25
Document control is possibly the single most critical quality assurance discipline. After all, information in the form of documents drives nearly every action in the organization, and the ability to control this information can make or break the organization’s success. As with so many other systems, the system for document control will be more successful if it is simple, intuitive, and user- friendly. The first step is to decide exactly what documents need to be controlled. Documents requiring control “Do I need to control this document?” is one of the most frequently-asked question in organizations working toward, or maintaining, a formal management system. The question is understandable, because the universe of documents possibly requiring control is huge and nobody wants to control something they don’t have to. © Copyright 2004 Craig Cochran

Document Control Article

Embed Size (px)

DESCRIPTION

Document Control Tips & Tricks

Citation preview

Document control is possibly the single most critical quality assurance discipline. After all, information in the form of documents drives nearly every action in the organization, and the ability to control this information can make or break the organizations success. As with so many other systems, the system for document control will be more successful if it is simple, intuitive, and user-friendly. The first step is to decide exactly what documents need to be controlled.

Documents requiring control

Do I need to control this document? is one of the most frequently-asked question in organizations working toward, or maintaining, a formal management system. The question is understandable, because the universe of documents possibly requiring control is huge and nobody wants to control something they dont have to. The ISO 9001:2000 standard provides a quick answer to the question of what must be controlled. The first sentence of section 4.2.3 on document control begins, All documents required by the quality management system shall be controlled. This statement means that if a document addresses or relates to any of the issues in ISO 9001:2000, then it will be controlled. That statement provides some clarity, but the issue of controlled versus uncontrolled is still confusing to many people. Here are some questions that can be posed in order to drill down to the final determination of whether or not a document should be controlled: Does the document guide the production of products (goods or services) provided by the organization? Does the document guide the verification, inspection, or testing of products provided by the organization? Does the document define customer and/or product requirements? Is the document used for controlling processes? Is the document used for decision making by production personnel? Is the document used for collecting data that could be used later for decision making within the scope of the management system (i.e., a form)? Is the information on the document so critical that failure to keep it updated would pose a risk to the organization or its customers? Does the document address or relate to a requirement from ISO 9001:2000?If the answer to one or more of these questions is yes, then the document should probably be controlled. For illustration purposes, consider the following scenarios: An interoffice memo is posted on wall in the fabrication department. The memo gives a number of functional and packaging requirements for a product being fabricated in the department. Because of where the document has been posted and the information it contains, the memo should certainly be controlled. Ignore the fact that memos are rarely controlledit doesnt matter. The memo provides customer requirements, guides decision making, and relates directly to ISO 9001:2000 requirements. Even if the memo was a duplication of information that was contained somewhere else in controlled specifications, the uncontrolled memo would still be a problem. There will eventually be a discrepancy between the information on the memo and the information contained in the controlled specifications. The organization should either control the memo or get rid of it. The training department developed videotapes to train employees on the proper set-up and operation of production lines. The videotapes are included in the training program for new hires and existing employees. Document control will be required on the videos because they define process control, guide the production of products, and relate to the training requirements of ISO 9001:2000. Product defect samples are displayed in a lighted glass cabinet in the visual inspection area. The samples illustrate the limits of various defects that could be considered acceptable to customers, and they are used by the inspectors when they are not certain of the criteria. Currently, the display cabinet is labeled for reference only. Despite the declaration of for reference only, the samples should be covered under document control because they define customer requirements. The organization has developed a checklist that is used to record the results of product inspection. The blank checklist defines exactly what is to be inspected, as indicated by the spaces that the inspectors must complete. These blank forms would need to be controlled as documents, and then as records once they were completed. The scenarios highlight the fact that documents need not be limited to traditional procedures, work instructions, and the like. The term document can encompass a very wide range of things, all of which might require control depending on the information they contain: Electronic documentation; Photos; Drawings, diagrams, and sketches; Audio tapes and videotapes; Product samples and defect samples; Paint chips for color matching; Checklists; Flow diagrams; Blank forms.

Before we jump into the specifics of document control, lets clear up one last confusion that plagues many organizations: the issue of how a document differs from a record.

