ISO 9001 Clause 4.2.4 Control of Records - Documented Procedure help

K

Kirin

Time for the next batch of stupid questions from me. :bigwave:

I'm about to start putting together my documented procedure for control of records and have an idea about how i'd like to apporach it, but thought i would see what you guys think before I proceed.

I'd like to start with a document (similar to 4.2.3) that states generically how the organisation deals with identification, storage, protection, retrieval, retention and disposition of records.

In each process flow diagram, I intend to include the flow of records from one part of the process to the next and from one process to another (if that makes sense?).

In each process work instruction I will detail exactly what happens with regard to how each record interacts with the process.

I am also considering having an overall 'record register' that brings together all records in the organisation (it's a small organisation) and details the specific identification, storage, protection, retrieval, retention and disposition of those records.

Also, I had a quick look for similar threads, but couldn't find much that answered my question, but please feel free to refer me to them if I have missed something.
 
Last edited by a moderator:

Randy

Super Moderator
Re: 4.2.4 Control of records

Here's a real quick hint...Don't create a procedure that looks pretty just to try and make an auditor or someone happy.....Look at what you do at the present and if it meets the requirements of 4.2.4 don't change anything..All you have to do is meet the minimum .
 
K

Kirin

Re: 4.2.4 Control of records

Thanks for the advice Randy.

I think the main problem with what we do at present is that (apart from the records themselves) everything is intangible i.e. everyone knows what records we need to keep, where we need to keep them, how to dispose/backup etc., there is just nothing that formally states it.

Also, my idea about having an overall record register will help me identify gaps/potential improvements as to how we are currently controlling our records, so initailly it will be more work, but should eventually assist continual improvement.
 

qusys

Trusted Information Resource
Re: 4.2.4 Control of records

Thanks for the advice Randy.

I think the main problem with what we do at present is that (apart from the records themselves) everything is intangible i.e. everyone knows what records we need to keep, where we need to keep them, how to dispose/backup etc., there is just nothing that formally states it.

Also, my idea about having an overall record register will help me identify gaps/potential improvements as to how we are currently controlling our records, so initailly it will be more work, but should eventually assist continual improvement.

What should guide to do this with records and their archivial are law and regulation compliance as well as customer's requirements:bigwave:
 
J

Jason PCSwitches

Re: 4.2.4 Control of records

Thanks for the advice Randy.

I think the main problem with what we do at present is that (apart from the records themselves) everything is intangible i.e. everyone knows what records we need to keep, where we need to keep them, how to dispose/backup etc., there is just nothing that formally states it.

Also, my idea about having an overall record register will help me identify gaps/potential improvements as to how we are currently controlling our records, so initailly it will be more work, but should eventually assist continual improvement.

I think it's a good idea to create a register listing all of the documents your organization uses. You may want to not only list records, but also the documented procedures as well. This will not only allow everyone to have vision of the documents utilized by your QMS, but also provide a solid form of management. Anytime a procedure or record is revised the register will be updated and you can circulate the changes to all associated personnel. Ideally this will be controlled by a single, central department or person to ensure anytime anything is revised it properly gets reviewed, documented, and that notification is circulated.

As you stated, once set-up, it's fairly easy to maintain and is effective.
 
K

Kirin

Re: 4.2.4 Control of records

What should guide to do this with records and their archivial are law and regulation compliance as well as customer's requirements:bigwave:

I'm confused.

I didn't say that records are not kept or cannot be found effectively, I just said there is no procedure written down; that doesn't mean there isn't one.
 

Jim Wynne

Leader
Admin
Re: 4.2.4 Control of records

I'm confused.

I didn't say that records are not kept or cannot be found effectively, I just said there is no procedure written down; that doesn't mean there isn't one.

I think what qusys means is that in addition to the requirements of the standard, you need to consider legal and regulatory requirements (if there are any) with regard to records management.
 
J

Jason PCSwitches

Re: 4.2.4 Control of records

I'm confused.

I didn't say that records are not kept or cannot be found effectively, I just said there is no procedure written down; that doesn't mean there isn't one.

For example some, if not most, customers flow-down record retention requirements in their T's & C's or QA clauses. Usually 7-10 years. Another example is the FAA, which has a standard requirement of 10 years. These requirements should be taken into consideration when you define your record requirements in your procedure.
 

somashekar

Leader
Admin
Make a list of all records that you need for the effective QMS implementation and maintenance. This is your first column. The ISO9001 also guides you with the records requirements at various processes.
Now for each of those records, mention how the various control activities of identification, storage, protection, retrieval, retention and disposition are performed. These will be in your subsequent columns. So you would have a simple 8 column procedure that meets the requirement.
Records shall remain legible, readily identifiable and retrievable.
Anything else is extra.
 
Last edited:

qusys

Trusted Information Resource
Re: 4.2.4 Control of records

I'm confused.

I didn't say that records are not kept or cannot be found effectively, I just said there is no procedure written down; that doesn't mean there isn't one.

I confirm what Jim and Jason said.
Thank you , Covers for this.
I would like to add that there are stringent record retention issue in the automotive market, just because an organization could face safety issues in case of accident for which it could have liability.:bigwave:
 
Top Bottom