Back to Posts
Posts

Best Practices for Document Management 

Rob Harrison

Document management typically is one of the top three processes in Environmental, Health & Safety and Quality (EHSQ) management systems to be automated using software. Management systems and the certification to specific standards in EHSQ especially have come under fire for being one vast documentation exercise; an exercise that has the potential to cause companies to detour from the goals of continuous improvement and opportunity, resulting in administrative burden and busy work.  

To counter this perception, there have been recent updates by the International Organization for Standardization (ISO) to standards such as ISO 14001:2015, 9001:2015 and 45001:2018 that utilize terms like ‘Records’ in conjunction with ‘Documents’ in recognition that many organizations have strong document control processes, even though they likely may not have hard-copy documents or binders for their management system any longer. Nor will they be printing hard copy records of monitoring and measurement outputs. ISO went as far as eradicating the Quality Manual in the 9001:2015 update and the cheer was almost palpable among progressives in the quality discipline. 

Document management and control IS – without doubt - important, but what also is important is the change in the attitude of those who certify to standards and monitor conformance.  The place to begin looking for the chinks in an organization’s armour was, in the past, the control of documents in the physical binder and elsewhere – almost anywhere in the organization – it didn’t really matter. If you have ever been audited, you’ll know what delight a third-party auditor exhibits in finding a printed, uncontrolled document somewhere on your shop floor, shipping bay, R&D or anywhere else in your facility.  

Almost (but not quite) as satisfying is when an employee is asked how he or she knows how to do the task that is being executed and if necessary, where can he or she find the work instruction and related procedure to support it, only to find that either they can’t locate these or worse still, they locate an outdated copy. Best results (for the auditor) are experienced when the employee is delighted to have a rogue copy somewhere of the outdated procedures to hand over. Traditional approaches of document control have fallen victim to this since the very notion of management systems made their way to the real world of production and beyond.  

Technology Takes Over 

The proper application of technology has offered the eradication of these and other crimes against document control and consumption for many years. It is important to note that in the beginning, this promise often was undermined by the new technology itself, which, when poorly implemented, could result in damaging and potentially more disastrous outcomes.  

The EHSQ management system landscape is littered with horrors that are the result of presumed rigour uncovered by the often maligned audit ogre. Good auditors are methodical and endlessly curious. Like the user of any software, if there is a way to identify a weakness or bug in the design or implementation of a system, they will find it. This is a good thing. 

Documentation, or rather the attitude to documentation per se, has been updated and will continue to experience updates as Millennials, who grew up in a digital world, continue to permeate the workforce replacing Baby Boomers and Gen-X workers. The physical document is on the wane and this will continue until its extinction.  

Document management has matured in the general context of an organization and specifically when it comes to management systems. Best practices have been tuned (as all best practice should) to align with the capabilities and strengths of technology. It is true that a manual, hard-copy system could exhibit the best practices discussed in this article, but the effort required to meet best practice would be detrimental to available resource and efficiency.  

Compliance and conformance will remain the key drivers in terms of document control and management. Regulated industries might be expected to be slower to move away from traditional hard copy documents but it is a fact that provision for signing documents electronically in a compliant fashion was spearheaded by FDA regulated oversight (CFR 22 Part 11). While there is some room for interpretation, the guidance is matured and successfully has been implemented by thousands of organizations globally.  

Document management best practice is multi-faceted, but the actors can be broadly subdivided into two main groups: Those who own, author and manage documents and those who consume the contents of documents for the work or activity to be done. 

For the Consumer 

The basic principles for technology-supported document control for consumers start with retrieval – the locating of the information. The consumer must have access to a library or repository in an uninterrupted, consistent and unhindered (yet controlled and secure) manner. This requires: 

  • A library (repository of global nature) 
  • Ability for search and retrieve (fast, accurate, relevant) 
  • Ease of use across device landscape / user tech capabilities (mobile, terminals, etc.) 
  • Localization of corporate language (ideally, one could be two) metadata. 
  • A simple mechanism (hidden) guaranteeing access to latest published version ONLY* 
     

*It is permissible – especially in manufacturing – to access archived / superseded versions for reference and auditing purposes (must be clear that the document is NOT CURRENT). 

Relevance and relational association is a core best practice for document management. It is critical that where appropriate, stakeholders are served only the documents they need for their work, area of responsibility and associated roles. Many associations can be configured universally and applied as stakeholders are linked to responsibilities. These can include: 

  • Associated with relevant process-steps / tasks and activities (where appropriate) 
  • Associated with work areas and events/needs related 
  • Associated with other roles and responsibilities (e.g. mine rescue, spill response etc., first responder, internal auditor…) 
  • Global associations like ethics and whistleblower policies, emergency preparedness actions or incident reporting. 
     

