You mean records?
One of the most glaring examples is the transformation of the word “records” into “retained documented information.” That's right, the standard’s updaters took one word and turned it into three. And the three words aren’t nearly as intuitive as the one word they replaced.
Regardless of what you call them, records are the proof of something happening. They are historical, referring to past events. As such, they aren’t revised. Records might be “corrected” in some cases, but they are never revised. Only documents are revised. (We’ll address documents and their status in ISO 9001:2015 in a future article.) The primary control method for records is one of housekeeping: knowing where they’re stored, who’s responsible for retaining them, and how long they’re kept.
Here is a summary of records requirements in ISO 9001:2015:
• 24 records are required in ISO 9001:2015. This is compared to 21 records required in ISO 9001:2008. Some of the 24 records required by ISO 9001:2015 are actually repeat requirements, listed twice in the current version of the standard.
• 20 percent of all the record requirements come from section 8.3—“Design and development of products and services.” That amounts to five records, which is the same number required by ISO 9001:2008.
• A completely new record that is required in 9001:2015 is found in section 8.5.6, which concerns retained information on changes, including the review of changes, persons authorizing the change, and necessary actions arising from the change.
• ISO 9001 continues its redundant ways. In two separate places ISO 9001:2015 requires records of evidence of processes being carried out effectively, once in section 4.4.2 and again in section 8.1.e.1.
• More redundancy: ISO 9001:2015 requires records in two separate places that demonstrate conformity of products and services processes, once in section 8.1.e.2 and again in section 8.6. Why the redundancy? My personal opinion is that this wasn’t intended. Rather, I suspect it was sloppy editing. There’s no compelling reason to declare twice that inspection records must be maintained.
• Five of the records in ISO 9001:2015 have qualifiers. These are “to the extent necessary” and “as applicable.” They imply that it’s up to the organization to decide if it truly needs the records to demonstrate conformity. They aren’t absolute requirements.
• One item, design outputs, is listed as “retained documented information” (i.e., a record) when it’s actually a document. Design outputs are living information such as specifications, engineering drawings, recipes, formulas, and bills of material. Since they’re living, they’re subject to revision, meaning they are documents. Nonetheless, as long as the organization manages design outputs in a consistent manner (as either a document or a record), it should be fine.
• A handful of requirements would be virtually impossible to have evidence of without records, and yet ISO 9001:2015 doesn’t require records for them. These include context of the organization (4.1), interested parties (4.2), planning of changes (6.3), and customer feedback (9.1.2).
• One of the strangest record issues of all is the omission of calibration records in ISO 9001:2015. This has been replaced by the requirement to “retain information on fitness of purpose for measuring instruments,” which would include calibration, among other possible activities. I expect many people implementing ISO 9001:2015 will get a bit confused by this.
• 24 records are required in ISO 9001:2015. This is compared to 21 records required in ISO 9001:2008. Some of the 24 records required by ISO 9001:2015 are actually repeat requirements, listed twice in the current version of the standard.
• 20 percent of all the record requirements come from section 8.3—“Design and development of products and services.” That amounts to five records, which is the same number required by ISO 9001:2008.
• A completely new record that is required in 9001:2015 is found in section 8.5.6, which concerns retained information on changes, including the review of changes, persons authorizing the change, and necessary actions arising from the change.
• ISO 9001 continues its redundant ways. In two separate places ISO 9001:2015 requires records of evidence of processes being carried out effectively, once in section 4.4.2 and again in section 8.1.e.1.
• More redundancy: ISO 9001:2015 requires records in two separate places that demonstrate conformity of products and services processes, once in section 8.1.e.2 and again in section 8.6. Why the redundancy? My personal opinion is that this wasn’t intended. Rather, I suspect it was sloppy editing. There’s no compelling reason to declare twice that inspection records must be maintained.
• Five of the records in ISO 9001:2015 have qualifiers. These are “to the extent necessary” and “as applicable.” They imply that it’s up to the organization to decide if it truly needs the records to demonstrate conformity. They aren’t absolute requirements.
• One item, design outputs, is listed as “retained documented information” (i.e., a record) when it’s actually a document. Design outputs are living information such as specifications, engineering drawings, recipes, formulas, and bills of material. Since they’re living, they’re subject to revision, meaning they are documents. Nonetheless, as long as the organization manages design outputs in a consistent manner (as either a document or a record), it should be fine.
• A handful of requirements would be virtually impossible to have evidence of without records, and yet ISO 9001:2015 doesn’t require records for them. These include context of the organization (4.1), interested parties (4.2), planning of changes (6.3), and customer feedback (9.1.2).
• One of the strangest record issues of all is the omission of calibration records in ISO 9001:2015. This has been replaced by the requirement to “retain information on fitness of purpose for measuring instruments,” which would include calibration, among other possible activities. I expect many people implementing ISO 9001:2015 will get a bit confused by this.
Don’t let anyone tell you that the “correct” terminology is “retained documented information.” If you like that term, then by all means use it. If you prefer the term “records,” you can use that in its place. Always remember that documents and records are two different things. That one fact alone will make any QMS easier to use and understand.
Retained information (i.e., records) required in ISO 9001:2015 | |||
Section No. | Category | Requirement | Qualifier |
4.4.2 | QMS and processes | Retain information on processes carried out effectively (a blanket requirement) | to the extent necessary |
7.1.5.1 | Calibration | Retain information on fitness of purpose for measuring instruments | none |
7.1.5.2 | Calibration | Retain information on basis for calibration where no standards exist | none |
7.2. d | Competence | Retain information as evidence of competence | none |
8.1 e 1 | Operations | Retain evidence of processes being carried out as planned | to the extent necessary |
8.1.e 2 | Operations | Retain information to demonstrate conformity of products and services | to the extent necessary |
8.2.3.2 a | Sales | Retain information on the results of review of customer requirements | as applicable |
8.2.3.2 b | Sales | Retain information on any new requirements for products and services | as applicable |
8.3.3 | Design | Retain information on design inputs | none |
8.3.4 b | Design | Retain information on design reviews | none |
8.3.4 c | Design | Retain information on design verifications | none |
8.3.4 d | Design | Retain information on design validations | none |
8.3.5. | Design | Retain information on design outputs | none |
8.3.6 | Design | Retain information on design changes (e.g., reviews, authorization, and actions to prevent adverse impacts) | none |
8.4.1 | Purchasing | Retain information on the evaluation, selection, monitoring of performance, and reevaluation of external providers | |
8.5.2 | Traceability | Retain information to necessary to enable traceability | none |
8.5.3 | External property | Retain information on customer or external provider property that is lost, damaged, or unsuitable | none |
8.5.6 | Change management | Retain information on changes, i.e., review of changes, persons authorizing, and necessary actions arising | none |
8.6 | Product release | Retain documented information on the release of products and services, including evidence of conformity and traceability to person authorizing release | none |
8.7.2 | Nonconforming products | Retain information on nonconforming products, including description, actions taken, any concessions, and authority deciding on action. | none |
9.1.1 | Monitor and measure | Retain evidence of results of monitoring and measuring (a blanket requirement) | none |
9.2.2 f | Internal audit | Retain evidence of implementation of audit program and audit results | none |
9.3.3 | Management review | Retain evidence of the results of management review | none |
10.2.2 | Corrective action | Retain evidence of nature of nonconformity, any actions taken, and results | non |