The ISO 9000 Standard requires that documents be updated as
necessary and re-approved following their review.
Following a document review, action may or may not be necessary. If the
document is found satisfactory, it will remain in use until the next review. If the
document is found unsatisfactory there are two outcomes.
The document is no longer necessary and should be withdrawn from use –
this is addressed by the requirement dealing with obsolescence.
The document is necessary but requires a change – this is addressed by this
requirement.
The standard implies that updating should follow a review. The term update
also implies that documents are reviewed only to establish whether they are
current when in fact document reviews may be performed for many different
reasons. A more appropriate term to update would be revise. Previously the
standard addressed only the review and approval of changes and did not
explicitly require a revision process. However, a revision process is executed
before a document is subject to re-approval.
This requirement responds to the Continual Improvement principle.
It is inevitable that during use a need will arise for changing documents and
therefore provision needs to be made to control not only the original
generation of documents but also their revisions.
The document change process consists of a number of key stages some of
which are not addressed in ISO 9000 Standards.
a. Identification of need (addressed by document review)
b. Request for change (not addressed in the standard)
c. Permission to change (not addressed in the standard)
d. Revision of document (addressed by document updates)
e. Recording the change (addressed by identifying the change)
f. Review of the change (addressed under quality planning)
g. Approval of the change (addressed by document re-approval)
h. Issue of change instructions (not addressed in the standard)
i. Issue of revised document (addressed by document availability)
As stated previously, to control documents it is necessary to control their
development, approval, issue, change, distribution, maintenance, use, storage,
security, obsolescence or disposal and we will now address those aspects not
specifically covered by the standard.
In controlling changes it is necessary to define what constitutes a change to a
document. Should you allow any markings on documents, you should specify
those that have to be supported by change notes and those that do not.
Markings that add comment or correct typographical errors are not changes
but annotations. Alterations that modify instructions are changes and need
prior approval. The approval may be in the form of a change note that details
changes that have been approved.
Anyone can review a document but approved documents should only be
changed/revised/amended under controlled conditions. The document
review will conclude that either a change is necessary or unnecessary. If a
change is necessary, a request for change should be made to the issuing
authorities. Even when the person proposing the change is the same as would
approve the change, other parties may be affected and should therefore be
permitted to comment. The most common method is to employ Document
Change Requests. By using a formal change request it allows anyone to request
a change to the appropriate authorities.
Change requests need to specify:
a. The document title, issue and date
b. The originator of the change request (who is proposing the change, his or her
location or department)
c. The reason for change (why the change is necessary)
d. What needs to be changed (which paragraph, section, etc. is affected and
what text should be deleted)
e. The changes in text required where known (the text which is to be inserted
or deleted)
By maintaining a register of such requests you can keep track of who has
proposed what, when and what progress is being made on its approval. You
may of course use a memo or phone call to request a change but this form of
request becomes more difficult to track and prove you have control. You will
need to inform staff where to send their requests.
On receipt of the request you need to provide for its review by the change
authority. The change request may be explicit in what should be changed or
simply report a problem that a change to the document would resolve.
Someone needs to be nominated to draft the new material and present it for
review but before that, the approval authorities need to determine whether
they wish the document to be changed at all. There is merit in reviewing
requests for change before processing in order to avoid abortive effort. You
may also receive several requests for change that conflict and before processing
you will need to decide which change should proceed. While a proposed
change may be valid, the effort involved may warrant postponement of the
change until several proposals have been received – it rather depends on the
urgency
Ensuring the availability of controlled documents
The ISO 9000 standards requires that relevant versions of applica-
ble documents are available at points of use.
The relevant version of a document is the version
that should be used for a task. It may not be the latest
version because you may have reason to use a
different version of a document such as when
building or repairing different versions of the same
product. Applicable documents are those that are
needed to carry out work. Availability at points of use
means the users have access to the documents they
need at the location where the work is to be
performed. It does not mean that users should possess copies of the documents
they need, in fact this is undesirable because the copies may become outdated
and not withdrawn from use.
This requirement exists to ensure that access to documents is afforded when
required. Information essential for the performance of work needs to be
accessible to those performing it otherwise they may resort to other means
of obtaining what they need that may result in errors, inefficiencies and
hazards.
