Control of Duplicate Documents - Limited Scope (long)

#1
Hello, Covers! Long time listener, first time caller.

First of all, many thanks for the help you guys have (unknowingly) given me over the years. You have been a light in the darkness. I was thrown unprepared into the ISO realm, and I leaned on this forum frequently to survive.

My situation: I am helping my old company transition to the 9001: 2015 version. They do light assembly, kitting, rework, etc., nothing too technical. They have over 100 customers and only 2 of them mandate an ISO certification. Management has decided they want to limit the scope of the QMS to just the areas that involve those 2 customers, and call the rest of the operation “ISO Compliant”. I have found a registrar who will do this.

I don’t want to start a discussion as to the validity of this approach. FWIW, I see this as a bastardization of the ISO intentions, and, in a way, this is “cheating”. I imagine most of you do too. However, this company has no chance of passing an audit of the entire operation, and limiting the scope is their only hope. I’m just trying to do the job they are paying me to do.

I now have 2 sets of documents: one is the exiting set, that will be kept for the “Compliant” areas, and one for the 2 auditable areas. Some documents will be exactly the same for both areas, while some will have slight tweaks, and some are completely new.

I have gotten myself confused on documentation.

1. I am thinking of renaming the auditable set of docs, with the prefix LS (Limited Scope), to set them apart. They would each have their own table of contents on the company intranet. Should I rename the docs that are the same in both systems?

2. Revison history. For instance, the Quality Manual has a revison level of M. If I rename it LS – Quality Manual, and call it an Original Issue, should I wipe out the revison history, even though that doc has been changed several times over the years? How would I handle new revisons if I keep the same history for both?

3. Are there other issues am I not seeing? Am I overthinking the whole thing?

Thanks in advance, and sorry for the length of this post. As I said, I have been left alone in this task, and sometimes my logic gets circular with no one to bounce things off of.
 
Elsmar Forum Sponsor

howste

Thaumaturge
Trusted Information Resource
#2
That sounds pretty complicated. It seems like if you do that you'll be doing extra work instead of doing less work.

A simpler way may be to make addendums to the existing procedures that only apply to the "certifiable" processes. For example you could have a quality manual (QM) that you use for all processes, and then an addendum to it (QMA) that adds additional or changed requirements for the areas within the ISO 9001 scope. You could have a control of nonconforming material procedure (procedure XXXX) and an addendum (procedure XXXA) that adds or changes requirements. Each document could then be controlled separately with its own revision number and history.

I don’t want to start a discussion as to the validity of this approach. FWIW, I see this as a bastardization of the ISO intentions, and, in a way, this is “cheating”. I imagine most of you do too. However, this company has no chance of passing an audit of the entire operation, and limiting the scope is their only hope. I’m just trying to do the job they are paying me to do.
IMO calling the other processes "ISO compliant" would be a blatant lie. And since, to me, the basic requirements of the standard are meant to help the company and for the most part just make business sense, the company may be shooting itself in the foot. It's possible that after the limited areas achieve certification they may start to outperform the other areas (if the implementation is done well). If so, then leadership may decide to go all in for the other areas as well.
 

Golfman25

Trusted Information Resource
#3
I'll agree with Howtse. Seems like you're creating more work. Two sets of documents will lead to problems. It's not like ISO is all that hard to comply with. Have done a gap analysis and verified that your non-compliant areas are actually non-compliant? Could you tweak what you do where necessary?
 
#4
Thanks, howste. Addendums are interesting, but I'm still creating extra work for myself, just by having 2 systems, am I not? I can't see a way around it.

More background (at the risk of thread creep): this company has been certified for 11 years, for all processes. But, because they had the same shoddy external auditor for 10 years -a guy who came in, chatted about the weather, and then signed off on the certification - they have gotten lazy and now don't have the stomach to do the QMS the right way. Thus the decision to back it down to the 2 mandated areas. Since I really expect the "compliant" docs to wither and die, without the threat of an audit, I am trying to get the auditable docs to stand on their own.

Sorry for the cynicism. Again, this is my old company - I had reasons for leaving.
 

howste

Thaumaturge
Trusted Information Resource
#5
Ouch. I guess you can take their money, but without hope for real change.

Just keep the documents that are already there then. And when the "noncompliant" processes decide to do something different state, state that in the procedure:
"Nonconforming material for customers A and B will be reworked, repaired with customer permission, or segregated/scrapped. Nonconforming material for all other customers will be regraded and sold on eBay to the highest bidder."
:notme:
 

RoxaneB

Change Agent and Data Storyteller
Super Moderator
#6
Call me crazy, but why can't your "ISO compliant" areas also use the documentation for the areas that are within scope of your registration?

It's like the difference between being a certified Internal Auditor versus just an Internal Auditor. Both follow the auditing procedures within the organizaiton, but one has actually gone on a course outside of the organization.

If you think about, being ISO compliant means following the documentation developed as part of your registered QMS, it's just they haven't gone through th full process of becoming registered.
 
Thread starter Similar threads Forum Replies Date
S Linking control chart with control plan Statistical Analysis Tools, Techniques and SPC 5
T IEC 62304 : Risk control for SaMD IEC 62304 - Medical Device Software Life Cycle Processes 8
N Change Control for processes & products Manufacturing and Related Processes 6
Q Change Control Numbering system Document Control Systems, Procedures, Forms and Templates 6
S Operation of possible rework in control plan FMEA and Control Plans 8
K MHLW MO169 2021 Japan Ministerial Ordinance on Standards for Manufacturing Control and Quality Control for Medical Devices and In-Vitro Diagnostics Japan Medical Device Regulations 2
D Using electronic lab notebooks in the design control process ISO 13485:2016 - Medical Device Quality Management Systems 3
M Process & Product Characteristic in Control Plan FMEA and Control Plans 17
D How to calculate the A4 constants in Median/Range control charts? Statistical Analysis Tools, Techniques and SPC 2
Nihls Quality Control (stability) Chart for CMM's - How the control limits are to be calculated Capability, Accuracy and Stability - Processes, Machines, etc. 2
M Change control on Tracking Sheet ISO 13485:2016 - Medical Device Quality Management Systems 11
K COPLANARITY: Composite profile tolerance on multiple surfaces- what does" lower dimensional reference frame tolerance" control? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 11
M Medical Device Marketing Material - Control of Social Media 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
M Does 4.5 - Alternative RISK CONTROL apply to the Particular Standards? IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
H Control of Change i.e. process and WI IATF 16949 - Automotive Quality Systems Standard 9
Sonja D AIAG VDA PFMEA and Control Plan training FMEA and Control Plans 6
F Quality Control in Electrical Calibration ISO 17025 related Discussions 0
Z Why Control Limits are not the same depending on type of exclusion of data points Using Minitab Software 7
D Engineering Change order vs. Change Control ISO 13485:2016 - Medical Device Quality Management Systems 3
D Computer access, password control ISO 13485:2016 - Medical Device Quality Management Systems 6
A How to control distribution list? Document Control Systems, Procedures, Forms and Templates 2
A Control plan for IATF - example? FMEA and Control Plans 1
J ISO 9001:2015 Clause 8.5.1 Control of Production and service provision - Help with Work Instruction Access ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
A Final quality control corrective actions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
J Training on the importance of Document Control Document Control Systems, Procedures, Forms and Templates 3
G How to implement H&S and Quality Control Requirements in Contract for Potential Supplier? Contract Review Process 6
D GAMP CAT 5 Change Control Qualification and Validation (including 21 CFR Part 11) 9
D Use Error Risk Controls and Control Verification ISO 14971 - Medical Device Risk Management 6
S Maintenence related action in Control plan FMEA and Control Plans 3
M ISO 13485 and document control for programs ISO 13485:2016 - Medical Device Quality Management Systems 6
R Control Methods in Control Plan FMEA and Control Plans 5
M Design Control - Management of Electronic CAD files Design and Development of Products and Processes 14
S TSCA (Toxic Substances Control Act) PIP 3:1 RoHS, REACH, ELV, IMDS and Restricted Substances 0
S Use of Attributes Control Charts Statistical Analysis Tools, Techniques and SPC 1
U Appraiser Out of Control Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 5
L Looking for Control Plan and FMEA Stamping process FMEA and Control Plans 2
Z AS9100 Control of Nonconforming Outputs - Rework Dispositions AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 8
K ASME, ANSI, ASTM and similar specifications and their requirements for document control. Inspection, Prints (Drawings), Testing, Sampling and Related Topics 8
Z Software for design control ISO 13485:2016 - Medical Device Quality Management Systems 5
K Quality Control/Assurance in the Metal Industry Quality Tools, Improvement and Analysis 10
K Defining risk control measures IEC 62304 - Medical Device Software Life Cycle Processes 14
J Warehouse temperature and humidity control EU Medical Device Regulations 7
Jimmy123 IATF16949 Control Plan FMEA and Control Plans 1
D Control Number for Class III and IV devices Canada Medical Device Regulations 1
J Document Control Metrics Document Control Systems, Procedures, Forms and Templates 3
I Document Control Software Document Control Systems, Procedures, Forms and Templates 2
T Controlling Expandable Forms in Paper-Based Document Control System Document Control Systems, Procedures, Forms and Templates 10
N ISO 13485 7.3.9 Change control in medical device software ISO 13485:2016 - Medical Device Quality Management Systems 6
C UDI Questions on Control Units Other US Medical Device Regulations 6
A Quality Control Datasheets Inspection, Prints (Drawings), Testing, Sampling and Related Topics 2

Similar threads

Top Bottom