If your company is like most, you’re storing your policies and procedures on a file server. Perhaps your working drafts are in one folder, approved versions are in another folder, and previous versions are archived in yet another folder. Some companies will create folders for the different clauses of ISO 9001 or arrange documents according to functional areas or departments. A lot of these companies aren’t even practicing the most basic security techniques, like limiting “read-write” privileges to a select few. Furthermore, how can you use a document control system to manage your policies and procedures?
Are You Managing Your Policies And Procedures?
A file sharing server is common for most small businesses, but it’s a cumbersome “system” (actually, it’s not even a system in the true sense) and doesn’t promote easy retrieval or fast changes, and it doesn’t inspire much confidence in your document control “system”.
ISO Document Control Objectives
ISO 9001 (clause 7.5) requires a documented information process which demonstrates that your documents:
- Are approved prior to use;
- Are reviewed and updated (and re-approved);
- Changes are identified;
- Relevant versions are available at their “point of use”;
- Are legible and identifiable;
- Distribution is being controlled even when they’re of external origin; and
- Aren’t in use when they’re obsolete.
You could say the same for your recorded information (ISO 9001 7.5) process, too. Plus, there are implied requirements for document backup, security, and scalability. How well does your manual file server conform to the documented information control objectives?
Manual File Server Document Control System
Managing policies and procedures to comply with the document control requirements of ISO 9001 is a little different. Do you approve your documents with a written signature and scan the approved document into your file server as a PDF file? Some keep a separate transaction log of approvals and reviews, while others type in an approver, reviewer, and author’s name into the document and leave it at that.
Tracking changes, revisions, and relevant versions is very cumbersome in a manual system. Most people keep an archive folder for the older files. It’s a good idea to use MS-Word’s “track changes” feature to show what has changed since the last revision.
Maintaining relevant versions at point of use and controlling distribution of externally originating documents (customer drawings, regulatory compliance, standards materials) is very tricky – and time consuming – in a manual system. Printed materials are difficult to keep updated in the field. How do you ensure that the electronic files on a file server are easily accessible or retrievable? Some use a desktop shortcut to a “Quality Documents” folder; others use a drive letter (ex., “M:”). Either way, it’s still a manual system that’s difficult to keep up-to-date.
While these approaches may — or may not — work, they’re based on the time-honored manual system. It’s easy to fall out of compliance by missing a step. Relying on paper or e-mailed notes, or on people’s memories, or on their ability to focus on that one task when there are dozens of things to do can — and often does — result in some of the commonest audit findings. Unapproved or outdated procedures, uncontrolled copies, inaccessible or lost documents — these problems haunt a lot of firms at audit time. How can you prevent these kinds of audit findings?
Document Management Software
Document management software, or DMS, provides more than just file serving. Your document management software provides the level of document and record control that ISO 9001 requires. Some key features in DMS that you should look for include:
- Offsite backup, for quicker disaster recovery;
- Security to control access to your documents using groups roles, or individual permissions;
- Full system text search and fast document retrieval;
- Complete history of all revisions, including comments, dates, and authors;
- Document workflows, clearly showing reviewers, approvers, and release dates;
- A flexible platform that can grow with your business, be customized, and lets you design and build in new features;
- Support multiple file types, allowing scanning, importing and complete record control;
- Hyperlinking, attachments, and custom views to simplify usability; and
- User analytics, feedback, and acknowledgement to demonstrate documents are used and policies are understood – and followed – by every employee.
You eliminate many of the headaches of a manual document control system by using document management software for your ISO 9001 documented information control. No more transaction logs, missing manual steps, confusion over obsolete documents, or lost or misplaced documents. Easily add employees, disk space, documents, and records without involving your IT department.
Interested in learning more about the benefits of automating your document control system? Contact Bizmanualz, and learn how to simplify.