[转帖]Document Control Made Easy
Because information in document form drives nearly every action in any organization, the ability to control this information usually means the difference between success and failure. Thus, document control remains the single most critical quality assurance discipline. As with many other systems, document control is more successful if it's simple, intuitive and user-friendly. And the first step toward this end is deciding exactly which documents need to be controlled.
Documents requiring control
"Do I need to control this document?" is one of the most frequently asked questions in organizations working toward, or maintaining, a formal management system. Given the universe of documents possibly requiring control, the question is understandable. Besides, most people would rather not control a document if they don't have to.
The ISO 9001:2000 standard provides a quick answer to the question of what must be controlled. The first sentence of section 4.2.3 on document control states, "All documents required by the quality management system shall be controlled." This means that if a document addresses or relates to any of the issues in ISO 9001:2000, it must be controlled. Here are some questions to ask when determining whether a document should be controlled:
Does the document guide the production of products (i.e., goods or services) provided by the organization?
Does the document guide the verification, inspection or testing of products provided by the organization?
Does the document define customer and/or product requirements?
Is the document used for controlling processes?
Is the document used for decision making by production personnel?
Is the document used for collecting data that could be used later for decision making within the scope of the management system (e.g., a form)?
Is the information on the document so critical that failure to keep it updated would pose a risk to the organization or its customers?
Does the document address or relate to a requirement from ISO 9001:2000?
If the answer to one or more of these questions is yes, then the document should probably be controlled. For illustration purposes, consider the following scenarios:
An interoffice memo is posted on a wall in the fabrication department. The memo gives a number of functional and packaging requirements for a product that's fabricated there. Because of where the document has been posted and the information it contains, the memo should certainly be controlled. Ignore the fact that memos are rarely controlled; in this case it provides customer requirements, guides decision making and relates directly to ISO 9001:2000 requirements.
Even if the memo duplicates information contained elsewhere in controlled specifications, the uncontrolled memo would still be a problem. Eventually, there will be a discrepancy between the information on the memo and the information contained in the controlled specifications. The organization should either control the posted memo or get rid of it.
A training department develops videotapes to train employees on the proper setup and operation of production lines. The videotapes are included in the training program for new hires and existing employees. In this case, document control is required because the tapes define process control, guide the production of products and relate to the training requirements of ISO 9001:2000.
Product defect samples are displayed in a lighted glass cabinet in the visual inspection area. The samples illustrate the limits of various defects that can be considered acceptable to customers, and they're used when inspectors aren't certain of the criteria. Currently, the display cabinet is labeled "for reference only." Despite this declaration, the samples should be controlled because they define customer requirements.
An organization develops a checklist that's used to record the results of product inspection. The blank checklist defines exactly what's to be inspected, as indicated by the spaces that inspectors must complete. These blank forms need to be controlled as documents, and then as records once they're completed.
These scenarios highlight the fact that documents needn't be limited to traditional procedures, work instructions and the like. The term "document" can encompass a wide range of things, all of which might require control--depending on the information they contain. Some examples include:
Electronic documentation
Photos
Drawings, diagrams and sketches
Audio tapes and videotapes
Product samples and defect samples
Paint swatches for color matching
Checklists
Flow diagrams
Blank forms
Document vs. record
It's obvious from the foregoing list that controlling documents requires thinking of them as more than written procedures. However, before we jump into specifics, let's clear up some confusion that plagues many organizations, namely, how a document differs from a record.
A document is a living thing. The information contained within it is subject to change; it can be revised. A record, on the other hand, is history. The information it contains can't be changed because it simply states what's already happened.
It's sometimes possible for an item to exhibit characteristics of both a document and a record. Work orders, sales orders and purchase orders, to name a few, can function as both historical records and live documents. In these cases, the item is treated as a document until its real-time informational value has been exhausted. At that point, it's treated as a record.
Documents requiring control
"Do I need to control this document?" is one of the most frequently asked questions in organizations working toward, or maintaining, a formal management system. Given the universe of documents possibly requiring control, the question is understandable. Besides, most people would rather not control a document if they don't have to.
The ISO 9001:2000 standard provides a quick answer to the question of what must be controlled. The first sentence of section 4.2.3 on document control states, "All documents required by the quality management system shall be controlled." This means that if a document addresses or relates to any of the issues in ISO 9001:2000, it must be controlled. Here are some questions to ask when determining whether a document should be controlled:
Does the document guide the production of products (i.e., goods or services) provided by the organization?
