Documentation requirements

The ISO Navigator™ database hyperlinks the ISO 9000:2005 principles and the ISO 9001:2008 requirements; and explains them in plain English with practical guidance.

If you're looking for more up-to-date guidance on ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018, click here.

Our range of ISO 9001:2015 quality manuals and integrated manual templates cover the requirements of ISO 14001:2015 and ISO 45001:2018, and offer an easy way to implement and document your organization's quality management system or integrated management system.

ISO 9001:2008: Control of documents 4.2.3

A robust document control process invariably lies at the heart of any compliant quality management system; almost every aspect of auditing and compliance verification is determined through the scrutiny of documented evidence. With this in mind, it becomes apparent that the on-going maintenance of an efficient document management system must not be overlooked.

Your organization must control all documentation, generated by the QMS, by implementing a document control procedure that defines the controls needed to; approve, review, update, identify changes, identify revision status, etc. The document control procedure should define the scope, purpose, method and responsibilities required to implement these parameters.

In order to comply with the document control clause, it is essential that all personnel understand what type of documents should be controlled and more importantly, how this control should be exercised.

To get the most out of your document control procedure, it must communicate the steps necessary to ensure that staff and other users of the organization’s documentation understand what they must do in order to manage that information effectively and efficiently.

Departmental managers should always be responsible for promoting good document and record management practices in their area whilst supporting overall compliance to the document control procedure.

Individuals and their line managers should be responsible for the documents and records that they create, as well as being responsible for their retention and disposal in line with legislative requirements and organizational procedures and practices.

If you don’t want to control external documents, you must specifically state this in the procedure and on the documents themselves, which are ‘For Reference Only’ and are not updated.

For multi-site/corporate certifications the auditor will expect to see that system documentation and changes are centrally managed (usually performed at the headquarters location) with further control of documents at the local level, as applicable.

Looking for ISO 9001 mandatory procedure templates? Our quality manual template provides a great foundation for establishing, implementing and documenting the six mandatory procedures that are required by the standard.

You can now purchase a range of internal audit checklists as standalone templates or as bundles, with no procedures or forms; just the audit questions!