In this post “ISO 9001 Clauses Explained” we dive into Documented information, arguably at the core of any effective management system.

Documented information includes not only our documents, but also our records. There are many types of documents and many types of records, but with a simple and effective documented information management system at the foundation of our management system, we can be assured of a much smoother process for implementation and maintenance.

documented information
information (3.8.2) required to be controlled and maintained by an organization (3.2.1) and the medium on which it is contained
Note 1 to entry: Documented information can be in any format and media and from any source.
Note 2 to entry: Documented information can refer to:
— the management system (3.5.3), including related processes (3.4.1);
— information created in order for the organization to operate (documentation);
— evidence of results achieved (records (3.8.10)).
Note 3 to entry: This constitutes one of the common terms and core definitions for ISO management system standards given in Annex SL of the Consolidated ISO Supplement to the ISO/IEC Directives

From ISO 9000:2015

Document versus record

Documents are standardized by the type of document. Types of documents could include policies, procedures, forms, technical documents or specifications, drawings and/or inspection documents. While no standard specifies a particular format for the document, standardization within an organization is vital. Think about the traffic signs as you drive on the road, a stop sign is always red and octagonal, the size may vary depending on where you are, but the stop sign is always red and octagonal with white lettering. Road caution barriers are always a safety orange, we know the yellow stripe on the road versus the white stripe on the road. These same common visual languages that we speak in our everyday life is pertinent to our organizations. When an employee looks at an inspection document it should be clear that this is an inspection document for our company. Multiple formats will lead to confusion, delay and failure to conform to specified requirements.

7.5.1 General
The organization’s quality management system shall include:
a) documented information required by this International Standard;
b) documented information determined by the organization as being necessary for the effectiveness
of the quality management system.

ISO 9001:2015 7.5 Documented information

Control of Documented Information AKA Document Control vs Control of Records | 7.5.2 Creating and updating

Document control requires an approval process. (included in QMS Software like TQA Cloud). This approval process may vary between organizations and even within an organization for various document types. There are certain minimal commonalities between document control variations. Each document must be approved by management for suitability for its purpose within the management system. This applies to procedures, manuals, forms, drawings and so forth. Generally speaking the document should be approved by the quality manager or management representative or other equivalent title within the organization. The document should also be reviewed by the department lead or manager related to that document’s purpose. For example an inspection document would need to be reviewed by our inspections manager or operations manager for suitability prior to approval within the management system as our quality manager may not be fully trained, or aware of nuances involved in this particular inspection method.

7.5.2 Creating and updating
When creating and updating documented information, the organization shall ensure appropriate:
a) identification and description (e.g. a title, date, author, or reference number);
b) format (e.g. language, software version, graphics) and media (e.g. paper, electronic);
c) review and approval for suitability and adequacy.

ISO 9001:2015 7.5 Documented information

Approval of Documented Information | 7.5.3 Control of documented information

The document itself should be noted with the approval date, the person who ultimately approved the document, and the title of the approver (not an explicit requirement of the ISO 9001 standard). The document must also have a version history maintained. An example would be an update to a process procedure to account for an industry change or requirement (see example here).

Let’s look at requirements when the document needs to be revised. Let’s assume the document is currently controlled in the management systems as version 1 and is in need of revision to version 2. Version 1 of the document must be maintained, though not immediately accessible to most employees, yet not deleted or overwritten as version 1 may very well need to be referenced at some point in the future. Examples of future reference of older versions of documents may be in dealing with warranty issues, legal requirements, or simply during an internal audit to view the changes made to the document for suitability within the management system. The old version of the document should not be maintained as accessible to all users. This will create confusion an open up the door for users employees to obtain an old version of the document.

Control of Records (yes this is still a thing if not explicitly stated in the standard)

A record on the other hand can be in a wide variety of formats. While standardization is almost never a bad idea, standardization within records is not as critical as standardization within our documents. A document when copied and filled out becomes a record. The requirements for records are less stringent than they are for a document.

A record can also be as simple as a napkin drawing made over lunch period. Granted a napkin to be maintained as a record to be protected and secured against the unintentional change so forth. I have personally made photo copies of a napkin drawing to be maintained in the job folder. Records also include any documentation received from a client. Some of these records come in the form of a purchase order or shipping manifest.

Note: documents of external origin are still subject to the same document control requirements. Examples include the ISO standards themselves, customer license agreements or specifications.

Documented information of external origin determined by the organization to be necessary for the
planning and operation of the quality management system shall be identified as appropriate, and
be controlled.

ISO 9001:2015 7.5 Documented information

Acceptable methods of maintaining your documented information vary widely between organizations and industries. The most common method is a series of network file shares with a master list of documents typically within an excel spreadsheet.

Other formats and older methods include physical binders with physical copies of documents that must be literally copied prior to issue. In a similar manner there is a central register of a listing of all of the documents and their proved versions.

Texas Quality Assurance: www.TexasQA.com | Tel: (281)756-7316
LinkedIn | Facebook | Instagram | Twitter | GETTR | YouTube | Rumble 
 – Products and Services: | QMS Software | Consultation | FQM | Auditing

#QualityMatters podcast is streaming on:
iTunes Spotify Google Audible Stitcher TuneIn