Monday, August 31, 2009

Establishing a ISO 9001 records procedure

The standard requires records to remain legible, readily identifiable and retrievable and that a procedure defines the controls needed for the identification, storage, protection, retrieval, retention time and disposition of records. Records have a life cycle. They are generated during
which time they acquire an identity and are then assigned for storage for a prescribed period. During use and storage they need to be protected from inadvertent or malicious destruction and as they may be required to support current activities or investigations, they need to be brought out of storage quickly. When their usefulness has lapsed, a decision is made as to whether to
retain them further or to destroy them. Readily retrievable means that records can be obtained on demand within a reasonable period (hours not days or weeks) Readily identifiable means that
the identity can be discerned at a glance.

Although the requirement implies a single procedure, several may be necessary because there are several unconnected tasks to perform. A procedure cannot in fact ensure a result. It may prescribe a course of action which if followed may lead to the correct result, but it is the process that ensures the result not the procedure.

The revised requirement omits several aspects covered in clause 4.16 of the 1994 version.
Collection of records is now addressed by Analysis of data (clause 8.4)
Indexing of records is a specific form of identification and is therefore already addressed
Access is now addressed by the requirement for record retrieval
Filing is a specific form of storage and is therefore already addressed

You may only need one procedure which covers all the requirements but this is not always practical. The provisions you make for specific records should be included in the documentation for controlling the activity being recorded. For example, provisions for inspection records should be included in the inspection procedures; provisions for design review records should be included in the design review procedure. Within such procedures you should provide the forms (or content requirement for the records), the identification, collection/ submission provisions, the indexing and filing provisions. It may be more practical to cover the storage, disposal and retention provisions in separate procedures because they may not be type-dependent. Where each department retains their own records, these provisions may vary and therefore warrant
separate procedures.

Unlike prescriptive documents, records may contain handwritten elements and therefore it is important that the handwriting is legible. If this becomes a problem, you either improve discipline or consider electronic data capture.

Records also become soiled in a workshop environment so may need to be protected to remain legible. With electronically captured data, legibility is often not a problem. However, photographs and other scanned images may not transfer as well as the original and lose detail so care has to be taken in selecting appropriate equipment for this task.

Whatever the records, they should carry some identification in order that you can determine what they are, what kind of information they record and what they relate to. A simple way of doing this is to give each record a reference number and a name or title in a prominent location on the record.

1994 –2000 Differences

Previously the standard covered retrieval in four ways. It required:

(a) that quality records be made available for evaluation by the customer or his representative for an agreed period, where agreed contractually

Records can take various forms – reports containing narrative, computer data, and forms containing data in boxes, graphs, tables, lists and many others. Where forms are used to collect data, they should carry a form number and name as their identification. When completed they should carry a serial number to give each a separate identity. Records should also be traceable to the product or service they represent and this can be achieved either within the reference number or separately, provided that the chance of mistaken identity is eliminated. The standard does not require records to be identifiable to the product involved but unless you do make such
provision you will not be able to access the pertinent records or demonstrate conformance to specified requirements.

No comments: