internal-page-background-header

Graphical QMS, documented information, and the audit process

Graphical QMS

A gQMS will help with internal and external auditing requirements - leading to ISO certification in less time and at a lower cost!

When the auditor says: 'Show me where it says that' in reference to your business processes, wouldn't it be great if you were just a few clicks from the relevant pages and able to summon up the documented information on the spot? The graphical QMS (gQMS) approach makes this possible because it is so much easier to navigate through your processes.

You will then be challenged to 'Prove that this is what happened'. How? Simple: you select the process that is being audited from the flowcharts and menu items and drill down to the evidence in the form of documents and records in your "controlled and maintained" documented information.

Documented information in a ISO 9001:2015 quality system can be in any format and media and from any source. The term as defined (3.11) in the DIS can refer to:

  1. The quality management system (3.33), including related processes (3.12);
  2. Information (3.50) created in order for the organization (3.01) to operate (documentation);
  3. Evidence of results achieved (records).

An interactive gQMS will take you straight to the data that the auditor requires to establish compliance with the ISO 9001:2015 requirements, and show that your processes are effective in achieving quality objectives. The latter involves making detailed judgements, which will be aided by appropriate evidence being made available when and where it is needed.

These days, ISO 9001 auditors are expected to focus issues of "risk, status, and importance". They also need to ask if the particular process that you are showing them is a good one, or if there is a way to improve upon it. Therefore, it is important that the documented information keeps pace with this continual process of review and assessment. With on-screen access to the QMS data, both internal and external auditors will be able to verify that your system is working properly; to find out where it can improve; and to correct or prevent any problems that are identified during the audit. The CogniDox gQMS helps you to highlight the issues affecting quality and takes the auditor, via relevant hyperlinks, to the evidence that shows you are addressing the problems. They can then be confident from your documented information that you have considered the risks and opportunities when defining the rigour and degree of formality needed to plan and control the quality management system, as well as its component processes and activities.

One of the myths about the new version of the standard is that fewer documents will be required. It is important to grasp from the outset that ISO 9001:2015 requires that organizations retain documented information "...to the extent necessary to have confidence that the processes have been carried out as planned and to demonstrate conformity of products and services to requirements. [8.1 Operational Planning and Control, e)].

Even outsourced processes must be controlled in accordance with 8.4 and the results of the evaluations, monitoring of the performance and re-evaluations of the external providers retained as documented information.

How to Build a QMS Your Team Will Actually want to Use

Documented information describing the results of any review of customer requirements, including any new or changed requirements for the products and services, must also be retained; and where there are changes, the organization has to ensure that relevant documented information is amended and that relevant personnel are made aware of the changed requirements. Documented information from the design and development process must also be retained, again including any changes that are made. When you search for the use of the words "documented information" in the DIS, you find 34 instances in Clauses 4 through 10. The number of occurrences in Clause 8 alone makes for interesting reading and will dispel any notions that ISO 9001:2015 will significantly reduce the total amount of data required to operate a quality system:

8.5.1 Control of production and service provision states that controlled conditions shall include the availability of documented information that defines (a) the characteristics of the products and services; and (b), the availability of documented information that defines the activities to be performed and the results to be achieved. In fact, the requirements set out under Clause 8, including 8.5.2 Identification and traceability, 8.5.6 Control of changes, 8.6 Release of products and services, and 8.7 Control of nonconforming process outputs, products and services will be reassuringly familiar territory for quality professionals, as will the need for what were called "documents and records" in ISO 9001:2008. And as before, the problem of managing all this information in a controlled way and keeping it up to date will still represent a major undertaking. Hence, it could be time to review your options to implement modern document management system technology?

One thing is for sure: an intranet-friendly, web-based based solution with graphical representations of processes and data is more likely to be used than a massive library of documents that no one trusts to be up to date!

Next time: How a gQMS can also help you to sail through your 9001 audit by providing instant access to procedures and evidence from records.

This post was written by Michael Shuff

Tags: ISO 9001:2015, quality management system, Document management and control, New Product Development

Paul Walsh

Written by Paul Walsh

Paul Walsh was one of the founders of Cognidox. After a period as an academic working in user experience (UX) research, Paul started a 25-year career in software development. He's worked for multinational telecom companies (Nortel), two $1B Cambridge companies (Ionica, Virata), and co-founded a couple of startup companies. His experience includes network management software, embedded software on silicon, enterprise software, and cloud computing.

Related Posts

Document Control requirements in ISO 9001:2015; what you need to know

Document control is a key part of any Quality Management System (QMS) and, therefore, a requirement ...

ISO 9001 vs ISO 13485. What’s the difference?

ISO 9001 is the internationally recognised standard for quality management used in many sectors ...

What is a document control system and why is it important?

Having a document control system in place is a requirement of quality standards and regulations ...

A short guide to non-conformance reports; what, why and how

How do you log and deal with non-conformities so that faulty products don't end up in the hands of ...

How to build a supplier quality management system in 4 simple steps

How do you transform regular supplier reviews from a box-ticking exercise into a genuinely useful ...

ISO 9001 vs ISO 13485. What’s the difference?

ISO 9001 is the internationally recognised standard for quality management used in many sectors ...

Medical Device Technical File requirements: what you need to know

What is the medical device technical file? What should it contain and how should it be structured? ...

Why not just use SharePoint as a Document Management System?

What’s wrong with SharePoint, anyway? Why shouldn’t it be used as a document management system ...

8 Tips for Improving the Document Review Process

How is the quality of your document review process affecting the speed and efficiency of the way ...

The evolution of a Quality Management System

A focus on a quality management system shouldn’t just mean a ‘box ticking’ exercise for an ...

Can Product Innovation Tools help you go 'virtual first?'

Colocation was one of the central tenets of the Agile manifesto, but times have changed. With all ...

Why your QMS needs to be an eQMS

If you want to develop a Quality Management System that meets the regulation and powers your ...