The Paper Trails of QMS Made Simple
If a strong process exists without any documentation, is it really a strong process? That simple question exists as the truth behind the most overlooked (and most essential) concept in all of AS9100: documented information.
While “documented information” might sound like a dull concept buried in the minutiae of bureaucracy, it’s a foundational part of a functioning quality system and reflected in the standards as such.
This article will break down what’s designated as documented information, why it could trip professionals up, and how a clearer understanding can strengthen both audit outcomes and day-to-day operations.
Understanding the Two Faces of Documented Information
The AS9100 designation of “documented information” exists as an umbrella term, including materials surrounding both guidance and evidence. The umbrella term is now defined in two ways, as documented information has been categorized into two distinct categories: documents and records.
The value of documents is a means to guide and propel action within quality systems. These documents take the form of work instructions, procedures, manuals, and flowcharts- virtually anything that could tell someone what they should do, how they should do it, and most importantly, why it’s important. These should be reviewed, approved, and controlled to ensure consistency and currency before they’re used. For any high-value team, these resources are an invaluable wellspring of instruction curated to ensure quality.
On the other side of the coin, records are the proof that something was done. Records involve inspection logs, sign-off sheets, calibration results, training confirmations, and sometimes even screenshots or emails providing a timestamp to decisions made at a moment’s notice. Unlike documents, they don’t need approval before use, as their inherent value ensures transparency. Their preservation and protection are essential to building a system that lasts.
But who reviews what? While it’s helpful to know what each kind of documented information does, it’s equally important to know who it’s collected for, and why.
- Documents are reviewed and approved before use, usually by process owners, department heads, or quality managers.
- Records are reviewed after the fact, often by quality personnel or auditors to confirm the activity happened as planned.
The key difference between the two? One looks forward, the other backward. Both are equally integral to long-term success.
Where Teams Get Stuck
Confusion about documented information often comes down to unclear responsibilities and inconsistent practices, especially when teams aren’t sure which documents and records must be kept controlled, current, accessible, and protected throughout their lifecycles. Here are some examples of information either not being recorded or referenced correctly:
- A technician knows the correct torque spec for a critical fastener, but it was only mentioned verbally and never pulled from a controlled work instruction.
- An engineer references a drawing change to a machined bracket, but the update came via email and wasn’t archived.
- A legacy version of the receiving inspection procedure is still saved on a shared drive, and someone uses it by mistake.
These issues aren’t uncommon, and by no means are they signs of a broken system. These hypotheticals each represent a gap between intent and evidence, something AS9100 is specifically designed to catch.
Why It Matters Across the Standard
Documented information appears throughout AS9100, often quietly. A few examples:
- Clause 4.4 requires documented information to support operational processes.
- Clause 7.5 outlines how information should be identified, reviewed, and controlled.
- Clause 8.5.2 requires documentation for production changes.
- Clause 9.1.1 calls for evidence of monitoring and measurement.
The bottom line: if you can’t show that these things happened, or you can’t show that the way they happened matched the documented procedure, it’s a nonconformance on your record.
Thinking Practically
Instead of trying to memorize which document belongs in which designation, it’s often more useful to take a systems view:
- If something is meant to guide how work gets done, it should be recorded, reviewed, and version-controlled as a document.
- If something confirms work was done correctly, it should be retained, traceable, and protected as a record.
If a task is repeated or affects quality, but nothing is written down, it represents risk. This school of thought doesn’t just make audits smoother; it helps create a system that doesn’t fall apart when someone integral isn’t present.
All Shapes and Sizes
Documented information doesn’t come in cookie-cutter form. It can be digital or paper-based, as long as it’s controlled. What matters is whether it’s findable, legible, and protected from being altered or lost.
That might look like:
- Locking shared spreadsheets with version control
- Archiving emails in job folders
- Scanning paper logs and naming them consistently
If your team knows where to find a document and where to store a completed record, you’re already halfway there.
Closing Thoughts
Documented information isn’t filler content. It’s the glue binding personnel to their quality system. When the information is clear and accessible, everything else becomes easier.
And when it’s not? You may not notice right away, but your system will start to hinge on memory, improvisation, and whoever’s been around the longest.
It’s not failure, but it’s also not sustainable.
If you want your system to hold up through scramble-free audits, this is a good place to start.