Document versus Record

A document is a living thing. The information contained within a document is subject to change; it can be revised. A record, on the other hand, is history. The information on a record cant be change, because the record simply states what has already happened. Simply put, a record and a document are two completely different things. Is it possible for something to exhibit characteristics of both a document and a record simultaneously? Sometimes. Work orders, sales orders, and purchase orders (to name just a few) all exhibit characteristics of a historical record and a live document. In these case, the item is treated as a document until its real-time informational value has been exhausted. At that point, it is treated as a record. Now that we understand what a document is, lets explore the specific means of control. By the way, one of the six documented procedures required by ISO 9001:2000 is a procedure for control of documents, so whatever specific controls that the organization decides upon will need to be documented.

Approve documents

All documents must be approved for adequacy before being used. There are, of course, many ways to accomplish approval. Paper-based documents often have a space (or spaces) for authorized persons to sign or initial. Electronic documents can be approved through a typed name, if it is demonstrated that passwords prevent someone from falsifying the approval. Emails can even be used to demonstrate approval of documents. The only caveat I would offer is that the approval should be something that is visible to the user. Otherwise, the value of approval as a cue that this document is okay for use is gone. Does the organization need to define who is authorized to approve documents? At least on a basic level, the answer is yes. A statement such as documents must be approved by individuals responsible for managing the tasks described in the document would satisfy the designation of approval authority, or the organization may elect to be much more specific about who can approve documents. Each document itself typically indicates who is responsible for approving it (through the titles shown beneath approval spaces), and this self-declaration is usually adequate. There is a fine line between having too few and too many approvals on a document. For documents that cut across departments, it is very helpful to include all managers who are affected by the document on the approval list. This provides buy-in and helps to educate managers about what is expected. The flip side is that eight or ten approvals can take a very long time to obtain. Strive for the fewest number of approvals that will still provide buy-in for the information described in the document.

Review, update, and re-approve documents

ISO 9001:2000 introduces the requirement that documents must be reviewed, updated as needed, and reapproved. What theyre talking about here is not the routine revision of documents. The standard is asking the organization to periodically review documents to see if theyre still valid. If theyre still valid, the organization re-approves the documents. If not, a revision is made or the document is made obsolete. The point of this is to prevent documents from slowly becoming inaccurate or obsolete over an extended period of time. If the documents are used properly, this should never happen, but we all know that documents are not always used properly. The question we are left with is this: what exactly triggers the review of documents? There are three basic ways the organization could go on this:

1) Recall documents on a strictly periodic basis (every year, for instance) and review them, update as necessary, and re-approve them. This would certainly satisfy the standard. The only problem is that it is sometimes difficult to review documents strictly by the passage of time. This type of system requires a great deal of discipline, and there is always something more important to do than reviewing documents. The success of this system is usually dependent on the organization skills of the person in charge of it. 2) Review, update as necessary, and re-approve documents based on business triggers. What exactly is a business trigger? It is a real-world event that has the power to affect a document. Some examples include the introduction of new products, new equipment, and processes; change in business focus; technological breakthroughs; and improved methods or practices. The benefit of this approach is that it is driven by actual events that relate to the documents being reviewed, and it introduces a sense of urgency that is not present with the other first approach. If the organization decides to go this direction, make sure to clearly define the business triggers and responsibilities in the Document Control Procedure. The document administrator typically will monitor operations for these business triggers and will ensure that the relevant documents are reviewed, updated as necessary, and re-approved. If a business trigger has not occurred within a reasonable period of time (say 3 years), then documents should still be recalled for review. 3) Use the internal audit process to review documents. The only problem is that internal audits are sampling processes. By their very nature, audits are only going to examine a representative sample of documents in existence. The standard implies that all documents must be reviewed. If the organization intends to use its internal auditing process to satisfy this requirement, then extra care would need to be made during the scheduling and planning of audits to ensure that all documents are sampled over an extended period of time.

Identify changes and revision status

Documents must have the changes identified. This is typically interpreted as the changes in the most current revision. So, if a document is on revision five, it will identify the changes that moved it from revision four to revision five. The purpose of this is twofold: 1) To assist document approvers in knowing what changed in the document, in order to facilitate their review and approval, and 2) To assist users in knowing exactly what has changed in the document, so they can better comply with the documents requirements. Changes can be identified in a wide variety of ways, including the following: Change logs at the end of documents; Listing of changes on the cover sheet; Underlined, bolded, italicized, or highlighted changes throughout the document.

