Issue 53 – Clause 7.5: Documented Information
Clause 7.5: Documented information
What’s the intent of Clause 7.5?… In our last Newsletter (ISO 9001:2015 Newsletter Issue 52) we discussed the topic of “communication”, and now here in Clause 7.5 we address the area of “documented information”. The intent of this Clause is to supplement Clause 4.4 (Quality management system and its processes) which asked organizations to establish a QMS. Clause 7.5 now asks that you “document” that QMS, with documentation now including both instructional information as well as records. These two areas used to be separated into “control of documents” and “control of records”, in the 2008 version of this Standard. Let me start by saying that even though this new revision has combined these two areas, there is no need for organizations to do the same. If keeping them separate works for you then retain your current procedures as is. As always, I would recommend that you review them and improve them since they may need to be updated.
Note A: This Clause DOES include requirements for “documented information”.
Note B: As some of you already know, the content for these Newsletters comes from working in the field with my Clients, and with their ISO Certification Bodies. I gain a lot of hands-on experience from conducting training workshops, gap audits and internal audits, where the requirements of the Standard have to be interpreted and applied to each unique situation. A popular training request is our on-site Internal Process Auditor Training for ISO 9001:2015 since you will need to do a complete round of internal audits to the new Standard prior to your external upgrade audit. On that note, some organizations are opting to use an outside resource to assist with their internal audits in order to meet deadlines (…more details on this service, as well as the training sessions we offer, can be found below).
The new numbering format…
Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement
Clause 7.5 Documented information consists of three (3) Sub-Clauses as listed below:
7.5.2 Creating and updating
7.5.3 Control of documented information
Sub-Clause 7.5.1 General – The requirements within this first sub-clause require that the QMS includes both the “documented information” required by the ISO 9001:2015 Standard and the “documented information” required by your organization to ensure you have implemented an effective QMS. This is not really new from the old version however what is different are the many references to “documented information” found throughout the Standard.
In many on-line discussion groups and webinars it is being implied that this new ISO 9001 version has a reduction in documentation requirements. After reviewing the new Standard, I have counted 34 times the use of the words “documented information”, which is referring to both instructional QMS documents, as well as QMS records (these areas were kept separate in the 2008 version, with each having their own Clauses detailing how to control them). The 2008 version required a Quality Manual, 6 areas requiring a Quality System Procedure, and 19 Quality Records. That adds up to only 26 references to “documentation” versus the 34 I found in the 2015 version. So in summary, even though the words “Quality Manual”, “Procedure” and “Record” do not show up at all as requirements in the new ISO 9001:2015 Standard, this does not mean that they are asking for less documentation. Plus, they have included this wording in 7.5.1b: “The organization’s quality management system shall include… documented information determined by the organization as being necessary for the effectiveness of the quality management system.” Which really means they want us to decide what, and how much, we “document” within our QMS (which is no different than what they said back in 2008).
Sub-Clause 7.5.2 Creating and Updating – The requirements within this next sub-clause closely resemble what was found in 2008. The b) part asks organizations to use the appropriate format and media for their QMS documentation. Format being the type of language, type of software and the use of graphics vs words, such as flowcharts, and with media being about whether your QMS is paper-based or electronic, or a bit of both.
Sub-Clause 7.5.3 Control of Documented Information – The only real new requirements within this last sub-clause are with the words “loss of confidentiality” and “access”. Some QMS documents are confidential in nature and the Standard is asking that organizations implement the appropriate controls to ensure that this confidentiality is not lost. The word “access” implies that those individuals performing activities within the QMS need to have access to any corresponding documentation required to accomplish their tasks. That means paper or electronic versions of QMS documents can easily be accessed, when and where they need them.
