17 replies to this topic

[Kit2019]

Hello,

 

Still new to the site and attempting to navigate. I've searched forums and realize this is a laborious query, but looking for some outside confirmation for the situation I'm experiencing.

 

I've been at my job (food safety mgr) for three months, and my organization only includes forms in the list of controlled documents. When I asked why the list does not include any policies, production procedures, etc. I was told that it's only required to track version/location/ASF for forms, and a "this is the way we've always done it / no auditor has ever hit us on it" argument.

 

After the intense studying I've done of the BRC in recent weeks and per version 8, clause 3.2, I believe this practice is incomplete. However, I can't explain why they never would've received a NC on it.

 

Is it common practice for policies (or any document other than forms) to be discluded from controlled documents?

 

Thank you!

[Charles.C]

 

Hello,

 

Still new to the site and attempting to navigate. I've searched forums and realize this is a laborious query, but looking for some outside confirmation for the situation I'm experiencing.

 

I've been at my job (food safety mgr) for three months, and my organization only includes forms in the list of controlled documents. When I asked why the list does not include any policies, production procedures, etc. I was told that it's only required to track version/location/ASF for forms, and a "this is the way we've always done it / no auditor has ever hit us on it" argument.

 

After the intense studying I've done of the BRC in recent weeks and per version 8, clause 3.2, I believe this practice is incomplete. However, I can't explain why they never would've received a NC on it.

 

Is it common practice for policies (or any document other than forms) to be discluded from controlled documents?

 

Thank you!

 

 

Hi Kit,

 

afaik BRC have no specific requirement to include "Policy"  in controlled documents.

 

Generally, for, say, documented "Procedures", IMEX  some formats do include,, some don't..

 

The more common, never-ending, conceptual debate is as to the preferred method of "control".  (Especially on the Production floor )

[pHruit]

Is it common practice for policies (or any document other than forms) to be discluded from controlled documents?

This sounds rather odd to me. If e.g. your procedures aren't controlled then how do people know they're using the right version?!

From the standard:

3.2.1 The company shall have a procedure to manage documents which form part of the food safety and quality system

 

And the IG notes that: All documents in use need to be properly authorised and must be the correct version.

I suppose it doesn't quite state that all documents need to be controlled, but I'm not sure how you'd achieve this with uncontrolled documents?

The "further guidance" also notes that: The control of all documents within the food safety and quality systems (for both internal and external use) is important to ensure all staff consistently apply the correct, up-to-date procedures.

 

Obviously this focusses on the procedure side of things, but would generally be seen as applying to policies too in my experience of BRC - for example, if I change my allergen policy from allowing three allergens on site to allowing two allergens, then I probably need to know which is the valid version

[GMO]

If you are going to train against those documents, they need to be document controlled.

[zanorias]

It does indeed sound odd, and I've actually had an auditor note down the version number on an allergen policy during the factory tour and checked it later against the master list.

 

Perhaps there is some level of subjectivity within the requirement; perhaps you have been lucky with previous auditors. But either way, I'd strongly recommend controlling all documents not only to cover yourself audit-wise, but as others noted above it is generally beneficial to keep in control of your documents in every day use.

 

"This is the way we've always done it" is the bane of my life   . In a world of continuously updating requirements and standards, "doing the same thing" only leads one way.

[GMO]

I often say to my team "we've always done it that way" is the most dangerous phrase in the English language...

[Charles.C]

The thread seems to have veered away from the OP's question ?

Edited by Charles.C, 05 February 2020 - 04:51 PM.
emended

[billbrochin]

It's more work, but I agree with some of the replies to just put every document you have under control.  Policies, procedures, SOP, SSOP, Forms.....I put them all in.

[QAGB]

The thread seems to have veered away from the OP's question ?

 

I don't think it has veered away.. everyone seems to be talking about references to doc control and revision history.

 

Document control in my experience includes policies and procedure level documents. I'm also surprised that this wasn't noted during an audit, so I'm led to believe a predecessor in the OP's company previously offered up a justification/explanation as to why they only had document control for forms. Maybe it was enough to satisfy auditors. As Zanorias said, I too have had auditors write down revision history from our documents, and have had them ask to see the previous revision just to show we were really following document control procedures.

 

The heading of clause 3.2 says "the company shall operate an effective document control system to ensure that only the correct versions of documents, including recording forms, are available and in use." Given the phrasing "including recording forms", this would suggest that document control encompasses more than forms.

