Document & Record Control Procedures

[JustAQualityGuy]

What I mean is: people just don't go around creating 9or finding) records; records are generated as a specified, necessary output of some particular process. How the records are created, and what content is necessary, will vary depending on the governing process.

I worked for a (thankfully) brief time under a quality regime that pretended that EVERYTHING that involved a pen, paper or a keyboard was a "quality record". They didn't *start* there, but they got there in just about as short a time as it took Mayberry to have everyone in jail because of "citizens arrests". This didn't last long, but that was a quality regime with absolutely no self awareness.

I see where you are coming from & yes that is what I will be cliarfiying, only necessary controlled outputs that show evidence of the operarations being performed are to be retained, either soft copy or hard copy (whichever it is)

Oh wow, so everything that was used by someone in their day to day activites was classified as a quality record? That sounds like a headache and a half.

 

[Jen Kirley]

As @Golfman25 said, who will be reading this? I will restate that by asking why is it needed?

This thread is posted in the ISO 9001 forum. As you likely know, ISO 9001:2015 does not require a documented procedure for control of documents. Who requires this kind of regimen? Customers? Regulators? Or does it just seem like a good idea to write all this stuff into an official procedure? The standard requires controls to be in place and followed, no longer to proceduralize them in their own controlled document.

As has been pointed out, there are now a myriad of ways that documented information is produced, used, managed and safely held. Writing them all down could be very tiresome, potentially very limiting and might get you in trouble if someone points to the thing and says "What about this?"

I used to manage a document control system too. We had a documented procedure because the standard we used required it. It was important to, among other things provide change initiators with a matrix of required approvers and provide hyperlinks to the places they needed to go for needed actions.

Is your QMS in its early developmental stages? If yes, okay write your procedure but as has been advised don't overthink it. It is a good idea to establish a plan of the change process plus what record to retain where, how, for how long and then what. As your QMS matures and people get used to doing the right thing you might find yourself able to retire this procedure and just control things as the standard asks for.

 

[JustAQualityGuy]

As @Golfman25 said, who will be reading this? I will restate that by asking why is it needed?

This thread is posted in the ISO 9001 forum. As you likely know, ISO 9001:2015 does not require a documented procedure for control of documents. Who requires this kind of regimen? Customers? Regulators? Or does it just seem like a good idea to write all this stuff into an official procedure? The standard requires controls to be in place and followed, no longer to proceduralize them in their own controlled document.

As has been pointed out, there are now a myriad of ways that documented information is produced, used, managed and safely held. Writing them all down could be very tiresome, potentially very limiting and might get you in trouble if someone points to the thing and says "What about this?"

I used to manage a document control system too. We had a documented procedure because the standard we used required it. It was important to, among other things provide change initiators with a matrix of required approvers and provide hyperlinks to the places they needed to go for needed actions.

Is your QMS in its early developmental stages? If yes, okay write your procedure but as has been advised don't overthink it. It is a good idea to establish a plan of the change process plus what record to retain where, how, for how long and then what. As your QMS matures and people get used to doing the right thing you might find yourself able to retire this procedure and just control things as the standard asks for.

Hey Jen,

I believe it is necessary because,at the moment, there does'nt appear to be much structure in place. There was a system that was acitvely monitored and improved upon 7 years ago, however since then, it has been negelected. This is especially evident when speaking to people on the shop floor, there is a lack of clear instructions, specifications, an consistency in how processes and operations are carried out.

You're right about the documented information. I've already made some adjustments to the wording and have also asked for feedback from some of my peers, which I think will also help to clarify things.

I'll admit, I'm still quite new to being in this type of Quality role and there's alot of learning as I go.

As for whether our QMS is in it's early stages, I would say it is a bit of both. The business itself has a long history but as I mentioned the system has been neglected over time. There's no real structured push for imrpvoement or documented evidence of any changes, so that where I see the oppurtunity for growth.

 

[Jen Kirley]

Okay, it is reassuring to not hear "because ISO says so" as we often do.

 

[Jen Kirley]

I want to add: since you have stated there is a lack of controls and/or people following controls, unless you word the procedure very simply and directly its users won't remember what it says. Most people tend to go blind when reading procedures. Boring! I suggest you use what you develop to put together an easily read reference document that people can digest in just a few minutes. Maybe a training slide deck that can be kept and shared with these people once, then the new people and a periodic refresher if it becomes clear they need it.