Revision status is simply the current revision of the document. This is normally indicated as a revision number, letter, or date that is shown directly on the document. The revision status enables users to know whether they have the most current document. For paper-based documents, the revision status normally ties back to a master list or index that shows the current revision of all documents. For electronic documents, knowing the current revision is less important because the most current version is usually served automatically to all users. Either way, the revision status must still be identified.

Make documents available at points of use

A document is no use if it is not accessible. ISO 9001:2000 requires that relevant versions of applicable documents are available at points of use. This means that the most current version of documents are accessible by the people who need them. This does not mean that everyone has to have their own copy of the documents or their own computer terminal. If personnel know where the documents are located, have access to that location, and are able to make use of the information in the documents, then this requirements has been satisfied. Some organizations have elaborate schemes for distributing documents to different departments or functions. These often involve Acknowledgment of Receipt sheets that must be signed-off and returned with the obsolete copies of documents. ISO 9001:2000 does not specifically require such systems, though they may provide some value. Organizations must examine their own operations and decide what will provide the right balance of control and simplicity. The more bureaucracy that is employed, the slower the system will work and the more likely that users will attempt to circumvent the system.

Make documents legible and identifiable

Legibility means that the documents can be read and understood. It is written in a clear, decipherable manner in the language spoken by the users of the document. If a significant number of the employees in a particular department only speak Spanish, then the documents would need to be legible to these Spanish speakers. Of course, there are two ways to accomplish this: 1) write the documents in Spanish, 2) Utilize graphic documents (photos, drawings, etc.) that can be understood regardless of the spoken language. Identifiable simply means that the documents have a title, document number, or other unique identifier that sets it apart from everything else. Organizations often develop document numbering schemes that tie back to the numbering of ISO 9001. This is well-intentioned, but guaranteed to be obsolete in the future. Remember, ISO reviews and revises the 9000-series every five years, and this normally triggers a change in the way the standard is numbered. A much better plan for numbering would be to develop a scheme that is matched to the processes or departments within the organization. The document numbering will have automatic relevance to employees, and it wont become obsolete upon the next revision of ISO 9001.

Control external documents

An external document is something that is published outside the organization, but which used by the organization within the scope of management system. The eight questions listed at the beginning of this article will help determine if an external document should be controlled. Examples of external documents possibly requiring control include the following: Troubleshooting and/or calibration manuals published by equipment manufacturers; Test procedures, specifications, and/or engineering drawings published by customers or other bodies; Instructions, specifications, and/or procedures published by suppliers; Standards published by industrial organizations applicable to the organization; International standards such as ISO 9001:2000.

Once external documents have been determined, two things must happen: 1) they must be identified, and 2) their distribution must be controlled. Identification means the same thing that it means for internal documents: there is a title, document number, or other unique identifier. The identification typically comes from the source that has published the document, and the organization simply adopts this identification. Distribution control is important because most external documents arrive in paper form. Knowing where they are located is critical to controlling the information contained on them. For that matter, paper-based internal documents should have their distribution controlled, too, but this is not specifically required by ISO 9001:2000. A distribution list simply defines the number of copies in existence and where they are located. The copies are often numbered, and these numbers are tied to the locations shown on the distribution list. When documents are revised, retrieving the old copies becomes much easier when their quantity and location is precisely known.

Obsolete documents

ISO 9001:2000 imposes two controls on organizations related to obsolete documents: 1) their unintended use must be prevented, and 2) they must be identified if they are retained. The easiest and most obvious way to prevent the unintended use of obsolete documents is to take them out of circulation. Simply round them up and get remove them. This is quite easy when the exact locations of documents are known. It becomes much more difficult when theyre not. This is one more good reason to maintain distribution lists for all paper-based documents, not just external documents. Organizations often retain obsolete documents for knowledge preservation purposes. Unless the organization has retained obsolete documents, it becomes very difficult to answer questions like, How did we run the process five years ago? If the organization elects to retain obsolete documents they must be identified by some means that the organizations determines to be suitable. This might include marking them as History, Obsolete, or Uncontrolled; or putting them in a specially designated location that has controlled access. The bottom line is that obsolete documents are not floating around where they can be used improperly.

