There are six (6) implementable clauses within ISO 9001:2015 Quality Management System Standard.
Within this series of posts over the next six weeks we will discuss the requirements to all six clauses and the correct interpretation thereof.
7.5 Documented Information
This requirement is identical to the requirements from ISO 9001:2008 Clause 4.2.3 – Document Control. It should be noted that there is no need to maintain a documented procedure but your organization may still chose to operate one.
You should ensure that you organization’s QMS includes documented information required to be maintained and retained by ISO 9001:2015, and the documented information identified by your organization to demonstrate the effective operation of its QMS as defined in 7.5.3 below.
7.5.2 Creating & Updating
This requirement is comparable to the requirements from ISO 9001:2008 Clause 4.2.3 – Document Control. You should seek to confirm that when documented information is created or updated, your organization has ensured that it is appropriately identified and described (e.g. title, date, author, reference number).
It must be in an appropriate format (e.g. language, software version, graphics) and on appropriate media (e.g. paper, electronic). Confirm that documented information is reviewed and approved for suitability and adequacy.
7.5.3 Control of Documented Information
This requirement is comparable to the requirements from ISO 9001:2008 Clause 4.2.4 – Control of Records. A robust document control process invariably lies at the heart of any compliant management system; almost every aspect of auditing and compliance verification is determined through the scrutiny of documented information. With this in mind, it becomes apparent that the on-going maintenance of an efficient document management system must not be overlooked.
Your organization must control the documented information required by the QMS. A suitable process must be implemented to define the controls needed to; approve, review, update, identify changes, identify revision status and provide access. The documented information process should define the scope, purpose, method and responsibilities required to implement these parameters.
In order to comply with the documented information requirements, it is essential that all personnel understand what types of information that should be controlled and more importantly, how this control should be exercised. To get the most out of your documented information process, it must communicated to ensure that staff and other users of the documentation information understand what they must do in order to manage that information effectively and efficiently.
Departmental managers should always be responsible for promoting good documented information practices in their area whilst supporting overall compliance to the requirements. Individuals and their line managers should be responsible for the information that they create, as well as being responsible for their retention and disposal in line with legislative requirements and organizational needs.
Maintain the following as documented information:
The scope of the quality management system - 4.3
Documented information to the extent necessary to have confidence that the processes are being carried out as planned - 4.4
Evidence of fitness for purpose of monitoring and measuring resources - 184.108.40.206
Evidence of the basis used for calibration of the monitoring and measurement resources (when no international or national standards exist) - 220.127.116.11
Evidence of competence of people doing work under the control of the organization that affects the performance and effectiveness of the QMS - 7.2
Documented information required by the QMS - 7.5.1b
Results of the review and requirements for the products and services - 8.2.3
Records to demonstrate compliance with design and development requirements - 8.3.2
Records of design and development inputs - 8.3.3
Records of the activities of design and development controls - 8.3.4
Records of design and development outputs - 8.3.5
Design and development changes, including the results of the review and the authorization of the changes and necessary actions - 8.3.6
Records of the evaluation, selection, monitoring of performance and re-evaluation of external providers and any actions arising - 8.4.1
Evidence of the unique identification of outputs when traceability is a requirement - 8.5.2
Records of property of the customer or external provider that is lost, damaged or non-conforming and of its communication to the owner - 8.5.3
Results of the review of changes for production or service provision, the persons authorizing the change, and necessary actions taken - 8.5.6
Records of authorized release of products for delivery to the customer including acceptance criteria and traceability to the authorizing person(s) - 8.6
Records of non-conformities, actions taken, concessions and the identity of the authority deciding the action in respect of the nonconformity - 8.7
Results of the evaluation of the performance and the effectiveness of the QMS - 9.1.1
Evidence of the implementation of the audit programme and the audit results - 9.2.2
Evidence of the results of management reviews - 9.3.3
Evidence of the nature of the non-conformities and any subsequent actions taken - 10.2.2
Results of any corrective actions - 10.2.2
Join our mailing list to receive upcoming posts: http://www.isoqar.co.za/