Documented information is the title of Chapter 7.5 of all management system standards of the International Organization for Standardization (ISO) published since 2012. This makes it an integral part of the common basic structure of modern management system standards, the so-called High Level Structure (HLS). With the major revision of ISO 9001 (quality management) and ISO 14001 (environmental management) in 2015, the term became known to a wider circle of users.

In earlier versions of the international standards for management systems, there was still talk of "documentation", "documentation requirements", "documents" and "records". Now the ISO standards summarize these terms under "documented information".

For standard users, however, the use of the collective term is not mandatory. Those who wish can of course continue to use the company's own terms in their documented information and when dealing with it. However, it must be ensured that the use of terms is systematic and uniform. For example, it must not lead to any misunderstandings in external certification audits.

How is documented information defined?

The international standard ISO 9000:2015-11 defines the principles and terms of a quality management system. In chapter 3.8.6, it is described as "information that must be controlled and maintained by an organization". This includes the medium on which the information is contained. Which media is used is up to your organization. Today, these increasingly include photo documentation, videos, audio formats and interactive operator guidance.

The definition in ISO 9000 also makes a distinction between three areas that represent the following:

  • The management system and its processes
  • The operation of your company
  • Th evidence of results

Is any documented information "documented information"?

Anyone who thinks that documented information in the sense of the standard exists as soon as any information has been documented is mistaken. The status of "documented information" depends on whether a standard, for example ISO 9001, stipulates that certain information must also be documented. If so, this is noted in the relevant chapters and the relevant requirement.

Quality management according to ISO 9001

Looking for ISO 9001 certification? DQS offers 35 years of experience! ★ The first ISO 9001 certification in Germany (1986) ★ Quality management standard

Learn more about the ISO 9001 standard

In addition, information that is not required by the standard but is recorded can, under certain circumstances, become documented information in the sense of the standard. This is always the case if your company considers this information necessary for the effectiveness of its management system.

If, for example, a list of data on the relevant interested parties of a company is available, this is not per se documented information in the sense of the standard. This is because such a list is not required by the standard. However, if your company considers this list to be essential for the effectiveness of the management system, it can become "real" documented information.

Creating documented information?

However, chapter 7.5.2 of the well-known ISO standards imposes some basic requirements on the creation and updating of documented information. These range from labeling to an appropriate format to checking the suitability and adequacy of the information itself. Control (chapter 7.5.3) is also subject to certain requirements, the most important of which concern its availability and protection.

Other requirements are aimed at its distribution, discoverability, access and use, storage and filing, preservation, and the monitoring of changes. A very important requirement concerns preservation as proof of compliance. In addition to its importance for the management system, this aspect can also play a very important role in the context of legal issues.

To what extent must it be created?

What exactly must be documented is specified in the individual chapters of the standard. Examples of this are the quality policy, the quality objectives or as proof of competence. However, the obligation to create, maintain or retain documented information differs depending on the standard discipline.

As far as the scope is concerned, the following applies roughly: the larger a company, the more complex the processes and the more extensive the obligation to provide evidence, the more extensive it should be.

The industry and the competence of the employees working in the company also play an important role.

Is a quality management manual still mandatory?

A quality management manual is no longer required since the revision of ISO 9001 in 2015. The decision to dispense with it takes into account the general tendency of modern ISO management system standards to give standard users more freedom in designing their management system. At the same time, however, top management is increasingly being called upon to assume responsibility and accountability.

Conclusion: Documented information

Documented information is the heading of Chapter 7.5 of all current ISO management system standards and thus an integral part of their common basic structure (High Level Structure / HLS). The collective term replaces the former documentation requirements, documentation, documents and records.

According to the internationally recognized standard for quality management ISO 9000:2015, documented information is "information that must be controlled and maintained by an organization". However, the format and medium are not specified, they just have to be appropriate. Concrete requirements are placed on the management and maintenance of such information, without specifying its scope. This depends on the type, size and complexity of a company and its processes. Documented information is referred to as such if it is a requirement of the relevant standard or if the company considers it necessary for the effectiveness of the management system.


We are happy to answer your questions

Contact us. Without obligation and free of charge.

Ute Droege

DQS expert for quality management systems, long-time auditor and experienced trainer for ISO 9001.