ISO 9001:2008 is not prescriptive - it provides a framework and good advice but generally leaves it up to the company to do what they consider best, and that includes adopting software tools or methodologies. There are, for example, only six documented procedures included as mandatory.
This isn't going to change. The draft version of ISO 9001:2015 looks like it will merge documents and records under the term "documented information" and there will be no mandatory quality manual, procedures or quality records. That won't mean there is no value in these documents, but rather there will be more flexibility in how it's managed.
The problem with flexibility is that it can leave a newcomer to ISO 9001 in a confused state. Where do I start? What do I need to do? How do I know when we're ready for audit? This is why ISO 9001 is often compared with other continuous improvement approaches such as Lean Six Sigma (LSS). Some have said that ISO 9001 provides the "what" and LSS provides the "how". In truth, that's an over-statement because tools associated with LSS tend to be problem-solving techniques rather than tools, and are not coordinated in any particular way.
There are blogs out there that can help with ISO 9001. One useful post this week came from The ISO 9001 Blog and provided seven tips to provide a documented procedure for controlling your documents.
Take time to read the blog in full, but the list of tips are:
- Approve for Adequacy (who is responsible for approving this)
- Review/Update and Re-Approve
- Changes and Revision Status identified
- Relevant Versions at point of use
- Legible and identifiable.
- Control of External Documents
- Prevent the use of Obsolete Documents
These are very good tips, but they could be more prescriptive about exactly how to do this. There's a mention that "this is often easier with electronic versions than with paper copies" but that advice stops far short in my opinion. There is a massive advantage in using an electronic DMS to implement these tips.
To rattle through a quick mapping of tips to CogniDox features, we would find that the ability to create workflows with mandatory approvers delivers #1. The review and notification process takes care of #2. Version history and the event log provides #3. A clear link to latest and approved latest versions solves #4 (as does the ability to hide any version other than the approved latest one). Tip #5 is supported by embedded metadata in the documents, so readers can see what they are using. We'd look to limited partner access and/or the extranet portal functionality for #6. Finally, tip #7 can be achieved by marking the document as obsolete.
The electronic DMS approach also allows you to add extra tips. For example, using a graphical and interactive version of a procedure (such as a flowchart) makes it far easier to use than a printed page. Using email notification links as an alternative to attachments is another example.
But the absolute stand-out argument in favour of electronic DMS is the ability it provides to integrate with other line-of business systems. The technology we use has a major influence on service innovation, and by linking (for example) the DMS with Help Desk systems we can provide better visibility where our customers are reporting difficulties and which document assets (including software, user guides, etc.) might be affected.
The acceleration in the generation of data (aka big data) puts even more pressure on quality compliance. Without systems to help, it may prove impossible to do otherwise.