The Elements of Document Control
By David A. Baldwin

The Out of Control Syndrome
Organizations create documents daily. They are used to
convey new ideas, provide direction, give instructions,
describe processes, define specifications, and a host of
other purposes. Often documents are generated in an ad
hoc environment without thought to how they will
eventually be used or by whom.

Documents are often created in a casual manner and then
stored on someone's hard drive. They are passed around
in printed form, or attached to e-mails, and end up being
thrown away or deleted when they no longer seem
relevant to the issues of the day.

Realizing the Importance of Documents
This undisciplined approach to document creation and
distribution overlooks the importance documents may likely
have to the organization in the long term. Individually,
documents are pieces, or snippets, of the organization's
intellectual capital. They each contain information that
represents a small part of what the organization knows.
Taken together, over time, documents become a significant
part of the intelligence of the organization.

The importance of documents to the organization and,
perhaps, its very survival, calls for a thoughtful approach to
understanding the role documents play in the day-to-day
functioning of the organization. Once this is understood,
the need for a rational and consistent means of creating
and managing documents becomes clear.

A Practical Approach to Document Management
Effective document management requires an underlying
philosophy and strategy. It should be tailored to the needs
of the organization that must use it. It should be practical
and it should be written. No document management
strategy can be useful if it is not explicitly documented and
made part of the daily routine.

In organizations with the proper understanding of the
significance of document management, this documented
philosophy and strategy becomes a document
management policy. Once this policy is defined, it should be
followed with a document management process that
explains how to put the policy into use.

The document management policy and process become the
organization's method of document control. In broad terms,
document control provides a means of managing the
development, approval, issue, change, distribution,
maintenance, use, storage, security, and disposal of
documents.

The Purpose of Document Control
The goal of document control is not to create extra work or
build a bureaucracy. Instead, it is put in place to protect
the value of the content of documents and to enhance the
usefulness of that content to the people in the
organization who need to use it.

Document control provides a framework for thinking about
how information is created in the organization and how it
should be managed once created. The purpose of a
document control method is to ensure:

  • Documents fulfill a useful purpose
  • Resources are not wasted on the distribution of
    unimportant or useless information
  • Only valid information is published
  • Information is kept up to date
  • Information is provided in a form that can be used by
    the people who need it
  • Classified, confidential, or proprietary information is
    restricted to the people who have a real need to use it
  • Information is retained that could help solve a problem,
    improve opportunities, avoid costly errors, or deflect
    potential litigation

Document Control Procedures
The document management process put in place to support
the policy should include procedures that define the
development of documents. While these procedures should
not be cumbersome, they should be explicit and detailed
enough to provide clear direction as to how documents
should be prepared. The procedures may include topics
such as:

  • How to plan new documents; authorization, funding,
    establishing need, etc.
  • How to prepare new documents; who prepares them,
    how they are drafted, how drafts are maintained
  • Standards for the format and content of documents,
    forms, diagrams, etc.
  • Document identification conventions
  • Version control conventions
  • Dating conventions; date of review, date of approval,
    date of issue, date of distribution, date of revision
  • Document review procedures; who reviews, evidence of
    review
  • Document approval; who approves, evidence of approval
  • Publication; what constitutes “publishing” a document
  • Printing; who prints a document, restrictions to printing
  • Distribution; how is a document distributed, who does
    it, who checks it
  • Use of documents; limitations, unauthorized copying,
    access to files, marking printed copy
  • Revisions; identifying a need; who makes revisions,
    review and approval process, how are changes marked
  • Amending issued documents; who creates amendments,
    review and approval process, identification of
    amendments
  • Storing documents; determining location, security,
    access and prevention of unauthorized changes,
    indexing, retrieval by users, restrictions concerning
    paper documents vs. electronic documents, authorized
    and unauthorized external distribution and republishing

A System Tailored to the Environment
While many of these processes can be automated with a
document management tool, the organization must not
allow a purchased software application to dictate its
document management policy and process. To work
effectively, a document control method must be adopted
that makes sense for the organization's environment and
culture.

Implementing a Document Control Process
Prior to implementing a document control process, an
organization should prepare a document control policy that
explicitly explains how the system is to work. This
document should describe with precision the rules for how
documents are to be created, reviewed, published, stored,
and used, as well as any other details as suggested in
Document Control Procedures above.

A relatively simple way to implement document control is to
use a master list as the control mechanism. This is the
approach taken by the ISO 9000 series of quality
standards. The master list contains the same document
control elements as does each document. The master list,
however, is the governing instrument for the process. If
the master list is changed, affected documents must be
changed to correspond to the master list. In such a system,
the master list is a particularly sensitive document once
document control information is recorded and must be
protected accordingly. The document control policy may
include instructions for how the master list is to be
managed.

In actual practice, a document is created, its document
control elements populated, and the master list is used to
record the document coming under the control process. If
the system is audited, the master list is the source used to
check the control of individual documents. Document
revisions are done in a similar fashion. Document content is
changed as required, the document control elements are
updated, along with the revision history page of the
document, and the master list is updated to correspond to
the document information.

Document Control Elements
At a minimum, the recurring control elements of a document
include the document name, revision number,
issue/revision date, the current page number and the
document’s total number of pages. This is the same basic
set of information that is included on the master list. Other
information, such as the name of the author or editor, the
name of the person authorizing the document, and
document reviewer identification could also be included. It
is a good idea to include all such information you choose to
record and track on the revision history page of the
document as well. Again, the document control policy
should spell out what information about each document will
be maintained.

The minimum document control elements should be
consistently placed on each page of the document,
normally in the header and footer. Other information, such
as classification of information (confidential, proprietary,
etc.) or copyright notices may be required by your
organization as well. Organizations usually publish these
requirements for employee use.

Once the required control elements are placed within the
document, an entry in the document control master list
should be made. Going forward, for the document to be
considered controlled, its document control elements must
always match those on the master list. Between the
document and the master list, should control information
get out of synch, the document is no longer considered
controlled.

References
Robitaille, Denise. Document Control: A Simple Guide to Managing
Documentation. Chico, California: Paton Press LLC, 2005.
Dick, David  and Kathy Bine. “Documentation Management for
Dummies.” The Nor’easter (July/August 2003).
© 2008 David A. Baldwin, Dave Baldwin Consulting. All rights reserved.
Content You Can Count On
Delivering Knowledge for Top Performance