Document Control - Addressing control of content stored on web sites

[flying fish]

My group has struggled over the years with how to address information control for content stored on web sites (vs. using a document that is created in a word processing program and stored in a control system). Our web sites can often contain policy & procedure-type information, instructions, business management information, etc. Our web sites (and their content) are viewed and used more often than our "controlled documents," making them almost more critical than the documents we so meticulously control!

We have tried to get our web site developers and owners to apply basic document control principles such as including a revision history, obtaining approval of content before "release," and performing periodic reviews of the content, with little success.

It often feels like we're trying to fit a square peg in a round hole, because web sites function as more than "documents" and can be very dynamic, real-time, etc.

ISO is, frankly, a bit behind in this area. Web content, or web pages should be viewed as business-critical information that must be "controlled" in some way. Or, maybe I'm way off....

Do any of you have suggestions for me? Are we viewing web content incorrectly?

 

[Claes Gefvenberg]

Re: Document control

Good question

ISO is, frankly, a bit behind in this area. Web content, or web pages should be viewed as business-critical information that must be "controlled" in some way. Or, maybe I'm way off....

Do any of you have suggestions for me? Are we viewing web content incorrectly?

No, I do not think you are way off. In fact, I think you are right on the button for at least some of the info found in a normal intranet or company website. As for suggestions, I solved a large part of this (very common) problem by kindly but firmly asking people to link information from our procedures rather than just copy and paste it into the intranet.

I also heps that I myself am an intranet editor. That way I can influence the editor group, and they are well aware of the fact that we always have a good look at the intranet before internal audits.

There are still problems, though, and I am very interested to know what others have done to ge this under control.

/Claes

 

[Colin]

Re: Document control

I would want to see who has the authorisation to make changes to documents, however they are stored and distributed. If you can tie that down it should help to stop people making changes 'on the fly'.

Having achieved that you should be able to make the documents 'read only' for the majority of users and leave the editing to just those who approved to do so.

If the people making the changes are authorised to do so, perhaps they need a recap on the document control procedure.

 

[Wes Bucey]

Re: Document control

<SNIP>
ISO is, frankly, a bit behind in this area. Web content, or web pages should be viewed as business-critical information that must be "controlled" in some way. Or, maybe I'm way off....

Do any of you have suggestions for me? Are we viewing web content incorrectly?

There are just so many areas to address where you need help, I'm at a loss where to begin.

First. You (as an organization) must decide what you want the website (or certain pages of it) to do vis a vis your customers, your suppliers, your own employees, your competitors, prospective customers and employees, and casual visitors.

ALL of the text and images on your website are "controlled" to the extent you decide what goes up, what doesn't, and who has viewing and downloading privileges.

There are so many aspects and ways to deliver and frame the text and images to give a worthwhile and effective viewing session to your target viewer that you need a good consultant who can take you on a virtual tour of good and bad business sites to show you the dos and don'ts of good design, security, and effectiveness ("What is the call to action you have in mind for each category of viewer?") Finally, that consultant can help focus the efforts of hired graphic designers and IT folks to give your organization the website it decides it really needs.

Although many of us here could discuss individual technical aspects for your organization's web page, I think you really need to start with the Big Picture and your top executives need to be involved in the decision.

Will you have an interactive site or merely a static "digital format of a telephone directory ad?" If the latter, don't waste time or money on a consultant - it would be like hiring the Green Bay Packers to play against a Peewee football team.

 

[Marc]

Re: Document control

Many companies have product specs (example) on their website. That type of content must be controlled. I just got up and am a bit hazy still, but I know there are other discussions here on website content with respect to document control.

In the case you cite I would say document control is applicable.

 

[xfngrs]

Re: Document control

This is related, but not quite the same. How are people addressing customer specs and requirements that are controlled on the customer's websites? My manager wants me to download each one and DCR and "control" it. But some customers want people to know to always go to their website to get the latest and greatest. Do I differentiate based on the customer? Do I have a database that says the last version was on this date at this link? (The links are constantly changing BTW).

 

[insect warfare]

Re: Document control

Your manager is trying to introduce "scope creep", IMO - probably because he doesn't know any better. You should introduce a little "scope discovery" to make your job a little easier.

Keep things simple....create a register for your own internal reference which identifies where these documents are located, and set up links to each of the customers' websites (don't create links to the individual documents unless you really see a need to, otherwise just create a link to their directories). Then simply update your register periodically as those links change.

Your customers already "control" their documentation, so there shouldn't be any need to "double-control" as if it were internal documentation, since you already have access to it and "internal" documentation is controlled somewhat differently from "external" documentation. After that, the only thing that should be left for you to control would be the "availability" of those documents.

Brian

 

[xfngrs]

Re: Document control

Thanks. GM still has a requirement of validating the current version of specs annually...which is near impossible as they change numbering, names, etc. So for them I'd still need to record the current revs though, correct?

 

[insect warfare]

If GM requires that, then yes "annual" becomes their minimum requirement. Again, keep it simple - determine for yourself an appropriate frequency for verification (once a week, once a month, etc.). This way you will be exceeding the requirement and also you will be providing yourself a reasonable level of confidence. Record the revs on your register just to keep track. Strive for perfection, but realize that sometimes it is not attainable, and that "effective" is also what you're aiming for.

Brian

 

[Wes Bucey]

Thanks. GM still has a requirement of validating the current version of specs annually...which is near impossible as they change numbering, names, etc. So for them I'd still need to record the current revs though, correct?

If GM requires that, then yes "annual" becomes their minimum requirement. Again, keep it simple - determine for yourself an appropriate frequency for verification (once a week, once a month, etc.). This way you will be exceeding the requirement and also you will be providing yourself a reasonable level of confidence. Record the revs on your register just to keep track. Strive for perfection, but realize that sometimes it is not attainable, and that "effective" is also what you're aiming for.

Brian

In some [many] cases, annual review is tantamount to saying "no review" because some documents are revised much more frequently than that.

When an organization posts documents on a website or ANY network, the intent is for USERS to access the document when it will be used for reference, NOT to download them in hard copy form for storage. The concept is to streamline the distribution of revisions and eliminate the muss and fuss of collection and destruction of obsolete documents.

Some organizations use website functions which make it difficult (nothing is IMPOSSIBLE) to download a copy of a document. This is usually NOT done with documents the website owners WANT users to be able to use away from a computer screen.

The confusion is exacerbated when the website owner does not make it clear ON THE WEBSITE that the documents may be revised without notice and that users may NOT depend on a document downloaded in the past to be a valid revision today.