dpenbert
Registered
I have a scenario below that I would like to seek advice in order to check compliance to AS9100 7.5.3 for process document control.
1. A secure windows network folder location houses the latest approved work instruction documents and only approved personnel are allowed edit access to these documents.
2. The document update process is manual and requires a review and approval process before making any document changes.
3. Since the document update process is manual, one of the approved personnel could go into a folder, open a document, make changes to a document and save it without any approval. Not saying they would but they could.
AS9100 7.5.3.2 lists "When documented information is managed electronically, data protection processes shall be defined (e.g., protection from loss, unauthorized changes, unintended alteration, corruption, physical damage).
The documents are managed electronically in network folders, however, multiple personnel could change and save the documents (these personnel are trained and granted access by the document control coordinator). This process depends on multiple personnel not making unauthorized changes. Though with any manual process, there is a documented process to follow and we trust our trained/approved personnel to follow.
Perhaps the best practice would be to create an electronic document control with a system that controls who can make changes, who approves and documents and secures all files. However, when only using network folders, manual change management can we still meet AS9100 requirements?
Thank you for your input, David
1. A secure windows network folder location houses the latest approved work instruction documents and only approved personnel are allowed edit access to these documents.
2. The document update process is manual and requires a review and approval process before making any document changes.
3. Since the document update process is manual, one of the approved personnel could go into a folder, open a document, make changes to a document and save it without any approval. Not saying they would but they could.
AS9100 7.5.3.2 lists "When documented information is managed electronically, data protection processes shall be defined (e.g., protection from loss, unauthorized changes, unintended alteration, corruption, physical damage).
The documents are managed electronically in network folders, however, multiple personnel could change and save the documents (these personnel are trained and granted access by the document control coordinator). This process depends on multiple personnel not making unauthorized changes. Though with any manual process, there is a documented process to follow and we trust our trained/approved personnel to follow.
Perhaps the best practice would be to create an electronic document control with a system that controls who can make changes, who approves and documents and secures all files. However, when only using network folders, manual change management can we still meet AS9100 requirements?
Thank you for your input, David