Control of Duplicate Documents - Limited Scope (long)

#1
Hello, Covers! Long time listener, first time caller.

First of all, many thanks for the help you guys have (unknowingly) given me over the years. You have been a light in the darkness. I was thrown unprepared into the ISO realm, and I leaned on this forum frequently to survive.

My situation: I am helping my old company transition to the 9001: 2015 version. They do light assembly, kitting, rework, etc., nothing too technical. They have over 100 customers and only 2 of them mandate an ISO certification. Management has decided they want to limit the scope of the QMS to just the areas that involve those 2 customers, and call the rest of the operation “ISO Compliant”. I have found a registrar who will do this.

I don’t want to start a discussion as to the validity of this approach. FWIW, I see this as a bastardization of the ISO intentions, and, in a way, this is “cheating”. I imagine most of you do too. However, this company has no chance of passing an audit of the entire operation, and limiting the scope is their only hope. I’m just trying to do the job they are paying me to do.

I now have 2 sets of documents: one is the exiting set, that will be kept for the “Compliant” areas, and one for the 2 auditable areas. Some documents will be exactly the same for both areas, while some will have slight tweaks, and some are completely new.

I have gotten myself confused on documentation.

1. I am thinking of renaming the auditable set of docs, with the prefix LS (Limited Scope), to set them apart. They would each have their own table of contents on the company intranet. Should I rename the docs that are the same in both systems?

2. Revison history. For instance, the Quality Manual has a revison level of M. If I rename it LS – Quality Manual, and call it an Original Issue, should I wipe out the revison history, even though that doc has been changed several times over the years? How would I handle new revisons if I keep the same history for both?

3. Are there other issues am I not seeing? Am I overthinking the whole thing?

Thanks in advance, and sorry for the length of this post. As I said, I have been left alone in this task, and sometimes my logic gets circular with no one to bounce things off of.
 
Elsmar Forum Sponsor

howste

Thaumaturge
Super Moderator
#2
That sounds pretty complicated. It seems like if you do that you'll be doing extra work instead of doing less work.

A simpler way may be to make addendums to the existing procedures that only apply to the "certifiable" processes. For example you could have a quality manual (QM) that you use for all processes, and then an addendum to it (QMA) that adds additional or changed requirements for the areas within the ISO 9001 scope. You could have a control of nonconforming material procedure (procedure XXXX) and an addendum (procedure XXXA) that adds or changes requirements. Each document could then be controlled separately with its own revision number and history.

I don’t want to start a discussion as to the validity of this approach. FWIW, I see this as a bastardization of the ISO intentions, and, in a way, this is “cheating”. I imagine most of you do too. However, this company has no chance of passing an audit of the entire operation, and limiting the scope is their only hope. I’m just trying to do the job they are paying me to do.
IMO calling the other processes "ISO compliant" would be a blatant lie. And since, to me, the basic requirements of the standard are meant to help the company and for the most part just make business sense, the company may be shooting itself in the foot. It's possible that after the limited areas achieve certification they may start to outperform the other areas (if the implementation is done well). If so, then leadership may decide to go all in for the other areas as well.
 

Golfman25

Trusted Information Resource
#3
I'll agree with Howtse. Seems like you're creating more work. Two sets of documents will lead to problems. It's not like ISO is all that hard to comply with. Have done a gap analysis and verified that your non-compliant areas are actually non-compliant? Could you tweak what you do where necessary?
 
#4
Thanks, howste. Addendums are interesting, but I'm still creating extra work for myself, just by having 2 systems, am I not? I can't see a way around it.

More background (at the risk of thread creep): this company has been certified for 11 years, for all processes. But, because they had the same shoddy external auditor for 10 years -a guy who came in, chatted about the weather, and then signed off on the certification - they have gotten lazy and now don't have the stomach to do the QMS the right way. Thus the decision to back it down to the 2 mandated areas. Since I really expect the "compliant" docs to wither and die, without the threat of an audit, I am trying to get the auditable docs to stand on their own.

Sorry for the cynicism. Again, this is my old company - I had reasons for leaving.
 

howste

Thaumaturge
Super Moderator
#5
Ouch. I guess you can take their money, but without hope for real change.

Just keep the documents that are already there then. And when the "noncompliant" processes decide to do something different state, state that in the procedure:
"Nonconforming material for customers A and B will be reworked, repaired with customer permission, or segregated/scrapped. Nonconforming material for all other customers will be regraded and sold on eBay to the highest bidder."
:notme:
 

RoxaneB

Super Moderator
Super Moderator
#6
Call me crazy, but why can't your "ISO compliant" areas also use the documentation for the areas that are within scope of your registration?

It's like the difference between being a certified Internal Auditor versus just an Internal Auditor. Both follow the auditing procedures within the organizaiton, but one has actually gone on a course outside of the organization.

