The new ISO 9001:2015 has introduced updated management system standards that override the requirements presented in its predecessor, ISO 9001:2008. In particular, the original standards identified in ISO 9001:2008 under 4.2.3 Control of Documents and 4.2.4 Control of records have been overridden by the new standards in the 2015 version under 7.5.3 Control of documented information.
As part of the alignment with other management system standards a common clause on ‘Documented Information’ has been adopted. The terms “documented procedure” and “record” have both been replaced throughout the requirements text by “documented information”. Where ISO 9001:2008 would have referred to documented procedures (e.g. to define, control or support a process) this is now expressed as a requirement to maintain documented information. Where ISO 9001:2008 would have referred to records, this is now expressed as a requirement to retain documented information.
To better understand the changes presented in section 7.5.3 over the previous standards outlined in 2008, it is important to identify the difference between Documents and Records:
ISO 9001:2015 outlines the Control of Documented information in section 7.5.3 and is broken down into two separate requirements:
220.127.116.11 Documented information required by the quality management system and by this International Standard shall be controlled to ensure:
a) it is available and suitable for use, where and when it is needed;
b) it is adequately protected (e.g. from loss of confidentiality, improper use, or loss of integrity).
18.104.22.168 For the control of documented information, the organization shall address the following activities, as applicable:
a) distribution, access, retrieval and use;
b) storage and preservation, including preservation of legibility;
c) control of changes (e.g. version control);
d) retention and disposition.
With the new standard structure in place, don't get confused by this "new requirement" as it really isn't new. We used to have "documents" and "records" and now we "maintain" (i.e document) and "retain" (i.e. record) documented information.
Thinking of Outsourcing your Internal Audits?
Christopher M. Spranger, MBA, ASQ MBB
Want to receive free tips to improve your business?