Translating Audit Check List to Guidelines - Paperwork Reductions


Quite Involved in Discussions

I had a checklist that I would like to transform into a set of guidelines since I would like to reduce the paperwork. This checklist in used during our audit. This was been filled up then filed. We do it twice a day. We consume a lot of paper. :frust:

My problem now is this, since it is a checklist, we considered it as a form. I put a form number in it. Then, as I write a change notice, would it be possibly that form can be transformed into a guidelines. e.g. From F-01 Rev A. To G-01 Rev. A. Wherein F stands for Form, while G for Guidelines. :eek:

Do I have to include this in our Document Control Procedure? How I would be able to document this changes? Am I not violating any rules?
This seems to be very conflicting to me. :bigwave:

Any feedback would be appreciated.
Thanks in advance,
Elsmar Forum Sponsor

Laura - 2003

Doc control...a b***er

Make the form obsolete, and get rid in accordance with your procedure, then create a so called 'new' guideline (which is based on the form) in accordance with procedure.

The idea is to ensure that everyone is holding and using the most up to date and correct information. If you eliminate the obsolete form and distribute the guidelines to the relevant personnel and controlling any subsequenet changes to the guidelines, you shouldn't have any probs.

Does that make sense?


M Greenaway

Doc Control


It seems from your post that you are asking if you still need to operate document control practices on your guideline document, now that it is no longer a form.

My thoughts are that no matter what you call this document it should be controlled in some way if it is issued as a 'standard' document that either defines the process in some way, or is retained as a Quality Record.

By creating 'guidelines' you might well be merely re-creating existing systems under a new title. I have issued checklists to be used in audits but have always said that they are compiled and issued by myself for that specific audit only, hence have no need to be a controlled form (this is a bit tongue in cheek, but so far so good).

You could alternatively issue your guidelines in your procedure, if they are general enough.



I have to agree with M. Greenway. We too have quite a few guidlines per say, which we still maintain in a controlled enviroment.

The managers prefer to call them "guidlines" instead of procedures, because it sound less serious, and that the auditor will skip it because it is "a guidline". However, in our November audit ( ISO 9001-2k) The external auditor did ask to see the controlled enviorment of the guidline we had published.

Which personally to me makes sense, because customers change, companies change, so guidlines change!

Talk to you soon!

Laura - 2003

Guidelines to guide.


I agree with you about change control.

I am trying to ensure that staff at my place do not confuse the differences between a procedure and guidance documents, although we both know they should be controlled.

I ensure that guidelines are maintained at a local level by the department that performs the function, it is their responsibility that they control the changes.

The procedures are managed by me and published throughout the organisation, thus ensuring that change control is maintained, that everyone has access to the correct information and that cross functional communication is established without getting messy in detail!

I have been asked by assessors about how guidelines have been controlled and I myself also audit this internally. This way, we know its happening and encourages regular review of the guidelines by the relevant areas.

My last company had a 'local work instructions' which issued direction on how to control guidelines and who should ratify them.


Just a question for discussion

What is it that requires every document in a company to be controlled? The standard says "documents and data that relate to the standard" but do all forms and documents used in your company relate to the standard?

A good example would be the "guidelines" you mention. What would happen if they were not followed? Would it have an effect on the product? If you say yes, they can't really be a guideline, they would be required. If it didn't matter if they were followed, then it probably wouldn't matter if it was today's guideline or yesterday's guideline so would it really matter if it was controlled?

The same thing with a form. Lets assume there is no criticality in having the same information (in that case we would control the form) filled in by every user. Contact notes come to mind here. The information on the form becomes "data" and must be controlled but what about the blank form itself? Without data, it has nothing to do with anything. Throw it away, use the back as scrap paper, whatever. Does it have to be controlled? Can I put my data on a note pad and you put yours on the form? Would data on the note pad be a nonconformance because I didn't use the latest revision?

I once heard a registrar's auditor tell a roomfull of people that all signs posted in the workplace had to be controlled. This, he said, included post-it notes placed on a machine by an operator to remind herself of thread coverage requirements so she wouldn't have to refer to the job spec on the table behind her.