If you think about, being ISO compliant means following the documentation developed as part of your registered QMS, it's just they haven't gone through th full process of becoming registered.
 
Thread starter Similar threads Forum Replies Date
Z Software for design control ISO 13485:2016 - Medical Device Quality Management Systems 3
K Quality Control/Assurance in the Metal Industry Quality Tools, Improvement and Analysis 10
K Defining risk control measures IEC 62304 - Medical Device Software Life Cycle Processes 13
J Warehouse temperature and humidity control EU Medical Device Regulations 5
Jimmy123 IATF16949 Control Plan FMEA and Control Plans 1
D Control Number for Class III and IV devices Canada Medical Device Regulations 0
J Document Control Metrics Document Control Systems, Procedures, Forms and Templates 3
I Document Control Software Document Control Systems, Procedures, Forms and Templates 2
T Controlling Expandable Forms in Paper-Based Document Control System Document Control Systems, Procedures, Forms and Templates 10
N ISO 13485 7.3.9 Change control in medical device software ISO 13485:2016 - Medical Device Quality Management Systems 6
C UDI Questions on Control Units Other US Medical Device Regulations 6
A Quality Control Datasheets Inspection, Prints (Drawings), Testing, Sampling and Related Topics 2
M Control-self assessment Internal Auditing 5
GreatNate Master Control QMS software Quality Tools, Improvement and Analysis 0
A Prototype control plan FMEA and Control Plans 2
J Records Control - Does each individual record need to be numbered? Records and Data - Quality, Legal and Other Evidence 2
shimonv Document Control Procedure Header Content Document Control Systems, Procedures, Forms and Templates 3
W FMEA - Current control and occurrence rating FMEA and Control Plans 3
S Which department should prepare the control plan? could you show me a standard regarding to this matter. FMEA and Control Plans 17
G Control Plan & PFMEA Review Procedure? FMEA and Control Plans 1
N What are the software audit and control steps Reliability Analysis - Predictions, Testing and Standards 2
A Fabric roll inspection - What type of Control Chart to use? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 2
C Monitoring and Control Instruments RoHS, REACH, ELV, IMDS and Restricted Substances 3
M ISO14971:2019 - Verification of implementation and effectiveness of risk control ISO 14971 - Medical Device Risk Management 3
T Risks arising from control measures vs. ineffective control measures ISO 14971 - Medical Device Risk Management 11
J Need Change Control Yes/No Decision Tree Template ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
P IQ, OQ, PQ protocol, and report templates for Distributed Control Systems in Pharmaceutical Manufacturing Systems. Qualification and Validation (including 21 CFR Part 11) 0
R Risk control measures as per ISO 14971 ISO 14971 - Medical Device Risk Management 6
T Linking Control Plans and PFMEA's FMEA and Control Plans 3
L How to add exemption or statement to control of document procedure? ISO 13485:2016 - Medical Device Quality Management Systems 5
T PFMEA and Control Plans on legacy product FMEA and Control Plans 5
P IATF 16949 requirement - error-proofing in control plan IATF 16949 - Automotive Quality Systems Standard 3
C 8.5.1.1 Control of Equipment, Tools, and Software Programs - Questions about the extent of control of NC programs AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Q Version/Revision Control of CAD files Document Control Systems, Procedures, Forms and Templates 2
earl62 What is the best way to control special characteristics in Control plan? Is it Mandatory to have SPC for IATF 16949? IATF 16949 - Automotive Quality Systems Standard 12
I Control Plan (Product/Process specification/ Tolerance) acceptance FMEA and Control Plans 27
Sravan Manchikanti How to interpret '8.3 Control of nonconforming product' for SaMD device while implementing ISO 13485 & MDSAP ISO 13485:2016 - Medical Device Quality Management Systems 7
Z Putting back excluded rows/data points in a control chart Using Minitab Software 0
J Control Plan use on the manufacturing floor FMEA and Control Plans 4
E Change in control plan - Do I have to do sampling? IATF 16949 - Automotive Quality Systems Standard 1
D All Dimensions listed on control plan FMEA and Control Plans 10
W Need for current design or process control FMEA and Control Plans 2
Q ISO 9001 8.5.1 - Control of production and service performance ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
A What is the difference between Design Process, Process Design and Design Control? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
A Beginners help with ISO3951-2 Combined control s-method n>5 what is Phi ?? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 0
C Corrective action for failure in documents control ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
B Control chart and sample time Statistical Analysis Tools, Techniques and SPC 1
DuncanGibbons Manufacturing Plan vs Material Specification vs Control Plan Manufacturing and Related Processes 5
J Control chart for huge sample size Statistical Analysis Tools, Techniques and SPC 9
K Contamination Control - Class Is medical devices (Clause 6.4.2 ISO 13485:2016 (E)) ISO 13485:2016 - Medical Device Quality Management Systems 12

Similar threads

Top Bottom