Does the document guide the verification, inspection or testing of products provided by the organization?
Does the document define customer and/or product requirements?
Is the document used for controlling processes?
Is the document used for decision making by production personnel?
Is the document used for collecting data that could be used later for decision making within the scope of the management system (e.g., a form)?
Is the information on the document so critical that failure to keep it updated would pose a risk to the organization or its customers?
Does the document address or relate to a requirement from ISO 9001:2000?
If the answer to one or more of these questions is yes, then the document should probably be controlled. For illustration purposes, consider the following scenarios:
An interoffice memo is posted on a wall in the fabrication department. The memo gives a number of functional and packaging requirements for a product that's fabricated there. Because of where the document has been posted and the information it contains, the memo should certainly be controlled. Ignore the fact that memos are rarely controlled; in this case it provides customer requirements, guides decision making and relates directly to ISO 9001:2000 requirements.
Even if the memo duplicates information contained elsewhere in controlled specifications, the uncontrolled memo would still be a problem. Eventually, there will be a discrepancy between the information on the memo and the information contained in the controlled specifications. The organization should either control the posted memo or get rid of it.
A training department develops videotapes to train employees on the proper setup and operation of production lines. The videotapes are included in the training program for new hires and existing employees. In this case, document control is required because the tapes define process control, guide the production of products and relate to the training requirements of ISO 9001:2000.
Product defect samples are displayed in a lighted glass cabinet in the visual inspection area. The samples illustrate the limits of various defects that can be considered acceptable to customers, and they're used when inspectors aren't certain of the criteria. Currently, the display cabinet is labeled "for reference only." Despite this declaration, the samples should be controlled because they define customer requirements.
An organization develops a checklist that's used to record the results of product inspection. The blank checklist defines exactly what's to be inspected, as indicated by the spaces that inspectors must complete. These blank forms need to be controlled as documents, and then as records once they're completed.
These scenarios highlight the fact that documents needn't be limited to traditional procedures, work instructions and the like. The term "document" can encompass a wide range of things, all of which might require control--depending on the information they contain. Some examples include:
Electronic documentation
Photos
Drawings, diagrams and sketches
Audio tapes and videotapes
Product samples and defect samples
Paint swatches for color matching
Checklists
Flow diagrams
Blank forms
Document vs. record
It's obvious from the foregoing list that controlling documents requires thinking of them as more than written procedures. However, before we jump into specifics, let's clear up some confusion that plagues many organizations, namely, how a document differs from a record.
A document is a living thing. The information contained within it is subject to change; it can be revised. A record, on the other hand, is history. The information it contains can't be changed because it simply states what's already happened.
It's sometimes possible for an item to exhibit characteristics of both a document and a record. Work orders, sales orders and purchase orders, to name a few, can function as both historical records and live documents. In these cases, the item is treated as a document until its real-time informational value has been exhausted. At that point, it's treated as a record.
没有找到相关结果
已邀请:
RSS Feed
2 个回复
mab (威望:0)
赞同来自:
Approving documents
All documents must be approved for adequacy before being used. There are, of course, many ways to accomplish this. Paper-based documents often include spaces for authorized persons to sign or initial. Electronic documents can be approved through a typed name if passwords prevent anyone from falsifying the approval. In much the same way, e-mail can even be used. However, such approval should be visible to the user. Otherwise, the value of approval (i.e., as a cue that the document is OK for use) is lost.
Does the organization need to define who is authorized to approve documents? At least on a basic level, the answer is yes. A statement such as, "Documents must be approved by individuals responsible for managing the tasks described in the document" would satisfy the designation of approval authority. Alternatively, an organization may decide to be much more specific about who can approve documents. But from the titles shown beneath approval spaces, documents typically indicate who is responsible for approving them, and this self-declaration is usually adequate.
Note that a fine line exists between having too few and too many approvals on a document. For documents that cut across departments, the approval list should include all managers who are affected by the document. This provides buy-in and communicates to managers what's expected. The flip side is that obtaining eight or 10 approvals can take a long time. Strive for the fewest number of approvals that will still provide buy-in for the information described in the document.
