Search the Elsmar Cove!
**Search ALL of Elsmar.com** with DuckDuckGo Especially for content not in the forum
Such as files in the Cove "Members" Directory
Social Distancing - It's not just YOUR life - It's ALL of OUR lives!
Me <——————— 6 Feet ———————-> You

Form Approval - Blank forms

wooden nickle

Involved In Discussions
#1
Question: I have always been of the belief that blank forms had to be under document control. You know the old thing of a document number, and a rev level and basic things like that, oh and maybe someone had to approve the thing for use. Am I wrong?
 

ScottK

Not out of the crisis
Staff member
Super Moderator
#2
Question: I have always been of the belief that blank forms had to be under document control. You know the old thing of a document number, and a rev level and basic things like that, oh and maybe someone had to approve the thing for use. Am I wrong?
If the form is to be used as a quality record once completed it should be controlled in the Document Control System.

Why wouldn't a form need to be controlled? If you don't include certain financial or HR forms in your QMS, for example, then they don't need to be controlled per your Document Control System
 
#3
Question: I have always been of the belief that blank forms had to be under document control. You know the old thing of a document number, and a rev level and basic things like that, oh and maybe someone had to approve the thing for use. Am I wrong?
Strictly speaking, yes, they should be controlled. Blank forms are simply means to control the way that activities are documented. The idea is that, if there is a problem identified later on with respect to record keeping, you have some controls (i.e. the forms) that can be tweaked to ensure that all required information is recorded properly.

However, depending on your documentation control procedures, I think there can be certain exceptions.

For example, in some cases where there is a change, I'll make up a training "form" specific to the changes, and use it to document training of affected personnel (as an addendum to their existing training records).

In this case, because the training form is for a specific, one-time purpose, there is no need to give it a revision level.
 

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#4
I've always thought in terms of risk when deciding whether or not to put forms in document control.

1) Is the form used to record information relating to conformance of product/service?
2) Is the form used to help ensure satisfactory outcomes in supporting processes?
3) Is the form used to record a "shall" from a standard, technical specification, regulation, customer requirement or other relevant requirement's source?
4) When changing a form, is the change due to adding/removing information from items 1, 2 or 3?
5) If #4 is "no", would the change add, remove or change instruction provided for using the form?
6) If #4 and #5 are "no", does the change alter the form's appearance enough to make it unfamiliar with users?

This list of considerations could be lengthened by your own organization's concerns.

In general, I do not support protecting a generic form for something like vacation schedule sign ups or purchasing office supplies, but if vacation schedule requests identify a temporary responsible person and if a purchasing form is also used for critical material and has places for data traceability or special instructions, we might consider protecting them too.

It is about what the data are for and how protecting the form helps to ensure the required data are reliably collected and maintained.
 
#5
It is about what the data are for and how protecting the form helps to ensure the required data are reliably collected and maintained.
Agree 100%!

Our procedures specify the data-keeping requirements (the "what", but not necessarily the "how"), and forms are intended simply to support the collection of this data in order to ensure the requirements are met.

In cases where we've assessed there is a high probability of error or incomplete data, we explicitly mandate use of controlled forms.

In other cases however, where these concerns are minimal, a person can document activities however they wish (e.g. make their own uncontrolled forms, write it down on paper...) as long as it meets our specified documentation requirements (identification, legibility, integrity...etc.), and all the required data is being collected.

That being said, we still typically have standard forms in most cases for convenience, even if they are optional in many of these cases...
 
K

Krocpok

#6
I would disagree with the previous speakers :)

In my opinion you should control every form used within your organization.

I wouldn't distinguish between forms used to collect quality and non-quality records. I think such distinctions are unnecessary.

Do you need that record for proper functioning of your processes ? If yes, it means that it is important for you what specific data you collect when making that record. And therefore it means that the form used to collect that data should be controlled.

If you don't need that record / that data for proper functioning of your processes, then such record / data should not be collected at all (it's a waste of time to collect useless data).

Finally, every record that you've planned to collect in planning phase of your processes is a part of your quality management system and is important for proper functioning of the processses and therefore should be controlled.

