Friday, August 19, 2011

Revision Of Documents In ISO 9000 Standards

The ISO 9000 Standard requires that documents be updated as
necessary and re-approved following their review.
Following a document review, action may or may not be necessary. If the
document is found satisfactory, it will remain in use until the next review. If the
document is found unsatisfactory there are two outcomes.
The document is no longer necessary and should be withdrawn from use –
this is addressed by the requirement dealing with obsolescence.
The document is necessary but requires a change – this is addressed by this
requirement.
The standard implies that updating should follow a review. The term update
also implies that documents are reviewed only to establish whether they are
current when in fact document reviews may be performed for many different
reasons. A more appropriate term to update would be revise. Previously the
standard addressed only the review and approval of changes and did not
explicitly require a revision process. However, a revision process is executed
before a document is subject to re-approval.
This requirement responds to the Continual Improvement principle.
It is inevitable that during use a need will arise for changing documents and
therefore provision needs to be made to control not only the original
generation of documents but also their revisions.
The document change process consists of a number of key stages some of
which are not addressed in ISO 9000 Standards.
a. Identification of need (addressed by document review)
b. Request for change (not addressed in the standard)
c. Permission to change (not addressed in the standard)
d. Revision of document (addressed by document updates)
e. Recording the change (addressed by identifying the change)
f. Review of the change (addressed under quality planning)
g. Approval of the change (addressed by document re-approval)
h. Issue of change instructions (not addressed in the standard)
i. Issue of revised document (addressed by document availability)
As stated previously, to control documents it is necessary to control their
development, approval, issue, change, distribution, maintenance, use, storage,
security, obsolescence or disposal and we will now address those aspects not
specifically covered by the standard.
In controlling changes it is necessary to define what constitutes a change to a
document. Should you allow any markings on documents, you should specify
those that have to be supported by change notes and those that do not.
Markings that add comment or correct typographical errors are not changes
but annotations. Alterations that modify instructions are changes and need
prior approval. The approval may be in the form of a change note that details
changes that have been approved.
Anyone can review a document but approved documents should only be
changed/revised/amended under controlled conditions. The document
review will conclude that either a change is necessary or unnecessary. If a
change is necessary, a request for change should be made to the issuing
authorities. Even when the person proposing the change is the same as would
approve the change, other parties may be affected and should therefore be
permitted to comment. The most common method is to employ Document
Change Requests. By using a formal change request it allows anyone to request
a change to the appropriate authorities.
Change requests need to specify:
a. The document title, issue and date
b. The originator of the change request (who is proposing the change, his or her
location or department)
c. The reason for change (why the change is necessary)
d. What needs to be changed (which paragraph, section, etc. is affected and
what text should be deleted)
e. The changes in text required where known (the text which is to be inserted
or deleted)
By maintaining a register of such requests you can keep track of who has
proposed what, when and what progress is being made on its approval. You
may of course use a memo or phone call to request a change but this form of
request becomes more difficult to track and prove you have control. You will
need to inform staff where to send their requests.
On receipt of the request you need to provide for its review by the change
authority. The change request may be explicit in what should be changed or
simply report a problem that a change to the document would resolve.
Someone needs to be nominated to draft the new material and present it for
review but before that, the approval authorities need to determine whether
they wish the document to be changed at all. There is merit in reviewing
requests for change before processing in order to avoid abortive effort. You
may also receive several requests for change that conflict and before processing
you will need to decide which change should proceed. While a proposed
change may be valid, the effort involved may warrant postponement of the
change until several proposals have been received – it rather depends on the
urgency
Ensuring the availability of controlled documents
The ISO 9000 standards requires that relevant versions of applica-
ble documents are available at points of use.
The relevant version of a document is the version
that should be used for a task. It may not be the latest
version because you may have reason to use a
different version of a document such as when
building or repairing different versions of the same
product. Applicable documents are those that are
needed to carry out work. Availability at points of use
means the users have access to the documents they
need at the location where the work is to be
performed. It does not mean that users should possess copies of the documents
they need, in fact this is undesirable because the copies may become outdated
and not withdrawn from use.
This requirement exists to ensure that access to documents is afforded when
required. Information essential for the performance of work needs to be
accessible to those performing it otherwise they may resort to other means
of obtaining what they need that may result in errors, inefficiencies and
hazards.
