Within ISO 9001:2001, there is only a mandatory requirement for the following documented procedures 4.2.

4.2.3 Control of Documents 4.2.4 Control of Records 8.2.2 Internal Audits 8.3 Control Of Non-Conforming Product 8.5.2 Corrective Action 8.5.3 Preventative Action

The term used within ISO9001: 2001 is documented procedure; this means that the procedure is established, documented, implemented and maintained. A good structure for a new Quality Management System could follow the 4-tier approach: Level 1 - Quality Manual - Company Scope and Interactions of Process within the QMS. Level 2 - Quality Procedures Defines responsibilities, controls and activities within the QMS that effect customer service. Level 3 Records - Records / states objective evidence to demonstrate our goal in achieving customer satisfaction. Level 4 Forms, Reports Information that supports the QMS processes Control of Documents How Your Company approves documents prior to use e.g. sign off for paper versions, password protected for computer network forms. How Your Company updates and re-approve amended documents How Your Company identifies changes e.g. by date or issue number, identify different fonts / colours How Your Company ensure documents are available where they are needed How Your Company control external origin How Your Company prevents the inadvertent use of obsolete documentation. Definition document is an instruction to achieve a process, were unauthorised changes could cause a problem. Examples Quality Manual, procedures, flow charts, project plan, National Standards, Industry Requirements, Codes of Practice, Drawings, Software, Customer Specifications, visual samples. Control Of Records Your Company must define which records are kept Your Company must define by whom is the record kept Your Company must define a how long a period each record is retained

 Your Company must define how they are disposed With ISO9001 instruction see 4.2.4 means records must be retained these include the following: 5.6.1 Management Review Minutes 6.2.2 Records of education, training, skills and experience 7.1 Evidence that product realization processes and product fulfils requirement 7.3.2 Design and 7.3.4 Design and 7.3.5 Design and actions 7.3.6 Design and related actions 7.3.7 Design and development inputs development reviews and any related actions development verification (paper exercise) and any related development validation (produce confirmation) and any development changes and any related actions

7.4.1 Results of Supplier evaluation and any actions arising 7.5.2 Records to demonstrate the validation of special processes 7.5.3 Where traceability is required, the unique identification of the product is recorded 7.5.4 Customer property that is lost, damaged or otherwise found to be unsuitable 7.6 Basis used for calibration of measuring equipment where no international standards exist 7.6 Validity of the previous measuring results when measuring equipment is found to be out of calibration 7.6 Results of calibration and verification of measuring equipment 8.2.2 Internal audit results and follow-up actions 8.2.4 Indication of the person(s) authorizing release of product 8.3 Records of the product nonconformities and any subsequent actions 8.5.2 Results of corrective action 8.5.3 Results of preventive action

Internal Audit Your Company must define the audit criteria e.g. what do we audit against, procedures, regulations, contractual requirements Your Companymust define the Scope of the audit e.g. how far must we go, that would be sufficient to prove processes and interactions Your Company must define the Program Frequency (the whole QMS at least once a year) Your Company must define method e.g. interviewing staff, observation, viewing relevant records Your Company must report results

 Your Company must keep audit records Control of Non-Conforming Product Your Your Your Your Your Company Company Company Company Company must must must must must define define define define define actions to stop the use of reject or suspect items how the concession system works actions to correct the problem how an item is checked following rework how a product recall or retro-fit is controlled

Corrective Action Procedure Note: - Corrective action is re-active, dealing with the problem AFTER the event. Your Company must Your Company must problem recurring Your Company must Your Company must Your Company must complaints. locate the cause of the problem decide an appropriate course of action to stop the put the plan into action ensure that the actions has solved the problem review non-conformance report and customer

Preventive Action Procedure Note: - Preventive action is a pro-active procedure i.e. dealing with the problem BEFORE it happens. Your Company must review potential problems Your Company must decide the potential cause of the problem Your Company must decide an appropriate course of action to stop the problem occurring Your Company must put the plan into action Your Company must ensure that the preventive action has solved the potential problem Possible review to action: Analysing data (8.4) and setting objectives (5.4.1) Clarifying customer requirements (7.2 and 7.3) Applying a proven corrective action (8.5.2) to other areas of the business analysing data (8.4) and setting objectives (5.4.1) Disaster recovery plan - what will you do if your building burns down, you lose a major customer, a raw material is no longer available, etc.?