ISO Revisions Explained

ISO Revisions: The New Terminology for Maintain and Retain Documented Information

Over the years, I’ve explained the difference between maintain documented information and retain documented information more times than I can count. Clients, students, teams—everyone has struggled with it at some point.

I had my go-to way of making it simple:

Maintain = procedures, the how-to
Retain = keep evidence and records

That explanation has served us well. Until now.

Because the terminology is changing in the upcoming standard revisions. And it’s changed to the point where I can’t even remember the new wording myself. I’ve literally got a post-it note stuck to my monitor just to remind me of the upcoming new terms.

So, after all these years of drilling “maintain vs. retain,” you can forget it. It’s all about to change.

But terminology—whatever ISO calls it—doesn’t change the core reality: clear, consistent documentation matters. Procedures, records, “things we maintain,” “things we retain”—however you label them, good documentation is non-negotiable.

As the old saying goes in the quality world: “If you didn’t document it, it didn’t happen.”

Documentation isn’t just an ISO requirement—it’s smart business. When knowledge only lives in someone’s head, it disappears the moment they leave the room (or the company). A solid documentation culture protects against that loss, saves hours of interruptions, and makes sure critical know-how is always available.

Forbes summed this up well in their article To Scale Your Company’s Knowledge, Build a Documentation Culture, which shows how businesses that embed documentation into daily practice free up time, reduce risk, and grow faster.

AI Management Systems Specialist

AU$1,195.00

Step into the future of responsible AI with the ISO 42001 Specialist Course. This program equips you to design, implement, and manage an Artificial Intelligence Management System (AIMS) in line with ISO/IEC 42001:2023, the world’s first certifiable AI governance standard.

Learn More

ISO Documentation Naming Conventions Cheat Sheet

The new wording can feel a little clunky (and long!), so I’ve broken it down into a simple reference. Think of this as a quick memory aid—something you can come back to when you’re not sure which term is which.

ISO Documentation Naming Conventions Cheat Sheet

Old vs New

We used to talk about “maintain” and “retain.” The new wording shifts to “made available” and “available as evidence.” Different words, but the same idea: documents people use versus records you keep.

Meaning

If it’s something people need to follow—like a procedure or an instruction—then it falls into the “made available” category. If it’s something you keep as proof—like an audit report or a training record—then it’s “available as evidence.”

Examples

Procedures and flowcharts are your how-to guides—make them available. Completed forms and audit reports? That’s proof—keep them as evidence.

Easy Way to Remember

If it’s something people need to use to do the job, it goes under “maintain/made available.” If it’s something you keep as evidence the job was done, it goes under “retain/available as evidence.”

Quick test: Use it or show it?

Use it = make available
Show it = evidence

Helping People Transition

Don’t worry — you don’t need to rush out and update every manual, policy, or procedure just because the words are changing. ISO doesn’t mandate that you copy the exact wording. You can still call it “maintain” and “retain” in your system if that makes sense for your people.

What matters is how you, as a leader, help your team understand the shift. A few tips:

Explain the change simply — share the idea of “use vs show” so people aren’t caught up in the jargon.
Reassure them — remind everyone that the principles haven’t changed, only the labels.
Update training and conversations, not documents — weave the new terms into toolbox talks, inductions, or management reviews so people get used to hearing them.
Lead by example — use the new terms yourself, but don’t correct others harshly. Encourage, explain, and move on.

By doing this, you keep the system practical and your people confident — which is exactly what leadership in ISO is all about.

Introduction to ISO 27001:2022 Information Security Management Systems

AU$549.00

This short, fully online course provides a clear, beginner-friendly introduction to ISO 27001:2022 and its role in information security management. This course is designed for anyone who needs a high-level understanding of ISO 27001 without getting into technical details or formal assessments.

Learn more

Next Steps for You

Check your own system
Are your documents clear on what’s for use and what’s for evidence?
Share the update
Let your team know about the wording change and explain it in simple terms.
Pick your wording
Decide what makes sense for your organization and stick with it.
Use memory hooks
"Use it or show it" works just as well with the new terms.
Stay flexible
Don’t get hung up on the wording, focus on keeping documentation practical and useful.

For more on this topic, listen to the podcast...

• 37 min

ISO Revisions Explained: The New Terminology for Maintain and Retain Documented Information

Lead the Standard

Play

From Information to Certification

Advance Your Career with Trusted ISO Training

Turn knowledge into qualifications that open doors.

Reading about ISO standards is the first step, applying them with confidence is what sets professionals apart. ATOL’s internationally recognised training equips you with the skills, tools, and support you need to succeed as an auditor or industry leader. Learn at your own pace, online, with guidance from experts who have trained professionals worldwide.

Contact our Team to Discuss your Training Options

Jackie Stapleton

Jackie is a Founding Director of Auditor Training Online. She loves to help others and share her excitement about auditing, consulting and management systems bringing to you her own experience and stories as a certification auditor.