4.2.3 Control of documents

I guess we do!!

 

the document owner could tell u that yes it is over 5 years old but nothing has been changed thats y the document remain valid and current.
have u facing such feedback before?

 

Agreed they can tell you that an update or no change is required, but the issue as I have said was the QMS was seen as being owned by QA so they didn't do this.

What was changed was how they brought into and ownership to the QM, the result of this was they presented documents with the updates identified for changes to be made. Part of this was putting a review period into the QMS, but it also involved work in all areas of the QMS, it took time but worked well

 

Is that section and language from the 2008 version?

 

Just making sure.

 

Andy, "establish an audit programme taking into consideration the changes affecting the organization" is not quite the same as "requires AUDITS when changes are made". The first one can be met rather easily. The second one would be onerous.

 

I have not seen that requirement (yet). I see that changes to the organization, processes, products, etc are supposed to be an input to the audit program, but I have not seen a requirement that mandates audits when changes are made.

 

The Document Control Procedure should specify how often are your documents reviewed for applicability. If it is annually, and it does not change, indicate in the revision history that on that year there's no revision. The CB's want to see objective evidence that it's done according to the procedure.

 

Actually in ISO 9001:2015, we have a NEW requirement in 8.5.6, which requires a "change review" for production and/or service provision processes. While a change review might be performed through an audit, that is not the only way to assess the impact of the change. Outside of product and service realization processes, changes don't TRIGGER an audit, necessarily. While audits could be a method to ensure change effectiveness and effectivity, there are other methods available.

 

The one thing I see missing from this conversation is what seems to me to be the obvious question; If you find that your process no longer matches your documentation, which one is wrong?

How many times have we all encountered someone doing something "the same way they've always done it," only to find that they've deviated over time and are actually doing it wrong? Just because the documentation doesn't match the actual process, doesn't mean that the documentation needs to be changed or updated. It may, in fact, still be right.

As Pancho alluded to earlier, if people are actually following the documented procedures, they are likely being reviewed on a far more regular basis than any scheduled document review would accomplish.

 

Yeah, it seems that way most of the time. The process "evolves" into something new, but the documentation hasn't been updated to reflect the new reality. I have also see the opposite, though, where an operator does the same thing for years not realizing that they've been slowly devolving away from what's required.

Honestly, both scenarios are examples of not following documented procedures, and potentially not maintaining relevant versions of those documents.