way, the information will be accessible to anyone who has the document at hand, even in print.
3) By control evidence, without documentation
This is the most practical way to comply with ISO 9001: 2015, in requirement 220.127.116.11, but at the same time controversial. This is because the standard does not require you to document how you control documented information, but some consultants may ask you for that information.
And how do I show that this standard requirement is being met?
In an audit, you can show the software where you track documented information and ways to use it. The following is a list of each 18.104.22.168 requirement and how it is met by Genebra:
- Distribution: Sent by email to those responsible for the document;
- Access: With a password. Once a document is uploaded into the system, under document info you are able to restrict document access by selecting who is able to view, print, and download the document;.
- Recovery: Under the search tab, you will be able to search for documents utilizing the filters provided;
- Use: Those who were granted permission to edit the documents will be allowed to do so;
- Storage: all files are stored on the Azure Blob Storage server
- Preservation: daily backups ;
- Change Tracking: every document revision will require a justification;
- Retention: The document will remain in the system until it is replaced, inactivated, or deleted from the system;
- Disposition: When the document is deleted, the digital file will be erased.
These are some ways to control quality documents based on ISO 9001:2015. Do you utilize any of them or have any other suggestions? There is a space for you to leave a comment below.