In this respect I disagree with ScottK... You cannot exclude any documents from your QMS because QMS are all the processes and interactions between them. If you planned to perform any activity, it must have some desired outcome that is important for other processes and therefore it cannot be placed „outside” of your QMS.

I also disagree with Mark Meer. If employees can document some activities however they wish as long as all the required data is being collected - then how do you ensure that required data is still being collected ? If there is any "required" data, it means that they can no longer collect the data however they wish.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#7
Question: I have always been of the belief that blank forms had to be under document control. You know the old thing of a document number, and a rev level and basic things like that, oh and maybe someone had to approve the thing for use. Am I wrong?
If we use ISO 9001:2015 as the basis to analyze this scenario, I think we have a great opportunity to use "risk based thinking" to answer this question, instead of looking for an "one size fits all", dogmatic, rigid response.

No pun intended, but forms come in all sizes and shapes. Some forms even contain acceptance criteria embedded in the document. Other forms basically facilitate the capture of data and the format is not critical at all.

So, from a form/record user perspective, some forms should be controlled very tightly because there is a risk if certain data is missing or wrong decisions are made, that would have an impact on product conformity. I would say that, in such cases, the form should be controlled just like a document used as command media in the quality system.

Other forms, such as simple check logs, present very little risk in terms of affecting product conformity and/or customer satisfaction. As such, the effort spent to "control" them bring no benefit to the organization and you would have sound justification not to control them.

There are FORMS and forms, and we should assess the need to control them, based on the risk they represent to the organization's ability to consistently supply conforming product that assist in the assurance of customer satisfaction.
 
#8
I also disagree with Mark Meer.
Hi Krocpok. Appreciate the disagreement, and opportunity to discuss! :)

If employees can document some activities however they wish as long as all the required data is being collected - then how do you ensure that required data is still being collected? If there is any "required" data, it means that they can no longer collect the data however they wish.
First, it is critical that it be risk-based, and that there are certain minimal requirements (integrity, legibility, retreivability, identification...). I think you get this, but just want to stress it's not like it's totally void of control.

With respect to ensuring required data is being collected, regular quality audits are the self-correcting mechanism to identify when tighter controls are necessary.

The reality is that nothing will ever completely "ensure" outcomes when people are involved. Forms are just a preventive control measure, and people can still fill out forms wrong, leave out data, etc. It's a matter of assessing, case-by-case, whether this additional level of control is necessary.

This is why adopting a risk-based approach (see Sidney's post above) is, in my opinion, the most practical approach. Preventive measures (and the overhead involved) must be balanced with an assessment of outcome and likelihood of issues.
 

Ninja

Looking for Reality
Trusted
#9
I've been in a number of these discussions/debates both here and on QFO...

I appreciate Sidney's post above and agree with it.
Very few of our forms are controlled...they don't need to be.
Records and required data to be recorded are defined, and reviewed for accuracy and completeness...and I couldn't care less whether a form is used or not in most cases.
I care about the data...and where it ends up...not about how it gets there.

As Sidney points out, there are FORMS and there are forms.
If the record being on a controlled form is deemed important (via risk analysis or some other factor)...control it.
If what you want is the data...and you already have a catch for incomplete or incorrect data...the form is of no consequence except convenience. (this is where I live).

I post this only to say that the Risk Analysis should not be applied on "to control or not to control forms as a whole"...
but on "to control or not to control THIS form"...and again for THAT form...and again for the other forms individually.

Some people work better using a form...I have no issue with them using one. If there is no benefit forcing everyone to use the same form...then why bother?
 

Jim Wynne

Staff member
Admin
#10
Question: I have always been of the belief that blank forms had to be under document control. You know the old thing of a document number, and a rev level and basic things like that, oh and maybe someone had to approve the thing for use. Am I wrong?
I'm with Sidney on this one. In general, forms themselves don't need to be controlled, but the information that's recorded does. This means that if I have documented procedure or work instruction that says that for Operation X certain values or results must be recorded (and the record must be retained), and that information is recorded and retained, there is no need to control the medium itself. This strikes many people, including third-party auditors, as odd, but I've never had an audit NC sustained because of it.

There might be times when it's a good idea to control a form, but if you try to control every piece of paper in the building, you'll fail sooner or later.
 
Top Bottom