I have a client with multiple sites. To make life easier for all concerned, all external checks/servicing is controlled by head office. So 5yrly electrical, gas test, PAT testing, fire ext and so on.

Currently head office place all the certificates and relevant paperwork on file in the office, so if I go into the office and look at file 001 for example, I have hard copies of all the relevant paperwork. There is an electronic version of this file on the server which everyone in the company has access to.

An external auditor has filed it as a non conformance, stating that the hard copies should be held in each of the buildings rather than on the server.

Am I right in thinking that this is overkill to have 2 hard copies, head office and in the building when there is an ekectronic version available?

I had this with a company once, claiming that my documents legally had to be hard physical copies. I emailed back asking for proof of this legalisation because as for as I was concerned, it could be recorded in any format I deemed suitable.

I never did receive a reply confirming it had to be a hard physical copy

The only documents I would perceive are needed as hard copy at each location are the Business Continuity (contingency) paperwork that in the event of systems failure some one needs access to e.g. list of contact phone numbers Fire, Police, Gas, Electric, EA, HSE, IT support, Management Team etc. along with policy and contract numbers. Safety Data Sheets for any nasties stored at site and a marked schematic.

Which copy is the master copy; the definitive copy the one at the central office or the local one? Having loads of paper copies of document is a cause for confusion, which is why many people have gone over to electronic document control. By that I don’t just mean keeping a file the pdfs on it but a fully-fledged document control system which:

• Holds the documents
• Reminds you to review them
• Makes sure that the right people have access to them
• Tracks who is looking at the documents and who is altering them
• If it’s on the cloud then even if your servers are blown up you will still be able to recover them.

They only hard copies that you will probably need are those for the emergency services grab bags.

As far as legal requirements are concerned the courts will look at each set of documents (electronic or paper) and judge them on their own merits. What they want to see is that:

1. The record is accurate, i.e. it is a complete and unaltered representation of the information;
2. The record is authentic, i.e. that it is what it purports to be;
3. The records has not been tampered with;
4. The record is stored in a system that has been secure throughout the record’s lifetime.

Even paper records can be tampered with, so for example if a paper record is amended and it is not clear who amended it and then its value as legal document is diminished.

What clause number of which ISO standard have you had the non-conformance ?

Chris

The auditor is consulting, rather than auditing as he is advising you what to do, rather than auditing your system.

Are all documents equal?

In a previous role I was advised by the LFB that FRAs, Emergency Plans, etc, should be availble for inspection in a hard copy format. 

Just to close this off. 

Scenario is that the client employs an external independant auditor that has no links to the company to provide a sanity check that we/they are on the right lines with regards to H&S. Which I applaud. It keeps me honest and we have 2 parties working for the greater good.

With regards to ISO, the company has no ISO acreditation and feel that there is currently no need. But we do try and use ISO as a framework to work to.

He report ststaed that we needed to hold the documents. I've since pushed him as suggested on here and he'sm come back with a verbal, it's not a non complaince but a recomendation. So we have now gone back and questoned all his points. It seems he's following what he called best practice. So I'm not sure the management team are very happy with him. He has been very helpful in the past and gone above and beyond to help with any issues that have arisen, but I'm not sure he'll be used next year for the sanity check