Document control is more than just filing documents. It is an essential tool used to ensure a business’s efficiency, performance, reliability, traceability, quality and safety. Document control is required to control the distribution, accessibility, preservability, retrieval, management, and usability of documented information. Documented information should be controlled in order to be adequately protected, available and suitable for use at all times.
Regardless of how you may record information, anything deemed necessary for the organisation to operate, or necessary for the effective functioning of the management system, must be controlled. The previous 9001 Standard (2008) used to require a few documents including:
Procedure - Control of documents (clause 4.2.3)
Procedure - Control of records (clause 4.2.4)
Procedure - Internal audit (clause 8.2.2)
Procedure - Control of nonconforming product (clause 8.3)
Procedure - Corrective action (clause 8.5.2)
Procedure - Preventive action (clause 8.5.3)
However, under the new 9001 Standard (2015) only four elements are required to be documented, including: a quality policy, quality objectives, scope, and the information needed to support the operational system. These support documents are at the discretion of the company. The new Standard does not require all the procedures mentioned above, nor a quality manual, but any organization which decides to continue to use them can keep them.
The 2015 Standard still requires several records to be maintained with the majority of those coming from Clause 8 – Operation, these include:
Calibration of monitoring and measuring equipment
Conformity of products and services requirement
Reviews of requirement for products and services
Design and development: inputs, reviews, controls, verification, outputs, validation, change control.
Monitoring and measurement activities
Results of external provider evaluations, performance, and re-evaluations
Unique identification of process outputs (e.g. serial / batch number) if traceability is required
Customer property - lost, damaged or found unsuitable for use and communication to the owner
Criteria and authorisation for products and services delivery
Audit findings and actions
Corrective actions raised and the outcome (any action taken on nonconformities)
I want to know - how big is your Quality Management System, have you simplified it?