Informational Required Documents/Records in ISO 9001:2015

drgnrider

Quite Involved in Discussions
#1
After reading through CD-ISO-9001, unless I am missing something, these are all that I see that will be required:

what we currently refer to as documents:
- [4.3] Scope & justifications for exclusions (limited to 7.1.4 and 8)
- [5.2] Quality Policy
- [6.2.a-g] Quality Objectives and information

what we currently refer to as records:
- [7.1.4] Evidence of fitness of monitoring & measurement equipment
- [7.2.d] Evidence of employee competence
- [7.5.b] Information determined by the organization as being necessary
- [8.1.c] Information that processes have been completed as planned
- [8.2.3] Basically Order intake & processing)
- [8.4.2] Provider evaluations (ability to provide)
- [8.4.3] (Basically Purchase Order)
- [8.4.3] Provider evaluations (performance)
- [8.6.2] Unique identification for traceability
- [8.6.3] Customer property lost, damaged, or unsuitable
- [8.6.6] Review of change
- [8.7] Evidence of conformity
- [8.7] Person releasing to customer
- [8.8] Nonconforming goods and actions taken
- [9.1.1] Records that monitoring and measurement have been completed
- [9.2.f] Audits were held and results
- [9.3] Results of Management Review
- [10.1.a] Nature of nonconformance's and actions taken
- [10.1.b] Results of Corrective Actions

It appears that as long as everyone knows our processes, we do not need to have anything in writing. I did not see anything that states we need to have processes in writing, although some should be.

Have I missed something? :confused:
 
Elsmar Forum Sponsor

Sidney Vianna

Post Responsibly
Staff member
Admin
#2
Re: Required Documents/Records in 9001:2015

Have I missed something? :confused:
Yes, you have missed the requirement that states:
The organization’s quality management system shall include documented information determined by the organization as being necessary for the effectiveness of the quality management system.
By understanding the context of the organization, stakeholder expectations and considering the risks associated with undocumented, poorly documented and erroneously documented processes, the organization should determine (for themselves) the extent of documentation they would have to generate and control to support their business processes. Unless something changes significantly, ISO 9001:2015 will force organizations to adequate command media and records to it's context. If you are a supplier of highly complex products and deploy highly complex business processes, you should know that you CAN'T run a successful enterprise by uncaptured/non-managed tribal knowledge alone.

I remember back in the 1990's when thousands of Mil standards were cancelled (those that led to a US$18,000 hammer purchased by the DoD) and suppliers were forced to (think) and propose commercial (performance based) standards in it's place.

As it is shaping up, ISO 9001:2015 will force organizations to do some soul searching and think how their QMS should be designed, maintained and improved to support the business. I know that represents a challenge for some obtuse "quality" professionals out there, but the ones who see this latitude as an opportunity, should thrive.

Yes, (external) "auditability" of this approach will be really challenging, but, we should NOT constrain standards and systems for ease of external audit purposes.
 

Marcelo

Inactive Registered Visitor
#3
Re: Required Documents/Records in 9001:2015

Another way to look at it: if you do not need documentation to guarantee that the process meets its objective, you do not need to document it. If you do, you need to document it. This approach is already in the current version in "documents, including records, determined by the organization to be necessary to ensure the effective planning, operation and control of its processes".

Document Auditing a QMS which has minimum documentation also mentions the principle: Thereafter, the necessity for any documentation should be evaluated in the light of the observed need for consistency, and the role that any documentation could play in avoiding any significant, identified risks.
 

Marc

Hunkered Down for the Duration
Staff member
Admin
#4
Re: Required Documents/Records in 9001:2015

<snip> It appears that as long as everyone knows our processes, we do not need to have anything in writing. I did not see anything that states we need to have processes in writing, although some should be.

Have I missed something?
Nope - That's pretty much it.

From a client back in 1999:

Anaren said:
--> Subject: Results?
--> Date: Thu, 24 Jun 1999 16:29:21 -0500
--> From: Anaren
--> To: Marc Smith
-->
--> Well, as you anticipated, we "passed" with relatively few problems.
--> We had only 7 isolated non-conformities across 5 elements. Details
--> are in the attached file. The auditor said that this was a very
--> good result when compared to other registration audits he has
--> performed. All I can say is I am glad it was successful and Marty
--> said that she was happy to finally win! Once again, thanks for the
--> help. You're advice was extremely important. Especially important,
--> at least in my opinion, was your help in determining where we did
--> not need to document every last thing (by using training, etc.). I
--> think that without this input, we would have spent a lot more time
--> writing things that we did not need and wasted a lot of peoples'
--> time.
We were able to get the audit (sic) done in a year while we are
--> achieving record sales and profits. Who can argue with that?
Companies that didn't require much documentation before still won't. Companies that did still will.

The Draft standard still calls out some specific *documentation/records* such as "...Documented information describing the results of the review of changes and any necessary actions shall be maintained...." and "...audit - systematic, independent and documented process...". In this respect your list is pretty good.

So - It's not a free for all. It really hasn't changed much other than 9 (or what ever) specific "documented procedures" are not called out as plainly as it the past. The tradeoff as I see it is more requirements for specific records.

