Congrats on the implementation!vast majority of document control problems start with people and not process, or control tool.
I agree, and I guess you are talking about training? I would say it's not only training, but auditors never agree when Root Causes found are people... you are almost always supposed to find the root cause of a non conformity is the process...
doesn't matter what fancy database that costs tons of $$$$$
fortunatelly, except for human time, XWiki cost us $0, as it's open source and we already had the servers.
I myself love the "We will review every document every year and twice on Sunday's" statement........My 1st move is capturing their definition of "YEAR" and it can go down the toilet from there.
i hate time definitions to review documents. Better to just review them in internal audits. And make it part of the process for internal audits, which happen a once, twice or thrice a year, to find the outdated documents that don´t match reality. And the Non Conformity shouldn´t be seen as really a non conformity, just a warning to update the document. I think it works better than periodic reviews that don´t really happen the way they should.
Like our Bidding Department relies on Bidding Law 8.666, which has remained unchanged for 27 years. The bureaucratic procedure required the department head to review the document annually to confirm it was up-to-date... in case the law had changed.
It's her job. The Bidding Law would NEVER change without her knowing. She knows the law, which is 126 pages long, by heart.
So is it really necessary to have her go through the bureaucratic process every 12 months to confirm the law hasn't changed?
ps: I asked ChatGPT to answer my question in the last sentence
Regarding Document Control procedures in accordance with ISO requirements, particularly ISO 9001, the scenario described raises several considerations:
In conclusion, while the described procedure may seem bureaucratic, it aligns with the principles of ISO document control by ensuring regular reviews, maintaining records of compliance, and mitigating risks associated with over-reliance on individual knowledge. However, exploring ways to streamline the process without compromising compliance could enhance efficiency.
- Regular Reviews: ISO standards typically require regular reviews of documents to ensure they remain current and applicable. This helps maintain the integrity of the quality management system. Even if a law hasn't changed in many years, regular reviews ensure that the organization is vigilant and prepared for any changes.
- Efficiency vs. Compliance: While it may seem redundant to review a document annually when the responsible person is well aware of any changes, this practice ensures compliance with ISO requirements. It also provides a formal record that the document has been reviewed and deemed current, which is crucial for audits.
- Risk of Over-Reliance on Individual Knowledge: Relying solely on an individual’s knowledge, even if they are highly knowledgeable, can be risky. Formal reviews ensure that there is no oversight and that the information is cross-checked and verified.
- Documentation of Changes: ISO standards emphasize the importance of documenting changes. Even if no changes have occurred, the act of formally recording a review can serve as evidence of compliance during audits.
- Potential for Streamlining: While compliance is essential, there may be opportunities to streamline the process. For instance, if a particular document is unlikely to change, the review frequency could potentially be extended, or the review process could be simplified, provided that this is justified and documented in the quality management system.
gosh, go to that place ChatGPT.
And, while I came from the typewriter era, I have found with the companies that skew younger that if you can put what you need them to focus on within tools/technology that they embrace, you have a much better chance of acceptance and compliance. For example, we are currently in the process of moving our medical device file into markdown language and being able to tag and check out/check things like they are software code, and it should allow us to document ahead and use filters to make an MDF for that release. (Everything except for the risk matrix, that will still be manually maintained in Excel I'm afraid. Haven't been able to get auditors to see that other formats than the standard FMEA spreadsheet are exactly the same information and assessment.)
Question on the use of the internal audit as the document review: is that formally written in and has it passed external auditor muster? I really like the idea.