The consumer’s personal and direct interaction with documents in the context of EHSQ (and other disciplines) should be best practice driven as well. This means practicing engagement strategy like notifications and acknowledgements of updated documents, providing a way to serve frequently used documents and derive comments and feedback on the content and purpose of documents (improvement). It also is important that intelligent navigation to associated documents and linked topics is intuitive. Best practices include: 

  • Notification of controlled change (push, consume & acknowledge) 
  • A personal library (individual curation that’s typically automatic – supplemented by personal preference for frequently used docs Favorites / Watch List) 
  • Feedback – engagement and suggestions driving continuous improvement 
  • Attachments (also controlled), e.g., master document references, controlled specs or drawings and one or more checklists 
     

One area often overlooked in a software solution for document control is the application and importance of meta data. This is a kind of holdover from the physical document days in that a section would hold documents and references would be cited in the document text. Technology allows for documents to be categorized very flexibly, easing retrieval and assessment of applicability. Added to that is the simple yet very effective use of keywords or tags to aid the consumer more than ever before. This concept is one expected by the newest generations entering the workforce. 

For the Owner, Author and Controller 

The amount of work in documenting processes, procedures, work instructions and all manner of management system-related artifacts is vast. There are numerous guiding principles that are either common sense or stated in regulatory compliance terms, depending in what industry or practice area the documents exist. Making the document lifecycle easy and permeating it with simple yet robust controls is the signature of a good solution.  

There are good reasons for some documents to be assigned an "untouchable" status for a management system. The over-arching policy document for example, training and competence records and emergency planning are a few examples. Specifications and plans for manufacturing demand rigor as do incident response processes. But there has been a shift in management system thinking based on general good practice and that is to map the implications of change through change control measures to ensure that when a change occurs, risk is assessed for the change and the potential impact outside of the procedure or process originating at the document stage. 

Best practice is to understand clearly what other documents – and therefore, activities – a document might impact. This used to be nearly impossible to do quickly and with confidence before technology was employed for document management.  

Current document control best practices include the following elements: 

  • Unique identifier (not obfuscated or hidden) – global in nature (ideally) 
  • Status: stage in lifecycle / can be state-machine governed 
  • Authoring activities restricted to stakeholders until published 
  • Ownership (includes co-ownership and commenters) 
  • Change management (aligns with proactive risk management) 
  • Change history (traceable / non-editable) 
  • Approval steps / stages and authority to publish or retire 
  • Links, associations and referencing (intra-document, related process, process-steps, work areas, roles, etc.) 
  • Publishing triggers (manual and automatic + timed and triggered) 
  • Automated review cycles and documentation audits 
  • Retention policy provision 
     

One often overlooked or purposely ignored best practice for the design of a document management repository is the structure. There's good reason for this: Too often, those responsible for the design decisions are too close to the topic. They know the formal structure and hierarchy of a management system, the processes therein and the relationship with a standard or multiple standards.  

STOP and think about where the value is in improving the approach to and efficacy of the document management system. It is in control for sure, but mostly it is in the consumption and use of the documents in the real world of EHSQ. It cannot be overstated that while the organization of documents must be systematic, the system per se may not be intuitive for the consumer. Ignore this at your peril and prepare for the criticism a narrow view here deserves. 

Take a step back – make it your mission to serve the need of system but satisfy the demands of the overall objective. Get the right document to the right person at the right time – every time. Consider how a typical worker would look for the document, what would make sense to the shop-floor worker (new or veteran) and always think about how they find information in their regular lives and for other non-work-related topics. Mimic what they use regularly. You'll save on training effort and you'll fast track the illusive rapid adoption you desire but more importantly, your organization demands. 

Document management and the control of documents remains a pillar of management systems and will continue to be critical in the protection of compliance and conformance activities. It should be considered, like other management system processes, as an opportunity to improve. Improvements for document consumers may have a modest return for an end user, but think of a two-minute saving per consumer per document like a work instruction and multiply that across hundreds of workers every day.  

By employing best practices in serving the documents to consumers in the way they want to consume, built on the foundation of rigor and control, an organization can revolutionize its research-to-practice lag and improve engagement, all while protecting its investment in compliance and conformance. There’s improvement and savings waiting to be unlocked. 

Rob Harrison is Director, EHSQ Content Strategy at Intelex Tecnologies Inc. You can follow him on Linkedin by clicking HERE.

If you're interested in seeing what Intelex Technologies has to offer, click here to learn about our Document Control Software

 
 


July 05, 2018 @ 10:03 AM EDT Document Control

This Post hasn't been commented on yet.
Login or Sign Up to comment.