According to ISO Control of Documents, ISO 9001:2015 standard, 7.5, Organizations are required to control and maintain their documents. The procedure requires that the organization approves documents, reviews, updates, re-reviews, identifies the changes and current document revision status, and makes it available wherever necessary. Documents must be controlled. Such documents include internal documents, external documents, and records.
The organization wanting to be ISO certified must establish a method to control these different types of documents. Within the ISO 9001 Control of documents, there are a few mandatory steps to this procedure.
- Any controlled documents must be reviewed and approved before being distributed to others
- Any revisions to controlled documents must also be reviewed and approved
- The organization must be able to identify and revisions to controlled documents and know the revision status of controlled documents
- Any controlled documents must be available for use when necessary
- Controlled documents must be legible, meaning that they are able to read and understood
- Any external documents must follow the same procedures as internal documents
- Any old versions of documents are stored in a way that they are not mistakenly used instead of the current version of the document.