A few words on forms

The issue of controlling forms is a sore spot for many people. The resistance usually follows this general theme: I just dont see the value in controlling forms. How are we supposed to do it, anyway? The bottom line is that forms existing within the scope of ISO 9001:2000in other words, forms that address an ISO 9001:2000 requirement applicable to the organizationundeniably require control. Why? The primary reason of having a form in the first place is to create consistency in the way that data is collected. Consistency can only be enforced when everybody is using the same form, and this is only achievable through some type of document control. Case closed. Now heres the good news: forms are quite easy to control. Lets look at two different approaches, both of which are used widely by organizations:1. Forms controlled as attachments to procedures:In this framework, the forms are included within the procedure or documents that describe their use. (Must there be a procedure that describes the use of every form? Of course not, but it makes sense in some cases.) The forms are generally included as the last page or two of the procedure to which they belong. The approval of the procedure also serves as the approval of the form. The same goes for the revision status and identification of changes. The form is treated simply like another page of the procedure for control purposes, but it can be reproduced for use independently of the procedure. When the form is revised, the procedure is also revised and users are made aware of the changes just like any other changed procedure. The drawback of this system, of course, is that you are required to revise the entire procedure when the form is revised. The 2. Forms controlled individually:In this framework, forms have individual numbers and revisions. The approval may be applied directly to the original copy of the form, or approval may be kept elsewhere, such as on a master approval sheet. The current revision of each form is usually indicated by a master list, computer index, or even by its inclusion in a special file. When a form is revised, users are notified via memo, email, or other means.

Forms are often printed in huge quantities, only to have a very minor change that renders the inventory of forms obsolete. Should you toss out the old forms, even though the change was inconsequential? NO! Forms in this category can often be labeled with a disclaimer, Previous versions of this form may be used. This will enable the organization to use up the old inventory of forms and avoid waste. Keep in mind that this only works when the changes to the form are very minor, and when the form itself is not something that has serious bearing on the success of the organization.

Document Formatting

I often hear the question, Does ISO 9001 require any particular format of documents? Thankfully, the answer is no. The organization gets to decide for itself what format will work best for its mode of operation. Furthermore, the organization is not required to stipulate a single type of format or style of document. Having a standardized format or style can be helpful in driving a consistent appearance for all documents. Many organizations will stipulate only the content of document headers and cover sheets, and other organization will go much further by requiring specific sections in each document such as purpose, scope, responsibilities, equipment, etc. It is strictly up to the organization. Whatever style and formatting that is decided upon, the document control procedure should clearly define. In fact, many organizations use their document control procedure as guides for writing documents. In this way, the document control procedure does double duty: it describes the control of documents, and facilitates the development of documents. A procedure that only tells how to write a procedure is of questionable value for most organizations.

Summary

The basic themes of document control are very simple. Most document control procedures can be drafted in four pages or less. How do you write a document control procedure? Its easy: simply go down the list of document control issues raised by ISO 9001:2000 and describe what the organization is doing for each one. Keep it simple and use only as much bureaucracy as is absolutely necessary. A good document control system will provide documents to users faster, not slower.

Craig Cochran is a Project Manager with Georgia Techs Economic Development Institute. Craig has an MBA from the University of Tennessee and a B.S. in Industrial Management from the Georgia Institute of Technology, and he is certified as a QMS Lead Auditor by the RAB. CISQ can be reached at 800-859-0968 or on the web at www.CISQ.gatech.edu. Craig Cochran can be reached via email at [email protected].

Copyright 2004 Craig Cochran


Document Control - northdevonhealth.nhs.uk...document control report, version control, headers and footers and formatting for document map navigation. 3.0 Nov 2012 Final Reviewed against

Document Control - northdevonhealth.nhs.uk...document control report, version control, headers and footers and formatting for document map navigation. 3.0 Nov 2012 Final Reviewed against

Documents
Document Control - Northern Devon Healthcare NHS Trust · Document Control ... Any revisions to the final document will be recorded on the Document Control Report. ... evolving into

Document Control - Northern Devon Healthcare NHS Trust · Document Control ... Any revisions to the final document will be recorded on the Document Control Report. ... evolving into

Documents
Is Your Document Control… Out of Control?

Is Your Document Control… Out of Control?