Reviewing, updating and reapproving documents
ISO 9001:2000 introduces the requirement that documents must be reviewed, updated as needed, then reapproved. This doesn't mean routine document revision. The standard requires an organization to review documents periodically to see if they're still valid. If they are, the organization reapproves them. If they're not, either a revision is made or the document is declared obsolete. This prevents documents from becoming inaccurate or obsolete over time. If documents are used properly, this should never happen, but we all know that they're frequently ignored in the press of day-to-day work commitments.
What exactly triggers a document review? An organization can handle this in three ways:
Recall documents on a strictly periodic basis--every year, for instance--and review them, update as necessary and reapprove them. This would certainly satisfy the standard. But it's sometimes difficult to review documents based strictly on the passage of time. This requires a fair amount of discipline because there's always something more important to do than reviewing documents. This system's success depends on the organizational skills of the person in charge of it.
Review, update as necessary and then reapprove documents based on business triggers or real-world events that have the power to affect a document. Some examples include the introduction of new products, equipment and processes; change in business focus; technological breakthroughs; and improved methods or practices. Because this approach is driven by actual events that make document review immediately relevant, it introduces a sense of urgency that's not present in the periodic approach.
If an organization decides to use this method, it needs to define the business triggers and responsibilities clearly in the document control procedure. The document administrator will typically monitor operations for these business triggers and ensure that the relevant documents are reviewed, updated as necessary and reapproved. If a business trigger hasn't occurred within a reasonable period of time--say, three years--then documents should be recalled for review anyway.
Use the internal audit process to review documents. Keep in mind, however, that internal audits are sampling processes. By function, they're only going to examine a representative sample of documents in existence. The standard implies that all documents must be reviewed. If an organization intends to use its internal auditing process to satisfy this requirement, then extra care must be taken when planning and scheduling audits to ensure that all documents are sampled during an extended period.
Identifying changes and revision status
Documents must have revision changes identified. This is typically interpreted as the changes in the most current revision. Thus, if a document is on revision five, it will identify the changes that moved it from revision four to revision five. This identification assists document approvers to see what changed in the document, and it assists users in knowing what's changed so they can comply with the document's requirements.
Changes can be identified in a variety of ways, including the following:
Change logs at the end of documents
List of changes on the cover sheet
Underlined, bold, italicized or highlighted changes throughout the document
Revision status simply indicates a document's most current revision. This is normally indicated by a revision number, letter or date placed directly on the document. The revision status enables users to know whether they have the most current document. For paper-based documents, the revision status normally ties back to a master list or index that tracks the current revisions of all documents. For electronic documents, knowing the current revision is less important because the most current version is provided automatically to all users. Either way, the revision status must still be identified.
Making documents available at points of use
A document is useless if it's not accessible. ISO 9001:2000 requires that "relevant versions of applicable documents are available at points of use." This means that current versions of documents must be accessible by the people who need them. It does not mean that everyone must have his or her own copy or computer terminal. If people know where the documents are located, have access to that location and can make use of the information in the documents, then this requirement has been satisfied.
Some organizations develop elaborate schemes for distributing documents to different departments or functions. These often involve "acknowledgment of receipt" sheets that must be signed and returned with obsolete copies of documents.
ISO 9001:2000 doesn't specifically require such systems, though they may provide some value. Organizations must examine their own operations and decide what will provide the right balance of control and simplicity. Remember that the more bureaucracy involved, the slower the system will work and the more likely that users will attempt to circumvent it.
Making documents legible and identifiable
Legibility means that documents can be read and understood. They should be written in a clear, decipherable manner, in the language spoken by document users. For instance, if a significant number of employees in a particular department speak and read in Spanish, then the documents would need to be legible to them. To do this, the organization could write the documents in Spanish or use graphic documents (e.g., photos or drawings) that can be understood regardless of the prevailing language.
"Identifiable" simply means that documents have a title, document number or other unique identifier that sets them apart from others. Organizations often develop document numbering schemes that relate to the ISO 9001 numbering system. This is well-intentioned but guaranteed to be obsolete in the future. Remember, ISO reviews and revises the 9000 series every five years, and this normally triggers a change in the way the standard is numbered. A better numbering plan would dovetail with an organization's processes or departments. Such a numbering system will be relevant to employees, and it won't become obsolete upon the next revision of ISO 9001.