How to control documents that most likely won't change ever ?

drgnrider

Quite Involved in Discussions
#1
Having a discussion with Quality Manager and "Top Management" regarding how to control "documents that won't change", mainly our 'Weld Procedures' (WPs).

1) On our re-certification audit, we recently took a minor-NC for not having our ASME Code Manuals and 'local weld code manual' on a 'document control list'. This opened our (not CB auditor) discussion to our WPs that are controlled by a specialized program designed for ASME-code-WPs. This program, meets all the ISO requirements for document control: strict access controls, limited users, server gets back-upped daily, etc. I contend if they print them and put them out in the shop they need to have a list of where they are distributing all of these printed copies. They, contend, since these will 'never change' we don't need to track these, or we just mark them as "uncontrolled". As I know only those not yet 'qualified' on this procedure will reference it, they definitely won't check for revision control.

2) Additionally, we have a number of "guidelines" for machine shop to make parts and what they need to do to verify the part, (they used to call these "Standard Operating Procedures", but changed the name to keep them from ISO document control). Again, I contend, it doesn't matter what they call them, they need more 'control' then on an open server and a distribution list.

Managements whole idea with ISO (9001 & 14001) is, "what is the minimum we HAVE to do to maintain certification?" Right now, they are only being 'reactive' to audits. (see #1 above), they don't want the 'distribution lists' since we "haven't been caught on an audit"... yet.

Cove experts, what do you say? :popcorn:
 
Elsmar Forum Sponsor
K

kgott

#2
Re: Controlling documents that most likely won't change...ever

Having a discussion with Quality Manager and "Top Management" regarding how to control "documents that won't change", mainly our 'Weld Procedures' (WPs).

1) On our re-certification audit, we recently took a minor-NC for not having our ASME Code Manuals and 'local weld code manual' on a 'document control list'. This opened our (not CB auditor) discussion to our WPs that are controlled by a specialized program designed for ASME-code-WPs. This program, meets all the ISO requirements for document control: strict access controls, limited users, server gets back-upped daily, etc. I contend if they print them and put them out in the shop they need to have a list of where they are distributing all of these printed copies. They, contend, since these will 'never change' we don't need to track these, or we just mark them as "uncontrolled". As I know only those not yet 'qualified' on this procedure will reference it, they definitely won't check for revision control.

2) Additionally, we have a number of "guidelines" for machine shop to make parts and what they need to do to verify the part, (they used to call these "Standard Operating Procedures", but changed the name to keep them from ISO document control). Again, I contend, it doesn't matter what they call them, they need more 'control' then on an open server and a distribution list.

Managements whole idea with ISO (9001 & 14001) is, "what is the minimum we HAVE to do to maintain certification?" Right now, they are only being 'reactive' to audits. (see #1 above), they don't want the 'distribution lists' since we "haven't been caught on an audit"... yet.

Cove experts, what do you say? :popcorn:
Strictly speaking all 9001 requires is that the document have a revision status on it for it to be controlled but in reality by the time you put a title on the document, the company logo and a revision status and ensure the document is available to uses at all their points of use, your document is effectively controlled.

There is little to gain by going down the path of saying 'lets look for reason why we can stamp as many documents as possible "not controlled"

The purpose of having a document management system is so that all business documents, particularly those that are used for the planning design of effective operation of the business are controlled.

The other reason any well managed business would want to control business documents, is so they can be certain that the most up-to-date information is available everywhere in the business it needs to be.

Looking for reasons for not controlling documents is symptomatic of a belief that the above two reasons for controlling documents are either invalid or their importance is not sufficiently understood.
 

Wes Bucey

Prophet of Profit
#3
Re: Controlling documents that most likely won't change...ever

My first blush response for the auditor is "Show me the shall!" I don't know of any clause in a QMS Standard which requires ASME Code Manuals to be even required, let alone "controlled." (see comment below about "Control."

Do any of your customer contracts require this?

Does your own QMS have a written requirement to do this?

WES BUCEY ON CONTROLLED DOCUMENTS
"Control" is merely a subset of Document Management, as is "Configuration Management."

In most cases, when someone used the term "Controlled Document" in relation to a Quality Management System, the primary criteria are as follows:
  1. most recent version, obsolete versions made unavailable at point of use.
  2. a list is kept of who receives updated documents and records whether obsolete ones are returned or destroyed.
  3. a list of who may view, copy, edit, revise is kept.
  4. a review schedule is kept and followed to review the document at set time periods to determine if it can be reaffirmed, needs to be updated, or should be archived or destroyed as obsolete.
  5. how the documents are stored to prevent damage, loss, or alteration, and how they may be retrieved when needed

In most cases, ALL documents in a system are "Controlled." Some may have tighter security than others. (For example, everyone, including customers, prospects, suppliers, may view a Quality Manual, but not everyone might be able to view documents outlining trade secrets, and those documents may be kept in a more secure place than others.)

