Monday, 25 October 2010

Understanding the Document Control Procedure

Understanding the Document Control Procedure

ISO 9001:2008 Clause 4.2.3 outlines the requirements for an effective document control procedure to manage the flow of information that might impact an organization’s ability to deliver a compliant product or service. Documents are considered by ISO 9000:2005 as ‘information and its supporting medium’. It implies that documents evolve as information is superseded and that this natural transition must be managed to ensure personnel have access to the latest versions of drawings and specifications, etc.

The Value of Controlling Documents

An organization’s ability to store, index, access and retrieve the right information efficiently and effectively is paramount if the organization is to continually improve its products or services. The ability to deliver reliable and relevant information underpins the delivery of high-quality products or services when information is accurate, up to date and accessible for use where needed.

The majority of non-conformances arising from both quality management system audits and registration audits continues to be the ineffective application of Clause 4.2.3. Discontinuity is often discovered in the documentation because auditors will focus on the continuity and flow of information through the system. Inconsistencies will hinder the prospects of a successful registration audit since the success of the audit is determined by the availability of documented information.

Getting the most out of your Document Control Procedure

In order to comply with the document control clause, it is essential that all personnel understand what type of documents should be controlled and more importantly, how this control is exercised. To get the most out of your document control procedure, it must communicate the steps necessary to ensure that staff and other users of the organization’s documentation understand what they must do in order to manage that information effectively and efficiently.

Your document control procedure should specify how the following controls will be achieved:

- How documents are approved for suitability prior to use,
- How documents are reviewed and updated,
- How to identify the correct versions of documents
- How the correct versions of documents will be accessed,
- How legibility is ensured,
- How external documents are controlled and distributed,
- How to prevent unintended use

Document Control Responsibilities

Departmental managers should always be responsible for promoting good document and record management practices in their area whilst supporting overall compliance to the document control procedure.

Individuals and their line managers should be responsible for the documents and records that they create, as well as being responsible for their retention and disposal in line with legislative requirements and organizational procedures and practices.


The Quality Management Representative should be responsible for providing advice and guidance on the application of the document control procedure. They should also instigate training in relation to document and record management and take the lead role in the co-ordination and monitoring of compliance throughout the organization.

Download a free document control procedure example here: