Establishing a ISO 9001 records procedure

The standard requires records to remain legible, readily
identifiable and retrievable and that a procedure defines
the controls needed for the identification, storage,
protec- tion, retrieval, retention time and disposition of records.
Records have a life cycle. They are generated during
which time they acquire an identity and are then
assigned for storage for a prescribed period. During
use and storage they need to be protected from
inadvertent or malicious destruction and as they
may be required to support current activities or
investigations, they need to be brought out of storage
quickly. When their usefulness has lapsed, a decision is made as to whether to
retain them further or to destroy them.
Readily retrievable means that records can be obtained on demand within a
reasonable period (hours not days or weeks) Readily identifiable means that
the identity can be discerned at a glance.
Although the requirement implies a single procedure, several may be
necessary because there are several unconnected tasks to perform. A procedure
cannot in fact ensure a result. It may prescribe a course of action which if
followed may lead to the correct result, but it is the process that ensures the
result not the procedure.
The revised requirement omits several aspects covered in clause 4.16 of the
1994 version.
Collection of records is now addressed by Analysis of data (clause 8.4)
Indexing of records is a specific form of identification and is therefore
already addressed
Access is now addressed by the requirement for record retrieval
Filing is a specific form of storage and is therefore already addressed
You may only need one procedure which covers all the requirements but this
is not always practical. The provisions you make for specific records should be
included in the documentation for controlling the activity being recorded. For
example, provisions for inspection records should be included in the inspection
procedures; provisions for design review records should be included in the
design review procedure. Within such procedures you should provide the
forms (or content requirement for the records), the identification, collection/
submission provisions, the indexing and filing provisions. It may be more
practical to cover the storage, disposal and retention provisions in separate
procedures because they may not be type-dependent. Where each department
retains their own records, these provisions may vary and therefore warrant
separate procedures.
Unlike prescriptive documents, records may contain handwritten elements and
therefore it is important that the handwriting is legible. If this becomes a
problem, you either improve discipline or consider electronic data capture.
Records also become soiled in a workshop environment so may need to be
protected to remain legible. With electronically captured data, legibility is often
not a problem. However, photographs and other scanned images may not
transfer as well as the original and lose detail so care has to be taken in
selecting appropriate equipment for this task.
Whatever the records, they should carry some
identification in order that you can determine what
they are, what kind of information they record and
what they relate to. A simple way of doing this is to
give each record a reference number and a name or
title in a prominent location on the record.

1994 –2000 Differences

Previously the standard
covered retrieval in four
ways. It required:
(a) that quality records be

made available for
evaluation by the
customer or his
representative for an
agreed period, where
agreed contractually

Records can take various forms – reports contain-

ing narrative, computer data, and forms containing
data in boxes, graphs, tables, lists and many others.
Where forms are used to collect data, they should
carry a form number and name as their identifica-
tion. When completed they should carry a serial
number to give each a separate identity. Records
should also be traceable to the product or service
they represent and this can be achieved either within
the reference number or separately, provided that the
chance of mistaken identity is eliminated. The
standard does not require records to be identifiable
to the product involved but unless you do make such
provision you will not be able to access the pertinent
records or demonstrate conformance to specified
requirements.