For a discussion of "Configuration Management," see this post on Configuration Management

In your particular case, I would suggest a simple tweak to your process - print the current version of the applicable portion of an ASME code as part of the work order (the Traveler) and that way, individual operators are guaranteed a fresh, up-to-date version with each order and no old, possibly obsolete versions will be hanging around. The problem of "private stash" can derail ANY QMS, whether it is documents, tools, measuring instruments, supplies. It is definitely a red flag to an auditor (in-house, customer, or third party) to approach a work station and see documents laying about or posted which appear to be "private stash" versus authorized attachments to work orders or official posters placed by the organization. The cost of printing is far less than the cost of one mis-manufactured order because an operator worked from an obsolete document.
 

drgnrider

Quite Involved in Discussions
#4
Re: Controlling documents that most likely won't change...ever

The purpose of having a document management system is so that all business documents, particularly those that are used for the planning design of effective operation of the business are controlled.

The other reason any well managed business would want to control business documents, is so they can be certain that the most up-to-date information is available everywhere in the business it needs to be.

Looking for reasons for not controlling documents is symptomatic of a belief that the above two reasons for controlling documents are either invalid or their importance is not sufficiently understood.
I agree. I say we need to put these on a distribution list but they don?t want to go through the efforts to identify the appropriate documents and create the distribution lists. They say I am 'reading too much into this.'



My first blush response for the auditor is "Show me the shall!" I don't know of any clause in a QMS Standard which requires ASME Code Manuals to be even required, let alone "controlled." (see comment below about "Control."

Do any of your customer contracts require this?

Does your own QMS have a written requirement to do this?

<snip>

In your particular case, I would suggest a simple tweak to your process - print the current version of the applicable portion of an ASME code as part of the work order (the Traveler) and that way, individual operators are guaranteed a fresh, up-to-date version with each order and no old, possibly obsolete versions will be hanging around. The problem of "private stash" can derail ANY QMS, whether it is documents, tools, measuring instruments, supplies. It is definitely a red flag to an auditor (in-house, customer, or third party) to approach a work station and see documents laying about or posted which appear to be "private stash" versus authorized attachments to work orders or official posters placed by the organization. The cost of printing is far less than the cost of one mis-manufactured order because an operator worked from an obsolete document.
Our QM says our welders are "certified to ASME section 9?, (we build pressure vessels (boilers), heat exchangers, etc.) that require the higher, ASME code, standard of work, many welds even require x-rays. So the answer is ?yes? to both questions. Thus this code manual falls under 4.2.3 ?All documents required by the quality management system shall be controlled.? I am not disputing this NC, it is legitimate for our business. What I am questioning is managements? intent by their trying to circumvent the management system and not controlling distribution of ?necessary procedures?.

Two such sets of 'necessary procedures' for "quality of product" are our Weld Procedures (WPs) and 'machining guidelines' (formerly known as: SOPs). They want to print these and place them in binders at multiple locations in the shop, for use by the welders and machinists as they need them. But they do not want to control these printed versions, their reason, ?they won?t ever change?, and I know the user will not verify this is still the current version.
 
K

kgott

#5
Re: Controlling documents that most likely won't change...ever

WES BUCEY ON CONTROLLED DOCUMENTS
"Control" is merely a subset of Document Management, as is "Configuration Management."

  1. a review schedule is kept and followed to review the document at set time periods to determine if it can be reaffirmed, needs to be updated, or should be archived or destroyed as obsolete.
Our document control procedure says ..... documents are reviewed when:



investigation into root causes of problems indicates that the contents of a company document may be a contributing factor and review is warranted.


when there is a change in business process and review of appropriate documentation may be warranted.


when contracts with clients have requirements that may indicate that review of documents is appropriate.


when requested to do by clients


when audits indicate deficiences may exist in the relevant documentation.


at any time management requests that review take place.
 

Wes Bucey

Prophet of Profit
#6
Re: Controlling documents that most likely won't change...ever

[/LIST]
Our document control procedure says ..... documents are reviewed when:

investigation into root causes of problems indicates that the contents of a company document may be a contributing factor and review is warranted.

when there is a change in business process and review of appropriate documentation may be warranted.

when contracts with clients have requirements that may indicate that review of documents is appropriate.

when requested to do by clients

when audits indicate deficiences may exist in the relevant documentation.

at any time management requests that review take place.
What your company does is fine - there is no International Standard which lists a "shall" for regular and periodic review of documents. It is, however, an Opportunity for Improvement, to periodically review documents to clear out old and obsolete documents which may NOT have been a contributing factor in root cause investigations (Configuration Management should take care of that aspect.)

Perhaps if I illustrate with just ONE example I came across last year on a consulting assignment:
This small company of less than 100 personnel had a file room that was the size of a typical 7-11 or Stop-N-Go convenience store. I casually asked, "What's in all these files?" The answer: "EVERYTHING!" Even though the company had switched to all CNC machining centers from old Browne & Sharpe and Bridgeport equipment more than ten years previously, they still had all the manuals, maintenance schedules, and operator qualification records (most of the operators in the records had moved on to the Great Machine Shop in the Sky) of those machines dating back to 1947, the year of the company's incorporation.