In order to make sure that documents are available you should not keep them
under lock and key (or password protected) except for those where restricted
access is necessary for security purposes. You need to establish who wants
which documents and when they need them. The work instructions should
specify the documents that are required for the task so that those documents
not specified are not essential. It should not be left to the individual to
determine which documents are essential and which are not. If there is a need
for access out of normal working hours, access has to be provided. The more
copies there are the greater the chance of documents not being maintained so
minimize the number of copies. A common practice is to issue documents to
managers only and not the users. This is particularly true of management
system documents. One finds that only the managers hold copies of the
Quality Manual. In some firms all the managers reside in the same building,
even along the same corridor and it is in such circumstances that one invariably
finds that these copies have not been maintained. It is therefore impractical to
have all the copies of the Quality Manual in one place. Distribute the
documents by location, not by named individuals. Distribute to libraries, or
document control centres so that access is provided to everyone and so that
someone has responsibility for keeping them up to date. If using an intranet,
the problems of distribution are less difficult but there will always be some
groups of people who need access to hard copy.
The document availability requirement applies to both internal and external
documents alike. Customer documents such as contracts, drawings, specifica-
tions and standards need to be available to those who need them to execute
their responsibilities. Often these documents are only held in paper form and
therefore distribution lists will be needed to control their location. If documents
in the public domain are required, they only need be available when required
for use and need not be available from the moment they are specified in a
specification or procedure. You should only have to produce such documents
when they are needed for the work being undertaken at the time of the audit.
However, you would need to demonstrate that you could obtain timely access
when needed. If you provide a lending service to users of copyrighted
documents, you would need a register indicating to whom they were loaned so
that you can retrieve them when needed by others.
A document that is not ready for use or is not used often may be archived.
But it needs to be accessible otherwise when it is called for it won’t be there. It
is therefore necessary to ensure that storage areas, or storage mediums provide
secure storage from which documents can be retrieved when needed. Storing
documents off-site under the management of another organization may give
rise to problems if they cannot be contacted when you need the documents.
Archiving documents on magnetic tape can also present problems when the
tape cannot be found or read by the new technology that has been installed!
Electronic storage presents very different problems to conventional storage and
gives rise to the retention of ‘insurance copies’ in paper should the retrieval
mechanism fail.
Ensuring documents are legible and identifiable
The standard requires documents to remain legible and
readily identifiable.
Legibility refers to the ease with which the informa-
tion in a document can be read or viewed. A
document is readily identifiable if it carries some
indication that will quickly distinguish it from
similar documents. Any document that requires a reader to browse through it
looking for clues is clearly not readily identifiable.
The means of transmission and use of documents may cause degradation
such that they fail to convey the information originally intended. Confusion
with document identity could result in a document being misplaced, destroyed
or otherwise being unobtainable. It can also result in incorrect documents
being located and used.
This requirement is so obvious it hardly needs to be specified. As a general
rule, any document that is printed or photocopied should be checked for
legibility before distribution. Legibility is not often a problem with electron-
ically controlled documents. However, there are cases where diagrams cannot
be magnified on screen so it would be prudent to verify the capability of the
technology before releasing documents. Not every user will have perfect
eyesight! Documents transmitted by fax present legibility problems due to the
quality of transmission and the medium on which the information is printed.
Heat sensitive paper is being replaced with plain paper but many organiza-
tions still use the old technology. You simply have to decide your approach.
For any communication required for reference, it would be prudent to use
photocopy or scan the fax electronically and dispose of the original.
Documents used in a workshop environment may require protection from oil
and grease. Signatures are not always legible so it is prudent to have a policy
of printing the name under the signature. Documents subject to frequent
photocopying can degrade and result in illegible areas.
Although a new requirement, it is unusual to find documents in use that carry
no identification at all. Three primary means are used for document
identification – classification, titles and identification numbers. Classification
divides documents into groups based on their purpose – policies, procedures,
records, plans, etc are classes of documents. Titles are acceptable providing
there are no two documents with the same title in the same class. If you have
hundreds of documents it may prove difficult to sustain uniqueness.
Identification can be made unique in one organization but outside it may not
be unique. However, the title as well as the number is usually sufficient.
Electronically controlled documents do not require a visible identity other than
the title in its classification. Classifying documents with codes enables their
sorting by class.

