Search the Elsmar Cove!
**Search ALL of Elsmar.com** with DuckDuckGo including content not in the forum - Search results with No ads.

Documents required by the quality management system shall be controlled

x-files

Involved In Discussions
#1
Hi,

First of all excuse for my bad English (which is not my native language), and for this very basic question.

Can someone please explane to me, what exactly means this statement:
4.2.3 Control of documents: ?Documents required by the quality management system shall be controlled?.

Closer, I'm trying to understand this particular two words ? ?required by?.

I?ll do my best to explain the origin of my question. Within QMS procedures we established, we pretty frequently say ?QMS documents this..., QMS documents that...? and similar. By that said, we sometimes think of Procedures, sometimes we think of Manual, sometimes we think of some procedure reference document or record directly related to (required by) a procedure is some activity.

Finally, we absolutely do not know for sure what type of document to control by DCF, and what to control in some different way. Further, we do not know should (or can) the ?Control of documents? procedure address the document other that procedures. I?m aware that there is the ?external documents? requirement, but not all our documents are external.

So, what exacly are (should be) ?QMS documents?, and what are (should) not (be)?

For example, is some technical document (technical drawing in mechanics or architecture) or normative document of external origin (national legal regulation), that are directly needed in some activity of a procedure ? a QMS document?

I work in a company that has about 3500 emplyees. This is the imaginary document hierarchy, which we think fits our needs.

1. Policy, Manual
2. Procedures (System, Core, Centralized, Supporting)
3. Documents closely associated to procedures (Appendices, Forms, Templates, Work instructions), but are maintained separately
4. Documents that are used within procedures in activities, some are just cross reference documents, and some are produced by a procedure (plans, logs, ?):
- External (Normative, Technical, Other)
- Internal (Other reference procedures, Technical, Other)
5. Records
6. Documents that are NOT mentioned (named) though other documents of QMS (processes which are not documented, documents that are not recognized to be indivisible part of some process or are in test phase, personal reference documents)

Every type of those documents we control in different way. For example, Procedures by ?DCF? and ?legal regulations? by specialized software which allows to browse and download only valid documents, and direct communicating to personel about that.

In special cases, we think that even some procedure related document, for example ?Risks...? should be controled by DCF and not by direct change of one authorized person.

Can we in the procedure ?Control of documents? explain ?type by type? (maybe with few exceptions) how we control every single document type mentioned in the document hierarchy? Ok, except ?Records?, which has a separate procedure.

If I was not clear enough, please tell, I?ll try to clarify (explain) more.


Best regards,
Vladimir
 

somashekar

Staff member
Super Moderator
#2
Can we in the procedure „Control of documents“ explain „type by type“ (maybe with few exceptions) how we control every single document type mentioned in the document hierarchy?
Welcome to the COVE Vladimir ~~~
Yes, that is what you are to do.
I am sure you require all these within your quality management system to operate, else you would not be having them. Hence all these become the documents required by your QMS.
It is you who has to determine what is required, based on your document usage.
(Not to worry about your english...you are clear enough...)
 

sagai

Quite Involved in Discussions
#3
There is one more thing I would mention.
Most of the things we face with is more like the huge variety of the different shades of gray rather than clearly black and white.

It could be a good starting point to identify the purpose of your QMS.
Is it for compliance, is it for supporting business with good practises, mixture of both in what level extent, etc.

In a highly regulated industry I tend to say that I would consider to gradually segregate the compliance part of the QMS from the good practises part, simply because regulators rigorously looking into the QMS and the practise to determine the extent of the consistency between these and also the QMS itself to determine its level of compliance to the regulation itself.

With 3500 employees in case you cover the majority of the aspects of your running business in your QMS, that is lined up for regulatory compliance and for accommodating good practices I think it is more or less impossible to make sure that your practise does not deviate from the practise defined in QMS (there could be some special cases when the granularity of the QMS is master crafted on that way to make this happen).

So, coming back to your question, in overall of course I agree with the previous post.

The only mentioning I would have is that I would advise to identify first the purpose of your QMS.
If your compliance exposure is high, than I would suggest to consider the identification of the bare minimum set of documents to be handled by your QMS document management and explicitly exclude all the rest of it from your QMS. It takes time and effort, however it pays well at the end whilst minimizing compliance risks.

Cheers!
 

x-files

Involved In Discussions
#4
Thanks both of you (sagai and somashekar) for your very clear answers.

@somashekar

I am sure you require all these within your quality management system to operate, else you would not be having them. Hence all these become the documents required by your QMS.
It is you who has to determine what is required, based on your document usage.
Thanks for encouraging me. All the document hierarchy presented - we just need.

@ sagai

It could be a good starting point to identify the purpose of your QMS.
Is it for compliance, is it for supporting business with good practices, mixture of both in what level extent, etc.
It’s mixture, but prevailing on documenting good practice. Of course, the general director wants the “Certificate on the wall”, but he also wants the processes to be distinct, under control, with clearly expressed responsibilities and interfaces within processes, etc.

Example: If a chief, for 30 years of his work at a position, conclude that some activity is to be done “that way”, which is confirmed in practice many times, we consider that “a good practice”. We want that practice to be explicitly documented within procedure or work instruction. Otherwise, when that chief retire or goes to other position, we could face a situation that newcomer starts learning everything from scratch. Maybe, he’ll also got to the same conclusions like his predecessor, but why to invent the wheel every time.

