SBS - The Best Value in QMS software

Translating Audit Check List to Guidelines - Paperwork Reductions


Quite Involved in Discussions

I had a checklist that I would like to transform into a set of guidelines since I would like to reduce the paperwork. This checklist in used during our audit. This was been filled up then filed. We do it twice a day. We consume a lot of paper. :frust:

My problem now is this, since it is a checklist, we considered it as a form. I put a form number in it. Then, as I write a change notice, would it be possibly that form can be transformed into a guidelines. e.g. From F-01 Rev A. To G-01 Rev. A. Wherein F stands for Form, while G for Guidelines. :eek:

Do I have to include this in our Document Control Procedure? How I would be able to document this changes? Am I not violating any rules?
This seems to be very conflicting to me. :bigwave:

Any feedback would be appreciated.
Thanks in advance,
Elsmar Forum Sponsor

Laura - 2003

Doc control...a b***er

Make the form obsolete, and get rid in accordance with your procedure, then create a so called 'new' guideline (which is based on the form) in accordance with procedure.

The idea is to ensure that everyone is holding and using the most up to date and correct information. If you eliminate the obsolete form and distribute the guidelines to the relevant personnel and controlling any subsequenet changes to the guidelines, you shouldn't have any probs.

Does that make sense?


M Greenaway

Doc Control


It seems from your post that you are asking if you still need to operate document control practices on your guideline document, now that it is no longer a form.

My thoughts are that no matter what you call this document it should be controlled in some way if it is issued as a 'standard' document that either defines the process in some way, or is retained as a Quality Record.

By creating 'guidelines' you might well be merely re-creating existing systems under a new title. I have issued checklists to be used in audits but have always said that they are compiled and issued by myself for that specific audit only, hence have no need to be a controlled form (this is a bit tongue in cheek, but so far so good).

You could alternatively issue your guidelines in your procedure, if they are general enough.



I have to agree with M. Greenway. We too have quite a few guidlines per say, which we still maintain in a controlled enviroment.

The managers prefer to call them "guidlines" instead of procedures, because it sound less serious, and that the auditor will skip it because it is "a guidline". However, in our November audit ( ISO 9001-2k) The external auditor did ask to see the controlled enviorment of the guidline we had published.

Which personally to me makes sense, because customers change, companies change, so guidlines change!

Talk to you soon!

Laura - 2003

Guidelines to guide.


I agree with you about change control.

I am trying to ensure that staff at my place do not confuse the differences between a procedure and guidance documents, although we both know they should be controlled.

I ensure that guidelines are maintained at a local level by the department that performs the function, it is their responsibility that they control the changes.

The procedures are managed by me and published throughout the organisation, thus ensuring that change control is maintained, that everyone has access to the correct information and that cross functional communication is established without getting messy in detail!

I have been asked by assessors about how guidelines have been controlled and I myself also audit this internally. This way, we know its happening and encourages regular review of the guidelines by the relevant areas.

My last company had a 'local work instructions' which issued direction on how to control guidelines and who should ratify them.


Just a question for discussion

What is it that requires every document in a company to be controlled? The standard says "documents and data that relate to the standard" but do all forms and documents used in your company relate to the standard?

A good example would be the "guidelines" you mention. What would happen if they were not followed? Would it have an effect on the product? If you say yes, they can't really be a guideline, they would be required. If it didn't matter if they were followed, then it probably wouldn't matter if it was today's guideline or yesterday's guideline so would it really matter if it was controlled?

The same thing with a form. Lets assume there is no criticality in having the same information (in that case we would control the form) filled in by every user. Contact notes come to mind here. The information on the form becomes "data" and must be controlled but what about the blank form itself? Without data, it has nothing to do with anything. Throw it away, use the back as scrap paper, whatever. Does it have to be controlled? Can I put my data on a note pad and you put yours on the form? Would data on the note pad be a nonconformance because I didn't use the latest revision?

