Oversight Consulting

View Original

What documents do I need for ISO 9001:2015 - Quality Management Certification

Ethan Fricke

Document control is more than just filing documents. It is an essential tool used to ensure a business’s efficiency, performance, reliability, traceability, quality and safety. Document control is required to control the distribution, accessibility, preservability, retrieval, management, and usability of documented information. Documented information should be controlled in order to be adequately protected, available and suitable for use at all times.

Regardless of how you may record information, anything deemed necessary for the organisation to operate, or necessary for the effective functioning of the management system, must be controlled. The previous 9001 Standard (2008) used to require a few documents including:

  • Quality policy

  • Quality objectives

  • Quality manual

  • Procedure - Control of documents (clause 4.2.3)

  • Procedure - Control of records (clause 4.2.4)

  • Procedure - Internal audit (clause 8.2.2)

  • Procedure - Control of nonconforming product (clause 8.3)

  • Procedure - Corrective action (clause 8.5.2)

  • Procedure - Preventive action (clause 8.5.3)

 However, under the new 9001 Standard (2015) only four elements are required to be documented, including: a quality policy, quality objectives, scope, and the information needed to support the operational system. These support documents are at the discretion of the company. The new Standard does not require all the procedures mentioned above, nor a quality manual, but any organization which decides to continue to use them can keep them.

How big is your QA System? Is it still current to your operations?

The 2015 Standard still requires several records to be maintained with the majority of those coming from Clause 8 – Operation, these include:

  • Calibration of monitoring and measuring equipment

  • Conformity of products and services requirement

  • Reviews of requirement for products and services

  • Design and development: inputs, reviews, controls, verification, outputs, validation, change control.

  • Monitoring and measurement activities

  • Results of external provider evaluations, performance, and re-evaluations

  • Unique identification of process outputs (e.g. serial / batch number) if traceability is required

  • Customer property - lost, damaged or found unsuitable for use and communication to the owner

  • Criteria and authorisation for products and services delivery

  • Audit findings and actions

  • Corrective actions raised and the outcome (any action taken on nonconformities)

  • Nonconformities

  • Management reviews

  • Training records

I want to know - how big is your Quality Management System, have you simplified it?