Control of Duplicate Documents - Limited Scope (long)

#1
Hello, Covers! Long time listener, first time caller.

First of all, many thanks for the help you guys have (unknowingly) given me over the years. You have been a light in the darkness. I was thrown unprepared into the ISO realm, and I leaned on this forum frequently to survive.

My situation: I am helping my old company transition to the 9001: 2015 version. They do light assembly, kitting, rework, etc., nothing too technical. They have over 100 customers and only 2 of them mandate an ISO certification. Management has decided they want to limit the scope of the QMS to just the areas that involve those 2 customers, and call the rest of the operation “ISO Compliant”. I have found a registrar who will do this.

I don’t want to start a discussion as to the validity of this approach. FWIW, I see this as a bastardization of the ISO intentions, and, in a way, this is “cheating”. I imagine most of you do too. However, this company has no chance of passing an audit of the entire operation, and limiting the scope is their only hope. I’m just trying to do the job they are paying me to do.

I now have 2 sets of documents: one is the exiting set, that will be kept for the “Compliant” areas, and one for the 2 auditable areas. Some documents will be exactly the same for both areas, while some will have slight tweaks, and some are completely new.

I have gotten myself confused on documentation.

1. I am thinking of renaming the auditable set of docs, with the prefix LS (Limited Scope), to set them apart. They would each have their own table of contents on the company intranet. Should I rename the docs that are the same in both systems?

2. Revison history. For instance, the Quality Manual has a revison level of M. If I rename it LS – Quality Manual, and call it an Original Issue, should I wipe out the revison history, even though that doc has been changed several times over the years? How would I handle new revisons if I keep the same history for both?

3. Are there other issues am I not seeing? Am I overthinking the whole thing?

Thanks in advance, and sorry for the length of this post. As I said, I have been left alone in this task, and sometimes my logic gets circular with no one to bounce things off of.
 
Elsmar Forum Sponsor

howste

Thaumaturge
Super Moderator
#2
That sounds pretty complicated. It seems like if you do that you'll be doing extra work instead of doing less work.

A simpler way may be to make addendums to the existing procedures that only apply to the "certifiable" processes. For example you could have a quality manual (QM) that you use for all processes, and then an addendum to it (QMA) that adds additional or changed requirements for the areas within the ISO 9001 scope. You could have a control of nonconforming material procedure (procedure XXXX) and an addendum (procedure XXXA) that adds or changes requirements. Each document could then be controlled separately with its own revision number and history.

I don’t want to start a discussion as to the validity of this approach. FWIW, I see this as a bastardization of the ISO intentions, and, in a way, this is “cheating”. I imagine most of you do too. However, this company has no chance of passing an audit of the entire operation, and limiting the scope is their only hope. I’m just trying to do the job they are paying me to do.
IMO calling the other processes "ISO compliant" would be a blatant lie. And since, to me, the basic requirements of the standard are meant to help the company and for the most part just make business sense, the company may be shooting itself in the foot. It's possible that after the limited areas achieve certification they may start to outperform the other areas (if the implementation is done well). If so, then leadership may decide to go all in for the other areas as well.
 

Golfman25

Trusted Information Resource
#3
I'll agree with Howtse. Seems like you're creating more work. Two sets of documents will lead to problems. It's not like ISO is all that hard to comply with. Have done a gap analysis and verified that your non-compliant areas are actually non-compliant? Could you tweak what you do where necessary?
 
#4
Thanks, howste. Addendums are interesting, but I'm still creating extra work for myself, just by having 2 systems, am I not? I can't see a way around it.

More background (at the risk of thread creep): this company has been certified for 11 years, for all processes. But, because they had the same shoddy external auditor for 10 years -a guy who came in, chatted about the weather, and then signed off on the certification - they have gotten lazy and now don't have the stomach to do the QMS the right way. Thus the decision to back it down to the 2 mandated areas. Since I really expect the "compliant" docs to wither and die, without the threat of an audit, I am trying to get the auditable docs to stand on their own.

Sorry for the cynicism. Again, this is my old company - I had reasons for leaving.
 

howste

Thaumaturge
Super Moderator
#5
Ouch. I guess you can take their money, but without hope for real change.

Just keep the documents that are already there then. And when the "noncompliant" processes decide to do something different state, state that in the procedure:
"Nonconforming material for customers A and B will be reworked, repaired with customer permission, or segregated/scrapped. Nonconforming material for all other customers will be regraded and sold on eBay to the highest bidder."
:notme:
 

RoxaneB

Super Moderator
Super Moderator
#6
Call me crazy, but why can't your "ISO compliant" areas also use the documentation for the areas that are within scope of your registration?

It's like the difference between being a certified Internal Auditor versus just an Internal Auditor. Both follow the auditing procedures within the organizaiton, but one has actually gone on a course outside of the organization.

If you think about, being ISO compliant means following the documentation developed as part of your registered QMS, it's just they haven't gone through th full process of becoming registered.
 
Thread starter Similar threads Forum Replies Date
I Control Plan (Product/Process specification/ Tolerance) acceptance FMEA and Control Plans 27
Sravan Manchikanti How to interpret '8.3 Control of nonconforming product' for SaMD device while implementing ISO 13485 & MDSAP ISO 13485:2016 - Medical Device Quality Management Systems 4
Z Putting back excluded rows/data points in a control chart Using Minitab Software 0
J Control Plan use on the manufacturing floor FMEA and Control Plans 4
E Change in control plan - Do I have to do sampling? IATF 16949 - Automotive Quality Systems Standard 1
D All Dimensions listed on control plan FMEA and Control Plans 10
W Need for current design or process control FMEA and Control Plans 2
Q ISO 9001 8.5.1 - Control of production and service performance ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
A What is the difference between Design Process, Process Design and Design Control? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
A Beginners help with ISO3951-2 Combined control s-method n>5 what is Phi ?? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 0
C Corrective action for failure in documents control ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
B Control chart and sample time Statistical Analysis Tools, Techniques and SPC 1
DuncanGibbons Manufacturing Plan vs Material Specification vs Control Plan Manufacturing and Related Processes 4
J Control chart for huge sample size Statistical Analysis Tools, Techniques and SPC 9
K Contamination Control - Class Is medical devices (Clause 6.4.2 ISO 13485:2016 (E)) ISO 13485:2016 - Medical Device Quality Management Systems 12
J 510(k) for a control kit for an external IVD test kit 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
T Assessing Hazard-Related Use Scenarios where control measures exist through standards IEC 62366 - Medical Device Usability Engineering 25
adir88 Documenting Risk Control Option Analysis ISO 14971 - Medical Device Risk Management 8
T Design Control Procedures later in the Development Process ISO 13485:2016 - Medical Device Quality Management Systems 6
L AS5553 Clause 3.1.7 e "Control packaging material ..................reused" AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 0
T Attributes SPC study - Attributive control (Go gage) Statistical Analysis Tools, Techniques and SPC 5
K Process Mapping - Inputs/Outputs/Detail Activities/Control points/Measurement? Process Maps, Process Mapping and Turtle Diagrams 4
S Should safety checks be included in the Control Plan? IATF 16949 - Automotive Quality Systems Standard 5
D Infrastructure: Equipment, Work Environment and Contamination Control ISO 13485:2016 - Medical Device Quality Management Systems 4
Q Relabeler for patent expired product - design control responsibilities? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
J How to make Quality Control plans Quality Tools, Improvement and Analysis 5
I Document Control on Log Files ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
Q Tracking Procedure Revisions (Document Control) Document Control Systems, Procedures, Forms and Templates 9
C Document Control Stamps - Does anyone still stamp their documents? Document Control Systems, Procedures, Forms and Templates 24
D Supplied Product on Control Plan - Lot ranging in 40,000 pcs per product FMEA and Control Plans 3
D IEC 62304 Risk Classification - With and without hardware control IEC 62304 - Medical Device Software Life Cycle Processes 2
J Antiviral Mask or Mask to Mitigate or Control Corona Virus Manufacturing and Related Processes 29
A UDI and Design Controls - Labeling change via the Design Control process 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
I Control of Documentation Distribution - Document Control ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
S Inventory Control - Any thoughts would be appreciated ISO 13485:2016 - Medical Device Quality Management Systems 2
H SPC for special characteristics - CSR - Control of SC and CC Statistical Analysis Tools, Techniques and SPC 1
T Control of downloaded document copies by employees Document Control Systems, Procedures, Forms and Templates 3
T Document control ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 5
M Is there any pre-defined Control plan format/template acc. VDA? VDA Standards - Germany's Automotive Standards 0
B Record Management - Does the QMS need to control templates of records? Records and Data - Quality, Legal and Other Evidence 17
O Inventory control ideas - I have an open stock room with a "sign out" book Manufacturing and Related Processes 9
V IATF 16949 8.4.1 Control of externally provided processes, products and services - Should the CB be on our Approved Supplier List? IATF 16949 - Automotive Quality Systems Standard 10
R Process control documents - Context of API Spec Q1, Clause 5.7.1.3 Other ISO and International Standards and European Regulations 0
D Performance specification as a Risk Control Measure, EN 14971 ISO 14971 - Medical Device Risk Management 7
L Form-dependent position prevention control FMEA and Control Plans 1
S CQI-23 - Molding System Assessment - Control of part weight IATF 16949 - Automotive Quality Systems Standard 5
D Change Control - Product Name Change and its associated labeling EU Medical Device Regulations 7
S Degree of control of distributors - PMS EU Medical Device Regulations 2
M What is "setup control chart"? Statistical Analysis Tools, Techniques and SPC 2
Jimmy123 What is the difference between Error Proofing and Controls? ISO/IATF 16949 - Control Plans FMEA and Control Plans 16

Similar threads

Top Bottom