Controlling Documents: Beyond the standard, how do we truly define what to control

[cafoltz]

This has probably been visited before but I have been unable to find what I am looking for. As a company we are struggling to define what should and should not be controlled. ISO 9001 and Auditors always begin telling us that it is our choice but as we are audited it seems as everything becomes controlled. In our current situation it has gotten out of hand. Not EVERY document needs or should be controlled. It is affecting how well we can do our job and is making people cringe whenever they do anything on paper. I would like this discussion to be a positive influence on how, as a company, we can define what NEEDS to be controlled. I understand the standard places certain regulations but I also understand the each Auditor is different. For this reason I believe with a well formulated plan we will be able to win the approval of our Auditor. Any and all feedback is appreciated. Please help us and yourselves make your company better and more efficient.

 

[MEDQA]

Re: Controlling Documents: Beyond the standard, how do we truly define control.

What problems specifically are you having? What are you trying to improve?

Drawings and customer control plans are "controlled" = identified with a Red stamp that is not permitted to be copied. There is a database that details distribution. All copies are known and updated when revised.

Forms, inspection sheets etc. are "controlled" = master copy is identified in yellow highlighter as "Master" in a Master Binder. All Copies are to be made from the Master. Copy locations are known via a database. Master and floor copies are updated when revised. All extra copies of product specific documents are tossed when product changes over.

Work instructions / Procedures are "controlled" = They are kept ONLY in known binders.

All the above are where needed in order to enable people to perform their jobs.

 

[Wes Bucey]

Re: Controlling Documents: Beyond the standard, how do we truly define control.

This has probably been visited before but I have been unable to find what I am looking for. As a company we are struggling to define what should and should not be controlled. ISO 9001 and Auditors always begin telling us that it is our choice but as we are audited it seems as everything becomes controlled. In our current situation it has gotten out of hand. Not EVERY document needs or should be controlled. It is affecting how well we can do our job and is making people cringe whenever they do anything on paper. I would like this discussion to be a positive influence on how, as a company, we can define what NEEDS to be controlled. I understand the standard places certain regulations but I also understand the each Auditor is different. For this reason I believe with a well formulated plan we will be able to win the approval of our Auditor. Any and all feedback is appreciated. Please help us and yourselves make your company better and more efficient.

What problems specifically are you having? What are you trying to improve?

Drawings and customer control plans are "controlled" = identified with a Red stamp that is not permitted to be copied. There is a database that details distribution. All copies are known and updated when revised.

Forms, inspection sheets etc. are "controlled" = master copy is identified in yellow highlighter as "Master" in a Master Binder. All Copies are to be made from the Master. Copy locations are known via a database. Master and floor copies are updated when revised. All extra copies of product specific documents are tossed when product changes over.

Work instructions / Procedures are "controlled" = They are kept ONLY in known binders.

All the above are where needed in order to enable people to perform their jobs.

"Show me the shall" please. May we have a citation from any ISO Quality Management Standard which says a controlled document shall not be copied? Perhaps you meant the stamp? Is there a citation for stamping any document in any color? Similarly for "yellow highlighter." I suppose a "database" also includes paper based indices for those of us dinosaurs who have not yet digitized every document in our system. I don't recall a "shall" for a Master Binder, either. Could you provide that citation, too, please?

After all, I'm an old guy and my weak eyes and encroaching senility may be hampering my reading ability

 

[somashekar]

Re: Controlling Documents: Beyond the standard, how do we truly define what to contro

This has probably been visited before but I have been unable to find what I am looking for. As a company we are struggling to define what should and should not be controlled. ISO 9001 and Auditors always begin telling us that it is our choice but as we are audited it seems as everything becomes controlled. In our current situation it has gotten out of hand. Not EVERY document needs or should be controlled. It is affecting how well we can do our job and is making people cringe whenever they do anything on paper. I would like this discussion to be a positive influence on how, as a company, we can define what NEEDS to be controlled. I understand the standard places certain regulations but I also understand the each Auditor is different. For this reason I believe with a well formulated plan we will be able to win the approval of our Auditor. Any and all feedback is appreciated. Please help us and yourselves make your company better and more efficient.

Apart from the mandatory documents that the standard demands, all your other procedures that are documented (and controlled) depends upon you all in the organization and the maturity about the QMS that you all manage.
Before your thought about certification to ISO9001, all of you within your organization must be certainly working to a set system, and each of you understand the 5W+1H of every task. The QMS only gets it more visibility across the organization and builds a good web of process approach considering the process and interactions that happens within your organization to meet the customers requirement.
If everyone of you have the same 5W+1H understanding of what happens in your work process, your documents (and controls of them) will be fairly less. If in this process, you wish to build more clarity, more strength, consistancy, take away personnel dependency., then you get those procedures documented and controlled which helps you to achieve this goal of yours. There is no super auditor who can walk in and tell you what documents you need to control, however a very sensible auditor when he audits can show you what is lacking and so what is a NC, which can help you better in deciding what more needs to be documented and controlled (or existing document to be controlled)
This is where the internal audits plays a vital part for you in the QMS. You perhaps will never internal audit if you never seek certification.
If you do a 5W+1H analysis of every process seriously, and determine there is sufficient strength in that process and changes in that process have good internal communication, then perhaps your documentation of that process (and control thereoff) is not required within your QMS.
Now you can perhaps take a fresh look at controlling documents beyond the standard...

