Are of you aware of the consequences you may face for selling such a product/service that is no longer meeting the legislation? Are you aware of the new legislative changes? What if you get a complaint from one of your customers, saying your product/service doesn’t’ meet the updated version of the ISO standard? The answer to all these questions is ‘External Document Control’.

The clause 7.5.3.2 in ISO 9001:2015 states organizations to determine, identify, and control documented information regarding external origin. Documented information of external origin is just like a quality management system and an external entity issues it. The issuers may include customers, legislators, suppliers, standardization bodies, regulators, or business partners.

There happen to be two different kinds of documented information given from ISO 9001:2015:

• Documents that need to be maintained.
• Records that need to be retained.

An outside party can issue records such as calibration certificate, a customer order, or a maintenance report. Determination and controlling of relevant records are demanded. The external origin documents for your QMS may include logistics specifications, product specifications, legislation, material safety data sheets, platform rules, permits, standards, and work instructions. You can contact a professional ISO consultant to seek help in identifying an external document.

Your QMS should be quality enough to determine what relevant documents are. Many organizations use a separate register to make entries like name of the document, issuer, internal distribution, and updated version.

• How come can you know all the time that a document is updated?
• If any document is changed, will it lead to a change in your organizational practices also?
• Who will be held responsible to investigate such implications or changes?
• How come someone knows a new relevant document is issued?

Regarding external documents control, there may be some unpleasant surprises for you. External document control can be considered effective if it successfully avoids costly surprises. For that, you must know:

• New document or new versions
• Register Updating
• Distribution of new document or new version
• Plan/implement changes
• Confirmation of changes

The relationship of the issuer with your organization also particularly matters. The issuer may and may not know your company. In both cases, there should be surveillance of the documents of external origin. The issuer is also responsible to keep you informed with updated information.

Thus, there has been great importance of external document control in ISO 9001 and the standard urges the organization to follow what its clause states. Organizations indeed face different challenges in keeping their practices regarding external document control relevant and accurate. This is the reason that there are several ISO consultancy providers in the market. You can take services of a professional ISO consultant to keep your road to ISO certification clean!