How to approach Paper and Electronic Record Control for ISO 9001:2008

D

Dubai_capi

#1
hi,

am having a record control procedure in place.. now am trying to implement the procedure..its says to list all record of activities in the form i made.. the records include papers and electronic files.. so i talked to staff abt it and they saw some huge tasks involved..

i wud like to make it easy.. just list all your records wheather papers or electronic files and specify retention, authoriesd persons..etc..

any guidance how to approach record control in a simple way... thanks:)
 
Elsmar Forum Sponsor

John Broomfield

Staff member
Super Moderator
#2
hi,

am having a record control procedure in place.. now am trying to implement the procedure..its says to list all record of activities in the form i made.. the records include papers and electronic files.. so i talked to staff abt it and they saw some huge tasks involved..

i wud like to make it easy.. just list all your records wheather papers or electronic files and specify retention, authoriesd persons..etc..

any guidance how to approach record control in a simple way... thanks:)
Dubai_capi,

Your process owners will need to help the owner of the filing and archiving process with analyzing and documenting the procedure for this process.

Archiving follows filing as one process.

Search this site for "filing and archiving" and you will find the recommendations you need to analyze this process to document how it actually works sufficient for its effective planning, operation and control.

Duplicate records are a symptom of a lack of knowledge or confidence in this process. Work with the process owners to agree the official record and rid the organization of the surplus records in accordance with the archiving part of your documented filing and archiving procedure.

John
 
J
#3
My approach to this subject is to make records and retention a part of each procedure rather than trying to make it a distinct process.

here is how I would handle it...
In their simplest form, each procedure will have statements of
Purpose and scope
Responsibilities
What are the inputs
What are the expected outputs
And (as necessary) the steps required to turn input into output.
Records can be s separate item or can be included under the outputs section.

This approach allows one to put in as much detail (or little) as is necessary.

As far as records and retention times are concerned, just ask what they are currently doing....and make that the starting point in your procedure. you can make changes as you go along.
This has the double advantage of keeping it simple and also showing the process owners that you want to work with them and not pile extra stuff on them.

Hope this helps

James
 

drgnrider

Quite Involved in Discussions
#4
My approach to this subject is to make records and retention a part of each procedure rather than trying to make it a distinct process.

James
I like this approach, will look at it during our conversion to the 2015 revision.

My :2cents::
If not already done, "group" your records, (i.e.: PM, training, job-specific, etc.), don't list each one.

Lastly, one that got us, are all similar records kept in the same storage area? We have a 6-inch binder for each "project" (Code requirements: Boiler maker, ASME, etc.), retention: 75-years, these are kept in the QA office. All other records are kept in "central file", retention: 50-years, been that way for decades... first re-certification audit (overlooked on two surveillance audits and three internal audits) caught our oversight of "not all QA records are kept in central file"! :uhoh:
 

Helmut Jilling

Auditor / Consultant
#5
I like this approach, will look at it during our conversion to the 2015 revision.

My :2cents::
If not already done, "group" your records, (i.e.: PM, training, job-specific, etc.), don't list each one.

Lastly, one that got us, are all similar records kept in the same storage area? We have a 6-inch binder for each "project" (Code requirements: Boiler maker, ASME, etc.), retention: 75-years, these are kept in the QA office. All other records are kept in "central file", retention: 50-years, been that way for decades... first re-certification audit (overlooked on two surveillance audits and three internal audits) caught our oversight of "not all QA records are kept in central file"! :uhoh:
Sounds like a good approach. But, I am puzzled by the "all other records 50 years." All other records? Basic inspection, production, ISO records. That is extremely long... I would like to have your binder business...

I would also add, if there is an electronic record, keeping the paper also is not necessary. Make sure records are labelled clearly.

Make sure record control is clearly audited and sampled at every internal audit.
 

drgnrider

Quite Involved in Discussions
#6
Sounds like a good approach. But, I am puzzled by the "all other records 50 years." All other records? Basic inspection, production, ISO records. That is extremely long... I would like to have your binder business...
Sorry, "all other production-related records": receiving inspection, OK-to-ship tags, final inspection readings, employee(s) who worked on project, etc. These go to central file in file folders. Typical life span of our main product is 30-35 years.

On the CODE jobs, the customer sometimes needs to replace a part and we need to know, more than just a part number, what was there and what's attached to it. But also for regulatory purposes, should anyone get audited.
 
D

Dubai_capi

#7
how to sample record control.. whats the correct approach to do sampling and auditing.. say for example how to audit authorised access to electronic and paper records and find pitfalls if any... etc..
 

John Broomfield

Staff member
Super Moderator
#8
how to sample record control.. whats the correct approach to do sampling and auditing.. say for example how to audit authorised access to electronic and paper records and find pitfalls if any... etc..
Dubai_capi,

You could ask the people responsible for monitoring the effectiveness of filing and archiving (see 8.2.3) to demonstrate what they do.

And, you could test accessibility of electronic records during your planning of the audit for further investigation during the audit. This may be when you engage a technical expert to help your audit to fulfill its objective.

You could also ask to see how the access controls are maintained especially when people join and leave the organization.