Be sure to watch for our next Newsletter issue where we will cover another section of ISO 9001:2015…
PS: Don’t forget to look at the Q&A section below for some final thoughts…
To view all of our past Newsletters or to sign up to receive them… click here
For cost effectiveness, the Internal Audit function can be outsourced to an external experienced auditor on a periodic basis. This will provide an independent and objective assessment to management, of where process issues may exist, along with identifying opportunities for improvement. It will also provide the evidence needed to satisfy the Internal Audit requirements in the ISO Standards. We have used two different approaches with this service: a) We conduct the entire audit ourselves, or b) We act as the lead auditor, and along with your Team of internal auditors, we complete the entire audit together. This latter approach allows your people to receive guidance and direction from an experienced lead auditor while at the same time maintaining significant involvement in the internal audit process.
This Documentation Development Training Workshop for ISO 9001:2015 Session is intended to be a very interactive, hands-on session (hence the name Workshop) where your QMS documentation will be created/revised, with guidance from an experienced facilitator. This type of session can help launch your transition efforts by getting a lot accomplished within a compressed time-frame. If your organization has already begun the re-write then this session can be used to validate what you’ve accomplished so far, or if you haven’t yet begun, it can be the catalyst to get things started (…which is usually the hardest part). Deciding how to move from your current QMS structure into a new one can be a daunting task and this session can help you navigate through it. A copy of a sample Quality Manual (re-iterating the “shall” requirements found within the ISO 9001:2015 Standard) will be provided to each participant. As always, our focus will be on how to develop a simplified and streamlined quality management system, that helps to drive improvement in your business.
The two (2) day Internal Process Auditing for ISO 9001:2015 Training Session is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.
This combines the ISO 9001:2015 Essentials Session with a Gap Audit – This approach is used to assist organizations in launching their transition efforts for this new ISO Standard. This event accomplishes two things: a) it provides education on the new ISO 9001:2015 Standard for your key personnel (i.e. internal auditors; etc.), by highlighting the differences from the 2008 version; and b) assesses the gap from where you are today to where you need to be to achieve compliance to this new ISO Standard. Training certificates covering education on the new ISO 9001:2015 Standard, as well as issuing of a Gap Audit Report for distribution to your Top Management, are the two deliverables from this event. On a final note, a closing meeting can be arranged with key individuals so they can hear first hand the results of the Gap Audit that was performed. PS: We’ve also done this session with just the QMS Management Rep attending, which allowed them to quickly get up to speed on this new Standard, as well as to see how much of an effort the transition will be… and of course they receive their own Training Certificate as part of this event. This also allowed them to avoid traveling offsite to get the training they needed anyways, as evidence for their Certification Bodies.
Q: How do you perform an audit for Clause 7.5 of ISO 9001:2015?
A: For Clause 7.5, an Audit Checklist should cover these areas:
– Does the organization maintain documented information as required by ISO 9001:2015?
– Does the organization maintain documented information necessary for the effective operation of its QMS?
– Has the organization ensured appropriate identification and description when creating and updating QMS documents? How is this done? (Review the last document created and the last document updated)
– Has the organization ensured appropriate format and media when creating and updating QMS documents? How is this done? (Review the last document created and the last document updated)
– Has the organization ensured appropriate review and approval when creating and updating QMS documents? How is this done? (Review the last document created and the last document updated)
– How does the organization ensure that QMS documents are available and suitable for use, where and when they are needed?
– How does the organization ensure that QMS documents are protected from loss of confidentiality?
– How does the organization ensure that QMS documents are accessible to those individuals who need them?
– How has the organization addressed distribution, access, retrieval and use of QMS documents?
– How has the organization addressed storage and preservation, including preservation of legibility, of QMS documents?
– How has the organization addressed control of changes of QMS documents?
– How has the organization addressed retention and disposition of QMS documents?
– How has the organization identified and controlled documented information of external origin determined by the organization to be necessary for the planning and operation of the quality management system?
– How has documented information, retained as evidence of conformity, been protected from unintended alterations?
(Make sure to interview more than one person and obtain examples for the items listed above)
Until next time…
Helping Business Professionals Reduce Risk and Remove Waste!