Do we "overkill" this requirement and controll everything just "because"? No wonder it is listed as the largest cause of nonconformance. The standard certainly requires control for documents and data that relate to the requirements of the standard. This doesn't say though that control is required for everything that relates to the standard - just to the requirements. This would seem to allow judgement in the sense that if a document or form related to the business but not necessarily to the requirements the company could decide if it mattered if a document were changed for a particular use or if a form was the same company wide.

A good example of the distinction here would be training records. The company policy and procedure on training and record retention would be required to be controlled. Unless you specifically say so in your procedures, would it matter how the training in each department/area were recorded? If in one place they used a hardcopy card and another they used a computer, would it really matter? If the answer is no, then why would you make the card a controlled document? If the answer is "to keep the auditor happy", I think we have created another monster.

What if when an auditor asked why a guideline wasn't controlled. you simply said there is no need to control it? Any other thoughts?


M Greenaway

Great post Dave - agree entirely.

If the purpose of a guideline is not to mandate how to do something, just offer advice on best practice which can be followed or not, then there is no need to control it and you shouldnt audit against it.


Still plugging along

I've been through this same soulsearching type of argument with myself (because I didn't want to have to control everything). I have a post somewhere around here where I was asking if I absolutely had to "control" some guidelines that I had written for the new doc control administrators.

My thoughts now are that if it is necessary for the function of a process or to demonstrate the effective working or control of a process, then it has to be controlled. It doesn't matter if it affects the product, because we have to control our processes too.

It is hard to find documents within a company that don't apply somehow to one of the QMS processes, that would be exempt from control. Examples might be personnel-type forms like expense reports, vacation requests, etc.

But even with something like vacation requests, you may have policies that only so many from a particular department or position can take vacation at the same time because of the impact to the company's ability to function ( sorry customer, we can't install that windshield for you today. All of our windshield installers are in Cancun.:vfunny: )

So while the form that the request is made on may not seem so important, whatever database or other means of recording the scheduling is very important and may become your record. That database needs specific information for its integrity.

The purpose of having a controlled form is to ensure that all of the necessary information is provided. If there is a piece of information that is needed, and not provided because you allow alternate ways of providing it, then you have failed to control your process.

However, although almost everything needs 'control', we are thankfully left to determine the level and means of appropriate control.

An auditor once told me that he doesn't stress over whether a form is the current revision or not so long as the necessary information for the process to function is there. And he added, "but if there are instructions on the form, such as a test procedure, then that is a different story".



Great thoughts. Not to be argumentative, but to continue the line of thought - I agree, if information is absolutely necessary, you should control the document but what if the information is not all that critical?

My thinking is that there are many instances where the company should be making a decision on what truly needs to be controlled and following M. Greenway's thought, what should be subject to audit.

Anyone else got some input on this one?



Summary of my thoughts on this issue

Well, I guess my thoughts on the whole thing out "To Control or not to Control" is.... It is a lot easier to train people to thinking "controlling" eveything, rather then well you can control that, but not that.

This way, I believe it's an evolution. They train themselves in thinking that way, and employees tend to come to me and ask, "This is the reason why I am controlling this, is this ok?"

To, me we have a paperless system so it's easy, but I'm sure for the manual systems it could be a bit more challenging!

