In this article, I'm going to walk you through Clause 7.5.1 General which is the first subclause of 7.5 Documented Information. I'm going to break it down and give you some examples along the way so that you can take it away and apply it within your own organization.
You’ll then be able to apply this to your own organization's system and understand what the requirements will look like for you. No more guessing!
This clause starts off by stating:
The organization’s quality management system shall include:
a) documented information required by this International Standard
Well, that’s easy. Wherever ISO 9001 states within a clause that documented information is to be retained or maintained then we have to do it! This of course is a mandatory requirement throughout the Standard. I suggest as you work through every clause become familiar with those where it explicitly states that documented information is required.
Something important to note here is the meaning of retain documented information and maintain documented information.
Understanding these differences will assist you to understand what type of documented information is required in each clause where it is stated.
Now, moving on it is stated:
b) documented information determined by the organization as being necessary for the effectiveness of the quality management system.
Interesting! While it is obvious from point a) that there are mandatory documented information requirements, this clause is also saying that there could be additional documented information that is required to manage and control the output of your product or service.
The decision on whether you do maintain or retain this additional documented information is based on risk. Some questions you can ask yourself are:
You can see that this additional documented information is a control to manage any risks to your product/service or delivery to your customers.
But how much documentation is needed and is there such a thing as too much? Fortunately, this clause includes some great notes that state:
NOTE The extent of documented information for a quality management system can differ from one organization to another due to:
- the size of organization and its type of activities, processes, products and services;
- the complexity of processes and their interactions;
- the competence of persons.
This means that you may find for larger international companies with multiple offices and locations and therefore higher staff numbers that their extent of documentation is a lot more than a small family business. This is because it can be more challenging to control the output of processes across multiple locations performed by many different staff. Therefore documented information is a form of control to manage this.
And of course, if your processes are complex and need highly skilled people the level of documentation will differ also. Complex means high risk, so therefore the potential for a higher level of documentation.
The tell-tale sign that you may need to consider additional documented information is if nonconformances are being raised for your product whether internally or from customer complaints. Reviewing the root cause and the intended corrective action may result in additional or improved documented information to manage this.
Now that you have a better understanding of these requirements, it's time to take action and implement them in your own organization and ISO 9001 quality management systems.
If you prefer watching over reading, head to our ATOLTV ISO 9001 playlist on YouTube. And if you're interested in becoming an ISO 9001 specialist, check out our range of ISO 9001 quality management systems courses and qualifications today.