In order to make sure that documents are available you should not keep them
under lock and key (or password protected) except for those where restricted
access is necessary for security purposes. You need to establish who wants
which documents and when they need them. The work instructions should
specify the documents that are required for the task so that those documents
not specified are not essential. It should not be left to the individual to
determine which documents are essential and which are not. If there is a need
for access out of normal working hours, access has to be provided. The more
copies there are the greater the chance of documents not being maintained so
minimize the number of copies. A common practice is to issue documents to
managers only and not the users. This is particularly true of management
system documents. One finds that only the managers hold copies of the
Quality Manual. In some firms all the managers reside in the same building,
even along the same corridor and it is in such circumstances that one invariably
finds that these copies have not been maintained. It is therefore impractical to
have all the copies of the Quality Manual in one place. Distribute the
documents by location, not by named individuals. Distribute to libraries, or
document control centres so that access is provided to everyone and so that
someone has responsibility for keeping them up to date. If using an intranet,
the problems of distribution are less difficult but there will always be some
groups of people who need access to hard copy.
The document availability requirement applies to both internal and external
documents alike. Customer documents such as contracts, drawings, specifica-
tions and standards need to be available to those who need them to execute
their responsibilities. Often these documents are only held in paper form and
therefore distribution lists will be needed to control their location. If documents
in the public domain are required, they only need be available when required
for use and need not be available from the moment they are specified in a
specification or procedure. You should only have to produce such documents
when they are needed for the work being undertaken at the time of the audit.
However, you would need to demonstrate that you could obtain timely access
when needed. If you provide a lending service to users of copyrighted
documents, you would need a register indicating to whom they were loaned so
that you can retrieve them when needed by others.
A document that is not ready for use or is not used often may be archived.
But it needs to be accessible otherwise when it is called for it won’t be there. It
is therefore necessary to ensure that storage areas, or storage mediums provide
secure storage from which documents can be retrieved when needed. Storing
documents off-site under the management of another organization may give
rise to problems if they cannot be contacted when you need the documents.
Archiving documents on magnetic tape can also present problems when the
tape cannot be found or read by the new technology that has been installed!
Electronic storage presents very different problems to conventional storage and
gives rise to the retention of ‘insurance copies’ in paper should the retrieval
mechanism fail.
Ensuring documents are legible and identifiable
The standard requires documents to remain legible and
readily identifiable.
Legibility refers to the ease with which the informa-
tion in a document can be read or viewed. A
document is readily identifiable if it carries some
indication that will quickly distinguish it from
similar documents. Any document that requires a reader to browse through it
looking for clues is clearly not readily identifiable.
The means of transmission and use of documents may cause degradation
such that they fail to convey the information originally intended. Confusion
with document identity could result in a document being misplaced, destroyed
or otherwise being unobtainable. It can also result in incorrect documents
being located and used.
This requirement is so obvious it hardly needs to be specified. As a general
rule, any document that is printed or photocopied should be checked for
legibility before distribution. Legibility is not often a problem with electron-
ically controlled documents. However, there are cases where diagrams cannot
be magnified on screen so it would be prudent to verify the capability of the
technology before releasing documents. Not every user will have perfect
eyesight! Documents transmitted by fax present legibility problems due to the
quality of transmission and the medium on which the information is printed.
Heat sensitive paper is being replaced with plain paper but many organiza-
tions still use the old technology. You simply have to decide your approach.
For any communication required for reference, it would be prudent to use
photocopy or scan the fax electronically and dispose of the original.
Documents used in a workshop environment may require protection from oil
and grease. Signatures are not always legible so it is prudent to have a policy
of printing the name under the signature. Documents subject to frequent
photocopying can degrade and result in illegible areas.
Although a new requirement, it is unusual to find documents in use that carry
no identification at all. Three primary means are used for document
identification – classification, titles and identification numbers. Classification
divides documents into groups based on their purpose – policies, procedures,
records, plans, etc are classes of documents. Titles are acceptable providing
there are no two documents with the same title in the same class. If you have
hundreds of documents it may prove difficult to sustain uniqueness.
Identification can be made unique in one organization but outside it may not
be unique. However, the title as well as the number is usually sufficient.
Electronically controlled documents do not require a visible identity other than
the title in its classification. Classifying documents with codes enables their
sorting by class.