>>>> aaah and welcome to the Elsmar cove cafoltz ...

 

[MEDQA]

Re: Controlling Documents: Beyond the standard, how do we truly define what to contro

Our "shalls" are in our procedures. Our method or definition of "control" has been developed based on our company needs and experiences.

Yes, red "Controlled" stamped documents may not be duplicated.

 

[Wes Bucey]

Re: Controlling Documents: Beyond the standard, how do we truly define what to contro

Our "shalls" are in our procedures. Our method or definition of "control" has been developed based on our company needs and experiences.

Yes, red "Controlled" stamped documents may not be duplicated.

So, I guess what you are saying is that these "shalls" are created in YOUR organization, and you are only "suggesting" others adopt your "shalls" instead of the ones contained in any ISO Standard. Is that a fair summary?

 

[dkusleika]

Re: Controlling Documents: Beyond the standard, how do we truly define what to contro

I find it useful to think about the effects of failing to control the document. I look at 4.2.3a-g and ask what would happen if the document wasn't controlled.

For instance, documents are required to be approved for adequacy prior to use. If I have a work instruction that's inadequate, I might end up with nonconforming product. That's serious, so I control that document. On the other hand, if I have a list of hand tools that should be at a particular workstation that's inadequate, the effect might be an inconvenience to the operator or inefficiencies in having too many tools at that workstation. It's not the best practice, but it's not earth-shattering, so I don't control it.

While I consider all of the subpoints of 4.2.3, f & g carry more weight for me. What happens when a tech is using an obsolete bill of materials because I didn't control its distribution? At best, I fail verification tests and cause rework. At worst, nonconforming product is shipped. It's serious so I control it. If someone is using an out of date phone list, they get a wrong number. I don't control it.

I'm not an auditor and I don't pretend to understand the differences between one auditor and the next. But I hope by applying some rigor to determining whether a documents should be controlled, an auditor will be happy that it isn't haphazard.

 

[Jim Wynne]

Re: Controlling Documents: Beyond the standard, how do we truly define what to contro

I find it useful to think about the effects of failing to control the document. I look at 4.2.3a-g and ask what would happen if the document wasn't controlled.

For instance, documents are required to be approved for adequacy prior to use. If I have a work instruction that's inadequate, I might end up with nonconforming product. That's serious, so I control that document. On the other hand, if I have a list of hand tools that should be at a particular workstation that's inadequate, the effect might be an inconvenience to the operator or inefficiencies in having too many tools at that workstation. It's not the best practice, but it's not earth-shattering, so I don't control it.

While I consider all of the subpoints of 4.2.3, f & g carry more weight for me. What happens when a tech is using an obsolete bill of materials because I didn't control its distribution? At best, I fail verification tests and cause rework. At worst, nonconforming product is shipped. It's serious so I control it. If someone is using an out of date phone list, they get a wrong number. I don't control it.

I'm not an auditor and I don't pretend to understand the differences between one auditor and the next. But I hope by applying some rigor to determining whether a documents should be controlled, an auditor will be happy that it isn't haphazard.

I agree--the best way to determine whether or not to control a document is to consider the possible bad things that could happen if it weren't controlled.

 

[cafoltz]

Re: Controlling Documents: Beyond the standard, how do we truly define what to contro

There has been some great information posted, Thank You to everyone. To extend a little farther onto the situation. As a company we give anyone the right to create a Work Instruction/Form etc. but it of course goes through the necessary approvals to meet adequacy etc. The problem we have is that the supervisors are unsure of what needs to be controlled and we have no way of giving a matrix or some guidelines to decide what should be controlled. While I understand a matrix is nearly impossible I also would like to avoid having myself and others of the team have to decide what new documents should and shouldn't be controlled.

To bring an example to the table: we have a document that operators log the discrepancies in cable lengths. They do not record it for financial purposes or anything of that sort but rather to see if the machine is consistently making an error so that it can be adjusted. Now our stance is that this should not be recorded. It does not affect customer quality as when we string the cables they are able to be measured along the board. The problem I see is that an auditor could say this affects the process financially because it could save cable and thus input costs. I could also see an auditor claiming that it affects customer quality if operators begin relying on the machine being correct and not watching the measuring tape on the wire loom line. Just an example that I could see an auditor being sticky about if they so choose.

 

[JaneB]

Re: Controlling Documents: Beyond the standard, how do we truly define what to contro

It is affecting how well we can do our job and is making people cringe whenever they do anything on paper. I would like this discussion to be a positive influence on how, as a company, we can define what NEEDS to be controlled. I understand the standard places certain regulations but I also understand the each Auditor is different. For this reason I believe with a well formulated plan we will be able to win the approval of our Auditor.

Design your system to work well for you and of course to meet requirements. Whether an auditor 'approves' or not is beside the point.

But if people are 'cringing'... is it at all possible that your control system is unnecessarily bureaucratic or combersome? Could it be streamlined or simplified for example?

It's nigh impossible to give any but guidelines or examples of what needs control. And frankly, I prefer that, with educating people about what kinds of things need control and the why. Because utlimately it is, or should be, about making sure that information is accurate and can be relied upon.