ISO 9001 Compliance

ISO 9001:2008 Compliance

What is ISO 9001:2008 document control?

ISO 9001:2008 allows an organization flexibility in the way it chooses to document its quality management system (QMS). This enables each individual organization to develop the minimum amount of documentation needed in order to demonstrate the effective planning, operation and control of its processes and the implementation and continual improvement of the effectiveness of its QMS.

Unstructured document management and use of obsolete documents can have severe negative consequences in terms of product or service quality, cost to company as well as decreases customer satisfaction. Document management and control is a cornerstone for ISO 9001:2008 compliance. It is important to design a document control process that is simple to use, easy to monitor and effective enough to prevent incorrect documentation or records.

It is stressed that ISO 9001 requires (and always has required) a "Documented quality management system", and not a "system of documents". All the documents that form part of the QMS must be controlled.

What is a document according to ISO 9001:2008 standards?

According to ISO 9001:2008 clause 4.2 Documentation requirements, documents may be in any form or type of medium, and the definition of "document" in ISO 9000:2005 clause 3.7.2 gives the following examples:

  • Paper
  • Magnetic
  • Electronic or optical computer disc
  • Photograph
  • Master sample

ISO 9001:2008 requires an organization establish, document, implement, and maintain a quality management system and continually improve its effectiveness. QMS documentation includes: a documented quality policy and quality objectives; a quality manual, documented procedures; documents needed for effective planning, operation and control of processes; and certain other records required by the international standard.


What is a document management system and how can it help with ISO 9001:2008 compliance?

A document management system stores, retrieves, manages and tracks electronic documents and electronic images of scanned paper-based information, tracks document lifecycle and audit trail and ensures timely approval of documents via automated document workflows. A document management software ultimately controls and organizes documents throughout an organization.

According to ISO 9001:2008 standards, all the documents that form part of the QMS have to be controlled in accordance with clause 4.2.3 of ISO 9001:2008, or, for the particular case of records, according to clause 4.2.4. LuitBiz DMS helps achieve all this through its record management and security features.

Let’s find out in detail how LuitBiz DMS can help you achieve ISO 9001 compliance through its document control process by asking you the following questions:

  1. Do you have controlled access to all policies, procedures, work instructions, forms, specifications, and other company documents affecting quality or customer satisfaction?
  2. Do you receive real time alerts whenever an unauthorized person tries to access your documents?
  3. Are you still working with obsolete documents and yet not aware of it?
  4. Are you able to store old records centrally for easy retrieval and reference?
  5. Are you sure that your document approval process is completely secure?
  6. Do you have a version control system in place that ensures that you are working with the most recent version of the document?
  7. Are you easily at risk of a security breach?
  8. Do you know who has performed what operation on a document and when?

If your answer to the questions (1), (2), (4), (5), (6) and (8) is a "NO" and your answer to questions (3) and (7) is a "MAYBE", you definitely need a document management system to manage your policies, procedures, work instructions, forms, specifications, and other company documents affecting quality or customer satisfaction and ensure ISO 9001:2008 Compliance. If you do not manage your documents now, you will end up in the risk of paying huge fines for non-compliance.

LuitBiz DMS can help comply with some parts of ISO 9001:2008 compliance that are pertaining to document and records management. Let’s take a look at some of the key elements of the ISO 9001:2008 regulations and how LuitBiz DMS addresses them:

Clause What it means How LuitBiz DMS helps
Clause 4.2.1 specifies all the different types of documentation needed for your QMS. Clause 4.2.1d requires you to have documents needed to ensure the effective planning, operation and control for QMS processes. LuitBiz DMS provides role-based account access and security that ensures that only those individuals with proper authorization can access certain kinds of documents. Additionally, your quality documents (documented statements of a quality policy and quality objectives, quality manual, documented procedures and records required by this International Standard, etc.) can be stored in LuitBiz DMS and easily retrieved with it's powerful search functionalities.
§4.2.3 (a) & (b)
Approval (Workflow)
ISO 9001 compliance requires that companies have an approval system that provides password-protected electronic approval of records. Companies also need to have a review process that allows updating and reviewing of companies’ records. In LuitBiz DMS document approval steps can be designed to support business requirements. Documents are routed and email notifications are sent informing people of their tasks in review, acceptance and sign-off. As files are electronically routed, all approval actions are recorded in the system. Routing is configured to automate tasks based on approval status.
§4.2.3 (c) & (d)
Version Control
Document versions must be neatly labeled with date and revision level. The built-in version control feature of LuitBiz DMS ensures that the correct versions of the documents are available.
Audit Trail
Implement distribution control of documents and keep a distribution log. LuitBiz DMS provides complete audit trail of the documents, who has performed what operation on the document and when. This helps in conforming to ISO 9001 standards.
Document Lifecycle Management
The organization shall establish a documented procedure to define the controls needed for the identification, storage, protection, retrieval, retention and disposition of records. LuitBiz DMS allows document lifecycle policies to be defined ensuring that documents are securely stored and their deletion process is recorded based on the defined policies.
Creating and Updating
When creating and updating documented information the organization must ensure appropriate identification and description (e.g., a title, date, author, or reference number); format (e.g., language, software version, graphics), and media (e.g., paper, electronic); review and approval for suitability and adequacy. Proper user ID and password administration capabilities of LuitBiz DMS ensures that all documents are uniquely identified and that their meta data is adequately collected that helps in easy retrieval of documents. Additionally, documents are stored in their original format in LuitBiz DMS.
Documented information required by Your QMS and by ISO 9001 must be controlled to ensure it is available and suitable for use, where and when it is needed; It must is adequately protected from loss of confidentiality, improper use, or loss of integrity. LuitBiz DMS helps ensure control of all policies, procedures, work instructions, forms, specifications, and other company documents affecting quality or customer satisfaction through user/group based access control, folder-based security and instant email alerts.
Nonconformity & Corrective Action
The organization shall retain documented information as evidence of the nature of the nonconformities and any subsequent actions taken and the results of any corrective action. LuitBiz DMS allows the admin user to maintain nonconformity logs and the corrected action taken ensuring conformity with ISO 9001:2008 standards.