The Business Case for Document Control

Knowledge management is the heart of any business enterprise. Having ready access to accurate and up-to-date information strengthens decision making capabilities, aligns everyone in the organization around learning, and supports a culture of innovation. The ability to effectively manage documents is also a central element of most quality management systems, including ISO 9001:2015, Baldrige, and EFQM.

Documents are “the means… to communicate legitimacy, work requirements, instructions, methods and results.” (Pho & Tanbo, 2014) Because they are so central and elemental, document management systems also unify the people within an organization (and sometimes also across boundaries of the supply chain ecosystem) around shared processes. They are used to manage the internal flow of information, and also to advance sustainability targets by substantially reducing paper usage. Together, they can:

  • Create new documents or edit existing documents
  • Keep track of document versions, and what changes were made in each revision
  • Collaborate with people inside and outside your organization on those documents
  • Review, approve, and electronically (or physically) sign documents
  • Release and store documents for easy access
  • Keep track of printed, physical copies of documents if necessary
  • Tag documents to enhance searchability and support statistics

Less formal mechanisms like Google Drive, GitHub, Sharepoint, and storing shared files on your firm’s “N Drive” (or whatever you call it) are perfectly sufficient for getting started. The cost of document workflows, approval processes, version controls, audit trails, and statistics should be factored in as operations expenses in total cost of ownership (TCO) calculations, since it can be substantial. In addition, services fees to port documents out of these basic solutions can be steep.

Your organization can grow out of these starter solutions quickly though, especially if your sites and facilities are situated in many different countries. To maximize the value from document management and control, you should be aware of when your organization will need to scale up, and should be prepared to identify, in advance, how that will happen.

Companies choose formal document control systems when they want a more highly engineered solution that will stand up to auditors’ scrutiny, especially in high risk organizations. Teams that have built these systems have spent significant time worrying about contemporary issues so that organizations can focus on their core competencies. These challenges include:

  • Scale. Many basic document management systems impose limits on file sizes, uploads or downloads, or organizations. For example, the number of gigabytes per document, number of documents per directory, or number of different supported file types may have a hard upper limit. Scaling your organization up to multiple sites or multiple geographies can present barriers to implementation.
  • Privacy and security. Formal document management systems keep institutional knowledge secure and safe from cyberattacks, and ensure that only authorized individuals (by name or by role) can access the documents that should be visible to them. They provide an added layer of protection for trade secrets.
  • Safeguards for the supplier ecosystem. If your company (like many) is entrusted with drawings, specifications, or inspection and audit data from your suppliers, those partners want assurance that their intellectual property will also be protected.
  • Protection from civil and criminal penalties. Regulations like ITAR (International Traffic in Arms Regulations) and the EAR (Export Administration Regulations) in the U.S. apply not only to products and components that relate to defense applications — but information and technical data. This includes the contents of your controlled documents. Violations can incur substantial fines (up to $1M USD) and prison time (up to 20 years), even if your documents accidentally cross the wrong international boundaries.

Unfortunately, a document management system will not help you maintain good hygiene when your documents are produced. As described by lead ISO auditor Mary McAtee (2002), the people who are engaged most closely with the process should be involved in preparing (if possible), reviewing, and updating the documents that are closest to their work. She also recommends auditing and reviewing documents on a regular basis, for all operational processes, so that your organization is not behind when reviews or external audits are scheduled. Finally, McAtee mentions the significant time and cost savings when electronic document management systems can be used to track updates, issue notifications, and make sure everyone who touches a process is trained on updates and improvements.

These insights are nearly twenty years old, and still illuminate the strong business case of a formal digitized document management system.

Additional Reading

Freeman, G. (2018). What is ISO 9001:2015 and Why Is It Important? Intelex Insight Report. Available from https://www.intelex.com/resources/insight-report/what-iso-90012015-and-why-it-important

Harrison, R. (2018). Best Practices for Document Management. Intelex Community. Available from https://community.intelex.com/explore/posts/best-practices-%C2%A0document-management%C2%A0

McAtee, M. (2002). Get a Grip on Document Control: an auditor’s secrets for maintaining and improving process media. QUALITY DIGEST, 22(2), 38-41.

Pho, H. T., & Tambo, T. (2014). Integrated management systems and workflow-based electronic document management: An empirical study. Journal of Industrial Engineering and Management (JIEM), 7(1), 194-217.

This entry was posted in Quality and tagged , by Nicole Radziwill. Bookmark the permalink.

About Nicole Radziwill

Nicole Radziwill is a quality manager and data scientist with more than 20 years leadership experience in software, telecommunications, research infrastructure, and higher education. Prior to joining Intelex, she was an associate professor of data science and production systems at James Madison University, Assistant Director for End to End Operations at the National Radio Astronomy Observatory (NRAO), managed software product development for the Green Bank Observatory (GBO), and managed client engagements for Nortel Networks and Clarify (CRM). She is an ASQ-certified manager of operational excellence (CMQ/OE), an ASQ-certified Six Sigma Black Belt (CSSBB), and contributed to the development of ISO 26000—“Guidance on Social Responsibility.”

Leave a Reply

Your email address will not be published. Required fields are marked *