Documents
DOCUMENT CONTROL SHEET - Siemens...DOCUMENT CONTROL SHEET . Document Information: Document Number: IOM-005 Document Name: INSTALLATION AND OPERATION MANUAL FOR REDU Document Category:

DOCUMENT CONTROL SHEET - Siemens...DOCUMENT CONTROL SHEET . Document Information: Document Number: IOM-005 Document Name: INSTALLATION AND OPERATION MANUAL FOR REDU Document Category:

Documents
Document Control - Sunbeam

Document Control - Sunbeam

Documents
Research Article Expert Control of Mine Hoist Control System

Research Article Expert Control of Mine Hoist Control System

Documents
Document Control 4

Document Control 4

Documents
Document Control Basics of Good Documentation and Document Control Systems

Document Control Basics of Good Documentation and Document Control Systems

Documents
Review article Biological control of Bemisia tabaci … article Biological control of Bemisia tabaci using predators ... Biological control of whiteflies in ... most attempts of control

Review article Biological control of Bemisia tabaci … article Biological control of Bemisia tabaci using predators ... Biological control of whiteflies in ... most attempts of control

Documents
DOCUMENT CONTROL POLICY

DOCUMENT CONTROL POLICY

Documents
Document Control Training

Document Control Training

Documents
Control Final Document

Control Final Document

Documents
Document Control Basics.pptx

Document Control Basics.pptx

Documents
AS9100-PPT Document Control

AS9100-PPT Document Control

Documents
Document Control - restoresight

Document Control - restoresight

Documents
Control Document - rbkc.gov.uk

Control Document - rbkc.gov.uk

Documents
DOCUMENT CONTROL PAGE

DOCUMENT CONTROL PAGE

Documents
Research Article Distributed Consensus Control of ...downloads.hindawi.com/journals/mpe/2015/963282.pdfResearch Article Distributed Consensus Control of Networked Control Systems with

Research Article Distributed Consensus Control of ...downloads.hindawi.com/journals/mpe/2015/963282.pdfResearch Article Distributed Consensus Control of Networked Control Systems with

Documents
Document & Data Control

Document & Data Control

Documents
Engineering Document Control

Engineering Document Control

Documents
Interface Control Document Document Title: 1.3 GHz Cryomodule … · 2015. 7. 29. · Interface Control Document Document Title: 1.3 GHz Cryomodule External Physical Interfaces Document

Interface Control Document Document Title: 1.3 GHz Cryomodule … · 2015. 7. 29. · Interface Control Document Document Title: 1.3 GHz Cryomodule External Physical Interfaces Document

Documents
Document version control

Document version control

Documents
THE DOCUMENT CONTROL TRIBUNE...THE DOCUMENT CONTROL TRIBUNE Issue no.22 I n this article we have gathered solutions and tips to help with the ergonomics of working at home, and to

THE DOCUMENT CONTROL TRIBUNE...THE DOCUMENT CONTROL TRIBUNE Issue no.22 I n this article we have gathered solutions and tips to help with the ergonomics of working at home, and to

Documents
E P A Alternative Control Techniques Document: … A Alternative Control Techniques Document: ... U.S. ENVIRONMENTAL PROTECTION AGENCY ... Alternative Control Techniques Document:

E P A Alternative Control Techniques Document: … A Alternative Control Techniques Document: ... U.S. ENVIRONMENTAL PROTECTION AGENCY ... Alternative Control Techniques Document:

Documents
Document Control

Document Control

Technology
MICROS Materials Control - Oracle · 2015. 7. 29. · Document Title: Managed Article Codes Author: Joerg Trommeschlaeger Department: Materials Control Date: 31.07.2012 Version No

MICROS Materials Control - Oracle · 2015. 7. 29. · Document Title: Managed Article Codes Author: Joerg Trommeschlaeger Department: Materials Control Date: 31.07.2012 Version No

Documents
Interface Control Document

Interface Control Document

Documents
Document Control Effectiveness in Iso 15189 Accredited ...sambhuchakraborty.com/document/research/B0501012023.pdfKeywords: Document control, Document control effectiveness, ISO 15189

Document Control Effectiveness in Iso 15189 Accredited ...sambhuchakraborty.com/document/research/B0501012023.pdfKeywords: Document control, Document control effectiveness, ISO 15189

Documents
Document Control Report

Document Control Report

Documents
Document Control Procedure

Document Control Procedure

Documents