A quick survey and calculation resulted in a cost factor for keeping all old, obsolete documents of every type from year one of the organization was costing the organization close to $50,000/year more than a streamlined paper system would cost and $100,000 more than a computerized system would cost, even factoring in the cost of periodic review of all existing and future documents. The key is not to use the same schedule for EVERY document, but to use a reasoned schedule for different types of documents, keeping tax, regulatory, and customer requirements in mind as each new document is created.
 
Thread starter Similar threads Forum Replies Date
M Document Control - Applying Suitable Identification to Obsolete Documents ISO 13485:2016 - Medical Device Quality Management Systems 5
L Control of Documents ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 29
C Corrective action for failure in documents control ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
C Document Control Stamps - Does anyone still stamp their documents? Document Control Systems, Procedures, Forms and Templates 24
R Process control documents - Context of API Spec Q1, Clause 5.7.1.3 Other ISO and International Standards and European Regulations 0
qualityegghead ISO13485:2016 4.2.4 Control Of Documents - Lifetime of the Medical Device ISO 13485:2016 - Medical Device Quality Management Systems 3
C Defining Approvals Required for Design Control Documents ISO 13485:2016 - Medical Device Quality Management Systems 6
N Responding to NADCAP nonconformance - Control of External Documents AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
B Control of Duplicate Documents - Limited Scope (long) Document Control Systems, Procedures, Forms and Templates 5
P Document Control - Do hard copies of documents need to be signed? Document Control Systems, Procedures, Forms and Templates 3
M Retiring documents in Document Control Procedures ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
R Managing Level 3 Production Documents - Document Control System Help Document Control Systems, Procedures, Forms and Templates 6
M Document Control Management - External documents flowed down from customers Document Control Systems, Procedures, Forms and Templates 2
S AS9100 Control of Documents and SAP Implementation Document Control Systems, Procedures, Forms and Templates 1
M Control of External Documents such as customer manuals AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 28
Gman2 Control of Documents and (FORMS) on a Computer Network ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 16
T Information Gathering Documents and Document/Record Control Requirements Document Control Systems, Procedures, Forms and Templates 9
T Customer Specific Documents and Records - ISO 9001 Control Requirements ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
C Control of Records - Differences between Controlled Documents and Controlled Records Records and Data - Quality, Legal and Other Evidence 18
drgnrider Control of External Audit Notes and Documents Document Control Systems, Procedures, Forms and Templates 8
U Do we have to have foreign legal documents? (ISO13485 4.2.3 document control) ISO 13485:2016 - Medical Device Quality Management Systems 3
A Company Name Change & Control of Documents Document Control Systems, Procedures, Forms and Templates 9
C Document Control - Details to include on Documents Document Control Systems, Procedures, Forms and Templates 2
N Control of Documents Scope - Product Specifications ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
J ISO/IEC 17025 - Which External Documents require control? ISO 17025 related Discussions 6
S Read Only & Password Protected - Sufficient to Control Documents under 4.2.3? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
W Control of Obsolete Documents Document Control Systems, Procedures, Forms and Templates 21
T Are Control Plans "Summary Documents" not meant to replace Work Instructions? IATF 16949 - Automotive Quality Systems Standard 3
C Control of Documents Procedure - Audit Nonconformance Document Control Systems, Procedures, Forms and Templates 30
Q Control Of Documents and Forms - Formats and Numbering Document Control Systems, Procedures, Forms and Templates 3
Q Control of Customer Documents (Documents of External Origin) AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
T Document Control Master List for Obsolete Documents Document Control Systems, Procedures, Forms and Templates 6
K Control of Documents or Control of Records? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 27
S Referencing other documents in Control Plans Quality Manager and Management Related Issues 5
F Nonconforming Product Procedure vs. Control of Documents ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
L How to control some Documents and Records (ECN's and ECR's) Document Control Systems, Procedures, Forms and Templates 1
P Electronic Record Control (Specifically editable records not fixed documents!) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
C Document Control using Wiki - Cannot Create all Documents as Wiki Pages Document Control Systems, Procedures, Forms and Templates 10
G Document Control-AS9100 - Marking of Documents as Master Copy of Controlled Copy AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
B Reusing paper of Obsolete Documents to Control Waste Document Control Systems, Procedures, Forms and Templates 12
S Document Control - Different documents which must be controlled not identified Document Control Systems, Procedures, Forms and Templates 11
R Which documents to control apart from QMS related procedures? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 23
K Link between Control of Documents, CPAR & Control of Non-Conforming Product Procedure ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
C Control of Documents - Converted online in SharePoint Document Control Systems, Procedures, Forms and Templates 9
T External Document (Documents of External Origin) Control Template example wanted Document Control Systems, Procedures, Forms and Templates 14
A Designing a Documents Control System from scratch (in a php intranet) Document Control Systems, Procedures, Forms and Templates 5
R Control of Documents - Drawing (soft copy) for further work by other Consultants Document Control Systems, Procedures, Forms and Templates 1
H 4.2.3 Document Control using Microsoft Sharepoint - Visibility of Draft Documents ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
C Controlling Documents: Beyond the standard, how do we truly define what to control ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
T Living Documents which change every day - Control or Uncontrolled? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12

Similar threads

Top Bottom