I once heard a registrar's auditor tell a roomfull of people that all signs posted in the workplace had to be controlled. This, he said, included post-it notes placed on a machine by an operator to remind herself of thread coverage requirements so she wouldn't have to refer to the job spec on the table behind her.

Do we "overkill" this requirement and controll everything just "because"? No wonder it is listed as the largest cause of nonconformance. The standard certainly requires control for documents and data that relate to the requirements of the standard. This doesn't say though that control is required for everything that relates to the standard - just to the requirements. This would seem to allow judgement in the sense that if a document or form related to the business but not necessarily to the requirements the company could decide if it mattered if a document were changed for a particular use or if a form was the same company wide.

A good example of the distinction here would be training records. The company policy and procedure on training and record retention would be required to be controlled. Unless you specifically say so in your procedures, would it matter how the training in each department/area were recorded? If in one place they used a hardcopy card and another they used a computer, would it really matter? If the answer is no, then why would you make the card a controlled document? If the answer is "to keep the auditor happy", I think we have created another monster.

What if when an auditor asked why a guideline wasn't controlled. you simply said there is no need to control it? Any other thoughts?


M Greenaway

Great post Dave - agree entirely.

If the purpose of a guideline is not to mandate how to do something, just offer advice on best practice which can be followed or not, then there is no need to control it and you shouldnt audit against it.



I've been through this same soulsearching type of argument with myself (because I didn't want to have to control everything). I have a post somewhere around here where I was asking if I absolutely had to "control" some guidelines that I had written for the new doc control administrators.

My thoughts now are that if it is necessary for the function of a process or to demonstrate the effective working or control of a process, then it has to be controlled. It doesn't matter if it affects the product, because we have to control our processes too.

It is hard to find documents within a company that don't apply somehow to one of the QMS processes, that would be exempt from control. Examples might be personnel-type forms like expense reports, vacation requests, etc.

But even with something like vacation requests, you may have policies that only so many from a particular department or position can take vacation at the same time because of the impact to the company's ability to function ( sorry customer, we can't install that windshield for you today. All of our windshield installers are in Cancun.:vfunny: )

So while the form that the request is made on may not seem so important, whatever database or other means of recording the scheduling is very important and may become your record. That database needs specific information for its integrity.

The purpose of having a controlled form is to ensure that all of the necessary information is provided. If there is a piece of information that is needed, and not provided because you allow alternate ways of providing it, then you have failed to control your process.

However, although almost everything needs 'control', we are thankfully left to determine the level and means of appropriate control.

An auditor once told me that he doesn't stress over whether a form is the current revision or not so long as the necessary information for the process to function is there. And he added, "but if there are instructions on the form, such as a test procedure, then that is a different story".



Great thoughts. Not to be argumentative, but to continue the line of thought - I agree, if information is absolutely necessary, you should control the document but what if the information is not all that critical?

My thinking is that there are many instances where the company should be making a decision on what truly needs to be controlled and following M. Greenway's thought, what should be subject to audit.

Anyone else got some input on this one?



Summary of my thoughts on this issue

Well, I guess my thoughts on the whole thing out "To Control or not to Control" is.... It is a lot easier to train people to thinking "controlling" eveything, rather then well you can control that, but not that.

This way, I believe it's an evolution. They train themselves in thinking that way, and employees tend to come to me and ask, "This is the reason why I am controlling this, is this ok?"

To, me we have a paperless system so it's easy, but I'm sure for the manual systems it could be a bit more challenging!

