You have permission to republish this article free of charge and use it either in your website orin print as long as the article title, author name, article body and author signature must remainintact (NO Changes) with the links made active.
Document Control Procedures
The document control procedure (4.2.3) and record control procedure (4.2.4) are usually thefirst of the six mandatory procedures to be initiated when implementing an ISO 9001:2008quality management system.A robust document control process invariably lies at the heart of any compliant qualitymanagement system because almost every aspect of auditing and compliance verification isdetermined through the scrutiny of documented evidence. With this in mind, it becomesapparent that the ongoing maintenance of an efficient document management system mustnot be overlooked.
Difference between Documents and Records
What does ISO 9000:2005 tell us about the difference between documents and records andfurthermore; why it should matter?The standard tells us that documents are considered as being information (e.g. specificationsor procedures) and its supporting medium (e.g. paper or electronic). The standard implies thatover time these documents will evolve as new information supersedes old and that changemust be managed. Documents are active and dynamic.Records, on the other hand, are more static since they are historical in nature. They are thedocuments that state the results of activities undertaken in accordance with the productrealization, measurement, analysis and improvement processes (e.g. calibration logs andnon-conformance or corrective action reports). They also provide evidence that an activitywas performed in the manner specified (e.g. inspection records).
Requirements for Controlling Documents and Records
What does ISO 9001:2008 tell us about ensuring compliance with the principal requirementsof document control procedures?Clause 4.2.3 tells us that an organization must control the documentation required by thequality management system and that a suitable document control procedure must beimplemented to define the controls needed to; approve, review, update, identify changes,identify revision status and provide access. The document control procedure must clearlydefine the scope, purpose, method and responsibilities required to implement theseparameters.ISO 9001:2008 does not define how an organization should format its documentation, sincemost organizations maintain a consistent corporate image, it is expected that any corporateformat will suffice.Similarly; Clause 4.2.4 demands that an organisation must implement a documentedprocedure to define the controls needed for the identification, storage, protection, retrieval,retention and disposition of records and that these records must remain legible andidentifiable throughout their retention period.