Thread starter Similar threads Forum Replies Date
E Translating from Automotive to Medical Device industry - [email protected] Other Medical Device Related Standards 2
G Comparing Gauge Blocks - Translating the calibration between the master set and the QA set General Measurement Device and Calibration Topics 2
Q Translating FDA Searches - Neonatal incubator weigh scales US Food and Drug Administration (FDA) 5
M Translating and Rotating Rules when programming or measuring with a CMM Inspection, Prints (Drawings), Testing, Sampling and Related Topics 4
E Translating AQL to a Production Line Inspection Plan AQL - Acceptable Quality Level 14
A Procedure for Translating User Documentation to comply with MEDDEV 2.5/5 Other Medical Device Regulations World-Wide 14
C Questions in translating AS9104/3 into Chinese AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
Gert Sorensen Help translating abbreviations and acronyms from DDW to plain english? IATF 16949 - Automotive Quality Systems Standard 3
R What is this formula? Translating Gage R&R result to something easy to grasp Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 2
T Translating C/1000 to PPM Customer and Company Specific Requirements 4
B IATF16949 audit requirement - Auditor request UCL and LCL must be show Xbar-R, IATF 16949 - Automotive Quality Systems Standard 6
T COVID, Furlough and ISO9001 Surveillance Audit Coffee Break and Water Cooler Discussions 2
R External Audit and Certificate prorogation due to the pandemic General Auditing Discussions 10
Dean Bell Implementation of Controls as per SOA for Stage 2 Audit IEC 27001 - Information Security Management Systems (ISMS) 0
G Logistic organization and controls - IATF/ISO 9001 audit Nonconformance and Corrective Action 2
Geoff Cotton Performing a Delta Audit General Auditing Discussions 12
N ISO 19011:2018 - 5.4.2 "...audit program should engage in appropriate continual development..." Training - Internal, External, Online and Distance Learning 4
G MSA check list to audit IATF 16949 - Automotive Quality Systems Standard 8
L Open Positions During AS9100 Audit AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
L Stage 2 audit - Requirement for 3 months of records ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
F Who can sit in/perform an API audit? Oil and Gas Industry Standards and Regulations 2
L Manufacturing Process Audit Help IATF 16949 - Automotive Quality Systems Standard 6
H AS9100 Checklist for Internal Audit needed AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
A What are the pros and cons of using an audit software for internal auditing? General Auditing Discussions 4
F Internal Audit before Pre-Assessment ISO 17025 related Discussions 2
Q Internal audit plan template Internal Auditing 5
G Self Assessment Audit from a new potential customer General Auditing Discussions 3
L Internal audit during COVID-19 restrictions ISO 13485:2016 - Medical Device Quality Management Systems 5
M OEM asking for NC report after certification audit. IATF 16949 - Automotive Quality Systems Standard 3
Ooi Yew Jin Customer E audit preparation Quality Manager and Management Related Issues 2
N Audit non-compliance API Q1 - Use of External Documents 4.4.4 in Product Realization Oil and Gas Industry Standards and Regulations 4
J Remote Audit Experiences - June 2020 General Auditing Discussions 26
F Product audit sampling plans IATF 16949 - Automotive Quality Systems Standard 3
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
M Supplier Audit Report - Template for second party audit wanted Lean in Manufacturing and Service Industries 1
Stefan Mundt AS9100D Major nonconformity due to recurrence of a NC during a subsequent CB audit. AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
B Using Unreleased Documents & Process Maps for Internal Audit purposes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
Q ISO 9001:2015 man days for surveillance audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
F ISO 13485 - EU countries that could request another audit ISO 13485:2016 - Medical Device Quality Management Systems 2
H Layered audit updates after COVID-19 shutdowns Process Audits and Layered Process Audits 0
L How to deal with an ISO 13485 Supplier Audit nonconformance ISO 13485:2016 - Medical Device Quality Management Systems 17
M Description of the requirements of clause manufacturing process audit- needs your feedback IATF 16949 - Automotive Quality Systems Standard 0
Armen Conflict of Interest if I audit the QC department? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 16
V Generic IATF 16949 Audit Checklist wanted IATF 16949 - Automotive Quality Systems Standard 3
A NB (Notified Body) Audit of Standards ISO 13485:2016 - Medical Device Quality Management Systems 3
N Audit non-compliance - API Spec Q1 9th Ed b Oil and Gas Industry Standards and Regulations 10
M Any way to execute VDA 6.3 audit remotely? VDA Standards - Germany's Automotive Standards 2
D Audit for ISO and AS 91XX and mitigating exposure to COVID-19 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
D Postpone IATF 16949 audit due to COVID-19 IATF 16949 - Automotive Quality Systems Standard 41
JoCam Certified Body Audit of MDR requirements EU Medical Device Regulations 4

Similar threads

Top Bottom