The biggest thing I see is major re-wording so that people and companies will shell out hundred$ of thou$and$ of $$$$ (or what ever currency) to consultants and companies to "explain" the changes and to buy the new standard. This is not to mention companies will spend in time/$$$ to "change" what ever is "necessary" to comply with the standard even though the changes likely will be totally unnecessary.

Since I "found" ISO 9001 in 1990 I thought then, and still think, everything in ISO 9001 is basic business common sense. A company should not need a "standard" to tell them to do these basics.
 

TPMB4

Quite Involved in Discussions
#5
And with the complete re-numbering of the standard people will need to re-write their Manual to match!! :D:sarcasm:

<I hope that you know I am joking. When i first started in quality one more experienced person told me one of my jobs was to help re-write the QMS. I was then shown the existing 15 page manual and then the work in progress. It was a complete copy of the standard but expanded to something like 67 pages plus a whole shed load of procedures, WI and other documents. I think it was one copied from the internet and was being tweaked to "suit the company". I still have it and use it for inspiration, as in what not to do.

I do wonder what the sample manuals that will come out of it on the internet will look like though. Will this version of the standard force those people who mimic the standard to think and write something right for them? Can a standard do that in the real world??
 
Last edited:

drgnrider

Quite Involved in Discussions
#7
Re: Required Documents/Records in 9001:2015

By understanding the context of the organization, stakeholder expectations and considering the risks associated with undocumented, poorly documented and erroneously documented processes, the organization should determine (for themselves) the extent of documentation they would have to generate and control to support their business processes. Unless something changes significantly, ISO 9001:2015 will force organizations to adequate command media and records to it's context. If you are a supplier of highly complex products and deploy highly complex business processes, you should know that you CAN'T run a successful enterprise by uncaptured/non-managed tribal knowledge alone.
@Sidney, No I did not miss that "shall", it is an "if the company feels they need it", (unlike the currently required Quality Manual and five other "shalls"). I do like your explanation above, I have a number of managers I was trying to determine how to inform them, but you summed it up pretty well. :agree1:



It really hasn't changed much other than 9 (or what ever) specific "documented procedures" are not called out as plainly as it the past. The tradeoff as I see it is more requirements for specific records.
@Marc, this is what I was seeing, but was not sure I was reading it right since there were really no "required documents", just a lot more records.

Of course, you can't say what the business "is" without some sort of document, but the 'process procedures' are "only if needed".


Since I "found" ISO 9001 in 1990 I thought then, and still think, everything in ISO 9001 is basic business common sense. A company should not need a "standard" to tell them to do these basics.
Absolutely agree! But then you have those that require that someone else have proof they know how to run a business. It just feeds into the vicious cycle.
Back in 2001, to satisfy 9001:2000, I had to write more than a few procedures; my how-to notes (2-pages) became company standards (10-pages) even though I was the only one doing the process. For almost two weeks we had over 200 high-paid engineers unnecessarily documenting 90% of our processes. :mg:

:thanks:
 
K
#9
Back when TS16949 made the change from all the required procedures to the 7 - it was an opportunity to change to more process owner and practical oriented "procedures" and system. In other words, we tore the old system down and kept only the part that was needed and relevant.
It sounds like the change to the "new ISO9001-2015" may be an opportunity to do the same. With my recent change, I have inherited a system that is dis-jointed and the majority of the people still look at any ISO as "let's open the box and see what we have to do to meet the requirements". "OK, that's done put it away until it is time again." ISO9001 (and 14001) are not a part of the operating business, they are lines to be checked. So it looks like I may be able to use the new issue to help the culture and mind shift I am working on here.
 

John Broomfield

Staff member
Super Moderator
#10
After reading through CD-ISO-9001, unless I am missing something, these are all that I see that will be required:

what we currently refer to as documents:
- [4.3] Scope & justifications for exclusions (limited to 7.1.4 and 8)
- [5.2] Quality Policy
- [6.2.a-g] Quality Objectives and information

what we currently refer to as records:
- [7.1.4] Evidence of fitness of monitoring & measurement equipment
- [7.2.d] Evidence of employee competence
- [7.5.b] Information determined by the organization as being necessary
- [8.1.c] Information that processes have been completed as planned
- [8.2.3] Basically Order intake & processing)
- [8.4.2] Provider evaluations (ability to provide)
- [8.4.3] (Basically Purchase Order)
- [8.4.3] Provider evaluations (performance)
- [8.6.2] Unique identification for traceability
- [8.6.3] Customer property lost, damaged, or unsuitable
- [8.6.6] Review of change
- [8.7] Evidence of conformity
- [8.7] Person releasing to customer
- [8.8] Nonconforming goods and actions taken
- [9.1.1] Records that monitoring and measurement have been completed
- [9.2.f] Audits were held and results
- [9.3] Results of Management Review
- [10.1.a] Nature of nonconformance's and actions taken
- [10.1.b] Results of Corrective Actions

It appears that as long as everyone knows our processes, we do not need to have anything in writing. I did not see anything that states we need to have processes in writing, although some should be.

