4 steps to getting ISO9001 ready
Achieving ISO9001 compliance can appear daunting, but while it requires a significant investment in time and resources, using the right document management system can help lighten the load. ISO9001:2015 has a number of key requirements — here's how you can successfully fulfil some of these in your organisation:
STEP 1: QUALITY MANUAL
A major component of ISO9001:2015 compliance for any company is to produce a Quality Manual that outlines your Quality policy and objectives. Although this is no longer a mandatory document in the 2015 guidelines, there still needs to be "documented evidence" and requirements from the Quality Manual are carried over to the new standard. This contains the scope of what is included in the Quality System, exclusions, procedures (numbered documents) and business system processes (normally in the form of flowcharts). Your document management system can help here – look for one that provides a repository so that you can store a PDF or web-viewable version of the Quality Manual on the company intranet where it is accessible to all users. Make sure that individual employees know which policy documents they need to know about, through tailored reminders that flag areas that are relevant to their role.
STEP 2: DOCUMENT CONTROL
This mandatory procedure is key to ISO9001 compliance, and can be time consuming unless is it automated through a document management system, which allows you to manage the entire document lifecycle of draft, review, issue, approval and publish. Make sure you can identify the timeline of documents, and their history, tracking changes and when they are made, as well as highlighting external documents. An effective document management system will also remove the risk of people accidentally using obsolete versions of still-in-use documents – the single most common cause of ISO non-compliance.
STEP 3: RECORD CONTROL
ISO9001 differentiates between documents and records. Documents, such as paper-based or electronic information covering specifications or procedures, are active and dynamic. On the other hand, records are historic in nature and report the results of the analysis of business processes and actions. ISO9001 requires you to hold 21 records covering management reviews, education and training, design and development (although this is not always relevant), supplier evaluations, internal audits, product release, and validation and verification. Your document management system should make these records easy to access, while providing a detailed and clear history of any corrective or preventative measures taken, in order to comply with ISO9001. In all of these records, your document management system should supply the identification, tracking and updates of the required process in a simple, integrated solution.
STEP 4: OPERATIONAL PROCEDURE COMPLIANCE
This refers to documentation covering planning, operation and control procedures. Records documenting contracts, customer satisfaction, product realisation and planning should all be stored in your document management system, providing you with identification and traceability for all of these procedures, as well as providing a platform for continuous improvement.
Want to use the right document management system to ensure effective, efficient and timely ISO9001 compliance? Find out more about how Cognidox can help by looking through our features.