 

Also, to echo pHruit's previous comment on 3.2.1, the sub-clause does state documents which form part of the food safety and quality system must be managed by document control. Policies and procedures are usually part of the QMS, so should have document control.

[Kit2019]

Thanks, all.

 

I think my main concerns came up when I was reading the IG, which (aside from containing a great deal more material than the lone clause itself) states, "Documents include policies, procedures, work instructions, records, forms, specifications, data lists and any information that is written down and defined."

 

If I had to argue our current system, I'd probably say that if it were supposed to be in the clause, it would be. But as it is, it's just mentioned in the interpretation.

 

Personally, I'm more comfortable including our policies in our list of controlled documents. But it's just one of many FSQ battles I'm inheriting. 

[Charles.C]

Just to illustrate the encyclopedia of opinions on "control" of documents can see this earlier thread -

 

https://www.ifsqn.co...lled-documents/

[Kit2019]

Just to illustrate the encyclopedia of opinions on "control" of documents can see this earlier thread -

 

https://www.ifsqn.co...lled-documents/

 

Yes, I did find this helpful. We do not count our network drive as electronically controlled, so the printed=uncontrolled method doesn't work for us.

 

I think the new version changed the terminology a little bit in this area?

 

The distinction mentally between what's allowed to go uncontrolled and what makes sense to control is in conflict. This seems to be the nature of the work!

 

Again, thank you for your help. Your posts in the topics I've been researching have been very helpful as well and I can tell you have a wealth of knowledge; I appreciate it.

[Charles.C]

Yes, I did find this helpful. We do not count our network drive as electronically controlled, so the printed=uncontrolled method doesn't work for us.

 

I think the new version changed the terminology a little bit in this area?

 

The distinction mentally between what's allowed to go uncontrolled and what makes sense to control is in conflict. This seems to be the nature of the work!

 

Again, thank you for your help. Your posts in the topics I've been researching have been very helpful as well and I can tell you have a wealth of knowledge; I appreciate it.

 

Hi Kit,

 

Thanks for the kind words.

 

afaik  the controlled/uncontrolled "story" erupted with the launch of the iso9000 series in 1987 .  "Documentation"  Procedures became the Flagship Topic of the Quality System Manuals.

 

If you have a few days to spare and their archives are still maintained/accessible you can read some epically volcanic arguments over this topic on the Elsmar Forum website.

 

And the Saga continues ! For example here is, IMO, a fairly profound current extract -

ISO 9001 Documents

There are no “ISO 9001 documents” that need to be controlled, and “non ISO 9001 documents” that don't need control.

The ISO 9001 system affects the entire company, and all business-related documents must be controlled. Only documents that don't have an impact on your products, services or company don't need to be controlled - all others need control. This means, basically, that any business-related document must be controlled, and your ISO 9001 procedure on document control explains how to do it.

However, how much control you apply really depends on the individual document.

https://www.9001simp...o-9001-tips.php

 

 

IMEX, the practical reality is that as long as you visibly comply with the Codes specific clause requirements and can demonstrate this when asked , BRC auditors don't care that much. (Obviously events like the discovery of antique documents in the Workplace unvalidates the System).

rom a purely QA viewpoint, the advent of intranets/email greatly facilitated buck-passing of documentation responsibilities to the individual members of a BRC-team   However, unless yr budget donates i-pads or terminals to the Production Floor, everyday paper document headaches may persist. Especially for new, developing, programs.

 

When I initially prepared manuals for BRC I agonised over this topic. I eventually, simply sent a draft Quality Manual/sample Quality Procedure to my intended CB auditor and asked for a (free)  opinion just on the document format/ layout/styling. This received an effectively one-line answer - "No problem". At the time of the actual audit I informed the auditor that his Company had already "vetted" the documentation style and displayed their, framed, response. A surprised silence ensued and the focus shifted. Later, after viewing some, IMO primitive, "certified" presentations from other Manufacturers I realized that my effort had probably been regarded as simply overkill.

 

^^^^^(blue) -- Seems not so much difference other than "electronics", I attach Code comparison of brc8 vs brc6 (2011). (might also add that the IG textual material is in Principle not auditable).

 

 Document Control, brc8 vs brc6.docx   12.83KB   30 downloads

 

As you may have realised, I am "somewhat" cynical over the, IMO, over-elaborate formats/ presentations/headers/footers often developed for Procedures, Work Instructions, etc. although I do support the basic concepts outlined in section 3.2. ( although I don't understand the seemingly relative disinterest in  uncontrolled documents. The IG text also seems self-contradictory over this aspect).

