4.5. Document and Data Control

4.5.1. General

All documents that are pertinent to the ISO 9000 standard must be under some type of formal documentation control, with procedures defining their establishment, review, upgrade, authorization, and removal upon obsolescence.

This includes external reference documents used in areas such as design and testing. The documents must be in any media you choose, but they must be easily obtainable and usable.

  • You must have a documented system in place to ensure the control of all documents, instructions, and data in your system meet ISO 9000 requirements.

4.5.2. Documentation approval and issue

All your documents and data will require approval by an authorized person. This means that you must formally authorize individuals and they must be capable of accessing the adequacy of the document. You will then have to maintain a master listing of all the documents being used and their appropriate revision status or a documentation control procedure that identifies all procedures. This listing or procedure is required to ensure that only current revision documents are being used and that all obsolete documents are removed. The current documents must be available at their point of use and if for some reason you require that the old documents be available, they must be properly identified as not intended for current use.

To comply with this clause:

  • All the documents that are used must be reviewed and approved by the authorized personnel.
  • You must have a listing of all currently active documents that are available to those using them.
  • You must ensure that only the current and authorized documents are available to those using them.
  • Instructional documents must be available where the lack thereof could adversely affect the quality of the product being produced.
  • Obsolete or incorrect documents must be removed from those areas where they could be used. If there is a need to retain such documents, then they should be appropriately identified as being for information purposes only.

4.5.3. Document changes

Any changes made to the documentation will require the same review and authorization that the establishment of the original document requires. When possible, an overview of the change to the document should be included with the new release. It is recommended that the changes to prior documents be noted to assist those working with the document.

Document changes:

  • Must be reviewed and approved by those who performed the initial review, or by a designated individual who has access to the pertinent data to ensure a sound decision.
  • New changes from the prior documents will be outlined, when at all possible.