7.5.3 成文信息的控制

7.5.3.1、应控制质量管理体系和本标准所要求的成文信息，以确保：

a）在需要的场合和时机，均可获得并适用；

b）予以妥善保护（如防止泄密、不当使用或缺失）。

7.5.3.2、为控制成文信息，适用时，组织应进行下列活动：

a）分发、访问、检索和使用；

b）存储和防护，包括保持可读性；

c）更改控制（如版本控制）；

d）保留和处置；

e）当出于某种目的需要保留废止文件时，需要通过移除或运用某种特定的

标识来防止非预期的使用。

对于组织确定的策划和运行质量管理体系所必需的来自外部的成文信息，组

织应进行适当识别，并予以控制。

对所保留的、作为符合性证据的成文信息应予以保护，防止非预期的更改。

当成文信息是电子化管理时，应定义数据保护过程（如防止丢失，非授权

更改，无意识的修订，损坏，物理性破坏）。

应保留能证明产品的产地、符合性和运输的成文信息。 注：保留的成文信息的例子包括但不限于：

—— 生产厂、分销商和维修站的测试与检验报告；

—— 采购订单（PO单）/合同

—— 符合性证明COC(厂家的、次级分销商的)，受权放行证书副本

—— 不合格、让步接收和纠正措施

—— 不同批次可追溯性的成文信息

—— 关于仓储、防护以及保存期条件的成文信息（例如时间、温度、湿度等）

注：对成文信息的“访问”可能意味着仅允许查阅，或者意味着允许查阅并授权修改。

7.2.1.1、Documented information required by the quality management system and by this International Standard shall be controlled to ensure:

a. it is available and suitable for use, where and when it is needed;

b. it is adequately protected (e.g., from loss of confidentiality, improper use, or loss of integrity).

7.2.1.2、For the control of documented information, the organization shall address the following activities, as applicable:

a. distribution, access, retrieval, and use;

b. storage and preservation, including preservation of legibility;

c. control of changes (e.g., version control);

d. retention and disposition;

e. prevention of the unintended use of obsolete documented information by removal or by application of suitable identification or controls if kept for any purpose.

Documented information of external origin determined by the organization to be necessary for the planning and operation of the quality management system shall be identified as appropriate, and be controlled.

Documented information retained as evidence of conformity shall be protected from unintended alterations.

When documented information is managed electronically, data protection processes shall be defined (e.g., protection from loss, unauthorized changes, unintended alteration, corruption, physical damage).

Documented information that provides evidence of product origin, conformity, and shipment shall be retained. NOTE: Examples of documented information that is retained may include, but is not limited to:

—— manufacturer, distributor, and repair station test and inspection reports;

—— purchase orders/contracts;

—— certificates of conformity (manufacturer, sub-tier distributor), copies of authorized release certificates;

—— nonconformance, concession, and corrective actions;

—— documented information of lot or batch traceability;

—— documented information of storage, preservation, or shelf life condition (e.g., time, temperature, humidity).

NOTE: Access can imply a decision regarding the permission to view