Issue 25 – Clause 7.5: Documented Information
Clause 7.5: Documented Information
What’s new in Clause 7.5?… In our last Newsletter (ISO 9001:2015 Newsletter Issue 24) we discussed the topic of “communication”, and now here in Clause 7.5 we address the area of “documentation”.
Note A: This Clause does include a requirement for “documented information”.
Note B: Although this may seem repetitive, I just would like to re-iterate that the content for these Newsletters comes from working in the field with my Clients, and with their ISO Certification Bodies. I gain a lot of hands-on experience from conducting gap audits (as well as training seminars), where the requirements of the Standard have to be interpreted and applied to each unique situation. Combining an on-site Gap Audit with ISO 9001 Essentials Training, has become our most popular request for proposal from our Newsletter readers (…more details on this, as well as other training that we offer, can be found below).
Note C: It was exactly one (1) year ago today that the new ISO 9001:2015 was released… time is certainly moving quickly… and now we are down to two (2) years before all existing ISO 9001 registered companies need to get re-certified!
Note D: For those Newsletter readers in Ontario, I just wanted to let you know about an upcoming presentation I will be giving for the ASQ Kitchener Section on September 22nd (in case you may be interested in attending).
The new numbering format…
Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement
Clause 7.5 Documented Information consists of three (3) Sub-Clauses as listed below:
7.5.2 Creating and updating
7.5.3 Control of documented information
Sub-Clause 7.5.1 General – The requirements within this first sub-clause require that the QMS includes both the “documented information” required by the ISO 9001:2015 Standard and the “documented information” required by your organization to ensure you have implemented an effective QMS. This is not really new from the old version however what is different are the many references to “documented information” found throughout the Standard.
In many on-line discussion groups and webinars it is being implied that this new ISO 9001 version has a reduction in documentation requirements. After reviewing the new Standard, I have counted 34 times the use of the words “documented information”, which is referring to both instructional QMS documents, as well as QMS records (these areas were kept separate in the 2008 version, with each having their own Clauses detailing how to control them). The 2008 version required a Quality Manual, 6 areas requiring a Quality System Procedure, and 19 Quality Records. That adds up to only 26 references to “documentation” versus the 34 I found in the 2015 version. So in summary, even though the words “Quality Manual”, “Procedure” and “Record” do not show up at all as requirements in the new ISO 9001:2015 Standard, this does not mean that they are asking for less documentation. Plus, they have included this wording in 7.5.1b: “The organization’s quality management system shall include… documented information determined by the organization as being necessary for the effectiveness of the quality management system.” Which really means they want us to decide what, and how much, we “document” within our QMS (which is no different than what they said back in 2008).
Sub-Clause 7.5.2 Creating and Updating – The requirements within this next sub-clause closely resemble what was found in 2008. The b) part asks organizations to use the appropriate format and media for their QMS documentation. Format being the type of language, type of software and the use of graphics vs words, such as flowcharts, and with media being about whether your QMS is paper-based or electronic, or a bit of both.
Sub-Clause 7.5.3 Control of Documented Information – The only real new requirements within this last sub-clause are with the words “loss of confidentiality” and “access”. Some QMS documents are confidential in nature and the Standard is asking that organizations implement the appropriate controls to ensure that this confidentiality is not lost. The word “access” implies that those individuals performing activities within the QMS need to have access to any corresponding documentation required to accomplish their tasks. That means paper or electronic versions of QMS documents can easily be accessed, when and where they need them.
I’ll finish by saying that although Clause 7.5 (Documented Information) simply combined Control of Documents and Control of Records from the old 2008 version, that doesn’t mean you have to. If your current document control and record control processes are working fine then just leave them as is, and keep them separate.
Be sure to watch for our next Newsletter issue where we will cover another section of ISO 9001:2015…
PS: Don’t forget to look at the Q&A section below for some final thoughts…
To view all of our past Newsletters or to sign up to receive them… click here
The two (2) day Internal Process Auditing for ISO 9001:2015 Session (also covers requirements in ISO 19011) is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.
This combines the ISO 9001:2015 Essentials Session with a Gap Audit – This approach is used to assist organizations in launching their transition efforts for this new ISO Standard. This event accomplishes two things: a) it provides education on the new ISO 9001:2015 Standard for your key personnel (i.e. internal auditors; etc.), by highlighting the differences from the 2008 version; and b) assesses the gap from where you are today to where you need to be to achieve compliance to this new ISO Standard. Training certificates covering education on the new ISO 9001:2015 Standard, as well as issuing of a Gap Audit Report for distribution to your Top Management, are the two deliverables from this event. On a final note, a closing meeting can be arranged with key individuals so they can hear first hand the results of the Gap Audit that was performed. PS: We’ve also done this session with just the QMS Management Rep attending, which allowed them to quickly get up to speed on this new Standard, as well as to see how much of an effort the transition will be… and of course they receive their own Training Certificate as part of this event. This also allowed them to avoid traveling offsite to get the training they needed anyways, as evidence for their Certification Bodies.
Q: How do you perform a gap audit for Clause 7.5 of ISO 9001:2015?
A: For Clause 7.5, a Gap Audit checklist should cover these areas:
– Does the organization maintain documented information as required by ISO 9001:2015?
– Does the organization maintain documented information necessary for the effective operation of its QMS?
– Has the organization ensured appropriate format and media when creating and updating QMS documents? How is this done? (Review the last document created and the last document updated)
– How does the organization ensure that QMS documents are protected from loss of confidentiality?
– How does the organization ensure that QMS documents are accessible to those individuals who need them?
(Make sure to interview more than one person and obtain examples for the items listed above)
Until next time…
Helping Business Professionals Reduce Risk and Remove Waste!