 

[JustAQualityGuy]

Hey there Jen.
Yeah, not putting anything in place "because of ISO", I want to put it in place because it is genuinely needed and from my perspective, just the right thing to do.

And as for your other reply, 1000%, genuinely could not agree more.

For me document control and control of records are my some of the most important core procedures. I really want to get these right, use them to set the standard and show the level of quality I expect (no half arsed documents )

My plan is to get these initial procedures completed, then build a rough framework outlining the input I need from other departments.
From there, I would like to make shorter training slides that can be quickly referenced or used with new starts.

 

[Jtavo]

Hi there folks,
Thanks for reading.

So I am currently writing a Document Control Procedure
The strucutre of the procedure is:
1) Purpose
2) Scope
3) Responsbilies
4)Definitions
5) Procedure (Who Does What & When)
6) Reference Documents & Forms

I am also working doing the same for my Record Retention & Control Procedure
Definitions to be:
Quality Records:
Production Records:
Non-Conformance and CAPA Records:
Audit Records:
Management Review Records:
Training and Competency Records:
Engineering Records:
Legal Records:
Financial Records:
Electronic System Records:
Retention Period:
Record Owners:
QMS:

Where I will give a brief description of what each record consists of.

ANd the procedure will be:
1) Identifcation & creation of a record
2) Storage of a record
3) Retrival and access
4) Retention
5) Disposal


So after all that I have 2 3 questions
1) Is this structure a good way to do a procedure?
2) Is the definitions for the records procedure ok, or too much? If too much, what would you suggest?
3) Does anyone have a document control procedure or a records retention control procedure they would be open to share?

I'd offer that you are about to go down a path that will ultimately realise little value to the Organisation. Instead I'd go out to the shop floor / office and start writing up the activity that the employees undertake as process maps (look up SIPOC to get you started). You could then gather them up and allocate each diagram into an organisational process (Sales, Production, etc). In carrying out such an exercise you'd get a great understanding as to what the organisation actually does to realise value. Use supporting text as "Instructions" or "procedures" within the diagrams themselves. As to allocating them to individual managers - allocate them to the higher process, that way everyone is involved. It helps to lessen resistance by overworked managers when it comes to revision and gives you and the whole organisation the ability to improve at scale should you need to. There are a number of Process Management systems out there that can pull it altogether for you - if there is a budget available. Process is foundational - do it well now and it will become a place where quality is a state of mind and not a department - avoid the department bit.. Oh - the way you do Quality, internally has little to do with what a certifying body might inform you of, you do have significant scope to create..

 

[Candi1024]

I'd offer that you are about to go down a path that will ultimately realise little value to the Organisation. Instead I'd go out to the shop floor / office and start writing up the activity that the employees undertake as process maps (look up SIPOC to get you started). You could then gather them up and allocate each diagram into an organisational process (Sales, Production, etc). In carrying out such an exercise you'd get a great understanding as to what the organisation actually does to realise value. Use supporting text as "Instructions" or "procedures" within the diagrams themselves. As to allocating them to individual managers - allocate them to the higher process, that way everyone is involved. It helps to lessen resistance by overworked managers when it comes to revision and gives you and the whole organisation the ability to improve at scale should you need to. There are a number of Process Management systems out there that can pull it altogether for you - if there is a budget available. Process is foundational - do it well now and it will become a place where quality is a state of mind and not a department - avoid the department bit.. Oh - the way you do Quality, internally has little to do with what a certifying body might inform you of, you do have significant scope to create..

Great stuff, but do you not see any value in document control as he is trying to define it?

 

[Ron Rompen]

One suggestion that I would offer (based on past history and numerous audit findings/observations/nonconformances/etc). When you write your control procedure, ALSO include the retention time, method of disposal, and title of person responsible for this disposal. That (of course) will ALSO require a record, showing which documents were disposed of on which date, and by whom. Its a vicious circle.

 

[Kronos147]

Make sure your retention policy is at least as long as your most stringent customer requirement. Also remember to flow down the same requirement to your supply chain.