In today’s post we’ll be looking at Document Control specifically
- What is Document control
- Document Control & ISO 9001
- Methods Document Control
- Why Document control is critical
- Key Benefits of Document Control
- Issues to watch out for with Document Control
What is Document control
Document control is defined as both organizing and controlling information by following a standard process.
You’ll notice that we used the information above. Document’s these days can be many things including
- Printed documents,
- Electronic files,
- Technical information such as drawings
Documents and information will mean different things to different organizations. The key is to be mindful of this and have a document control system within their organization that manages and controls information.
So what processes does document control include? It will usually include the following:
- Creation and development,
- Security Controls
- Storage & Access
- Analysis & Review,
- Approval (which can often include multiple tier approval),
- Release & Distribution (which often requires controlled distribution methods such as recorded transmittals, etc.).
- Change control
So by deploying a document control system you support key activities within the organization and add value by controlling documents/information through a standardized method.
Document control & ISO 9001
Document control features as a requirement within ISO 9001 (Information about ISO 9001 here)
The ISO 9001 standard requires controls that include:
- The approval of documents prior to use
- Version control so that versions used are correct at point of use
- Controls over change (i.e., version control where documents are updated). This explicitly requires stating the version on each document
- Control of documents from external sources
- Controle of obsolete documents (i.e., so that they are not incorrectly used)
For ISO 9001 you should also be able to show that
- You have a procedure that controls documents
- Demonstrate through a usable record that your procedure is being utilized.
Document Control Methods
The first thing to state is that, while many people assume it is, document control is not software.
While software can facilitate or automate document control, software is a tool; it is not document control in its own right.
Document control is a set of processes that describe how documents are managed. Such Procedures assure the organization that employees utilize appropriate documents when executing their functions.
Let’s look at three procedures that most businesses will utilize.
1/ Document creation –
This procedure describes who has responsibility for creating certain documents within the organization. This procedure will usually include the method which is to be used to identify documents.
This procedure should include aspects such as
- Naming conventions
- Document sign off (signature)
2/ Document Review
Many organizations utilize a document review process (as an example when a manufacturing organization creates a design drawing, it usually undergoes some form of peer review before it is released.
Your Document control procedure should include:
- Which documents should be reviewed
- Who should review documents
- How a review should be recorded (including where revisions are made).
3/ Document Revision
Following release, documents may get reviewed from time to time and may get updated. Document control process should include procedures that cover changes; such procedures should include:
- Who Can initiate changes
- How changes are documented within the document
- Impact of changes on version control
- How changes are authorized
- How documents can be released following change.
- What happens to historical versions of the document
As you can see from the above – these processes (along with other document control procedures) can be controlled without software. Many organizations choose to use document control software as it helps streamline and automate the process.
Why Document control is critical
There are a number of reasons why effective document control is critical within your business. Without it unessecary risk is introduced into existing processes which document control helps mitigate. Let’s take a look at a few examples to illustrate the point:
a) Company A is designing a new turbine system. It has no document control processes, and therefore anyone can create and distribute documents. In this organization, an Engineer creates a design for a sub-component; without document control, it is not peer-reviewed. The engineer passes the design to manufacturing who invest $100,000 in manufacture. Unfortunately, the design is defective, and the parts are cannot be used as planned. While this had severe cost implications consider the safety implications of a drawing used without peer review that could have critical use in a vehicle (such as an airplane). In this example effective document control processes would have prevented the release of the drawing without peer review.
b) Worker B is producing a product; she makes 1000 of them; these are all painted blue (as per the drawing) & sent to the customer. The customer rejects them all. Unfortunatley without her knowledge a revised drawing had been created with a new color scheme. As the worker was utilizing an out of date drawing, she manufactured them incorrectly. In this instance document control processes would have prevented the worker from utilizing an out of date drawing.
c) In Company B, a commercial manager is closing a big deal with a customer. He issues the contract, which is signed and returned. Unfortunately, a junior staff member has made an incorrect change to the document without the commercial managers knowledge, which now places onerous commercial obligations on them. As the commercial document did not flow through document control processes, there was no control over revisions, and the change was missed prior to it being sent to the customer. Here, document control processes would have prevented the document being changed as any changes would have to be approved prior to document release.
As you can see from these few examples, without effective document control processes, your business can be put at risk.
While they may appear onerous to some, document control processes are there for a reason, to limit risk and facilitate delegation of authority. They ensure that you are utilizing the correct document at the point of use and that it has been through a rigorous process to remove the likelihood of error.
Where an incident does occur, document control procedures provide traceability to help you get to the root cause of the issue.
Without them (or by bypassing them), your organization places itself under greater risk.
Key Benefits of Document Control
As you’ve seen, there are numerous advantages to implementing document control processes; we’ve summarised some of them below.
- Provides control over document and information management
- Document Control helps to retrieve information through a standard process for the whole organization.
- Provides traceability
- Adds levels of security
- Protects the company’s assets
- Supports audits
- A central repository for company information
Issues to watch out for with Document control
Document control procedures, especially manual ones, can frustrate. Some things are intuitive and work well, and others don’t and take work.
The key here is where a system (be it manual or electronic) is difficult to use; then, people won’t. This can affect your business’s effectiveness and, at worst, put customers and certifications at risk.
As with all control processes, there are certain things to watch out for, below we list our top 5.
1/ Process is too difficult to use – whether your process is electronic or manual – having something that is too difficult to use will turn your users off.
2/ Process has not been communicated – great! You’ve got an established process, but if you fail to communicate both what it is and how it works (that includes training staff), then you’re asking for trouble.
2/ Process isn’t responsive – however, you’ve constructed your document control processes they need to be responsive – you need to enable the flow of information around your organization, not create a logjam. If you suffer from the latter, investigate why and how your system can be tuned.
3/ Process doesn’t support collaboration – Most documents within your organization will require an element of collaboration, this needs to be built into your system from day 1.
4/ Issues around Access / Retrieval – have a manual system? Have someone take documents out of the business for a meeting then find you urgently need access to them? Having robust processes around document access (in all circumstances) is a must
5/ Delegation within the process is not effective – where documents require levels of approval, does your process cater for when people are out of the business on holiday? Or does the system grind to a halt?
To sum up, by investing in and implementing document control processes, you’re ensuring that your company is protected and that key document tasks are facilitated. This can save your team time and effort and avoid costly mistakes.
We hope you’ve enjoyed this article, perhaps you’re starting your document control journey, or maybe you’ve implemented systems and processes and have some experience you can share with our readers? We’d love to hear from you, either through the comments section below or on twitter.