Edited by Charles.C, 06 February 2020 - 05:53 AM.
emended

[Kit2019]

Hi Kit...

... aspect).

 

Thanks so much! These are great resources!

 

I think that I am getting a better picture of it. There are two axes in the clause I've narrowed my guidelines down to:

 

• As previously mentioned, "3.2 The company shall operate an effective document control system to ensure that only the correct versions of documents, including recording forms, are available and in use."
  This seems to indicate that controlled documents should consist of more than just forms.
   
• "3.2.1 The company shall have a procedure to manage documents which form part of the food safety and quality system."
  This seems to indicate that not every single document needs to be controlled. In fact, I think it also implies that not ALL documents in the FSQS need to be controlled. However, I take this with a dose of common sense to not exclude higher priority and often-used documents like CCP monitoring or training guides.

Thoughts?

 

I think I will try to add our policies to our list of controlled documents. It wouldn't make sense to only add certain ones, from a logistical standpoint.

Edited by Kit2019, 06 February 2020 - 02:30 PM.

[pHruit]

You could also read 3.2.1 as being intended to refer to manage FSMS documents as distinct from more general business documents, which may be part of a broader quality management system (e.g. ISO9001).

Whilst I agree with your interpretation that it doesn't explicitly say that every document needs to be controlled, I've generally found it easiest to approach on the basis of how a particularly pedantic auditor could see it - if there is any reason such a person may ask "how do you know this is the right version?", then IMO it's worth including in the document control system.

Arguably training guides would be one such document? Assuming they refer to specific tasks, which themselves might be based on procedures / work instructions / SSOPs that change periodically, could there not be a need to know that you're looking at the current training guide and being able to readily differentiate from previous versions?

[Kit2019]

... if there is any reason such a person may ask "how do you know this is the right version?", then IMO it's worth including in the document control system.

 

This is a great personal standard. Thank you! I will keep this in mind!

 

Our business documents are separate, so the docs on our controlled list only includes BRC-related forms. So at least there's that!    

[Charles.C]

You could also read 3.2.1 as being intended to refer to manage FSMS documents as distinct from more general business documents, which may be part of a broader quality management system (e.g. ISO9001).

Whilst I agree with your interpretation that it doesn't explicitly say that every document needs to be controlled, I've generally found it easiest to approach on the basis of how a particularly pedantic auditor could see it - if there is any reason such a person may ask "how do you know this is the right version?", then IMO it's worth including in the document control system.

Arguably training guides would be one such document? Assuming they refer to specific tasks, which themselves might be based on procedures / work instructions / SSOPs that change periodically, could there not be a need to know that you're looking at the current training guide and being able to readily differentiate from previous versions?

 

Hi pHruit,

 

There is no perfect method IMO. It likely depends on the actual situation/Process in many cases.

 

I agree that the easiest (most tempting?) solution is to make everything "controlled".

 

But (eg last quote in link of post 11) a crucial practical difference between "controlled" and "uncontrolled" documents is that for the former the onus is effectively on the provider to ensure document in use is the latest version. In contrast, for the latter, the onus of verification is on the user.

 

So  "controlled" documents demand a "reliable"  Distribution System for both supply and removal of documents. Historically (and currently?) the result has been an imaginative collection  of  methods to minimise the risk of a screw-up, eg  red stamps, red signatures, coloured papers, numbered copies, etc etc.

 

Computers prompted the "uncontrolled when printed" approach or perhaps <<<<<< This document is valid for 24 hours from the date printed. It is the users responsibility to ensure they have the current revision of this document >>>>>>.

 

Offhand, IMO, the "uncontrolled" route for routine use is a cop-out by Senior Management but I also have yet to see a simple way to achieve visibly current "controlled documents". Sighhhhh.

[pHruit]

Indeed, Charles. Often a challenge of balancing the need/desire for the control aspect, with the actual practicalities of needing to use the documents to make food, which is apparently what my employers think we're supposed to be doing

Some of the modern IT solutions can be quite helpful in terms of version management, read/write authorisation etc, but without going fully electronic sooner or later someone will need a copy to actually use and then it's out in the wild. Then we're at the mercy of the production team who may for some reason elect to make enough copies to last 73 years and not replace when instructed because "we don't want to waste paper"...