internal-page-background-header

What is document control?

What is document controlHow much control do you have over the documents your business generates? How much do you need?

What is document control?

Document control refers to the processes a business develops to oversee the creation, review, modification, issuance, distribution and accessibility of their documents. These controls define the way the entire lifecycle of each document is managed from creation through to approval and obsolescence. A document control process ensures there is only ever one master version of each document present within a system, and that each document has a full version history associated with it. 

For some businesses it is enough to have basic controls of their documentation. The ability to share files quickly for internal and external collaboration is a priority, together with a way to track changes and restrict access as required. For them, Google Docs, DropBox or Box may be enough. But others need the full array of document control tools to effectively deliver their services and meet compliance demands.

Document Management and Document Control: Is there a difference?

Who needs a document control system?

Any business which produces complex documentation and has a need for clarity, accountability and traceability in their business processes will benefit from a document control system. Electronic Document Management Systems (eDMS) with robust document control tools are used by law firms, high tech product developers and those in the life science sector to manage their complex processes in the most transparent and auditable way possible.  

But having formal document control procedures in place is an absolute requirement for those who wish to gain the quality management standard ISO 9001:2015 and medical device developers who need ISO 13485: 2015 to legally trade their products.

Why document control is central to compliance in ISO 9001 & ISO 13485

A document control system is a formal requirement of the Quality Management standards ISO 9001 and ISO 13485 for medical device developers.

For the kind of businesses who need to meet these standards, their documents define the entire way they work.  

They are the plans and specifications that show the business how they build their products and how they must function when they are built. They are the written processes and procedures that detail ‘how you do things’ to meet regulatory requirements and commercial goals. They are the evidence that prove to auditors that products have been built correctly and in a way that meets customer needs. They are the evidence that quality issues have been investigated and resolved.  

Documentation defines and demonstrates how your business always meets required quality standards throughout the development and production cycle - so they must be properly protected and controlled.

To ensure that this key business documentation is always accurate, up to date and fully auditable, both ISO 9001 and  ISO 13485 specify the way in which they must be controlled through:

  • Storage
  • Protection
  • Retrieval
  • Retention
  • Review
  • Approval
  • Disposition
  • Legibility
  • Change control

Document control requirements in ISO 9001:2015: What you need to know

Electronic Document Management Systems are key to imposing controls

With such a range of  requirements, electronic document management systems  are vital to maintain control over complex and changing quality documentation throughout their lifecycle.  

They bring the tools for:

  • Document security
  • Access rights
  • Automation
  • Indexing 

that make controlling documents part of the ‘way you do things’ as a business

With this in mind, here are 5 key elements of document control your eDMS needs to deliver:

5 key features of an eDMS

1. Workflow automation - the way you need it

Automated workflows ensure quality documentation is dealt with consistently, that they go through required processes of review and approval before they are distributed or any changes are made or published. But not every required approval sequence is the same for every document type in every industry. The right document control solution allows you to develop bespoke sequences of review and approval that fit the way you work and can meet the exact requirements of your sector. 

2. Review and approval

Your document control system should be able to support complex sequences of review, approval and publication that reflect the most sophisticated control requirements:

  • Recurring annual or biannual review/approval sequence for quality documentation
  • Reminder notices when review is outstanding or regular review is imminent
  • Sequential ordering of review/approval requests with each contingent on the next
  • ‘Document holding’ features - where documentation is grouped together and released only when all files have been approved by key stakeholders. This feature supports required ‘phase gating’ and design controls for regulated design and development processes specified in medical device development

3. Discoverability

The ability to retrieve required documentation on demand is central to the control we have over our operations. Lost and misfiled documents, or incomplete sets of documentation, can cause vital data to be overlooked, errors to be made and companies to fail quality audits. A good document control system should let you apply metadata to your files to make your system more searchable, while ensuring relationships between documents are properly recorded and maintained.

4. Obsolescence and archiving

Your system should ensure that there is only one master version of each document present within a system at any time, so that you cannot confuse them with drafts or a now retired version. When a new version of a document is approved, the old one should be marked as obsolete and removed from circulation, while making it available as part of an audit history. The system should automatically archive obsolete documents for as long as the law requires.

5. Change control 

Change control ensures that no quality document, process or procedure can be changed without permission of specified stakeholders. 

A document control system automates the approval process so when a change is suggested it is reviewed, responses collated and approval required before it can be updated and republished. The review process should allow the potential impact to procedures, operations, products and customers to be documented, ensuring the whole of the decision making process can be audited at a future date.  

When changes are accepted the version history of the document itself is updated showing the changes that have been made, by whom and when.  

Conclusion

In a fast moving world of agile development and rapidly shifting technology, specifications, processes and products all need to change rapidly to meet customer demand. And our documentation needs to be updated to reflect and authorise these changes in real time.

Document controls are the tools and processes that stop your documentation and record keeping slipping into chaos. They are the formal circuit breakers that ensure changes to plans, processes, and products are properly assessed/approved before being published and actioned. They prevent mistakes, confusion, unauthorised access and change within your quality systems. They make all your decision-making trackable and your people accountable in line with regulatory requirements. Ultimately, they protect the quality of your end products and the consumers who use them.

To impose the levels of document control required by ISO 9001 and 13485 you need a  sophisticated digital tool kit that can flex with the demands of commercial growth.

The value of DMS for Product Development

Tags: Document management and control

Joe Byrne

Written by Joe Byrne

Joe Byrne is the CEO of Cognidox. With a career spanning medical device start-ups and fortune 500 companies, Joe has over 25 years of experience in the medical device and high-tech product development industries. With extensive experience in scaling businesses, process improvement, quality, medical devices and product development, Joe is a regular contributor to the Cognidox DMS Insights blog where he shares expertise on scaling and streamlining the entire product development cycle, empowering enterprises to achieve governance, compliance, and rigour.

Related Posts

Medical Device Technical File requirements: what you need to know

What is the medical device technical file? What should it contain and how should it be structured? ...

Read More
Why not just use SharePoint as a Document Management System?

What’s wrong with SharePoint, anyway? Why shouldn’t it be used as a document management system ...

Read More
8 Tips for Improving the Document Review Process

How is the quality of your document review process affecting the speed and efficiency of the way ...

Read More