Have I missed something? :confused:
drgnrider,

One small point. Rather than "knowing your processes" you need to know your undocumented procedures.

Please compare the definitions of process and procedure.

Briefly, process is the work and procedure is the specified easy to carry out the work.

John
 
Last edited:
Thread starter Similar threads Forum Replies Date
H Is "Master Documents and Records list" required per ISO 9001 ? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
O What are typical records of different documents required by ISO9001? Records and Data - Quality, Legal and Other Evidence 2
L ISO 14001 4.4.4 d) - What exactly are the documents and records required by ISO 14001 ISO 14001:2015 Specific Discussions 3
I QMS documents required at each stage of Software development IEC 62304 - Medical Device Software Life Cycle Processes 5
C Defining Approvals Required for Design Control Documents ISO 13485:2016 - Medical Device Quality Management Systems 6
Marc IAF Mandatory Documents (MD Series) - Required to be used by certification bodies ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
F The depth of the required Design Documents ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
M Which documents are required for a class I medical device listing US Food and Drug Administration (FDA) 4
S Clarification in organizing required documents for ISO 27001 IEC 27001 - Information Security Management Systems (ISMS) 6
X Documents required by the quality management system shall be controlled ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
S Minimum documents required by AS9100 AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 3
N What Documents are Required for each ISO 9001 Requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
G Rookie to the ISO 9001:2008 World - Required Procedures and Documents ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
M AS9100 Clause 4.2.3 requirements - Documents required by the QMS shall be Controlled AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 13
T Control of Safety Documents Required? ISO 9001:2008 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
R What Documents are required for Application of Brazilian INMETRO IEC 60601 - Medical Electrical Equipment Safety Standards Series 5
K Documents required to display/keep during ISO 9000 Audit in EPCC firm ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
W Electronic Distribution of Controlled Documents: Validation required? Qualification and Validation (including 21 CFR Part 11) 5
J ISO 9001:2008 Clause 4.2.3 - What are the required documents? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
C ISO 3834-2 references ISO 3834-5 for the list of documents required for conformity Other ISO and International Standards and European Regulations 1
M All Internally Generated Documents ? Required to be Controlled or Not All? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 19
C Control of Documents - Is a unique format required? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
S Required documents for Class III Medical Device in Yemen Other Medical Device Regulations World-Wide 3
M List of documents required for engineering service project (CAD/CAM) AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 4
V What documents are required for Education and Training in AS9100 Internal Auditing 3
A Documents required for ISO 17020 vs. ISO 9001? General Measurement Device and Calibration Topics 10
P Required Documents and Document Control in Human Resources for ISO 9001:2000 Document Control Systems, Procedures, Forms and Templates 5
P New product Design & Development for automotive requirements - Documents required Design and Development of Products and Processes 4
T Using References - Required in Quality Documents? Document Control Systems, Procedures, Forms and Templates 2
R Documents required for certification process - AS/EN/JISQ9100 AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 2
E New and revised documents - Acknowledgement of distribution required? Document Control Systems, Procedures, Forms and Templates 3
E Level 3 PPAP with only a few of the required documents? APQP and PPAP 3
R TS16949 Grandfather documents - Control Plans - Required or not based upon date FMEA and Control Plans 4
Howard Atkins TS 16949 Clause 4.2.1 - Required Documents IATF 16949 - Automotive Quality Systems Standard 15
G Control of External Documents - Which documents are required to be controlled? IATF 16949 - Automotive Quality Systems Standard 10
C How long we're required to keep supplier and our PPAP documents? Supplier Quality Assurance and other Supplier Issues 1
M Case study solution help required as per ISO 9001 : 2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 0
R Shall a new UDI-DI be required when stand-alone software device's version is updated? EU Medical Device Regulations 1
A Question on ISO 14001:2015 - Are annual audits required? ISO 14001:2015 Specific Discussions 8
M Is Validation of Plating Processes required and who is responsible? Qualification and Validation (including 21 CFR Part 11) 10
MDD_QNA Medical Device Software - Is a Help Button required? IEC 62304 - Medical Device Software Life Cycle Processes 1
O ISO 13485 - Is management review required before stage 1? ISO 13485:2016 - Medical Device Quality Management Systems 6
D Recent changes to ISO 14971 - SOP required for managing standard revisions ISO 13485:2016 - Medical Device Quality Management Systems 1
Jane's Like-for-like critical raw material change qualification - type of testing/ number of lots required ISO 13485:2016 - Medical Device Quality Management Systems 4
V Manufacturing requirements for respiratory ventilators - clean room required? Medical Device and FDA Regulations and Standards News 6
A When there is a 2 year lapse in production, is a full FAI required? AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 2
C Is it required to put"Rx only" on the home page of an app? Medical Device and FDA Regulations and Standards News 4
B IEC 60601-2-10 - Accuracy of Pulse Parameters - Required Measurement Uncertainty IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
S Is Optical Parallel Set required calibration? ISO 17025 related Discussions 1
R Is it required to have an SOP for external audits? Medical Device and FDA Regulations and Standards News 7
Similar threads


















































Top Bottom