Clause 4.2.3 Control of Documents (1994 clause, 4.5) states that documents required by the quality management system shall be controlled and a documented procedure established to define the controls.

This clause is a significant improvement from the 1994 version because the new language takes out any ambiguity of what needs to be controlled. It also is the first place in ISO 9001:2000 where you'll need to have a documented procedure, which means the control of documents must be established, documented, implemented and maintained. This comes first because it is one of the first steps you should do during implementation. (NOTE: Corrective and preventive action should come before this when documenting.)

In a nutshell, to meet the requirements of this clause, you must have a documented procedure for identifying, collecting, indexing, accessing, filing, maintaining and the disposing of documents. The standard states that relevant documents need to be adequate to the task, available at points of use, up-to-date and legible. But if you change a process at any time, make sure you also change the procedure. The change also should be discussed in management review.

ISO 9001:2000 states that the following points should be considered when writing and utilizing the control of documents procedure:

• Documents should be approved prior to issue.
  Draft documents should be reviewed preferably by a staff member who will be using the document prior to being implemented into your management system
  
   
• Documents should be reviewed and re-issued when necessary.
  All procedures and work instructions are not static and will require updating or improving as changes are addressed. This can be both as part of a scheduled review process or on an as required basis.
  
   
• Changes and status of revisions should be identified.
  Changes to a document should be highlighted. This can be done in a number of ways as long as staff understand what the notation means. For example changes can be logged at the front of the document or perhaps marked out by using a different font type or color within the document. It should also be noted whether it is a proposed or confirmed revision and when and why the change was made.
  
   
• Relevant versions of applicable documents should be available at point of use.
  For example ensure paper copies of documentation are available where access to electronic copies is limited.
  
   
• Ensure documents remain legible and identifiable.
  Replace damaged hard copy documents and consider making some essential documentation more durable for example laminate documents in areas where contact with water is likely.
  
   
• External documents should be identifiable and their distribution controlled.
  4.2.3.f says that external documents must be identified and their distribution controlled. The intention here is to have some kind of register or database that provides an up-to-date (and dated) copy of a document from the outside. A customer drawing or specification would be a good example of an external document that needs to be controlled.
  
   
• Prevent the unintended use of obsolete documents, and to apply suitable identification to them if they are retained for any purpose.
  All documents should be marked with an issue number and date of issue and relevant staff notified when a document is updated. If an obsolete document is required to be kept for legal or reference purposes it should be clearly marked withdrawn.