Since the publication of ISO 9001:2015, there is a lot of talk going around about mandatory documented information that an organization needs to have. A documented information is a meaningful data that is required to be controlled and maintained by the organization and the medium on which it is contained. A complete list of the documented information needed to maintained and retained by the organization for the purposes of establishing a quality management system can be retrieved here.
Even though the new revision of ISO 9001 does not require a documented procedure for control of documents, there is still a need to control documented information. The purpose of document control is to protect the quality of documents affecting work activities. It is an important aspect of auditing and compliance verification.
You may use the following guide questions to ensure proper control of documents:
- Protection – Is the documented information protected from tampering, unauthorized changes, and damage? Who are authorized to view the information? There should be appropriate safeguards in place to ensure information is not misused in any way.
- Availability – Does the documented information exist where it is supposed to exist? Is the available information suitable for the need it was intended to fill?
- Distribution – How can employees retrieve the information? Is the information retrievable within a reasonable amount of time? It is necessary to access the documented information intended for employees without struggling.
- Storage – Where is the documented information located? How is it being stored? Are there periodic monitoring and backup to ensure continued legibility of information?
- Change Control – How does the organization ensure the correct version of the information? How are the revisions being tracked? How can an employee be kept from incorrectly accessing and using obsolete information?
- Retention – How long are records kept? What is the retention time? ISO 9001:2015 provides no guidance on the appropriate retention times of records. This is completely up to the organization and its needs.
- Disposition – What happens to the record after the retention time? How are the records disposed?
One way to store and control documented information is by having an online database. With a sophisticated platform like Caspio, you can easily create a document control application to keep track of records, procedures, and processes.
Caspio is the leading business productivity platform for creating powerful custom cloud applications that requires no programming skills. When you build an online document control application with Caspio, the documented information is made available in the cloud—the information is accessible anytime and anywhere. With Caspio, you can control the security of documented information. Each logged-in user can only access the records that are authorized to them. Only authorized users can add, modify, or delete information. You can also add a searchable database to aid the distribution of information. Users can easily locate and view the details of a specific document with just a click. You can also track the changes or revisions of a document by adding an audit log. Caspio takes the security and reliability of your data and applications very seriously.
To learn more about how you can create a document control application with Caspio, sign up for a free trial account or request a no-obligation project consultation with one of our application experts.