Thread starter Similar threads Forum Replies Date
E Translating from Automotive to Medical Device industry - [email protected] Other Medical Device Related Standards 2
G Comparing Gauge Blocks - Translating the calibration between the master set and the QA set General Measurement Device and Calibration Topics 2
Q Translating FDA Searches - Neonatal incubator weigh scales US Food and Drug Administration (FDA) 5
M Translating and Rotating Rules when programming or measuring with a CMM Inspection, Prints (Drawings), Testing, Sampling and Related Topics 4
E Translating AQL to a Production Line Inspection Plan AQL - Acceptable Quality Level 14
A Procedure for Translating User Documentation to comply with MEDDEV 2.5/5 Other Medical Device Regulations World-Wide 14
C Questions in translating AS9104/3 into Chinese AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
G Help translating abbreviations and acronyms from DDW to plain english? IATF 16949 - Automotive Quality Systems Standard 3
R What is this formula? Translating Gage R&R result to something easy to grasp Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 2
T Translating C/1000 to PPM Customer and Company Specific Requirements 4
X Sample SOC2 audit report (or a redacted one) IEC 27001 - Information Security Management Systems (ISMS) 0
D Lead time to schedule an ISO 13485 audit Auditing Quality and Environmental Management Systems 2
G Organizing internal audit program for an Integrated QHSE Management System Internal Auditing 13
S Does anyone have a checklist to prepare for ISO 13485, Stage I audit? ISO 13485:2016 - Medical Device Quality Management Systems 1
W How do you phrase your internal audit questions? Internal Auditing 3
Z Steps to take before an MDSAP audit for Canada Canada Medical Device Regulations 2
V Csv, excel format - audit trail file of HPLC system ( Empower, openlab, EZchrom or any other ) Qualification and Validation (including 21 CFR Part 11) 0
G Not accepting a non conformity during an audit General Auditing Discussions 11
K IATF audit day requirements table 5.2 IATF 16949 - Automotive Quality Systems Standard 6
Q ISO 9001/IATF 16949 Audit Finding Question - Document Retention IATF 16949 - Automotive Quality Systems Standard 10
M IATF - Internal Audit 3 year span Internal Auditing 4
Q Audit report template ISO 9001/14001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
Q ISO 9001-2015 Internal audit finding Internal Auditing 12
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
P Audit check for IT company (ISO 9001) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
D Supplier audit Medical Device and FDA Regulations and Standards News 2
M Go Live With New ERP System before Recertification Audit General Auditing Discussions 6
A Add MDSAP to Internal Audit Schedule Medical Device Related Regulations 0
A Define timeline for Major and Miner Audit finding General Auditing Discussions 4
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
A API Monogram audit review process Oil and Gas Industry Standards and Regulations 4
S IATF 16949 Internal Audit Example IATF 16949 - Automotive Quality Systems Standard 11
B Remote IATF 16949 audit preparation General Auditing Discussions 10
M AS9100D Registrar pre-audit requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 15
I Do I need to sign off my annual audit calendar? Internal Auditing 2
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
M Nice and simple invitation email to an audit kickoff meeting Internal Auditing 1
M IATF 16949 - Audit of Remote Location/Support Site and IT IATF 16949 - Automotive Quality Systems Standard 4
Q IATF audit - Root Cause Analysis results IATF 16949 - Automotive Quality Systems Standard 5
Q Self-assessment audit information Quality Management System (QMS) Manuals 6
Le Chiffre Online training available for ISO/IEC 17021-1: Requirements for bodies providing audit and certification of management systems Training - Internal, External, Online and Distance Learning 3
xfngrs NIOSH Audit for N95 respirators US Food and Drug Administration (FDA) 1
Sidney Vianna IATF 16949 News Risked Based Audit Day Calculation IATF 16949 - Automotive Quality Systems Standard 2
T AS9100 audit due to facility move AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
M ISO 13485:2016 internal audit checklist Medical Device and FDA Regulations and Standards News 5
A Internal Audit Questions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
B SAP Audit trail Periodic Review EU Medical Device Regulations 2
N What are the software audit and control steps Reliability Analysis - Predictions, Testing and Standards 2
R Gap Audit Aerospsace and Rail QMS Quality Manager and Management Related Issues 0
salaheddine96 Internal audit planning Internal Auditing 2

Similar threads

Top Bottom