John
 
Thread starter Similar threads Forum Replies Date
DuncanGibbons Understanding the applicability of Design of Experiments to the IQ OQ PQ qualification approach Reliability Analysis - Predictions, Testing and Standards 0
G Any good examples of CAPA forms that include a risk based approach? ISO 13485:2016 - Medical Device Quality Management Systems 8
qualprod Best approach to get a real value as average? Statistical Analysis Tools, Techniques and SPC 6
DuncanGibbons FAA's Building Block approach to certification Inspection, Prints (Drawings), Testing, Sampling and Related Topics 0
G New CAPA Work Flow with Revised 8D Approach Process Maps, Process Mapping and Turtle Diagrams 35
R Bottom up approach versus system level ISO 14971 - Medical Device Risk Management 2
D Validation of existing equipment - Risk based approach example ISO 13485:2016 - Medical Device Quality Management Systems 3
qualprod Shortening processes complying with process approach ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
O Validation approach for a Photostability Chamber (used for fluid therapy and injectable drug products) Qualification and Validation (including 21 CFR Part 11) 1
Sidney Vianna NASA to Develop a Novel Approach for All-Electric Aircraft Using Cryogenic Liquid Hydrogen as Energy Storage World News 2
tony s What is the automotive process approach for auditing? IATF 16949 - Automotive Quality Systems Standard 2
C Usability IEC 62366-1:2015 and MDR 2017/745 - Risk based approach IEC 62366 - Medical Device Usability Engineering 1
M Informational EU – Medicinal products and medical devices: Coordinated approach in case of a withdrawal of the United Kingdom from the Union without a deal Medical Device and FDA Regulations and Standards News 0
M Informational USFDA draft guidance – A Risk-Based Approach to Monitoring of Clinical Investigations Questions and Answers Guidance for Industry Medical Device and FDA Regulations and Standards News 0
M APQC PCF (Process Classification Framework) and ISO 9001 - Processes Based Approach ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
S Risk Approach doesn't address External Issues (Auditor's Comment) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 30
Pmarszal ISO 19011:2018 - Risk Based Approach for planning, conducting and reporting of internal audits Internal Auditing 8
Q Questions about the Risk-based approach to QMS processes ISO 13485:2016 - Medical Device Quality Management Systems 17
N Do I need to approach galvanized steel sheet flatness issue with DOE? Problem Solving, Root Cause Fault and Failure Analysis 9
S ISO 13485:2016 - Risk-based Approach ISO 13485:2016 - Medical Device Quality Management Systems 3
S Risk based approach - Procedures already take a risk-based approach to QMS processes ISO 13485:2016 - Medical Device Quality Management Systems 3
S IATF 16949 - Manufacturing and Product Audit Approach IATF 16949 - Automotive Quality Systems Standard 19
S ISO 13485:2016 - How I can integrate a risk management approach in our SOPs ISO 13485:2016 - Medical Device Quality Management Systems 1
S Risk Based Approach for ISO 13485:2016 Form/Procedure ISO 13485:2016 - Medical Device Quality Management Systems 23
P Best approach to tackle difficult certifications Career and Occupation Discussions 2
C Does Japan accept the Bracketing Approach for Process Validation Japan Medical Device Regulations 1
A How to approach ISO 9001:2015 Clause 7.1.6 when 3rd Party Auditing ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
alonFAI How to define a Risk Based Approach for Supplier Management per ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 1
B Risk Requirements to meet the explicit Risk Based Approach of ISO 13485:2016 Examples ISO 13485:2016 - Medical Device Quality Management Systems 21
A How do we implement a Process Approach ISO 13485:2016 - Existing GMP QMS Other ISO and International Standards and European Regulations 2
V When and How to apply the Bayes Success Run approach for Sample Size Determination Inspection, Prints (Drawings), Testing, Sampling and Related Topics 4
A Quality Policy approach of ISO 9001:2015 Clause 5.2.1a ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
Ajit Basrur Could a bracketing approach be used for Gage R & R ? Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 1
P CMM Equipment Validation and Qualification Approach ISO 13485:2016 - Medical Device Quality Management Systems 11
W ISO 9001, ISO 14001 and 18001 Integrated Approach ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
C Need assistance with ISO 9001 Certification Approach ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
G Quality Manual - Taking a Different Approach Quality Management System (QMS) Manuals 11
A FTA-Top/Down approach to Risk Analysis ISO 14971 - Medical Device Risk Management 2
P System Audit Approach - Application of VDA 6.3 - Process Auditing VDA Standards - Germany's Automotive Standards 2
B How do you approach the "Safe Launch" Process APQP and PPAP 17
M Quality training through tests/quiz style approach Training - Internal, External, Online and Distance Learning 8
M Process Approach: Types & number of processes required? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 19
V Is there an approach to define the "must 'or' should" in supplier audits? US Food and Drug Administration (FDA) 2
WCHorn Quality Digest article on the Process Approach to ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
M GRR approach for off line Measuring Equipment Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 2
W Help explaining the need for the Process Approach AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
G How to approach ISO 50001 Legal Requirements Sustainability, Green Initiatives and Ecology 1
D Regulation Approach on Mobile Application which is Medical Device Acccesory EU Medical Device Regulations 1
Q Introducing Process based approach on Production Floor Manufacturing and Related Processes 6
Manix MSA - How to Approach a Gauge R&R Go/NoGo Attribute Study Statistical Analysis Tools, Techniques and SPC 2

Similar threads

Top Bottom