In a highly regulated industry I tend to say that I would consider to gradually segregate the compliance part of the QMS from the good practices part, simply because regulators rigorously looking into the QMS and the practice to determine the extent of the consistency between these and also the QMS itself to determine its level of compliance to the regulation itself.
It’s maybe not polite to say, but major misunderstanding and misinterpreting of QMS are produced by not well practiced consultants in our country. Majority of companies in our country just wants „Certificate“, to become a valid qualificant for tenders, nevertheless is that documentation useful. Such scenario created such consultants. Now we have a QMS (made by instant consultant) which is „not for us“. Like a suit of clothes, with wrong number. Text of our procedures is 90% a „placeholder text“, copied from standard. Also, the same text is said in many documents, as we don’t know where it belongs primarily.

Being a computer programmer, I learned to analyze a system in “layers”. Now, I’m frustrated with the documentation we currently maintain.

With 3500 employees in case you cover the majority of the aspects of your running business in your QMS, that is lined up for regulatory compliance and for accommodating good practices I think it is more or less impossible to make sure that your practice does not deviate from the practice defined in QMS (there could be some special cases when the granularity of the QMS is master crafted on that way to make this happen).
I work in a Thermal Power Plant. Absolutely true. I agree 100%.
 

Marcelo Antunes

Addicted to standards
Staff member
Admin
#5
Just a general clarification of the proocess expected by the standard and why the requirement is written as it is:

1 - You need to define the QMS policy (based on the purpose of the company) and derive the objectives.

2 - Based on the objectives, create the processes to achieve them.

3 - For each process define, among other stuff, which documents are required for the processes to perform effectively.

Those woud be the documents the standard mentions in ?Documents required by the quality management system shall be controlled?.

Usually, those are:

- the documents required by the standard (procedures and records)
- other documents defined by the company for each process to perform effectively (usually, they are the bulk)
- maybe some external documents
 

sagai

Quite Involved in Discussions
#6
One way out of this forest could be to identify the bare minimum set of and content of the processes/documents you have already in your QMS to address the requirements of the corresponding standard(s). Same job for documents. Actually it is also an opportunity to clearly identify the compulsory set of standards, I have also recognised that companies are tend to innocently bind themselves to voluntary standards as well.
And than all the rest of it could be moved to, let say to a kind of Guidance section whereas you could define "Guidance" as a non compulsory recommendation of your QMS per definition of your redefined quality manual.
Otherwise there is a chance that the majority of external auditors could look into your QMS in totality.
 
#7
Another dimension to pay attention to is that as an auditor, if I find it in use, that pretty much tells me you have found it necessary.

Look for the documents including forms that your company actually uses.
 

x-files

Involved In Discussions
#8
Another dimension to pay attention to is that as an auditor, if I find it in use, that pretty much tells me you have found it necessary.
We pay much attention to documents (besides records) used in processes, which are used to direct activities. Such documents we address in the appropriate place of a procedure, with precise name and other relevant details. Sometimes, auditors (internal, never external I have to admit), when find some document nearby in the workplace (even in drawer/chest/shelf), forces us to find the place in the procedure and describe its usage. Problem is that many documents found nearby in the workplace (IE. Catalog, or an old technical instruction for some device) possibly will never be directly used in process activities, and auditors (internal, I repeat) insists to describe it in a procedure.
If you can imagine, there are hundreds and hundreds of technical instructions in some workplaces in thermal power plant, which already are enumerated (named) and stored in the Archive for future reference.

The employees just cannot invent new sentences how to use those documents rather than just say something like ?process equipment is documented by technical documents listed in <LIST OF TECHNICAL DOCUMENTS OF ?>, and is used when necessary?. How can one know how will possibly and exactly use some complex document? I'm not an expert for this, but is that kind of demand an overkill?
By enumerating technical documents used in a process, we keep integrity of documents needed for that process, and I agree 100% that's good idea, but insisting on further details? hm?.

Furthermore, when we agree that a document is undoubted necessary as a part of a process (procedure) activity, besides declaring it?s name in a procedure, we found out that it?s crucial to us, to add more details to it, besides pure name.
IE: LIST OF TECHNICAL DOCUMENTS OF PROCESS 1 (Adobe document / Sharepoint, QMS site/ IMS Admin)

First detail is about appearing form (Hard copy/Word/Adobe/Excel/Email, ?)
Second detail is about a place where is it placed/could be found (local computer of...; office of...; Sharepoint portal; Archive of..., etc...)
Third detail is about a responsible person to assure/publish/guarantee the document existence.

Exposing such additional details was my idea, because in practice, personnel didn't know where to find those related documents, who is responsible for the existence of such document, and in what appearing form it's expected to be.

What do you think of exposing such additional details? Feel free to criticize if you do not agree :)
 

sagai

Quite Involved in Discussions
#9
IWhat if you would classify documents whether or not for regulatory purposes and than the ones are not for to show compliance with the standard would be explicitly excluded from the scope of your QMS document management measure?
Or for those you would determine a rather low complexity measures in your document management.
 

x-files

Involved In Discussions
#10
If I understoud the question well, yes I think it would be wise to exclude from DCP (by scope section of a procedure) everything of document types we could not yet prove (or just could not be guaranteed in practice) to be under requirements of 4.2.3.

Funny is that under scope section in procedures (not just for 4.2.3), we usually think of part of company, department, etc ... Almost never say something about addressed activities, products, services, ...

Thats why in the first post I asked "what are QMS documents". We just never said in our documentation what exactly we think of that. We say in the SCOPE: Procedure is applied in <COMPANY> ?! I think it should be, I do not know, for example, "This procedure applies to: manuals, procedures and work instructions with assigned alphanumeric QMS ID".
 


Top Bottom