ISO 14001 Standards Certification


ISO 14001 Standards Certification
ISO 14001 sets out a system that can be audited and certified. In many cases, it is the issue of certification that is critical or controversial and is at the heart of the discussion about the trade implications.
Certification means that a qualified body (an “accredited certifier”) has inspected the EMS system that has been put in place and has made a formal declaration that the system is consistent with the requirements of ISO 14001.
The standard allows for “self-certification,” a declaration by an enterprise that it conforms to ISO 14001. There is considerable skepticism as to whether this approach would be widely accepted, especially when certification has legal or commercial consequences. At the same time, obtaining certification can entail significant costs, and there are issues relating to the international acceptance
of national certification that may make it particularly difficult for companies in some countries to achieve credible certification at a reasonable cost. For firms concerned about having certification that carries real credibility, the costs of bringing in international auditors are typically quite high, partly because the number of internationally recognized firms of certifiers is limited at present.2
The issue of accreditation of certifiers is becoming increasingly important as the demand increases.
Countries that have adopted ISO 14001 as a national standard can accredit qualified companies as certifiers, and this will satisfy national legal or contractual requirements. However, the fundamental purpose of ISO is to achieve consistency internationally. If certificates from certain countries or agencies are not fully accepted or are regarded as “second class,” the goal will not have been achieved. It is probable that the international marketplace will eventually put a
real commercial value on high-quality certificates, but this level of sophistication and discrimination has not yet been achieved. It is essential to the ultimate success of the whole system that there be a mechanism to ensure that certification in any one country has credibility and acceptability elsewhere.
The ISO has outlined procedures for accreditation and certification (Guides 61 and 62), and a formal body, QSAR, has been established to operationalize the process. At the same time, a number of established national accreditation bodies
heavily involved in ISO have set up the informal International Accreditation Forum (IAF) to examine mechanisms for achieving international reciprocity through multilateral agreements (MLAs). However, these systems are in the early
stages, and many enterprises continue to use the established international certifiers, even at additional cost, because of lack of confidence in the acceptability of local certifiers.
Given the variability in the design of individual EMS and the substantial costs of the ISO 14000 certification process, there is a growing tendency for large companies that are implementing EMS approaches to pause before taking this
last step. After implementing an EMS and confirming that the enterprise is broadly in conformance with ISO 14001, it is becoming routine to carry out a “gap analysis” to determine exactly what further actions would be required to achieve
certification and to examine the benefits and costs of bringing in third-party certifiers.

ISO 14001 Standards Certification

ISO 14001 Standards sets out a system that can be audited and certified. In many cases, it is the issue of certification that is critical or controversial and is at the heart of the discussion about the trade implications.

Certification means that a qualified body (an “accredited certifier”) has inspected the EMS system that has been put in place and has made a formal declaration that the system is consistent with the requirements of ISO 14001 Standards.

The standard allows for “self-certification,” a declaration by an enterprise that it conforms to ISO 14001 Standards. There is considerable skepticism as to whether this approach would be widely accepted, especially when certification has legal or commercial consequences. At the same time, obtaining certification can entail significant costs, and there are issues relating to the international acceptance

of national certification that may make it particularly difficult for companies in some countries to achieve credible certification at a reasonable cost. For firms concerned about having certification that carries real credibility, the costs of bringing in international auditors are typically quite high, partly because the number of internationally recognized firms of certifiers is limited at present.2

The issue of accreditation of certifiers is becoming increasingly important as the demand increases.

Countries that have adopted ISO 14001 Standards as a national standard can accredit qualified companies as certifiers, and this will satisfy national legal or contractual requirements. However, the fundamental purpose of ISO is to achieve consistency internationally. If certificates from certain countries or agencies are not fully accepted or are regarded as “second class,” the goal will not have been achieved. It is probable that the international marketplace will eventually put a

real commercial value on high-quality certificates, but this level of sophistication and discrimination has not yet been achieved. It is essential to the ultimate success of the whole system that there be a mechanism to ensure that certification in any one country has credibility and acceptability elsewhere.

The ISO has outlined procedures for accreditation and certification (Guides 61 and 62), and a formal body, QSAR, has been established to operationalize the process. At the same time, a number of established national accreditation bodies

heavily involved in ISO have set up the informal International Accreditation Forum (IAF) to examine mechanisms for achieving international reciprocity through multilateral agreements (MLAs). However, these systems are in the early

stages, and many enterprises continue to use the established international certifiers, even at additional cost, because of lack of confidence in the acceptability of local certifiers.

Given the variability in the design of individual EMS and the substantial costs of the ISO 14000 certification process, there is a growing tendency for large companies that are implementing EMS approaches to pause before taking this

last step. After implementing an EMS and confirming that the enterprise is broadly in conformance withISO 14001 Standards, it is becoming routine to carry out a “gap analysis” to determine exactly what further actions would be required to achieve

certification and to examine the benefits and costs of bringing in third-party certifiers.

BACKGROUND TO THE ISO 9001:2008 REVISION PROCESS

BACKGROUND TO THE ISO 9001:2008 REVISION PROCESS
In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.
Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development ofISO 9001:2008 user needs were identified from the following:
-the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004
-feedback from the ISO/TC 176/Working Group on “Interpretations”
-the results of an extensive worldwide “User Feedback Survey on ISO 9001 and
The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.
The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO 14001:2004.
A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:
1) No changes with high impact would be incorporated into the standard;
2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;
3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.
The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:
-No changes or minimum changes on user documents, including records
-No changes or minimum changes to existing processes of the organization
-No additional training required or minimal training required
-No effects on current certifications
The benefits identified for the ISO 9001:2008 edition fall into the following categories:
-Provides clarity
-Increases compatibility with ISO 14001.
-Maintains consistency with ISO 9000 family of standards.
-Improves translatability.