How Document Control Software Helps with Compliance of ISO Requirements

How Document Control Software Helps with Compliance of ISO Requirements
March 22, 2016 seouser
business access document control restrict

The main aim of a document control software system is to ensure that proper manufacturing procedures are documented and improved upon. ISO requirements regulate the process and documentation that directs the manufacturing procedures, and any changes made to these procedures are restricted to authorised employees with all changes documented for future inspection. ISO certified companies are therefore required to have a system in place to control all modifications to their documents.

A major challenge of having an ISO system, regardless of whether it is certified, is the ability to maintain it on a continuous basis after it has been put into place. Paper or hybrid electronic systems need a lot of hard work and careful monitoring by the company, especially senior management, in order for these processes to be effectively maintained and updated. Systems are known to have been left unchecked once certification has been attained due to the time it takes to manage them, being revived only when an audit is about to take place. Manual processes are also prone to mistakes, resulting in uncontrolled documents being available, or new versions not being accessible. To ensure that these problems do not occur, companies are starting to understand the important of highly effective management software systems.

To understand the document control aspect of a management system, and how it enables companies to more efficiently maintain their processes as well as the handling of documents, then the following elements need to be considered:

Restrictive Access

  • User/Password Protection–A unique Username/Password combination is needed for each user who has access to the system. The password should also be alphanumeric to ensure that it cannot be logically recreated.
  • Intruder Lockout– Accounts must be automatically locked out in the event of a user trying to login with the wrong login combination. This is activated when a set number of unsuccessful attempts have been made, and prevents illegal attempts to access the system. Only the System Administrator is able to reactivate a locked out account.
  • Document Access Restrictions– Each person within the company is assigned a role. Even though each role is unique it may or may not interact with another role in the same company. Therefore a system should be able to restrict access based on their role with the documents, such as Viewing (Read Access), Authoring (Write Access) and Approving, with users being given one or more roles.

Document Management

Document management capabilities safeguard iterative components that are obligatory for an ISO system, and are automated or simplified to increase efficiency:

  • Application Independence – A system should control documents from a variety of applications such as Word, Excel, video, audio and other commonly used software.
  • Life-cycle Management– Documents need to follow a strict life-cycle, which spans from Draft to Published to Archived. This can be based on the type of document and must restrict access at each workflow stage.
  • Document History – Every event that a document undergoes should be automatically recorded and this record should be available to approved users.
  • Central and Safe Storage – Documents should be kept in such a way that ensures only authorised access, while also protecting against loss or destruction.

Automatic Version Control

Version control for documents is time-consuming and also can lead to errors when a new version replaces an older version. Document control systems offer the following key automation advantages:

  • Availability of the Latest Version – The latest approved document revision is the only revision that should be available, to ensure no confusion to users who need to use those documents.
  • Automatic Routing– A document should follow a routing based on its type, so that approvers are automatically notified when a document requires approval, review or has a change request issued against it.
  • Automatic Document Replacement – The latest approved versions of a document should automatically replace the older version which is placed into archive.
  • Automatic Email Notifications – E-mail notifications should inform users of tasks that they are required to perform. This feature should be able to be deactivated but there must always be another form of notification that cannot be deactivated. For required tasks this applies for reviews, approvals and change requests. For events this applies for publishing, confirmed rejections and rejected change requests.
  • Approval History– Managers must be able to view the entire approval status and history of a document as it is going through its workflow processes.
  • Automatic Publishing on Approval – After a document is approved, it should be published automatically and should also replace any earlier versions, which are then archived.

Simple System Administration

A user-friendly system administration ensures that any user is able to understand the system, even with the most basic or limited IT understanding. Features should include the following:

  • Pre-configured Routing– Routing rules should be established and fixed with an easy to follow attribute setting that is determined by Approval Types.
  • Configurable User Access Rights – The system administrator should be able to configure Read and Write access permissions across folders and therefore document groups.
  • System Reporting – Reports should be included so as to analyse user and system activity. New reports should also be easily constructed and added.

General Usability

A document control system should offer users an effective and easy to navigate solution:

  • Platform Independence – There should be no restrictions on the platform that the system can operate on.
  • No Installation Requirements – There should be no need to install software on a client’s infrastructure, which means that the system can easily be evaluated and implemented.
  • Web-Based Client Access – The system should be accessed from any Internet connection regardless of location. Clients, suppliers and customers should be able to access the system from anywhere in the world without any additional software or hardware requirements.
  • Search Capability – Documents should be able to be searched using keywords, with only the documents that meet both the search criteria and the user’s access rights being displayed.
  • Grouping of Documents– An easy to use graphical interface is used, that is similar to the Windows treeview with folders and sub-folders allowing documents to be grouped and searched easily.
  • Training for System Administrators and Regular Users – Training for all types of users should be available using online training modules.

Document Grouping and Access Rights

When a document control system is chosen, clearly defined responsibility for each type of document must be determined. This improves the effectiveness of the system and focuses only on employees with a role in the system. Specific groupings are outlined in the following way:

  • Grouping of Documents – All documents within a document control system have a specific aim that leads to a logical grouping. As a result, only users who require a role in those documents are given access.
  • Readers of Documents – Access to documents should be restricted to the users who require access while performing their daily jobs. Sufficient time should be allocated to logically group documents and determine which need access to the various document groupings.
  • Writers of Documents – Those who have management responsibility over the documents are also originators of the documents, and therefore have the responsibility for updating the documents. This may be at a department or functional level or at an organisation level depending on the size of the company. They a more complete access permission level.
  • Approvers of Documents– Controlled documents go through a review and approval process by users who ensure that they are correct. The approvers are likely to be experts or senior management. They may also be Readers and/or Writers.

Once these four groupings are determined, the document control system structure is developed. This is one of the most vital aspects of the system, so plenty of time should be given to allow for this phase to ensure the future smooth running of the system.

The ROI of Document Control Systems

To sum up, many companies have found that moving from a manual system to an electronic document control system has played a huge role in improving everyday tasks and ensuring a better return on investment (ROI). At the same time, the transition also needs sufficient time allocated to it to allow for the proper planning and integration of the systems. Another major benefit that many companies have reported is that using a hosted document control system does not require any IT infrastructure upgrade, making the integration far simpler than expected.

 

Get a free trial now