|
Contents
Clause 4.2.3 Control of Documents The major change between ISO9000:1994 and ISO9001:2000 was that the standard is now "Process orientated" as opposed to "Procedure orientated". However the requirements for document control (and change control) remain unaltered. The clause is split into various sections. For the full text of the standard please refer to BS EN ISO 9001:2008. The sub-clauses may be summarised as follows: | Clause | Summary of content | | 4.2.3 Introduction | Documents required by the Quality Management System shall be controlled.
The procedure for so doing SHALL be documented: this is prescribed. | | 4.2.3 a | Documents must be reviewed for adequacy (Approval) PRIOR to issue.
| | 4.2.3 b | Changes to documents shall follow the same process.
| | 4.2.3 c | A list of the latest revisions is provided (Up to date document register with latest revision), and details of the changes made. (Document Register to have Revision History) | | 4.2.3 d | ALL Documents are available at the point of use (Formally Issued to Subcontractors etc)
| | 4.2.3 e | ALL Documents shall be legible - thus in a common usable format such as PDF or HTML | | 4.2.3 f | Documents from external origin (i.e. Other peoples documents) must be CONTROLLED | | 4.2.3 g | Superseded documents are to be so marked and recorded. |
Return to Contents
Implied Requirements In order to implement ISO9001:2008, it is necessary to define the "product or service" provided. When your business is “managing” documents for other people to use (as is the case with a "document control" department) then “technical documents” are your product. This means other clauses become relevant. For the full text of the standard please refer to BS EN ISO 9001:2008. The following table indicates some of the more important requirements: | Clause | Summary of content | | 5.6 | Document Control performance must be monitored to ensure it meets defined objectives. | | 6.2 | People trained as document controllers must be employed on document control. | | 6.3 | The necessary software and infrastructure must be provided (e.g. servers etc). | | 7.1 | A Realization Plan is required - this implies scheduling of document requirements (SDRS), which means to outline what is required, from whom, and when | | 7.2 | Document Control procedures must do not only what is specified but also what is implied. | | 7.3 | This clause includes definition of many appropriate procedures for design offices, which are appropriate to document control where design is NOT carried out. | | 7.4.3 | Incoming Documents must be verified - acquired from identified designers etc. | | 7.5.1 a,b | Requires formal document control | | 7.5.2 | Requires validation - this implies acknowledgement of receipt of documents, and records shall be maintained | | 7.5.3 | The process continues through out the project | | 7.5.4 | The integrity and tracebility of Other Peoples documents are required, and if inadequate shall be returned with comments and records maintained. | | 8.2.2 | A proper audit trail is required of receipt, issue, acknowledgement, and if appropriate return, co-ordination, and response. | | 8.3 | Documents which are not approved for construction shall be CONTROLLED. | | 8.4 | Document control data must be in a format to allow analysis (i.e. the generation of metrics) | | 8.5 | Records must be maintained to enable non-conformaces to be identified, corrected, and instructions to prevent re-occurrence to be made. |
Return to Contents
Meeting ISO 9001's Requirements in practice In practice, meeting the requirements of EN ISO 9001:2008 is not quite as simple as at first sight. The main problem is one of control, and in particular the extent of ones own control. | Concept | Comment | | Ownership | Generally, on a project you only have control over 20% of technical documents. 80% come from other people. | | Control | Where direct control is not possible, then it is replaced by responsibility for expediting. | | Issues | Technical Documents must be PUSHED, not simply made available to whoever wants them. | | Procedures | You MUST have documented, published, and auditable procedures. |
Return to Contents
The previous standard, ISO900:1994, due the way it was drafted, is sometimes easier to read and understand. It is important to remember that NONE of the requirements have been relaxed in any way. ISO9000:1994 was the natural successor to BS5750, which itself was based upon the AQAP (NATO's Allied Quality Assurance Procedures).
The following information is SUPERSEDED
ISO 9000:1994 was replaced by ISO 9001:2000, which is now updated to ISO 9001:2008 Meeting the requirements of ISO 9000:1994 Superseded Contents
Clause 4.5 Document & Data Control The clause is split into three sections. For the full text of the standard please refer to BS EN ISO 9000. The sub-clauses may be summarised as follows: | Clause | Summary of content | | 4.5.1 | There must be procedures.
Must apply to ALL (technical) documents | | 4.5.2 | Documents must be reviewed for adequacy (Approval).
A list of the latest revisions is needed (Up to date)
Documents are available (Issued)
Superseded documents are so marked and recorded. | | 4.5.3 | Changes to documents shall follow the same process.
Changes shall be recorded. |
Return to "superseded" Contents
Implied Requirements (when documents are considered as product) When your business is “managing” documents for other people to use (as is the case with a "document control" department), then “technical documents” are your product. This means other clauses become relevant. For the full text of the standard please refer to BS EN ISO 9000. The following table indicates some of the more important requirements: | Clause | Summary of content | | 4.6.2 | Get documents only from qualified sources | | 4.6.3 | Outline what is required, from whom, and when | | 4.7 | Control the documents that you receive | | 4.8 | Identify and trace the each copy of each revision of every document during their whole life | | 4.9 | Define your own procedures, including monitoring | | 4.10.1 | Maintain procedures and records of inspection of documents | | 4.10.2 | Inspect documents on receipt
Have cognisance of the state of the documents as supplied to you
If the documents are sent out uninspected (without a status) keep track of this as well. | | 4.11 | Ensure your inspection process is satisfactory, and that you know this for a fact | | 4.12 | Every item (each copy of each revision of every document) must have a status | | 4.13 | Unusable (damaged or wrong) documents must be managed | | 4.14 | There must be "corrective" action plans to prevent reoccurences, and to correct damage | | 4.16 | Records must be kept in satisfactory detail |
Return to "superseded" Contents
Meeting ISO 9000's Requirements in practice In practice, meeting the requirements of ISO 9000 is not quite as simple as at first sight. The main problem is one of control, and in particular the extent of ones own control. | Concept | Comment | | Ownership | Generally, on a project you only have control over 20% of technical documents. 80% come from other people. | | Control | Where direct control is not possible, then it is replaced by responsibility for expediting. | | Issues | Technical Documents must be PUSHED, not simply made available to whoever wants them. | | Procedures | You MUST have documented, published, and auditable procedures. |
Return to "superseded" Contents Return to Contents |
