© 2012 IBM Corporation Rational Insight | Back to Basis Series Documents and Record Control Liu Xue Ning

© 2012 IBM Corporation Rational Insight | Back to Basis Series Scope These requirements are intended for the control of any documents which influences the quality of delivery of products or services. This applies to documentation in any media, both hardcopy and softcopy. The requirements in this document apply to both the initial release and future updates to documents.

© 2012 IBM Corporation Rational Insight | Back to Basis Series Identifying documents that require control All documents, in any medium, that influence quality or are required to produce a quality product or service must be controlled. The following questions are a guide that can be used by owners/authors to determine if documents require control: - Is this document used to manage your business? - Is the document a primary mechanism for documenting customer requirements, contract, service levels or subcontracting agreements? - Do several people depend on this information or is it needed by others in the absence of the information owner? - Is it important all users refer to the same level of information? - Does the document contain vital, important documentation? 3 9/9/2015

© 2012 IBM Corporation Rational Insight | Back to Basis Series Some examples of controlled documents are Procedures/operations manuals Process documents Designs and specifications Operations manuals Control books Quality manuals Customer requirements Documents of understanding, contracts, or other customer agreements Blank forms, checklists, templates, skeleton documents Plans Schedules 4 9/9/2015

© 2012 IBM Corporation Rational Insight | Back to Basis Series Required elements of full document control – 1/3 The following are required for controlled documents: 1. Document title or identification - Unique name or identifier which clearly identifies the document. 2. Version or date - Version number or date the document was last updated. 3. Document Owner - The name of the person who is responsible for the content and control of the document. Other individuals may have responsibility for making updates to the document but the owner is the person accountable for overall document content. 4. Document approver(s) - Persons authorized and responsible for approving document should be listed in the document. The document owner determines who should approve the document. There may be one or more persons designated approvers. Documents must be approved prior to initial release and following all updates. Evidence of document approval must be retained as a record. If approval documentation is not stored automatically via a database function, it must be retained separately as a record. 5 9/9/2015

© 2012 IBM Corporation Rational Insight | Back to Basis Series Required elements of full document control – 2/3 The following are required for controlled documents: 5. Review frequency and schedule - All documents must be periodically reviewed and updated as required to keep them current, then re-approved and re- issued. Documents must be re-approved only if changes are made to content. If not otherwise documented, the review period for controlled documents under the scope of this procedure is 18 months. Evidence of document review must be retained as a record. If review documentation and evidence is not stored automatically via a database function, it must be retained separately as a record. 6. Revision history - A summary of changes made to the document which includes the date, description of the change and the name of the person making the change must be maintained. The revision status must also be noted (i.e. draft, pending approval, approved, etc). A minimum of 18 months of revision history or 5 revision history entries must be retained. 7. Distribution/notification - Users must be notified of the creation of or changes to a document. The document may contain a disclaimer which states users are responsible to ensure they are using the official version of the document. This disclaimer fulfills the requirement for change notification. The location of the official version must be stated. 6 9/9/2015

© 2012 IBM Corporation Rational Insight | Back to Basis Series Required elements of full document control – 3/3 The following are required for controlled documents: 8. Indication of completeness - page x of y, end of document statement or total number of pages must be indicated. 9. Effective Date (required only in documents which are used to support regulated customer accounts). Document must include the "effective date" which establishes the mandatory date by which the document must be implemented. Unless otherwise stated in the document, the effective date is assumed to be date the document was published for production use. 7 9/9/2015

© 2012 IBM Corporation Rational Insight | Back to Basis Series Additional document control information Attachments - Document revision history must include changes made to attachments. Security classification - Unclassified documents do not require a classification notation. Obsolete documents - Documents that must be retained when obsolete must be appropriately identified to prevent unintended use. Externally owned documents - Documents received from outside sources must be identified and distribution controlled to ensure the most recent version is available to anyone using the document. Document availability - Documents owned by the department or external documents used by the department must be readily identifiable and readily available. Responsibilities of document owners - Document owners must ensure that the document control requirements in this procedure are in place. Responsibilities of document users - Document users must ensure that they are using the correct version of documentation at all times. Trivial changes - Trivial changes related to spelling/grammar and other changes that do not affect the usability of the document may be accumulated and made when more significant changes to the document occur in order to manage the volume of approvals and notifications required. All changes to documents require approval. Deviations - Deviations to this procedure must be documented and approved by the document owner. 8 9/9/2015

© 2012 IBM Corporation Rational Insight | Back to Basis Series Steps for handling controlled documents Adding a New Controlled Document Once a document owner determines that a document is ready to be added to a repository, the document owner ensures: – Adequate reviews and approvals have been completed, as appropriate. – The document is added to the repository. – The document information is added to the control list. – The user population is notified that the document is available (as applicable). 9 9/9/2015

© 2012 IBM Corporation Rational Insight | Back to Basis Series Steps for handling controlled documents Changing a Document Any user of a document can request a change to the documentation by contacting the document author/owner. The owner of the document: – Authorizes updating of the document – Ensures adequate reviews and approvals are completed, as appropriate – Ensures the updated document is placed in the repository – Communicates changes to the user population 10 9/9/2015

© 2012 IBM Corporation Rational Insight | Back to Basis Series Steps for handling controlled documents Obsolete Documents Responsibilities for obsolete documents follow: – It is the responsibility of document owners to ensure that documents are current. – Individuals who receive controlled documents are responsible for ensuring that superseded documents are removed from their use or marked obsolete. – The document owner is responsible for ensuring that obsolete documents are removed from the repository. The document must be removed from the control list and the removal must be communicated to the user population by the document owner. 11 9/9/2015

© 2012 IBM Corporation Rational Insight | Back to Basis Series e=w3&referrer=http%3A%2F%2Fw3.ibm.com%2Fjct03001pt%2Fwps%2Fmyportal e=w3&referrer=http%3A%2F%2Fw3.ibm.com%2Fjct03001pt%2Fwps%2Fmyportal /9/2015